Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-26 07:00 PST
- Ransomware payment rate drops to record low as attacks surge
BleepingComputer • 2026-02-26 06:00 • www.bleepingcomputer.com
The number of ransomware victims paying threat actors has dropped to 28% last year, an all-time low, despite a significant increase in the number of claimed attacks. […]
https://www.bleepingcomputer.com/news/security/ransomware-payment-rate-drops-to-record-low-despite-attack-surge/ - Notorious ransomware gang allegedly blackmailed by fake FSB officer
Graham Cluley • 2026-02-26 05:40 • www.bitdefender.com
There is a certain poetic justice in a cybersecurity-related story that has emerged from Moscow this week: A man has been accused of trying to extort money… from a notorious Russian ransomware gang.Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/ransomware-gang-blackmailed-fake-fsb-officer - Microsoft expands Windows restore to more enterprise devices
BleepingComputer • 2026-02-26 05:04 • www.bleepingcomputer.com
Microsoft now allows more enterprise users to restore their personal settings and Microsoft Store apps from a previous Windows 11 device. […]
https://www.bleepingcomputer.com/news/security/microsoft-expands-windows-restore-to-more-enterprise-devices/ - Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary], (Tue, Feb 24th)
SANS ISC Diary (full) • 2026-02-26 04:21 • isc.sans.edu[This is a Guest Diary by Austin Bodolay, an ISC intern as part of the SANS.edu BACS program]
- The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary], (Wed, Feb 25th)
SANS ISC Diary (full) • 2026-02-26 04:21 • isc.sans.edu - LLMs Generate Predictable Passwords
Schneier on Security • 2026-02-26 04:07 • www.schneier.comLLMs are bad at generating passwords:
There are strong noticeable patterns among these 50 passwords that can be seen easily:
- All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7.
- Character choices are highly uneven for example, L , 9, m, 2, $ and # appeared in all 50 passwords, but 5 and @ only appeared in one password each, and most of the letters in the alphabet never appeared at all.
- There are no repeating characters wi…
https://www.schneier.com/blog/archives/2026/02/llms-generate-predictable-passwords.html - Expert Recommends: Prepare for PQC Right Now
The Hacker News • 2026-02-26 04:06 • thehackernews.com
Introduction: Steal It Today, Break It in a Decade
Digital evolution is unstoppable, and though the pace may vary, things tend to fall into place sooner rather than later. That, of course, applies to adversaries as well. The rise of ransomware and cyber extortion generated funding for a complex and highly professional criminal ecosystem. The era of the cloud brought general availability of
https://thehackernews.com/2026/02/expert-recommends-prepare-for-pqc-right.html - New York sues Valve for promoting illegal gambling via game loot boxes
BleepingComputer • 2026-02-26 03:44 • www.bleepingcomputer.com
New York Attorney General Letitia James sued video game developer and publisher Valve Corporation for using game loot boxes to facilitate illegal gambling activities among children and teenagers. […]
https://www.bleepingcomputer.com/news/gaming/new-york-sues-valve-for-promoting-illegal-gambling-via-game-loot-boxes/ - Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware
The Hacker News • 2026-02-26 02:35 • thehackernews.com
A “coordinated developer-targeting campaign” is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines.
“The activity aligns with a broader cluster of threats that use job-themed lures to blend into routine developer workflows and increase the likelihood of code
https://thehackernews.com/2026/02/fake-nextjs-repos-target-developers.html - Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
The Hacker News • 2026-02-26 02:09 • thehackernews.com
Cybersecurity researchers have disclosed details of a new malicious package discovered on the NuGet Gallery, impersonating a library from financial services firm Stripe in an attempt to target the financial sector.
The package, codenamed StripeApi.Net, attempts to masquerade as Stripe.net, a legitimate library from Stripe that has over 75 million downloads. It was uploaded by a user named
https://thehackernews.com/2026/02/malicious-stripeapi-nuget-package.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
