π Appleβs latest beta brings end-to-end encryption to RCS β but only for Apple-to-Apple chats so far.
Itβs part of iOS 26.4 testing alongside new memory protections designed to block spyware at the kernel level.
π Inside Appleβs new security stack β https://thehackernews.com/2026/02/apple-tests-end-to-end-encrypted-rcs.html
Itβs part of iOS 26.4 testing alongside new memory protections designed to block spyware at the kernel level.
π Inside Appleβs new security stack β https://thehackernews.com/2026/02/apple-tests-end-to-end-encrypted-rcs.html
π18π€2π1
β‘ Microsoft warns some firms are embedding manipulative prompts in βSummarize with AIβ buttons.
Researchers identified 50+ hidden instructions that push assistants to remember and recommend specific brands β with effects persisting across future chats, often without user awareness.
π Read β https://thehackernews.com/2026/02/microsoft-finds-summarize-with-ai.html
Researchers identified 50+ hidden instructions that push assistants to remember and recommend specific brands β with effects persisting across future chats, often without user awareness.
π Read β https://thehackernews.com/2026/02/microsoft-finds-summarize-with-ai.html
π₯11
Most βAI for GRCβ still stops at task automation β drafting policies or extracting clauses.
As Yair Kuznitsov, CEO of Anecdotes, explains, agentic GRC replaces the workflow itself. Agents collect evidence, evaluate controls, trigger remediation, and maintain audit trails autonomously.
Decision-making is embedded.
π CCM agent execution model β https://thehackernews.com/expert-insights/2026/02/ai-shouldnt-improve-workflows-it-should.html
As Yair Kuznitsov, CEO of Anecdotes, explains, agentic GRC replaces the workflow itself. Agents collect evidence, evaluate controls, trigger remediation, and maintain audit trails autonomously.
Decision-making is embedded.
π CCM agent execution model β https://thehackernews.com/expert-insights/2026/02/ai-shouldnt-improve-workflows-it-should.html
π7π₯1
β οΈ β οΈ π€ A trojanized Oura AI connector is being used to spread SmartLoader malware.
Attackers cloned the MCP server, staged fake GitHub contributors, and planted it in trusted registries. The payload drops StealC to steal credentials, wallets, and cloud access.
π Read β https://thehackernews.com/2026/02/smartloader-attack-uses-trojanized-oura.html
Attackers cloned the MCP server, staged fake GitHub contributors, and planted it in trusted registries. The payload drops StealC to steal credentials, wallets, and cloud access.
π Read β https://thehackernews.com/2026/02/smartloader-attack-uses-trojanized-oura.html
π8
Network Detection & Response is now central to SOC workflowsβnot an add-on.
Testing Corelightβs Investigator showed analysts tracing exploits, reverse shells, and lateral movement in one dashboard, mapped to MITRE and guided by embedded AI.
NDR serves as a force multiplier for mid-tier teams.
π Inside: hunt workflows β https://thehackernews.com/2026/02/my-day-getting-my-hands-dirty-with-ndr.html
Testing Corelightβs Investigator showed analysts tracing exploits, reverse shells, and lateral movement in one dashboard, mapped to MITRE and guided by embedded AI.
NDR serves as a force multiplier for mid-tier teams.
π Inside: hunt workflows β https://thehackernews.com/2026/02/my-day-getting-my-hands-dirty-with-ndr.html
π8
Infosec Compliance Now 2026 | Earn 4 CPEs
Registration for the 6th annual Infosec Compliance Now virtual event is live! Attend and earn up to 4 free CPE credits while learning about AI-powered GRC, cyber resilience, continuous control monitoring using automation, and more!
Register β https://thn.news/cyber-risk-event
Registration for the 6th annual Infosec Compliance Now virtual event is live! Attend and earn up to 4 free CPE credits while learning about AI-powered GRC, cyber resilience, continuous control monitoring using automation, and more!
Register β https://thn.news/cyber-risk-event
π₯4π1
β οΈ Cloud attacks move faster than investigations.
Wiz experts show how workloads vanish, identities rotate, and logs expire before response even starts.
Minutes β not days β decide outcomes. See how context-aware forensics rebuilds full attack timelines fast.
π See cloud breaches reconstructed step-by-step β https://thehackernews.com/2026/02/cloud-forensics-webinar-learn-how-ai.html
Wiz experts show how workloads vanish, identities rotate, and logs expire before response even starts.
Minutes β not days β decide outcomes. See how context-aware forensics rebuilds full attack timelines fast.
π See cloud breaches reconstructed step-by-step β https://thehackernews.com/2026/02/cloud-forensics-webinar-learn-how-ai.html
π₯9π1π1
π A firmware-level Android backdoor called Keenadu is being shipped inside signed tablet builds.
Telemetry shows 13,715 users globally encountered its modules. It injects into every app via core system libraries, enabling remote control, data theft, and ad fraud.
π Read β https://thehackernews.com/2026/02/keenadu-firmware-backdoor-infects.html
Telemetry shows 13,715 users globally encountered its modules. It injects into every app via core system libraries, enabling remote control, data theft, and ad fraud.
π Read β https://thehackernews.com/2026/02/keenadu-firmware-backdoor-infects.html
π€―11π±7π€4π2
π€ AI assistants with web browsing can be weaponized as stealth command relays.
Check Point showed Copilot and Grok fetching attacker URLs and returning commands through normal responses β blending C2 traffic into enterprise use.
π Read details β https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html
Check Point showed Copilot and Grok fetching attacker URLs and returning commands through normal responses β blending C2 traffic into enterprise use.
π Read details β https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html
π€―8π7π7π2
β οΈ CISA added 4 actively exploited flaws to its KEV list, including a Chrome zero-day and critical Zimbra SSRF bug.
Attacks range from browser heap corruption to server command execution and worm delivery.
π Exploited CVEs, affected tech, patch timelines β https://thehackernews.com/2026/02/cisa-flags-four-security-flaws-under.html
Attacks range from browser heap corruption to server command execution and worm delivery.
π Exploited CVEs, affected tech, patch timelines β https://thehackernews.com/2026/02/cisa-flags-four-security-flaws-under.html
β‘7π₯3
β‘ Notepad++ pushed a security update after attackers hijacked its updater to deliver malware to select users.
Version 8.9.2 adds a βdouble lockβ verification system & hardens the auto-updater after a hosting breach enabled poisoned updates.
π Read β https://thehackernews.com/2026/02/notepad-fixes-hijacked-update-mechanism.html
Version 8.9.2 adds a βdouble lockβ verification system & hardens the auto-updater after a hosting breach enabled poisoned updates.
π Read β https://thehackernews.com/2026/02/notepad-fixes-hijacked-update-mechanism.html
π14π₯6π5π€―3
π¨ China-linked UNC6201 exploited a CVSS 10.0 (CVE-2026-22769) Dell RecoverPoint zero-day since 2024 using hard-coded credentials.
Access led to Tomcat web shells, BRICKSTORM installs, and newer GRIMBOLT backdoors built to evade detection.
π Read β https://thehackernews.com/2026/02/dell-recoverpoint-for-vms-zero-day-cve.html
Access led to Tomcat web shells, BRICKSTORM installs, and newer GRIMBOLT backdoors built to evade detection.
π Read β https://thehackernews.com/2026/02/dell-recoverpoint-for-vms-zero-day-cve.html
π₯12π2π2
88% of AI pilots never reach production.
Security and IT teams stall not on toolsβbut execution. Intelligent workflows blend automation, AI decisions, and human review to move phishing response, service requests, and vuln tracking from manual to real time.
π Pre-built workflow breakdowns β https://thehackernews.com/2026/02/3-ways-to-start-your-intelligent.html
Security and IT teams stall not on toolsβbut execution. Intelligent workflows blend automation, AI decisions, and human review to move phishing response, service requests, and vuln tracking from manual to real time.
π Pre-built workflow breakdowns β https://thehackernews.com/2026/02/3-ways-to-start-your-intelligent.html
π13
β οΈ Four popular VS Code extensions expose developers to file theft and remote code execution.
Researchers say 125M+ installs are affected. Flaws in Live Server, Code Runner, and others enable localhost abuse, malicious configs, and code injectionβsome still unpatched.
π Read β https://thehackernews.com/2026/02/critical-flaws-found-in-four-vs-code.html
Researchers say 125M+ installs are affected. Flaws in Live Server, Code Runner, and others enable localhost abuse, malicious configs, and code injectionβsome still unpatched.
π Read β https://thehackernews.com/2026/02/critical-flaws-found-in-four-vs-code.html
π8π€―4
Cybersecurity isnβt preparing for storms anymore. Instability is permanent.
AI threats, regulatory pressure, and geopolitical risk now shape how systems are built and runβnot just defended.
π What security looks like when volatility is baseline β https://thehackernews.com/2026/02/cybersecurity-tech-predictions-for-2026.html
AI threats, regulatory pressure, and geopolitical risk now shape how systems are built and runβnot just defended.
π What security looks like when volatility is baseline β https://thehackernews.com/2026/02/cybersecurity-tech-predictions-for-2026.html
π2
Media is too big
VIEW IN TELEGRAM
π¨ Thereβs an extreme scarcity of skilled GenAI red teamersβexperts estimate fewer than 10,000 globally, while one security industry analyst believes there are fewer than 10 capable of tackling frontier AI risks.
π½οΈ From TELUS Digital's Fuel iX team: Watch Uncharted: The AI Safety & Security Summit on demand to hear from top security leaders and industry experts as they uncover:
β’ Hidden vulnerabilities in GenAI models
β’ How automated red teaming is transforming risk detection
β’ Actionable strategies to safeguard your AI systems
π Watch now: https://thn.news/ai-security-summit-tg
π½οΈ From TELUS Digital's Fuel iX team: Watch Uncharted: The AI Safety & Security Summit on demand to hear from top security leaders and industry experts as they uncover:
β’ Hidden vulnerabilities in GenAI models
β’ How automated red teaming is transforming risk detection
β’ Actionable strategies to safeguard your AI systems
π Watch now: https://thn.news/ai-security-summit-tg
π3
Researchers found a stack overflow in Grandstream GXP1600 phones (CVE-2026-2329, 9.3 CVSS).
A crafted API request can overwrite memory and run code remotelyβno login required. Post-exploitation includes credential theft and VoIP call interception via rogue SIP proxy.
π Read β https://thehackernews.com/2026/02/grandstream-gxp1600-voip-phones-exposed.html
A crafted API request can overwrite memory and run code remotelyβno login required. Post-exploitation includes credential theft and VoIP call interception via rogue SIP proxy.
π Read β https://thehackernews.com/2026/02/grandstream-gxp1600-voip-phones-exposed.html
π3π₯1
π Citizen Lab found Cellebrite tools used on a Kenyan activistβs phone while it was in police custody.
Boniface Mwangiβs Samsung device was accessed in July 2025 and later returned without password protection. Full extraction could include messages, files, and passwords.
The findings follow similar cases in Jordan.
π Read β https://thehackernews.com/2026/02/citizen-lab-finds-cellebrite-tool-used.html
Boniface Mwangiβs Samsung device was accessed in July 2025 and later returned without password protection. Full extraction could include messages, files, and passwords.
The findings follow similar cases in Jordan.
π Read β https://thehackernews.com/2026/02/citizen-lab-finds-cellebrite-tool-used.html