Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-18 02:00 PST
- Tracking Malware Campaigns With Reused Material, (Wed, Feb 18th)
SANS ISC Diary (full) • 2026-02-18 00:19 • isc.sans.eduA few days ago I wrote a diary called “Malicious Script Delivering More Maliciousness”[1]. In the malware infection chain, there was a JPEG picture that embedded the last payload delimited with “BaseStart-” and “-BaseEnd” tags.
- Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware
The Hacker News • 2026-02-17 23:40 • thehackernews.com
Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest.
The version 8.9.2 update incorporates what maintainer Don Ho calls a “double lock” design that aims to make the update process “robust and effectively unexploitable.” This includes verification
https://thehackernews.com/2026/02/notepad-fixes-hijacked-update-mechanism.html - CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update
The Hacker News • 2026-02-17 22:52 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –CVE-2026-2441 (CVSS score: 8.8) – A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap
https://thehackernews.com/2026/02/cisa-flags-four-security-flaws-under.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
