Latest news as of 2/20/2026, 1:15:26 AM
The Register
It’s amazing the number of calls Jo, Helen, and Ian get through The UK's data protection watchdog fined two Brit businesses with offshore call centers £550,000 (c $735,000) over illegal automated marketing calls.…
The Hacker News
The U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. "The RayInitiator and LINE VIPER malware represent a significant evolution on that used in the previous campaign, both in
Bleeping Computer
Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms. [...]
Dark Reading
Patch now: Cisco recently disclosed four actively exploited zero-days affecting millions of devices, including three targeted by a nation-state actor previously discovered to be behind the "ArcaneDoor" campaign.
Dark Reading
Yet again researchers have uncovered an opportunity (dubbed "ForcedLeak" for indirect prompt injection against autonomous agents lacking sufficient security controls — but this time the risk involves PII, corporate secrets, physical location data, and so much more.
Bleeping Computer
A npm package copying the official 'postmark-mcp' project on GitHub turned bad with the latest update that added a single line of code to exfiltrate all its users' email communication. [...]
The Register
Keeping Pyongyang's coffers full North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools, including a backdoor that has much of the same code as Pyongyang's infamous Lazarus Group deploys.…
Dark Reading
The China-linked cyber-espionage group UNC5221 is compromising network appliances that cannot run traditional EDR agents to deploy new versions of the "Brickstorm" backdoor.
The Hacker News
The threat actor known as Vane Viper has been outed as a purveyor of malicious ad technology (adtech), while relying on a tangled web of shell companies and opaque ownership structures to deliberately evade responsibility. "Vane Viper has provided core infrastructure in widespread malvertising, ad fraud, and cyberthreat proliferation for at least a decade," Infoblox said in a technical report
The Hacker News
Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild. The zero-day vulnerabilities in question are listed below - CVE-2025-20333 (CVSS score: 9.9) - An improper validation of user-supplied input