Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-11 12:00 PST
- Apple Patches Everything: February 2026, (Wed, Feb 11th)
SANS ISC Diary (full) • 2026-02-11 11:36 • isc.sans.eduToday, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. Older versions of iOS, iPadOS, and macOS are also updated.
- Crazy ransomware gang abuses employee monitoring tool in attacks
BleepingComputer • 2026-02-11 11:29 • www.bleepingcomputer.com
A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment. […]
https://www.bleepingcomputer.com/news/security/crazy-ransomware-gang-abuses-employee-monitoring-tool-in-attacks/ - Police arrest seller of JokerOTP MFA passcode capturing tool
BleepingComputer • 2026-02-11 11:14 • www.bleepingcomputer.com
The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that can intercept one-time passwords (OTP) for hijacking accounts. […]
https://www.bleepingcomputer.com/news/security/police-arrest-seller-of-jokerotp-mfa-passcode-capturing-tool/ - Proactive strategies for cyber resilience with Wazuh
BleepingComputer • 2026-02-11 09:40 • www.bleepingcomputer.com
Cyber resilience means anticipating threats, detecting them early, and recovering fast when incidents occur. Wazuh shows how its open source SIEM and XDR unify visibility, detection, and automated response to strengthen proactive defense. […]
https://www.bleepingcomputer.com/news/security/proactive-strategies-for-cyber-resilience-with-wazuh/ - LummaStealer infections surge after CastleLoader malware campaigns
BleepingComputer • 2026-02-11 09:02 • www.bleepingcomputer.com
A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware. […]
https://www.bleepingcomputer.com/news/security/lummastealer-infections-surge-after-castleloader-malware-campaigns/ - Kimwolf Botnet Swamps Anonymity Network I2P
KrebsOnSecurity • 2026-02-11 08:08 • krebsonsecurity.com
For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers.
https://krebsonsecurity.com/2026/02/kimwolf-botnet-swamps-anonymity-network-i2p/ - APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities
The Hacker News • 2026-02-11 06:52 • thehackernews.com
Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines.
The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which are often
https://thehackernews.com/2026/02/apt36-and-sidecopy-launch-cross.html - Rewiring Democracy Ebook is on Sale
Schneier on Security • 2026-02-11 06:48 • www.schneier.comI just noticed that the ebook version of Rewriring Democracy is on sale for $5 on Amazon, Apple Books, Barnes & Noble, Books A Million, https://www.schneier.com/blog/archives/2026/02/rewiring-democracy-ebook-is-on-sale.html
- The game is over: when “free” comes at too high a price. What we know about RenEngine
Securelist • 2026-02-11 06:00 • securelist.com
We disclose new details about campaigns involving RenEngine and HijackLoader malware. Since March 2025, attackers have been distributing the Lumma stealer in a complex chain of infections, and in February 2026, ongoing attacks using ACR Stealer became known.
https://securelist.com/renengine-campaign-with-hijackloader-lumma-and-acr-stealer/118891/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
