Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-20 07:00 PST
- Why the shift left dream has become a nightmare for security and developers
BleepingComputer • 2026-02-20 06:45 • www.bleepingcomputer.com
The “shift left” approach has increased pressure on developers, as speed demands override security checks in modern CI pipelines. Qualys explains how analyzing 34,000 public container images revealed 7.3% were malicious and why security must be enforced at the infrastructure layer by default. […]
https://www.bleepingcomputer.com/news/security/why-the-shift-left-dream-has-become-a-nightmare-for-security-and-developers/ - Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems
The Hacker News • 2026-02-20 06:20 • thehackernews.com
In yet another software supply chain attack, the open-source, artificial intelligence (AI)-powered coding assistant Cline CLI was updated to stealthily install OpenClaw, a self-hosted autonomous AI agent that has become exceedingly popular in the past few months.
“On February 17, 2026, at 3:26 AM PT, an unauthorized party used a compromised npm publish token to publish an update to Cline CLI
https://thehackernews.com/2026/02/cline-cli-230-supply-chain-attack.html - PayPal discloses data breach that exposed user info for 6 months
BleepingComputer • 2026-02-20 05:12 • www.bleepingcomputer.com
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. […]
https://www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/ - Ring Cancels Its Partnership with Flock
Schneier on Security • 2026-02-20 04:08 • www.schneier.comIt’s a demonstration of how toxic the surveillance-tech company Flock has become when Amazon’s Ring cancels the partnership between the two companies.
As Hamilton Nolan advises, remove your Ring doorbell.
https://www.schneier.com/blog/archives/2026/02/ring-cancels-its-partnership-with-flock.html
- ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware
The Hacker News • 2026-02-20 03:55 • thehackernews.com
Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan (RAT) called MIMICRAT (aka AstarionRAT).
“The campaign demonstrates a high level of operational sophistication: compromised sites spanning multiple industries and geographies serve as delivery infrastructure, a multi-stage
https://thehackernews.com/2026/02/clickfix-campaign-abuses-compromised.html - Mississippi medical center closes all clinics after ransomware attack
BleepingComputer • 2026-02-20 03:50 • www.bleepingcomputer.com
The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. […]
https://www.bleepingcomputer.com/news/security/university-of-mississippi-medical-center-closes-clinics-after-ransomware-attack/ - Identity Cyber Scores: The New Metric Shaping Cyber Insurance in 2026
The Hacker News • 2026-02-20 02:30 • thehackernews.com
With one in three cyber-attacks now involving compromised employee accounts, insurers and regulators are placing far greater emphasis on identity posture when assessing cyber risk.
For many organizations, however, these assessments remain largely opaque. Elements such as password hygiene, privileged access management, and the extent of multi-factor authentication (MFA) coverage are
https://thehackernews.com/2026/02/identity-cyber-scores-new-metric.html - FBI: Over $20 million stolen in surge of ATM malware attacks in 2025
BleepingComputer • 2026-02-20 02:08 • www.bleepingcomputer.com
The FBI warned that Americans lost more than $20 million last year amid a massive surge in ATM “jackpotting” attacks, in which criminals use malware to force cash machines to dispense money. […]
https://www.bleepingcomputer.com/news/security/fbi-over-20-million-stolen-in-surge-of-atm-malware-attacks-in-2025/ - Ukrainian National Sentenced to 5 Years in North Korea IT Worker Fraud Case
The Hacker News • 2026-02-20 01:52 • thehackernews.com
A 29-year-old Ukrainian national has been sentenced to five years in prison in the U.S. for his role in facilitating North Korea’s fraudulent information technology (IT) worker scheme.
In November 2025, Oleksandr “Alexander” Didenko pleaded guilty to wire fraud conspiracy and aggravated identity theft for stealing the identities of U.S. citizens and selling them to IT workers to help them land
https://thehackernews.com/2026/02/ukrainian-national-sentenced-to-5-years.html - Ukrainian gets 5 years for helping North Koreans infiltrate US firms
BleepingComputer • 2026-02-20 01:00 • www.bleepingcomputer.com
A Ukrainian national was sentenced to five years in prison for providing North Korean IT workers with stolen identities that helped them infiltrate U.S. companies. […]
https://www.bleepingcomputer.com/news/security/ukrainian-gets-5-years-for-helping-north-koreans-infiltrate-us-firms/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
