Follow on Google News
Browser-in-the-Browser Kit Uses Fake Software Errors to Push Malware Installers
A Browser-in-the-Browser phishing kit is being used to trick users into downloading malware installers that look like legitimate software updates or fixes. Palo Alto Networks’…
PoC Exploit Released for Critical libssh2 Remote Code Execution Vulnerability
A public proof-of-concept exploit is now available for CVE-2026-55200, a critical remote code execution vulnerability in libssh2. The flaw affects libssh2 through version 1.11.1 and…
White House Orders Federal Agencies to Move High-Value Systems to Post-Quantum Cryptography
The White House has ordered federal civilian agencies to move high-value and high-impact systems to post-quantum cryptography, setting firm deadlines for the government’s largest cryptographic…
Webmin 2.641 Fixes Vulnerabilities That Could Bypass 2FA and Impersonate Users
Webmin administrators should upgrade to the latest release after multiple security issues were disclosed in the web-based server administration tool. The flaws affect older Webmin…
Laravel Livewire RCE Exploited to Steal Credentials From More Than 6,000 Apps
Attackers have exploited a critical Laravel Livewire remote code execution vulnerability to steal credentials from thousands of applications worldwide. According to a new Imperva Threat…
PoC Exploit Released for Microsoft Exchange Server Elevation of Privilege Vulnerability
A public proof-of-concept exploit has been released for CVE-2026-45504, a high-severity Microsoft Exchange Server vulnerability that can let an authenticated attacker elevate privileges over the…
Fake Income Tax Assessment Notice Delivers RAT-Like Malware to Windows Users
A new phishing campaign is targeting Windows users in India with a fake Income Tax Department assessment notice that downloads RAT-like malware. The campaign uses…
Operation Endgame Disrupts StealC, Amadey and SocGholish Malware Infrastructure
Law enforcement agencies and cybersecurity companies have disrupted infrastructure used by StealC, Amadey and SocGholish, three malware families tied to credential theft, ransomware access and…
Cisco SD-WAN Zero-Day Exploited to Gain Root Access, Mandiant Warns
Hackers exploited a zero-day flaw in Cisco Catalyst SD-WAN Manager to move from administrative access to root-level control, according to a new Mandiant investigation. The…
EvilTokens Phishing Kit Hides Microsoft Device Code Attack Flow From Static URL Scans
EvilTokens is making Microsoft 365 phishing investigations harder by hiding the real phishing page until the victim’s browser runs JavaScript. A new ANY.RUN analysis shows…
February 10, 2026
1 comment 
