Latest news as of 2/17/2026, 8:12:03 AM
Dark Reading
Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams.
The Register
Show of hands: who WASN'T targeted? The list of victims keeps growing, as yet another company — Cloudflare — today disclosed that some of its customers' data was also compromised in the Salesloft Drift breach.…
Dark Reading
A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft's device code authentication flow.
The Register
Enough governments love it and it's highly lucrative Governments can't get enough of hacking services to use against their citizens, despite their protestations that elements of the trade need sanctioning.…
Bleeping Computer
Cloudflare is the latest company impacted in a recent string of Salesloft Drift breaches, part of a supply-chain attack disclosed last week. [...]
Dark Reading
Two major security firms suffered downstream compromises as part of a large-scale supply chain attack involving Salesloft Drift, a marketing SaaS application from Salesforce.
The Register
Joins Google, Palo Alto Networks in the ever-growing supply chain compromise Zscaler is the latest company to disclose some of its customers' data was exposed in the recent spate of Salesloft Drift attacks affecting Salesforce databases.…
Dark Reading
The luxury automaker said its retail and production activities have been "severely disrupted."
The Hacker News
The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ThemeForestRAT, and RemotePE. The attack, observed by NCC Group's Fox-IT in 2024, targeted an organization in the decentralized finance (DeFi) sector, ultimately leading to the compromise of an
The Hacker News
Cybersecurity researchers have disclosed a stealthy new backdoor called MystRodX that comes with a variety of features to capture sensitive data from compromised systems. "MystRodX is a typical backdoor implemented in C++, supporting features like file management, port forwarding, reverse shell, and socket management," QiAnXin XLab said in a report published last week. "Compared to typical