Tag: computer
-
MS-Agent Vulnerability Exposes AI Agents to Remote Hijacking, Granting Full System Control
A critical vulnerability has been discovered in the MS-Agent framework, a lightweight software tool used to build and run autonomous AI agents. Tracked as CVE-2026-2256, this command injection flaw allows remote attackers to hijack these AI agents, potentially granting them full control over the underlying computer systems. MS-Agent is designed to help developers create AI…
-
Google Chrome Introduces Merkle Tree Certificates to Protect HTTPS from Quantum Attacks
Google Chrome’s Secure Web and Networking Team has unveiled a new initiative aimed at defending HTTPS traffic against emerging quantum computing threats. This development, rooted in the Internet Engineering Task Force’s (IETF) >>PKI, Logs, And Tree Signatures<< (PLANTS) working group, introduces Merkle Tree Certificates (MTCs) as a quantum-safe evolution for the web ecosystem. Quantum computers…
-
NDSS 2025 Siniel: Distributed Privacy-Preserving zkSNARK
Tags: blockchain, china, computer, computing, conference, cryptography, data, framework, Internet, network, oracle, privacySession 14B: Privacy & Cryptography 2 Authors, Creators & Presenters: Yunbo Yang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Yuejia Cheng (Shanghai DeCareer Consulting Co., Ltd), Kailun Wang (Beijing Jiaotong University), Xiaoguo Li (College of Computer Science, Chongqing University), Jianfei Sun (School of Computing and Information Systems, Singapore Management University), Jiachen…
-
NDSS 2025 Siniel: Distributed Privacy-Preserving zkSNARK
Tags: blockchain, china, computer, computing, conference, cryptography, data, framework, Internet, network, oracle, privacySession 14B: Privacy & Cryptography 2 Authors, Creators & Presenters: Yunbo Yang (The State Key Laboratory of Blockchain and Data Security, Zhejiang University), Yuejia Cheng (Shanghai DeCareer Consulting Co., Ltd), Kailun Wang (Beijing Jiaotong University), Xiaoguo Li (College of Computer Science, Chongqing University), Jianfei Sun (School of Computing and Information Systems, Singapore Management University), Jiachen…
-
Alabama man pleads guilty to hacking, extorting hundreds of women
A 22-year-old Alabama man pleaded guilty to extortion, cyberstalking, and computer fraud charges after hijacking the social media accounts of hundreds of young women (including minors). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/alabama-man-pleads-guilty-to-hacking-extorting-hundreds-of-women/
-
Hacker erpressen weniger Lösegeld
immer mehr betroffene Unternehmen und Organisationen folgen dem Rat, kein Lösegeld zu zahlen.Laut einem neuen Bericht des Analyseunternehmens Chainalysis konnten Hacker im Jahr 2025 im Zusammenhang mit Ransomware-Angriffen insgesamt 820 Millionen Dollar erbeuten.Auch wenn die Summe hoch ist, im Vergleich zum Vorjahr ist sie damit um 28 Prozent gesunken. Zudem ist zu berücksichtigen, dass die…
-
Fake Zoom meeting leads to silent install of surveillance software
Malwarebytes researchers have uncovered a fake (but convincing) Zoom meeting page that downloads surveillance software on Windows computers and tricks users into running it. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/25/fake-zoom-meeting-teramind-surveillance-software/
-
LUKS Encryption Compromised on Linux ICS Devices via TPM Bus Sniffing Exploit
Security researchers Per Idenfeldt Okuyama and Sam Eizad have uncovered a critical physical attack vulnerability in the Moxa UC-1222A Secure Edition industrial computer, demonstrating that its LUKS full-disk encryption can be fully defeated by passively sniffing the SPI bus between the processor and the discrete TPM 2.0 chip during system boot. The flaw, tracked as…
-
Break free of Ring’s servers, earn a five-figure bounty
Goal is to run software locally and stream only to owners’ computers First seen on theregister.com Jump to article: www.theregister.com/2026/02/23/ring_bounty/
-
Leading Semiconductor Supplier Advantest Hit by Ransomware Attack
Advantest, a Japanese specialist in testing computer chips for major semiconductor manufacturers, has deployed incident response protocols following a cybersecurity incident First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/advantest-ransomware-attack/
-
Romanian hacker faces up to 7 years for breaching Oregon emergency management department
In court on Thursday, Catalin Dragomir pleaded guilty to obtaining information from a protected computer and one count of aggravated identity theft. First seen on therecord.media Jump to article: therecord.media/romanian-hacker-faces-7-years-oregon-breach
-
Dynamic Objects in Active Directory: The Stealthy Threat
Active Directory’s “dynamic objects” feature offers attackers a perfect evasion cloak. These objects automatically self-destruct without a trace, so they allow adversaries to bypass quotas, pollute access lists, and persist in the cloud, leaving forensic investigators with nothing to analyze. Key takeaways The threat: Dynamic objects self-delete without leaving any traces, or “tombstones” in AD…
-
Men sentenced to 8 years in $1.3 million computer intrusion and tax fraud scheme
Matthew A. Akande, a Nigerian national, was sentenced by a U.S. District Court to eight years in prison, followed by three years of supervised release, for his role in a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/tax-refund-fraud-cybercrime-1-3-million/
-
Men sentenced to 8 years in $1.3 million computer intrusion and tax fraud scheme
Matthew A. Akande, a Nigerian national, was sentenced by a U.S. District Court to eight years in prison, followed by three years of supervised release, for his role in a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/tax-refund-fraud-cybercrime-1-3-million/
-
Cyberangriff auf Bahn stört Auskunftssysteme
Der Angriff konnte zurückgeschlagen werden. Trotzdem mussten Reisende mit Einschränkungen leben. Deutsche Bahn AG/Volker EmerslebenDie Störungen der Auskunfts- und Buchungssysteme der Deutschen Bahn sind nach Unternehmensangaben auf einen Cyberangriff zurückzuführen. Inzwischen stehen die Systeme wieder zur Verfügung, wie die Bahn mitteilte. Über mögliche Urheber des Angriffs machte der Konzern keine Angaben.Schon am Dienstagnachmittag hatte es…
-
Polish authorities arrest alleged Phobos ransomware affiliate
The 47-year-old man, who was not identified, faces up to five years in prison for producing, obtaining and sharing computer programs used to conduct cyberattacks. First seen on cyberscoop.com Jump to article: cyberscoop.com/phobos-ransomware-affiliate-arrested-poland/
-
Post-Quantum Cryptography for DKIM, PGP, and S/MIME: Quantum Threat to Email Security
Quantum computers won’t break the internet tomorrow”¦ but they will break your email security sooner than you think. Today, cybercriminals and state-sponsored groups are quietly collecting encrypted emails in bulk. They know they can’t crack the encryption today. That’s fine. They don’t need to. They’re playing the long game. This tactic has a name: Store-Now-Decrypt-LaterRead…
-
Poland arrests suspect linked to Phobos ransomware operation
Polish police have detained a 47-year-old man suspected of ties to the Phobos ransomware group and seized computers and mobile phones containing stolen credentials, credit card numbers, and server access data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/poland-arrests-suspect-linked-to-phobos-ransomware-operation/
-
Phobos ransomware affiliate arrested in Poland
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) detained a 47-year-old man suspected of creating, acquiring, and sharing computer programs used to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/17/phobos-ransomware-affiliate-arrested-in-poland/
-
Google Chrome Fixes Actively Exploited CVE-2026-2441 Bug
A critical security vulnerability, CVE-2026-2441, has prompted an urgent out-of-band update for Google Chrome after confirmation that the flaw is being actively exploited. The Hong Kong Computer Emergency Response Team (HKCERT) alerted users to the flaw on 16 February 2026. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-2441-google-chrome/
-
Critical BeyondTrust RS vulnerability exploited in active attacks
remote access.exe and others.”The attackers also managed to create domain accounts using the net user command and then added them to administrative groups such as “enterprise admins” or “domain admins.”The AdsiSearcher tool was used to search the Active Directory environment for other computers and PSexec was used to install SimpleHelp on multiple devices.The researchers also…
-
Why key management becomes the weakest link in a post-quantum and AI-driven security world
Tags: access, ai, attack, computer, control, crypto, cryptography, data, data-breach, exploit, governance, incident response, infrastructure, risk, switchWhy post-quantum readiness is really a key lifecycle problem: Post-quantum cryptography is often framed as a future threat. That framing misses the real challenge.The risk is not the moment a quantum computer breaks an algorithm. The risk is the long transition period before and after that moment. During this phase, organizations must support hybrid cryptography,…
-
Why key management becomes the weakest link in a post-quantum and AI-driven security world
Tags: access, ai, attack, computer, control, crypto, cryptography, data, data-breach, exploit, governance, incident response, infrastructure, risk, switchWhy post-quantum readiness is really a key lifecycle problem: Post-quantum cryptography is often framed as a future threat. That framing misses the real challenge.The risk is not the moment a quantum computer breaks an algorithm. The risk is the long transition period before and after that moment. During this phase, organizations must support hybrid cryptography,…
-
Why key management becomes the weakest link in a post-quantum and AI-driven security world
Tags: access, ai, attack, computer, control, crypto, cryptography, data, data-breach, exploit, governance, incident response, infrastructure, risk, switchWhy post-quantum readiness is really a key lifecycle problem: Post-quantum cryptography is often framed as a future threat. That framing misses the real challenge.The risk is not the moment a quantum computer breaks an algorithm. The risk is the long transition period before and after that moment. During this phase, organizations must support hybrid cryptography,…
-
$44 Evilmouse Malware Grants Attackers Full Control of Systems Upon Connection
A new hardware-based threat has emerged that disguises malicious code execution capabilities inside an ordinary computer mouse. Dubbed >>EvilMouse,<< this covert keystroke injector demonstrates how everyday peripherals can become powerful attack tools for just $44 in parts. EvilMouse operates similarly to the well-known USB Rubber Ducky penetration testing tool. However, with a crucial difference: it…
-
What CISOs need to know about the OpenClaw security nightmare
OpenClaw exposes enterprise security gaps: The first big lesson of this whole OpenClaw situation is that enterprises need to do more to get their security fundamentals in place. Because if there are any gaps, anywhere at all, they will now be found and exploited at an unprecedented pace. In the case of OpenClaw, that means…
-
Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users
Critical security flaws targeting Windows and Office users allow hackers to take complete control of a victim’s computer by clicking a malicious link or opening a file. Patch now. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/11/microsoft-says-hackers-are-exploiting-critical-zero-day-bugs-to-target-windows-and-office-users/