The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as proof of the intrusion. www.bleepingcomputer.com/news/securit...

A new Linux zero-day vulnerability, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command.

Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) exploited in zero-day attacks.

The hacker behind a breach at education technology giant Instructure claims to have stolen 280 million data records for students and staff from 8,809 colleges, school districts, and online education platforms.

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository.

A critical cPanel authentication bypass vulnerability (CVE-2026-41940) is being exploited in widespread "Sorry" ransomware attacks days after the release of an emergency update. www.bleepingcomputer.com/news/securit...

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions.

Microsoft has rolled out a fast-track process to help developers regain access to accounts recently suspended from its Windows Hardware Program, following widespread complaints that they were locked out without warning.

Fancy Bear (APT28) hackers compromised at least 284 inboxes between September 2024 and March 2026. “In Romania, the hackers compromised at least 67 email accounts maintained by the ​Romanian Air Force, including several ⁠belonging to NATO airbases” www.reuters.com/world/russia...

Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December.

The European Union's Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities.

Stryker Corporation, one of the world's leading medical technology companies, says it's fully operational three weeks after many of its systems were wiped out in a cyberattack claimed by the Iranian-linked Handala hacktivist group.

NASA’s mission to orbit the Moon is being interrupted by Outlook (New) and Outlook (classic) both refusing to open 😂

Hackers hijacked the npm account for Axios, a JavaScript HTTP client with 100M+ weekly downloads, and published malicious versions that delivered RAT malware to Linux, Windows, and macOS systems. www.bleepingcomputer.com/news/securit...

The Dutch Ministry of Finance took some of its systems offline, including the digital portal for treasury banking, while investigating a cyberattack detected two weeks ago.

The European Commission is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure.

Hungarian opposition leader Peter Magyar has accused the ruling government of using the Candiru spyware against his TISZA party x.com/magyarpeterM...

Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992.

The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts.

The FBI has seized two websites used by the Handala hacktivist group after the threat actors conducted a destructive cyberattack on medical technology giant Stryker that wiped approximately 80,000 devices.

The Handala hacktivist group (which claimed the cyberattack on medical technology giant Stryker last week) used the wipe command in Microsoft’s Intune cloud-based endpoint management service to erase data from nearly 80,000 devices. www.bleepingcomputer.com/news/securit...

Starbucks has disclosed a data breach affecting hundreds of employees after threat actors gained access to their Starbucks Partner Central accounts.

Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users access to more data than intended. However, the ShinyHunters extortion gang claims to be actively exploiting a new bug to steal data from instances.

Ericsson Inc., the U.S. subsidiary of Swedish networking and telecommunications giant Ericsson, says attackers have stolen data belonging to an undisclosed number of employees and customers after hacking one of its service providers.

We are aware of recent reports regarding targeted phishing attacks that have resulted in account takeovers of some Signal users, including government officials and journalists. We take this very seriously. 1/7

The U.S. Federal Bureau of Investigation (FBI) confirmed on Thursday that it's investigating a breach that affected systems used to manage surveillance and wiretap warrants.

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

The FBI has seized the LeakBase cybercrime forum, a major online forum used by cybercriminals buy and sell hacking tools and stolen data.

SCOOP: An internal DHS document obtained by 404 Media shows for the first time CBP used location data sourced from the online advertising industry to track phone locations. This surveillance can happen through all sorts of apps, such as video games, news apps, weather trackers, and dating apps.

Amazon has confirmed that three Amazon Web Services (AWS) data centers in the United Arab Emirates (UAE) and one in Bahrain have been damaged by drone strikes, causing an extensive outage that is still affecting dozens of cloud computing services.

Seeing the lengthy list of changes/cutbacks to CISA catalogued in this one piece makes it clear there is little left of it. The agency is less than a decade old and struggled for years to find its footing before it started to make progress. But all advances it made have been gutted in last 12 months

In an unexpected twist of events, Meta says they're taking legal action "to combat scams" and filed "lawsuits against deceptive advertisers in Brazil and China that used celeb-bait and a Vietnam-based advertiser who used cloaking and led a subscription fraud scheme." about.fb.com/news/2026/02...

Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks.

Just leaving these two stories next to each other.: 'AIs can’t stop recommending nuclear strikes in war game simulations' & 'Pentagon threatens to make Anthropic a pariah if it refuses to drop AI guardrails' www.newscientist.com/article/2516... edition.cnn.com/2026/02/24/t...

Weird cyber story from Russia: a Moscow resident Ruslan Satuchin faces criminal charges for allegedly contacting Conti under the pretense of the FSB & extorting money for protection. Now he's investigated for fraud No word of legal action against Conti www.rbc.ru/society/25/0...

It's been a year since North Korean hackers stole $1.5 billion from Bybit, and they completely got away with it, ha ha ha. Bybit exploit 12 months on: the DPRK threat continues www.elliptic.co/blog/bybit-e...

Google disrupts Chinese-linked hackers that attacked 53 groups globally - www.reuters.com/sustainabili...

Some breaking news out of Russia: Officials have started an investigation into Telegram founder Pavel Durov for promoting terrorism www.kommersant.ru/doc/8460981?...

PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year.

As part of its internet crackdown, it appears that Russia's internet watchdog accidentally blocked the official website of the Linux kernel. The block has been lifted after Russian IT engineers reminded Roskomnadzor that the country's native OS also runs on Linux kod.ru/linux-rus-fail

The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked.

French prosecutors have raided X's offices in Paris on Tuesday as part of a criminal investigation into the platform's Grok AI tool, widely used to generate sexually explicit images.

The data breach notification service Have I Been Pwned says that a data breach at the U.S. food chain Panera Bread affected 5.1 million accounts, not 14 million customers as previously reported.

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks.

The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations.

Hackers behind cyberattack against Poland electric grid in Dec disabled communication devices for at least 30 sites across a number of energy facilities in country. They rendered the devices - known as remote terminal units or RTUs - not only inoperable but also unrecoverable

SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software.

Hackers have stolen the personal and contact information belonging to over 29.8 million SoundCloud user accounts after breaching the audio streaming platform's systems.

Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks.

Something of note I found in researching this: ICE's Homeland Security Investigations unit has tried and failed to break into BitLocker devices. It simply doesn't have the capability, per an HSI forensic specialist's letter to a court in 2025. But we now know it can ask Microsoft for help.