cRyPtHoN™ INFOSEC (EN)
12 February 2026 14:40
Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts
The AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft account credentials.
Originally a legitimate meeting scheduling tool for Outlook users, the module was developed by an independent publisher and has been on the Microsoft Office Add-in Store since December 2022.
https://www.bleepingcomputer.com/news/security/microsoft-store-outlook-add-in-hijacked-to-steal-4-000-microsoft-accounts/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
12 February 2026 14:35
Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users
Microsoft has rolled out fixes for security vulnerabilities in Windows and Office, which the company says are being actively abused by hackers to break into people’s computers.
The exploits are one-click attacks, meaning that a hacker can plant malware or gain access to a victim’s computer with minimal user interaction.
https://techcrunch.com/2026/02/11/microsoft-says-hackers-are-exploiting-critical-zero-day-bugs-to-target-windows-and-office-users/
https://www.zerodayinitiative.com/blog/2026/2/10/the-february-2026-security-update-review
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
12 February 2026 14:28
SMS and OTP Bombing Campaigns Found Abusing API, SSL and Cross-Platform Automation
The modern authentication ecosystem runs on a fragile assumption: that requests for one-time passwords are genuine. That assumption is now under sustained pressure. What began in the early 2020s as loosely shared scripts for irritating phone numbers has evolved into a coordinated ecosystem of SMS and OTP bombing tools engineered for scale, speed, and persistence.
https://thecyberexpress.com/sms-and-otp-bombing-bypass-analysis/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
12 February 2026 14:05
Apple fixed first actively exploited zero-day in 2026
Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw.
Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS to address an actively exploited zero-day tracked as CVE-2026-20700. The flaw is a memory corruption issue in Apple’s Dynamic Link Editor (dyld) that lets attackers execute arbitrary code on vulnerable devices.
https://securityaffairs.com/187890/security/apple-fixed-first-actively-exploited-zero-day-in-2026.html
https://support.apple.com/en-us/126346
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:47
Alleged Data Breach of Farcaster Exposes User Profiles and Wallet Data
A forum post claims Farcaster, a US based decentralized social networking platform, was impacted by a data breach resulting in the leak of a large user dataset. The post alleges that data connected to farcaster.xyz was extracted and released online.
https://databreach.io/breaches/alleged-data-breach-of-farcaster-exposes-user-profiles-and-wallet-data/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:41
Social network for doctors Sermo breached by ransomware attack
Sermo, a social network for doctors, yesterday confirmed it notified 2,674 people of a March 2024 data breach that leaked Social Security numbers.
A ransomware group called Black Basta took credit for the breach in April 2024, saying it stole 700 GB of data from Sermo.
https://www.comparitech.com/news/social-network-for-doctors-sermo-breached-by-ransomware-attack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:37
Scary Agent Skills: Hidden Unicode Instructions in Skills ...And How To Catch Them
There is a lot of talk about Skills recently, both in terms of capabilities and security concerns. However, so far I haven’t seen anyone bring up hidden prompt injection. So, I figured to demo a Skills supply chain backdoor that survives human review.
https://embracethered.com/blog/posts/2026/scary-agent-skills/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:27
Zen-AI-Pentest: Open-source AI-powered penetration testing framework
Zen-AI-Pentest provides an open-source framework for scanning and exercising systems using a combination of autonomous agents and standard security utilities.
The project aims to let users run an orchestrated sequence of reconnaissance, vulnerability scanning, exploitation, and reporting using AI guidance and industry tools like Nmap and Metasploit. It is written to support command line, API, and web interfaces.
https://github.com/SHAdd0WTAka/Zen-Ai-Pentest
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 14:54
Cl0p Ransomware Attacks Anstech, Hudson Executive, CFDT, and 22 Others
The Cl0p ransomware group claims to have breached multiple organizations across the globe. The notorious ransomware gang has listed 25 new victims on its dark web leak site, signaling a significant spike in activity.
The latest list of alleged victims posted by the group includes:
https://dailydarkweb.net/cl0p-ransomware-attacks-anstech-hudson-executive-cfdt-and-22-others/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 14:45
Romance, Fake Platforms, $73M Lost: Crypto Scam Leader Gets 20 Years
The U.S. justice system has sent away an individual behind one of the largest global cryptocurrency investment scam cases, for two decades. While the sentence signals accountability, the individual remains a fugitive after cutting off his electronic ankle monitor and fleeing in December 2025.
https://thecyberexpress.com/global-cryptocurrency-investment-scam/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 14:42
SSHStalker botnet targets Linux servers with legacy exploits and SSH scanning
A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware.
Flare researchers uncovered a previously undocumented Linux botnet dubbed SSHStalker, observed via SSH honeypots over two months.
https://securityaffairs.com/187833/malware/sshstalker-botnet-targets-linux-servers-with-legacy-exploits-and-ssh-scanning.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 February 2026 14:53
Alleged Data Breach Involves POCOMOS User Records
A forum post claims POCOMOS, a US based software company, was impacted by a data breach involving the sale of an internal database. The listing alleges that user data connected to pocomos.com is being offered for sale.
https://databreach.io/breaches/alleged-data-breach-involves-pocomos-user-records/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 February 2026 14:43
Allama: Open-source AI security automation
Allama is an open-source security automation platform that lets teams build visual workflows for threat detection and response. It includes integrations with 80+ types of tools and services typical in security operations, including SIEM systems, endpoint detection and response products, identity providers, and ticketing systems.
https://github.com/digitranslab/allama
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 February 2026 14:38
State actor targets 155 countries in 'Shadow Campaigns' espionage op
A state-sponsored threat group has compromised dozens of networks of government and critical infrastructure entities in 37 countries in global-scale operations dubbed 'Shadow Campaigns'.
Between November and December last year, the actor also engaged in reconnaissance activity targeting government entities connected to 155 countries.
https://www.bleepingcomputer.com/news/security/state-actor-targets-155-countries-in-shadow-campaigns-espionage-op/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
12 February 2026 14:37
Google: China's APT31 used Gemini to plan cyberattacks against US orgs
Meanwhile, IP-stealing 'distillation attacks' on the rise
A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.
https://www.theregister.com/2026/02/12/google_china_apt31_gemini/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
12 February 2026 14:32
Claude desktop extension can be hijacked to send out malware by a simple Google Calendar event
AI assistants can't distinguish between instructions and data, experts warn
Claude Desktop Extensions, due to their very nature, can be exploited for zero-click, prompt injection attacks which can lead to remote code execution (RCE) and full system compromise, experts have warned.
https://www.techradar.com/pro/security/claude-desktop-extension-can-be-hijacked-to-send-out-malware-by-a-simple-google-calendar-event
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
12 February 2026 14:17
Telegram Rolls Out Fresh Mobile Design and Introduces “Gift Crafting” Feature
Telegram has released a new update for its mobile apps, bringing a refreshed interface to Android, visual refinements to iOS, and a handful of new features - including an unexpected collectible “gift crafting” system.
Here’s what’s changing.
https://www.ghacks.net/2026/02/12/telegram-rolls-out-fresh-mobile-design-and-introduces-gift-crafting-feature/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 17:34
Have A Break, Take Your Headphone.
Share some video clip / Credit To Rammstein
Have A Nice Day From Admin
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:45
New threat actor, UAT-9921, leverages VoidLink framework in campaigns
VoidLink is a new modular framework that targets Linux based systems. Modular frameworks are prevalent on the landscape today with the likes of Cobalt Strike, Manjusaka, Alchimist, and SuperShell among the many operating today. This framework is yet another implant management framework denoting a consistent and concerning evolution with shorter development cycles.
https://blog.talosintelligence.com/voidlink/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:40
Apple’s Silent Satellite Revolution: How the iPhone 18 Pro Could Break Free from Cell Towers
Introduction: Apple’s Long Game Beyond Cell Towers
Apple’s approach to connectivity has never been loud, but it has always been deliberate. What started in 2022 as a life-saving backup feature—Emergency SOS via Satellite on the iPhone 14—now looks like the opening move in a much bigger strategy. Step by step, Apple appears to be working toward a future where iPhones can connect directly to satellites for everyday communication, potentially reducing dependence on traditional cellular networks.
https://undercodenews.com/apples-silent-satellite-revolution-how-the-iphone-18-pro-could-break-free-from-cell-towers/
/channel/UndercodeCommunity/109300
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:30
UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering
Introduction
North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069, a financially motivated threat actor active since at least 2018.
https://cloud.google.com/blog/topics/threat-intelligence/unc1069-targets-cryptocurrency-ai-social-engineering
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 15:23
New ‘ZeroDayRAT’ Spyware Kit Enables Total Compromise of iOS, Android Devices
Available via Telegram, researchers warn ZeroDayRAT is a ‘complete mobile compromise toolkit’ comparable to kits normally requiring nation-state resources to develop.
ZeroDayRAT is a new commercial mobile spyware toolkit that enables full remote access to Android and iOS devices, with features including live camera feeds, key logging, bank and crypto theft and more.
https://www.securityweek.com/new-zerodayrat-spyware-kit-enables-total-compromise-of-ios-android-devices/
https://iverify.io/blog/breaking-down-zerodayrat---new-spyware-targeting-android-and-ios
/channel/ZeroDayRAT
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 14:53
North Korean hackers use new macOS malware in crypto-theft attacks
North Korean hackers are running tailored campaigns using AI-generated video and the ClickFix technique to deliver malware for macOS and Windows to targets in the cryptocurrency sector.
The threat actor's goal is financial, as suggested by the role of the tools used in an attack on a fintech company investigated by Google's Mandiant researchers.
https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-macos-malware-in-crypto-theft-attacks/
https://cloud.google.com/blog/topics/threat-intelligence/unc1069-targets-cryptocurrency-ai-social-engineering
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 14:47
Thousands of Volvo customers possibly affected in major data breach - 17,000 affected, here's what we know
Fallout from Conduent breach keeps increasing
Roughly 17,000 Volvo employees, customers and staff across North America have had their data exposed in the recent Conduent breach, as the fallout continues.
https://www.techradar.com/pro/security/thousands-of-volvo-customers-possibly-affected-in-major-data-breach-17-000-affected-heres-what-we-know
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 14:43
Android 16 QPR3 Beta 2.1 Rolls Out to Pixel Phones With Quiet Fixes
Google released Android 16 QPR3 Beta 2.1. One of the biggest perks of owning a Google Pixel is early access to Android updates. While the official release of Android 16 is still on the horizon, Android 16 QPR3 Beta 2.1 rolls out to Pixel devices with few fixes only.
https://www.ghacks.net/2026/02/11/android-16-qpr3-beta-2-1-rolls-out-to-pixel-phones-with-quiet-fixes/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
11 February 2026 13:16
Have A Break, Take Your Headphone.
Share some video clip / Credit To Rammstein
Have A Nice Day From Admin
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 February 2026 14:50
Suspected sabotage disrupts trains in northern Italy as Winter Games begin
Italian authorities are investigating a series of suspected sabotage attacks on railway infrastructure in northern Italy that disrupted travel services during the opening days of the Winter Olympics.
Italy’s Transport Ministry said rail infrastructure near Bologna and along routes linking key northern cities had been deliberately damaged in what it called “serious sabotage,” according to the Italian news agency ANSA. The incidents caused delays of up to two and a half hours and affected thousands of travelers heading to Olympic events on Saturday.
https://therecord.media/italy-suspected-sabotage-winter-olympics-trains
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 February 2026 14:40
Recent SolarWinds Flaws Potentially Exploited as Zero-Days
Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access.
Attacks targeting internet-accessible SolarWinds Web Help Desk (WHD) instances for initial access may have exploited recently patched vulnerabilities as zero-days, Microsoft says
https://www.securityweek.com/recent-solarwinds-flaws-potentially-exploited-as-zero-days/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 February 2026 14:24
Matomo Analytics Alleged Data Breach Exposes 12.6GB SQL Database
🇳🇿 New Zealand - Matomo (InnoCraft)
Matomo, the widely used open-source web analytics platform, has allegedly been compromised. A threat actor on a cybercrime forum has listed a database for sale that reportedly originates from matomo.org. While the authenticity of the data has not been officially confirmed, the listing indicates a significant exfiltration of internal records.
https://dailydarkweb.net/matomo-analytics-alleged-data-breach-exposes-12-6gb-sql-database/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
4200