Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-25 12:00 PST
- Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
BleepingComputer • 2026-02-25 10:01 • www.bleepingcomputer.com
Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks. […]
https://www.bleepingcomputer.com/news/security/critical-cisco-sd-wan-bug-exploited-in-zero-day-attacks-since-2023/ - Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries
The Hacker News • 2026-02-25 09:46 • thehackernews.com
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries.
“This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas,”
https://thehackernews.com/2026/02/google-disrupts-unc2814-gridtide.html - Chinese cyberspies breached dozens of telecom firms, govt agencies
BleepingComputer • 2026-02-25 09:00 • www.bleepingcomputer.com
Google’s Threat Intelligence Group (GTIG), Mandiant, and partners disrupted a global espionage campaign attributed to a suspected Chinese threat actor that used SaaS API calls to hide malicious traffic in attacks targeting telecom and government networks. […]
https://www.bleepingcomputer.com/news/security/chinese-cyberspies-breached-dozens-of-telecom-firms-govt-agencies/ - Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration
The Hacker News • 2026-02-25 09:00 • thehackernews.com
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials.
“The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executing
https://thehackernews.com/2026/02/claude-code-flaws-allow-remote-code.html - Marquis sues SonicWall over backup breach that led to ransomware attack
BleepingComputer • 2026-02-25 07:54 • www.bleepingcomputer.com
Marquis Software Solutions has filed a lawsuit against SonicWall, accusing the cybersecurity company of gross negligence and misrepresentation that allegedly led to a ransomware attack disrupting operations at 74 U.S. banks. […]
https://www.bleepingcomputer.com/news/security/marquis-sues-sonicwall-over-backup-breach-that-led-to-ransomware-attack/ - SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks
The Hacker News • 2026-02-25 07:06 • thehackernews.com
The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to pull off social engineering attacks.
The idea is to hire them for voice phishing campaigns targeting IT help desks, Dataminr said in a new threat brief. The group is said to be offering anywhere between $500 and $1,000 upfront per call, in addition to
https://thehackernews.com/2026/02/slh-offers-5001000-per-call-to-recruit.html - The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web
BleepingComputer • 2026-02-25 07:01 • www.bleepingcomputer.com
OpenClaw has sparked heavy Telegram and dark web chatter, but Flare’s data shows more research hype than mass exploitation. Flare explains how its telemetry found real supply-chain risk in the skills marketplace, yet limited signs of large-scale criminal operationalization. […]
https://www.bleepingcomputer.com/news/security/the-openclaw-hype-analysis-of-chatter-from-open-source-deep-and-dark-web/ - Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It
The Hacker News • 2026-02-25 06:30 • thehackernews.com
Triage is supposed to make things simpler. In a lot of teams, it does the opposite.
When you can’t reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and “just escalate it” calls. That cost doesn’t stay inside the SOC; it shows up as missed SLAs, higher cost per case, and more room for real threats to slip through.
So where does triage go wrong? Here are five triage
https://thehackernews.com/2026/02/top-5-ways-broken-triage-increases.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
