Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-12 12:00 PST
- Romania's oil pipeline operator Conpet confirms data stolen in attack
BleepingComputer • 2026-02-12 11:16 • www.bleepingcomputer.com
Romania’s national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. […]
https://www.bleepingcomputer.com/news/security/romanias-oil-pipeline-operator-conpet-confirms-data-stolen-in-attack/ - Odido data breach exposes personal info of 6.2 million customers
BleepingComputer • 2026-02-12 10:18 • www.bleepingcomputer.com
Dutch telecommunications provider Odido is warning that it suffered a cyberattack that reportedly exposed the personal data of 6.2 million customers. […]
https://www.bleepingcomputer.com/news/security/odido-data-breach-exposes-personal-info-of-62-million-customers/ - Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
The Hacker News • 2026-02-12 09:57 • thehackernews.com
Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks.
“The
https://thehackernews.com/2026/02/google-reports-state-backed-hackers.html - WordPress plugin with 900k installs vulnerable to critical RCE flaw
BleepingComputer • 2026-02-12 09:09 • www.bleepingcomputer.com
A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files without authentication. […]
https://www.bleepingcomputer.com/news/security/wordpress-plugin-with-900k-installs-vulnerable-to-critical-rce-flaw/ - Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems
The Hacker News • 2026-02-12 08:55 • thehackernews.com
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group.
The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It’s assessed to be active since May 2025.
“
https://thehackernews.com/2026/02/lazarus-campaign-plants-malicious.html - AMOS infostealer targets macOS through a popular AI app
BleepingComputer • 2026-02-12 06:25 • www.bleepingcomputer.com
AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the broader stealer-log cybercrime economy. […]
https://www.bleepingcomputer.com/news/security/amos-infostealer-targets-macos-through-a-popular-ai-app/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
