Single IP linked to majority of Ivanti EPMM exploitation attempts
GreyNoise said it recorded 417 exploitation sessions from eight unique source IP addresses between February 1 and 9, 2026.
Cybersecurity News - Page 1
Apple fixes zero-day exploited in ‘extremely sophisticated attack’
The company also noted that two previously disclosed flaws, CVE-2025-14174 and CVE-2025-43529, were exploited in the same incidents.
SSHStalker botnet uses old-school IRC for large-scale Linux attacks
The botnet incorporates exploits for more than a dozen Linux kernel vulnerabilities dating back to 2009–2010.
North Korean hackers target crypto sector with new tools and ClickFix techniques
In total, the researchers observed seven distinct macOS malware families installed on the victim’s system.
Fake 7-Zip installer turning infected PCs into residential proxies
Malwarebytes says the campaign impersonates not only 7-Zip, but HolaVPN, TikTok, WhatsApp, and Wire VPN.
Microsoft’s February 2026 Patch Tuesday patches 6 actively exploited zero-days
There is currently no public information detailing attacks that exploited the flaws.
SmarterTools confirms Warlock ransomware breach via unpatched email server
The intrusion originated from a single SmarterMail VM that had been set up by an employee and was not receiving updates.
Multi-stage attacks exploiting SolarWinds Web Help Desk flaws
The activity may have involved recently disclosed flaws tracked as CVE-2025-40551 and CVE-2025-40536, or a previous issue (CVE-2025-26399).
Worm-driven TeamPCP campaign targets cloud environments for large-scale exploitation
The activity exploits exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, as well as the critical React2Shell vulnerability.
EU, Dutch, Singapore government confirm breaches linked to Ivanti zero-days
The flaws (CVE-2026-1281 and CVE-2026-1340) allow attackers to remotely compromise mobile device management systems without authentication.
Showing elements 1 - 10