Latest news as of 2/16/2026, 5:18:39 PM
Dark Reading
The Mustang Panda APT is hijacking Google Chrome browsers when they attempt to connect to new networks and redirecting them to phishing sites.
The Hacker News
The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. "Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,
Bleeping Computer
The Sangoma FreePBX Security Team is warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with the Administrator Control Panel (ACP) is exposed to the internet. [...]
Dark Reading
A group tracked as UNC6395 engaged in "widespread data theft" via compromised OAuth tokens from a third-party app called Salesloft Drift.
The Register
Fast-glob is widely used in government, security lab says A Node.js utility used by thousands of public projects - and more than 30 Department of Defense ones - appears to have a sole maintainer whose online profiles identify him as a Yandex employee living in Russia.…
Bleeping Computer
A cyberattack on Miljödata, an IT systems supplier for roughly 80% of Sweden's municipal systems, has caused accessibility problems in more than 200 regions of the country. [...]
Bleeping Computer
Google is introducing a new defense for Android called 'Developer Verification' to block malware installations from sideloaded apps sourced from outside the official Google Play app store. [...]
The Register
Stolen dev credentials posted to GitHub as attackers abuse CLI tools for recon Nx is the latest target of a software supply chain attack in the NPM ecosystem, with multiple malicious versions being uploaded to the NPM registry on Tuesday evening.…
Bleeping Computer
The U.S. National Security Agency (NSA), the UK's National Cyber Security Centre (NCSC), and partners from over a dozen countries have linked the Salt Typhoon global hacking campaigns to three China-based technology firms. [...]
Graham Cluley
Cephalus is a relatively new ransomware operation that emerged in mid-2025, and has already been linked to a wave of high-profile data leaks. Read more about it in my article on the Fortra blog.