Tag: unauthorized
-
WhatsApp Rolls Out Optional Password Feature to Strengthen User Security
WhatsApp is developing a new feature to significantly strengthen account security by introducing optional account passwords. Currently available in the Google Play Beta Program through version 2.26.7.8, this functionality aims to add another robust layer of defense against unauthorized access and account takeovers. While still under development and not yet available for beta testing, this…
-
Global Chip Supplier Advantest Discloses Cyber Incident
Advantest is investigating a possible ransomware incident after detecting unauthorized access to its corporate network. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/global-chip-supplier-advantest-discloses-cyber-incident/
-
Romanian hacker pleads guilty to selling access to Oregon state networks
A Romanian man pleaded guilty to selling admin access to Oregon’s state network for $3,000 in Bitcoin and repeatedly accessing it to prove control. Catalin Dragomir (45) from Romania, pleaded guilty in the U.S. for selling unauthorized admin access to an Oregon state emergency management network. He gained access in June 2021, advertised it, and…
-
Why Your SOC is Blind to Your Biggest Attack Surface (And How to Fix It)
Tags: ai, api, attack, business, crowdstrike, data, endpoint, insurance, intelligence, siem, soc, threat, unauthorized, wafThe “Engineering” Trap In many organizations, there is a dangerous unspoken rule: The SOC handles endpoints and networks; Engineering handles APIs. This silo creates a massive blind spot. We recently spoke with the Senior Manager of Security Engineering at a major insurance provider, who described this exact pain point. Before bringing in Salt Security, their…
-
23rd February Threat Intelligence Report
France’s Ministry of Economy has disclosed a data breach resulted from an unauthorized access to the national bank account registry FICOBA, impacting information tied to 1.2 million accounts. Exposed data includes names, […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/23rd-february-threat-intelligence-report/
-
PayPal app code error leaked personal info and a ‘few’ unauthorized transactions
About 100 customers affected First seen on theregister.com Jump to article: www.theregister.com/2026/02/20/paypal_app_code_error_leak/
-
Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the past few months.”On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish…
-
Former Google Engineers Indicted Over Trade Secret Transfers to Iran
Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran.Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor Ghandali,…
-
Ongoing Campaign Targets Microsoft 365 to Steal OAuth Tokens for Persistent Access
A new phishing campaign exploiting Microsoft’s OAuth 2.0 Device Authorization Grant flow to gain unauthorized and persistent access to Microsoft 365 accounts. The sophisticated attack active since December 2025 specifically targets professionals and enterprises in North America, with over 44% of identified victims based in the United States. Sectors hit hardest include technology, manufacturing, and…
-
Three Former Google Engineers Indicted Over Trade Secret Transfers to Iran
Two former Google engineers and one of their husbands have been indicted in the U.S. for allegedly committing trade secret theft from the search giant and other tech firms and transferring the information to unauthorized locations, including Iran.Samaneh Ghandali, 41, and her husband Mohammadjavad Khosravi (aka Mohammad Khosravi), 40, along with her sister Soroor Ghandali,…
-
Insider Threat Indicators Beyond the Firewall
Nisos Insider Threat Indicators Beyond the Firewall Insider threats rarely start with a dramatic breach. Instead, they begin quietly. A shift in behavior. A suspicious or unauthorized external contact. An unexplained access request… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/insider-threat-indicators-beyond-the-firewall/
-
CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs
Tags: access, authentication, cctv, cisa, cve, cybersecurity, email, flaw, infrastructure, unauthorizedCISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns that Honeywell CCTVs are affected by a critical authentication bypass flaw, tracked as CVE-2026-1670 (CVSS score of 9.8), that lets attackers change the recovery email without logging…
-
CISA alerts to critical auth bypass CVE-2026-1670 in Honeywell CCTVs
Tags: access, authentication, cctv, cisa, cve, cybersecurity, email, flaw, infrastructure, unauthorizedCISA warns Honeywell CCTVs are affected by a critical auth bypass flaw (CVE-2026-1670) allowing unauthorized access or account hijacking. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns that Honeywell CCTVs are affected by a critical authentication bypass flaw, tracked as CVE-2026-1670 (CVSS score of 9.8), that lets attackers change the recovery email without logging…
-
CISA Alerts Organizations to Honeywell CCTV Flaw Enabling Account Takeovers
Tags: access, advisory, cctv, cisa, cve, cyber, cybersecurity, flaw, infrastructure, risk, unauthorized, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about a critical vulnerability affecting multiple Honeywell CCTV camera products that could allow attackers to take over user accounts and gain unauthorized access to camera feeds. The flaw, tracked as CVE-2026-1670, poses significant risks to organizations relying on these surveillance systems for security…
-
Stealthy Crypto-Mining Malware Jumps Air-Gaps, Spreads via External Drives
Cryptojacking, the unauthorized use of a victim’s computing resources to mine cryptocurrency, has transitioned from a browser-based nuisance (typified by Coinhive scripts) to a system-level threat utilizing advanced malware techniques. The infection chain starts with a familiar lure: cracked “premium” productivity suites distributed via pirated software bundles, where the user executes what appears to be…
-
Microsoft 365 Copilot Vulnerability Exposes Sensitive Emails Through AI Summaries
A security flaw in Microsoft 365 Copilot is currently causing the AI assistant to incorrectly summarize email messages protected by confidentiality sensitivity labels, essentially bypassing configured Data Loss Prevention (DLP) policies. This vulnerability exposes potentially sensitive organizational data to unauthorized AI processing. The issue, tracked under Microsoft reference CW1226324, was first flagged on February 4,…
-
OWASP Agentic Top 10: Agent Goal Hijack FireTail Blog
Feb 18, 2026 – Lina Romero – What is Agent Goal Hijack?Agent Goal Hijack occurs when an attacker manipulates an agent’s objectives or decision pathways. Unlike traditional LLM attacks that focus on altering a single response, ASI01 targets the planning logic of the agent.Agents rely on natural-language instructions, so they often can’t reliably distinguish between…
-
Critical infra Honeywell CCTVs vulnerable to auth bypass flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that allows unauthorized access to feeds or account hijacking. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-infra-honeywell-cctvs-vulnerable-to-auth-bypass-flaw/
-
ZeroDayRAT spyware targets Android and iOS devices via commercial toolkit
Reliance on deception and not exploits: Despite the name, ZeroDayRAT does not depend on undisclosed operating system vulnerabilities to infect devices. Instead, the primary infection vector is social engineering. Victims are persuaded to install a malicious application or configuration profile disguised as legitimate software, often delivered through links shared via SMS, email, or messaging platforms.While…
-
Washington Hotel in Japan Hit by Ransomware Attack
Washington Hotel, a prominent hotel chain in Japan, has confirmed a ransomware attack that compromised several of its servers on February 13, 2026. The incident was detected at 10:00 PM when unauthorized access was identified on multiple servers, prompting immediate security measures to contain the breach. Upon discovering the intrusion, Washington Hotel’s IT team immediately…
-
India’s Largest Pharmacy Exposes Customer Personal Data and Internal System Access
Tags: access, api, breach, country, cyber, data, data-breach, india, infrastructure, unauthorized, vulnerabilityA major security vulnerability was recently discovered in the online infrastructure of Dava India, one of the country’s largest generic pharmacy retail chains. The breach, identified by security researcher Eaton, exposed sensitive customer personal data and granted unauthorized access to internal management systems through insecure super administrator APIs. The vulnerability stemmed from an exposed API…
-
Why 2025’s agentic AI boom is a CISO’s worst nightmare
Tags: access, ai, api, attack, breach, ciso, control, data, defense, email, exploit, finance, framework, governance, infrastructure, injection, jobs, LLM, malicious, microsoft, monitoring, nist, nvidia, openai, RedTeam, risk, risk-management, service, strategy, threat, tool, training, unauthorized, update, vulnerabilitydefined the early generative AI boom are structurally obsolete. In their place, dynamic and goal-oriented agentic AI systems are taking over the enterprise.This shift was not born of ambition, but of necessity. The industry’s previous darling, standard retrieval-augmented generation (RAG), has hit a wall. To understand the security crisis of 2026, we must first understand…
-
Langchain Community SSRF Bypass Vulnerability Exposes Internal Services to Unauthorized Access
The Langchain development team has released a critical security update for the @langchain/community package to address a Server-Side Request Forgery (SSRF) vulnerability. Identified as CVE-2026-26019, this flaw exists within the RecursiveUrlLoader class, a utility used for web crawling. If left unpatched, the vulnerability allows attackers to bypass domain restrictions and force the application to access internal network resources or…
-
25 Vulnerabilities Found in Cloud Password Managers, Exposing Users to Unauthorized Access and Changes
The three major cloud-based password managers, such as Bitwarden, LastPass, and Dashlane, collectively serve approximately 60 million users. Despite marketing claims of >>zero-knowledge encryption,<< the research team demonstrated that these platforms contained vulnerabilities allowing attackers to view or modify stored credentials. The findings challenge the industry standard assumption that providers cannot access user data even…
-
16th February Threat Intelligence Report
Dutch telecom provider Odido was hit by a data breach following unauthorized access to its customer management system. Attackers extracted personal data of 6.2 million customers, including names, addresses, phone numbers, email […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/16th-february-threat-intelligence-report/
-
Louis Vuitton, Dior, and Tiffany fined $25 million over data breaches
South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement adequate security measures, which facilitated unauthorized access and the exposure of data belonging to more than 5.5 million customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/louis-vuitton-dior-and-tiffany-fined-25-million-over-data-breaches/
-
Hackers turn bossware against the bosses
Tags: access, advisory, attack, awareness, computer, control, corporate, cybersecurity, data, email, endpoint, hacker, identity, infosec, infrastructure, malicious, mfa, monitoring, network, phishing, ransomware, risk, sans, software, tool, training, unauthorized, vulnerabilityEnsure these risks are catalogued: Johannes Ullrich, dean of research at the SANS Institute, said this report is an example of how corporate IT teams build infrastructure that attackers then abuse. It’s known that employee monitoring software and security software have been misused like this in the past, he said. He pointed out that software…
-
HPE Aruba Flaw Exposes Networking Devices to Privilege Escalation and DoS Attacks
Tags: 5G, access, advisory, attack, communications, cve, cyber, dos, flaw, service, unauthorized, vulnerabilityHPE Aruba Networking has issued a critical security advisory addressing multiple vulnerabilities in its Private 5G Core Platform that could allow attackers to create unauthorized administrative accounts, disrupt services, and access sensitive system information. The flaws, tracked as CVE-2026-23595, CVE-2026-23596, CVE-2026-23597, and CVE-2026-23598, were discovered by the Communications Security Establishment (CSE) and affect versions 1.24.3.0…
-
HPE Aruba Flaw Exposes Networking Devices to Privilege Escalation and DoS Attacks
Tags: 5G, access, advisory, attack, communications, cve, cyber, dos, flaw, service, unauthorized, vulnerabilityHPE Aruba Networking has issued a critical security advisory addressing multiple vulnerabilities in its Private 5G Core Platform that could allow attackers to create unauthorized administrative accounts, disrupt services, and access sensitive system information. The flaws, tracked as CVE-2026-23595, CVE-2026-23596, CVE-2026-23597, and CVE-2026-23598, were discovered by the Communications Security Establishment (CSE) and affect versions 1.24.3.0…
-
SSHStalker botnet brute-forces its way onto 7,000 Linux machines
Tags: attack, authentication, backdoor, botnet, business, control, credentials, cve, exploit, infosec, Internet, linux, login, malware, monitoring, network, password, threat, unauthorized, virus, vulnerabilitycron/systemd integrity monitoring, especially for ‘runs every minute’ patterns.Finally, because SSHStalker looks for older Linux machines, admins should have a legacy Linux eradication plan prioritizing the unhooking of machines with any version of Linux kernel 2.6, because these servers are being targeted. How it was discovered: Discovery of SSHStalker came after Flare created an SSH…