Follow on Google News
Google Chrome Emergency Security Update Patches High-Severity PDFium and V8 Vulnerabilities
Google rolled out an emergency security update for Chrome Stable Channel on February 17, 2026. This patch targets three vulnerabilities. Two high-severity flaws sit in…
Splunk Enterprise Windows DLL Hijacking Grants SYSTEM Access
Splunk Enterprise for Windows contains a critical DLL search-order hijacking vulnerability tracked as CVE-2026-20140. Low-privileged attackers gain SYSTEM privileges when the Splunk service loads malicious…
Adidas Probes Third-Party Data Breach After Lapsus$ Claims 815,000 Stolen Records
Sportswear manufacturer Adidas is currently investigating a data breach involving an independent licensing partner. On February 16, 2026, a threat actor known as “LAPSUS-GROUP” claimed…
OpenClaw Supply Chain Attack: 1,184 Malicious AI Skills Deploy AMOS Malware
The most downloaded extension on the OpenClaw AI platform is actually functional malware. Security researchers recently discovered 1,184 malicious skills on ClawHub, the official marketplace…
China’s CNVD CNNVD Databases Create Vulnerability Disclosure Gaps
China maintains two national vulnerability databases, CNVD and CNNVD, that reveal security flaws months before Western databases. These systems create informational asymmetry exploited by threat…
Socomec DIRIS M-70 Gateway: Six Critical DoS Vulnerabilities Exposed
Cisco Talos researchers discovered six high-severity denial-of-service vulnerabilities in Socomec DIRIS M-70 IIoT gateways. The flaws affect firmware version 1.6.9 and enable remote attackers to…
PromptSpy: First Android Malware Uses Gemini AI for Persistence
PromptSpy marks the first known Android malware family that integrates Google’s Gemini AI model into its core execution. ESET researcher Lukas Stefanko discovered the threat…
Fake Google Forms Phishing Steals Google Account Credentials
Threat actors launched a phishing campaign targeting job seekers with fake Google Forms sites at forms.google.ss-o[.]com. The fraudulent domain mimics legitimate forms.google.com while suggesting “single…
CISA Warns: Honeywell CCTV Flaw Enables Remote Account Takeover
CISA issued advisory ICSA-26-048-04 on February 17, 2026, warning of critical CVE-2026-1670 affecting Honeywell CCTV cameras. The authentication bypass (CVSS 9.8) lets unauthenticated attackers change…
ClickFix Attacks Now Abuse nslookup.exe for DNS Payloads
Hackers evolved the ClickFix social engineering campaign to abuse nslookup.exe for DNS-based malware staging. Victims tricked into Windows Run dialog execute nslookup commands querying attacker…
November 21, 2025
1 comment 
