Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-11 16:00 PST
- Windows 11 Notepad flaw let files execute silently via Markdown links
BleepingComputer • 2026-02-11 15:15 • www.bleepingcomputer.com
Microsoft has fixed a “remote code execution” vulnerability in Windows 11 Notepad that allowed attackers to execute local or remote programs by tricking users into clicking specially crafted Markdown links, without displaying any Windows security warnings. […]
https://www.bleepingcomputer.com/news/microsoft/windows-11-notepad-flaw-let-files-execute-silently-via-markdown-links/ - Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts
BleepingComputer • 2026-02-11 13:53 • www.bleepingcomputer.com
The AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft account credentials. […]
https://www.bleepingcomputer.com/news/security/microsoft-store-outlook-add-in-hijacked-to-steal-4-000-microsoft-accounts/ - Apple Patches Everything: February 2026, (Wed, Feb 11th)
SANS ISC Diary (full) • 2026-02-11 11:36 • isc.sans.eduToday, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. Older versions of iOS, iPadOS, and macOS are also updated.
- Crazy ransomware gang abuses employee monitoring tool in attacks
BleepingComputer • 2026-02-11 11:29 • www.bleepingcomputer.com
A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prepare for ransomware deployment. […]
https://www.bleepingcomputer.com/news/security/crazy-ransomware-gang-abuses-employee-monitoring-tool-in-attacks/ - Police arrest seller of JokerOTP MFA passcode capturing tool
BleepingComputer • 2026-02-11 11:14 • www.bleepingcomputer.com
The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that can intercept one-time passwords (OTP) for hijacking accounts. […]
https://www.bleepingcomputer.com/news/security/police-arrest-seller-of-jokerotp-mfa-passcode-capturing-tool/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
