Latest news as of 2/19/2026, 5:29:10 PM
The Hacker News
From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded, and what they reveal about... In recent months, major retailers like Adidas, The North Face, Dior, Victoria's Secret, Cartier, Marks & Spencer, and Co‑op have all been breached. These attacks weren’t sophisticated
The Hacker News
Russian organizations have been targeted as part of an ongoing campaign that delivers a previously undocumented Windows spyware called Batavia. The activity, per cybersecurity vendor Kaspersky, has been active since July 2024. "The targeted attack begins with bait emails containing malicious links, sent under the pretext of signing a contract," the Russian company said. "The main goal of the
The Register
The clipboard warriors are coming. Time to check on your password management It's 2025, and credential theft is a thing of the past.… Sponsored feature
The Register
Plus: Qantas makes contact with 'potential cyber criminal' While the aviation industry has borne the brunt of Scattered Spider's latest round of social engineering attacks, the criminals aim to catch manufacturing and medical tech companies — and even Chipotle Mexican Grill — in tjeor web, as evidenced by hundreds of domains that security researchers say look a lot like phishing websites used by the criminal crews.…
The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is as follows - CVE-2014-3931 (CVSS score: 9.8) - A buffer overflow vulnerability in Multi-Router Looking Glass (MRLG) that could allow remote attackers to cause an
Dark Reading
The threat actors trick victims into opening a malicious script, leading to the execution of the BroaderAspect .NET loader.
Bleeping Computer
A Chinese national was arrested in Milan, Italy, last week for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which responsible for cyberattacks against American organizations and government agencies. [...]
Bleeping Computer
Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. [...]
Dark Reading
The new ransomware strain's aggressive multithreading and cross-platform capabilities make it a potent threat to enterprise environments.
Dark Reading
Researchers observed North Korean threat actors targeting cryptocurrency and Web3 platforms on Telegram using malicious Zoom meeting requests.