Ravie LakshmananFeb 23, 2026Malware / Threat Intelligence The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo’s LAB52 threat intelligence team, was… Read More "APT28 Targeted European Entities Using Webhook-Based Macro Malware"
Infosecurity Europe has unveiled a new Cyber Startup Programme aimed at spotlighting emerging cybersecurity innovators and bolstering the future resilience of the cyber ecosystem. Set to debut at Infosecurity Europe 2026, the initiative will provide startup founders, investors and ecosystem… Read More "New Cyber Startup Programme to Debut at Infosecurity Europe 2026"
Newsletter platform Substack has confirmed it suffered a security incident, leading to the compromise of users’ email addresses and phone numbers. Chris Best, the CEO of Substack, notified users of the data breach in an email sent to some users… Read More "Substack Confirms Data Breach, “Limited User Data” Compromised"
A malware framework that remained hidden for years has been discovered by security researchers at Cisco Talos. The researchers were hunting for samples of DarkNimbus, a backdoor linked to the MOONSHINE exploit kit which have both been known about since 2023, when they… Read More "Chinese-Made Malware Kit Targets Chinese-Based Edge Devices"
Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. “Analysis of the recovered dropper, persistence triggers, and mining payload reveals a sophisticated,… Read More "Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb"
A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools. The discovery was made by the Secuinfra Falcon Team after a user reported unusual desktop behaviour and… Read More "Fraud Investigation Reveals Sophisticated Python Malware"
A supply chain worm resembling earlier Shai-Hulud malware has been discovered spreading through malicious npm packages. According to Socket’s Threat Research Team, the campaign, tracked as SANDWORM_MODE, has been identified across at least 19 npm packages published under two aliases,… Read More "Shai-Hulud-Like Worm Targets Developers via npm and AI Tools"
Mississippi’s largest hospital group is still reeling from a ransomware attack late last week that has forced its IT systems offline. The University of Mississippi Medical Center (UMMC) is one of the state’s largest employers, with over 10,000 staff working… Read More "University of Mississippi Medical Center Still Offline After Ransomwar"
Ravie LakshmananFeb 23, 2026Cybersecurity / Hacking Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are… Read More "Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More"
A newly uncovered infostealer, suspected to be built with the help of a large language model, is targeting victims with Python and C++ variants, each tailored for a different stage of data theft. Kaspersky researchers discovered a stealer dubbed “Arkanix,”… Read More "New Arkanix stealer blends rapid Python harvesting with stealthier C++ payloads"
