Latest news as of 2/15/2026, 2:22:43 AM
Dark Reading
The now-patched vulnerabilities exist at the firmware level and enable deep persistence on compromised systems.
The Register
Project Ire promises to use LLMs to detect whether code is malicious or benign Microsoft has rolled out an autonomous AI agent that it claims can detect malware without human assistance.…
The Hacker News
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications. These apps masquerade as VPNs, device "monitoring" apps, RAM cleaners, dating services, and spam blockers, DNS threat intelligence firm Infoblox said in an exhaustive
Bleeping Computer
Akira ransomware is abusing a legitimate Intel CPU tuning driver to turn off Microsoft Defender in attacks from security tools and EDRs running on target machines. [...]
Dark Reading
New research reveals that a malicious traffic distribution system (TDS) is run not by "hackers in hoodies," but by a series of corporations operating in the commercial digital advertising industry.
Dark Reading
Using invisible prompts, the attacks demonstrate a physical risk that could soon become reality as the world increasingly becomes more interconnected with artificial intelligence.
The Register
ShinyHunters suspected in rash of intrusions Google confirmed that criminals breached one of its Salesforce databases and stole info belonging to some of its small-and-medium-business customers.…
Graham Cluley
Collapsed company's founder says that its fortunes were hampered by the refusal of authorities to release the criminals' seized funds to victims. Read more in my article on the Fortra blog.
Bleeping Computer
A new post-exploitation command-and-control (C2) evasion method called 'Ghost Calls' abuses TURN servers used by conferencing apps like Zoom and Microsoft Teams to tunnel traffic through trusted infrastructure. [...]
Dark Reading
Two critical vulnerabilities affect the security vendor's management console, one of which is under active exploitation. The company has updated cloud-based products but won't have a patch for its on-premises version until mid-August.