Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-19 12:00 PST
- Under the Hood of DynoWiper, (Thu, Feb 19th)
SANS ISC Diary (full) • 2026-02-19 11:43 • isc.sans.edu[This is a Guest Diary contributed by John Moutos]
- PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
The Hacker News • 2026-02-19 09:52 • thehackernews.com
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence.
The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots,
https://thehackernews.com/2026/02/promptspy-android-malware-abuses-google.html - INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown
The Hacker News • 2026-02-19 09:50 • thehackernews.com
An international cybercrime operation against online scams has led to 651 arrests and recovered more than $4.3 million as part of an effort led by law enforcement agencies from 16 African countries.
The initiative, codenamed Operation Red Card 2.0, took place between December 8, 2025 and January 30, 2026, according to INTERPOL. It targeted infrastructure and actors behind high-yield investment
https://thehackernews.com/2026/02/interpol-operation-red-card-20-arrests.html - Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
The Hacker News • 2026-02-19 09:40 • thehackernews.com
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges.
Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud.
The high-severity vulnerability, tracked as CVE-2026-26119, carries a
https://thehackernews.com/2026/02/microsoft-patches-cve-2026-26119.html - Flaw in Grandstream VoIP phones allows stealthy eavesdropping
BleepingComputer • 2026-02-19 09:16 • www.bleepingcomputer.com
A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications. […]
https://www.bleepingcomputer.com/news/security/flaw-in-grandstream-voip-phones-allows-stealthy-eavesdropping/ - Google blocked over 1.75 million Play Store app submissions in 2025
BleepingComputer • 2026-02-19 09:00 • www.bleepingcomputer.com
Google says that through 2025, it blocked more than 255,000 Android apps from obtaining excessive access to sensitive user data and rejected over 1.75 million apps from being published on Google Play due to policy violations. […]
https://www.bleepingcomputer.com/news/security/google-blocked-over-175-million-play-store-app-submissions-in-2025/ - CISA orders feds to patch actively exploited Dell flaw within 3 days
BleepingComputer • 2026-02-19 07:30 • www.bleepingcomputer.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems within three days against a maximum-severity Dell vulnerability that has been under active exploitation since mid-2024. […]
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-dell-flaw-within-3-days/ - How infostealers turn stolen credentials into real identities
BleepingComputer • 2026-02-19 07:05 • www.bleepingcomputer.com
Infostealer dumps increasingly tie stolen credentials to real identities, linking usernames, cookies, and behavior across personal and enterprise accounts. Specops explains how analyzing 90,000 dumps shows reuse fuels enterprise risk and how continuous AD scanning disrupts that cycle. […]
https://www.bleepingcomputer.com/news/security/how-infostealers-turn-stolen-credentials-into-real-identities/ - ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
The Hacker News • 2026-02-19 06:35 • thehackernews.com
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries — often all at the same time.
Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to think about exposure, response, and preparedness right now
https://thehackernews.com/2026/02/threatsday-bulletin-openssl-rce-foxit-0.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
