AI创业新闻聚合

每日自动抓取 The Hacker News 上与 AI 创业相关的最新新闻

今日新闻（2026-02-19）

2026-02-19 AI创业新闻

Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody

New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident’s phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto’s Munk School of Global Affairs & Public Policy said it found the indicators on a personal phone belonging to Boniface Mwangi, a Kenyan pro-democracy activist who has announced plans to run for president in 2027. Specifically, it has emerged that Cellebrite’s forensic extraction tools were used on his Samsung phone while it was in police custody following his arrest in July 2025. The phone was returned to him nearly two months later, in September, at which point Mwangi found that the phone was no longer password-protected and could be unlocked without requiring a password.

It’s been assessed with high confidence that Cellebrite’s technology was used on the phone on or around July 20 and July 21, 2025. “The use of Cellebrite could have enabled the full extraction of all materials from Mwangi’s device, including messages, private materials, personal files, financial information, passwords, and other sensitive information,” the Citizen Lab said. The latest findings follow a separate report released last month, in which the researchers said officials in Jordan likely used Cellebrite to extract information from the mobile phones of activists and human rights defenders who had been critical of Israel and spoke out in support of Palestinians in Gaza. The devices were seized by Jordanian authorities during detentions, arrests, and interrogations, and subsequently returned to them.

The documented incidents took place between late 2023 and mid-2025, the Citizen Lab said. In response to the findings, a spokesperson for Cellebrite told The Guardian that the company’s technology is used to “access private data only in accordance with legal due process or with appropriate consent to aid investigations legally after an event has occurred.” The two cases add to a growing body of evidence documenting the misuse of Cellebrite technology by government clients. It also reflects a broader ecosystem of surveillance abuses by various governments around the world to enable highly-targeted surveillance using mercenary spyware like Pegasus and Predator. Predator Spyware Targets Angolan Journalist The development also coincides with another report from Amnesty International, which discovered evidence that the iPhone belonging to Teixeira Cândido, an Angolan journalist and press freedom advocate, was successfully targeted by Intellexa’s Predator spyware in May 2024 after he opened an infection link received via WhatsApp.

The iPhone was running iOS 16.2, an outdated version of the operating system with known security issues. It’s currently not known what exploit was used to trigger the infection. In multiple reports published last year, Recorded Future revealed that it has observed suspected Predator operations in Angola dating back to 2024 . “This is the first forensically confirmed case of the Predator spyware being used to target civil society in Angola,” the international human rights organization said .

“Once the spyware was installed, the attacker could gain unrestricted access to Teixeira Cândido’s iPhone.” “The Predator spyware infection appears to have lasted less than one day, with the infection being removed when Teixeira Cândido’s phone was restarted in the evening of 4 May 2024. From that time until 16 June 2024, the attackers made 11 new attempts to re-infect the device by sending him new malicious Predator infection links. All of these subsequent attack attempts appear to have failed, likely due to the links simply not being opened.” According to an analysis published by French offensive security company Reverse Society, Predator is a commercial spyware product “built for reliable, long-term deployment” and allows operators to selectively enable or disable modules based on target activity, granting them real-time control over surveillance efforts. Predator has also been found to incorporate various undocumented anti-analysis mechanisms, including a crash reporter monitoring system for anti-forensics and SpringBoard hooking to suppress recording indicators from victims when the microphone or camera is activated, illustrating the sophistication of the spyware.

On top of that, it has explicit checks to avoid running in U.S. and Israeli locales. “These findings demonstrate that Predator’s operators have granular visibility into failed deployments, […] enabling them to adapt their approaches for specific targets,” Jamf Threat Labs researchers Shen Yuan and Nir Avraham said . “This error code system transforms failed deployments from black boxes into diagnostic events.” Found this article interesting?

Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution

Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329 , carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stack-based buffer overflow that could result in remote code execution. “A remote attacker can leverage CVE-2026-2329 to achieve unauthenticated remote code execution (RCE) with root privileges on a target device,” Rapid7 researcher Stephen Fewer, who discovered and reported the bug on January 6, 2026, said .

According to the cybersecurity company, the issue is rooted in the device’s web-based API service (“/cgi-bin/api.values.get”) and is accessible in a default configuration without requiring authentication. This endpoint is designed to fetch one or more configuration values from the phone, such as the firmware version number or the model, through a colon-delimited string in the “request” parameter (e.g., “request=68:phone_model”), which is then parsed to extract each identifier and append it to a 64 byte buffer on the stack. “When appending another character to the small 64 byte buffer, no length check is performed to ensure that no more than 63 characters (plus the appended null terminator) are ever written to this buffer,” Fewer explained. “Therefore, an attacker-controlled ‘request’ parameter can write past the bounds of the small 64 byte buffer on the stack, overflowing into adjacent stack memory.” This means that a malicious colon-delimited “request” parameter sent as part of an HTTP request to the “/cgi-bin/api.values.get” endpoint can be used to trigger a stack-based buffer overflow, allowing the threat actors to corrupt the stack contents and ultimately achieve remote code execution on the underlying operating system.

The vulnerability affects GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630 models. It has been addressed as part of a firmware update ( version 1.0.7.81 ) released late last month. In a Metasploit exploit module developed by Rapid7, it has been demonstrated that the vulnerability could be exploited to gain root privileges on a vulnerable device and chain it with a post-exploitation component to extract credentials stored on a compromised device. Furthermore, the remote code execution capabilities can be weaponized to reconfigure the target device to use a malicious Session Initiation Protocol (SIP) proxy, effectively enabling the attacker to intercept phone calls to and from the device and eavesdrop on VoIP conversations.

A SIP proxy is an intermediary server in VoIP networks to establish and manage voice/video calls between endpoints. “This isn’t a one-click exploit with fireworks and a victory banner,” Rapid7’s Douglas McKee said . “But the underlying vulnerability lowers the barrier in a way that should concern anyone operating these devices in exposed or lightly-segmented environments.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and Microsoft Live Preview. “Our research demonstrates that a hacker needs only one malicious extension, or a single vulnerability within one extension, to perform lateral movement and compromise entire organizations,” OX Security researchers Moshe Siman Tov Bustan and Nir Zadok said in a report shared with The Hacker News. Details of the vulnerabilities are as follows - CVE-2025-65717 (CVSS score: 9.1) - A vulnerability in Live Server that allows attackers to exfiltrate local files, tricking a developer into visiting a malicious website when the extension is running, causing JavaScript embedded in the page to crawl and extract files from the local development HTTP server that runs at localhost:5500, and transmit them to a domain under their control.

(Remains unpatched) CVE-2025-65716 (CVSS score: 8.8) - A vulnerability in Markdown Preview Enhanced that allows attackers to execute arbitrary JavaScript code by uploading a crafted markdown (.md) file, allowing local port enumeration and exfiltration to a domain under their control. (Remains unpatched) CVE-2025-65715 (CVSS score: 7.8) - A vulnerability in Code Runner that allows attackers to execute arbitrary code by convincing a user to alter the “settings.json” file through phishing or social engineering. (Remains unpatched) A vulnerability in Microsoft Live Preview allows attackers to access sensitive files on a developer’s machine by tricking a victim into visiting a malicious website when the extension is running, which then enables specially crafted JavaScript requests targeting the localhost to enumerate and exfiltrate sensitive files. (No CVE, Fixed silently by Microsoft in version 0.4.16 released in September 2025) To secure the development environment, it’s essential to avoid applying untrusted configurations, disable or uninstall non-essential extensions, harden the local network behind a firewall to restrict inbound and outbound connections, periodically update extensions, and turn off localhost-based services when not in use.

“Poorly written extensions, overly permissive extensions, or malicious ones can execute code, modify files, and allow attackers to take over a machine and exfiltrate information,” OX Security said. “Keeping vulnerable extensions installed on a machine is an immediate threat to an organization’s security posture: it may take only one click, or a downloaded repository, to compromise everything.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability

In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity
now unfolds in a state of
continuous atmospheric instability: AI-driven threats that adapt in real time, expanding digital ecosystems, fragile trust relationships, persistent regulatory pressure, and accelerating technological change.

This is not turbulence on the way to stability; it is the climate. In this environment, cybersecurity technologies are no longer merely navigational aids. They are structural reinforcements . They determine whether an organization endures volatility or learns to function normally within it.

That is why security investments in 2026 are increasingly made not for coverage, but for
operational continuity: sustained operations, decision-grade visibility and controlled adaptation as conditions shift. This article is less about what’s “next-gen” and more about what becomes non-negotiable when conditions keep changing . The shifts that will steer cybersecurity priorities and determine which investments hold when conditions turn. Regulation and geopolitics become architectural constraints Regulation is no longer something security reacts to.

It is something systems are built to withstand continuously. Cybersecurity is now firmly anchored at the intersection of technology, regulation and geopolitics. Privacy laws, digital sovereignty requirements, AI governance frameworks and sector-specific regulations no longer sit on the side as periodic compliance work; they operate as permanent design parameters , shaping where data can live, how it can be processed and what security controls are acceptable by default. At the same time, geopolitical tensions increasingly translate into cyber pressure: supply-chain exposure, jurisdictional risk, sanctions regimes and state-aligned cyber activity all shape the threat landscape as much as vulnerabilities do.

As a result, cybersecurity strategies must integrate regulatory and geopolitical considerations directly into architecture and technology decisions, rather than treating them as parallel governance concerns. Changing the conditions: Making the attack surface unreliable Traditional cybersecurity often tried to forecast specific events: the next exploit, the next malware campaign, the next breach. But in an environment where signals multiply, timelines compress and AI blurs intent and scale, those forecasts decay quickly. The problem isn’t that prediction is useless.

It’s that it expires faster than defenders can operationalize it. So the advantage shifts. Instead of trying to guess the next move, the stronger strategy is to shape the conditions attackers need to succeed. Attackers depend on stability: time to map systems, test assumptions, gather intelligence and establish persistence.

The modern counter-move is to make that intelligence unreliable and short-lived . By using tools like Automated Moving Target Defense ( AMTD ) to dynamically alter system and network parameters, Advanced Cyber Deception that diverts adversaries away from critical systems, or Continuous Threat Exposure Management ( CTEM ) to map exposure and reduce exploitability, defenders shrink the window in which an intrusion chain can be assembled. This is where security becomes less about “detect and respond” and more about deny, deceive and disrupt before an attacker’s plan becomes momentum. The goal is simple: shorten the shelf-life of attacker knowledge until planning becomes fragile, persistence becomes expensive and “low-and-slow” stops paying off.

AI becomes the acceleration layer of the cyber control plane
AI is no longer a feature layered on top of security tools. It is increasingly infused inside them across prevention, detection, response, posture management and governance. The practical shift is not “more alerts,” but
less friction: faster correlation, better prioritization and shorter paths from raw telemetry to usable decisions. The SOC becomes less of an alert factory and more of a decision engine , with AI accelerating triage, enrichment, correlation and the translation of scattered signals into a coherent narrative.
Investigation time compresses because context arrives faster and response becomes more orchestrated because routine steps can be drafted, sequenced and executed with far less manual stitching. But the bigger story is what happens outside the SOC. AI is increasingly used to improve the
efficiency and quality of cybersecurity controls: asset and data discovery become faster and more accurate; posture management becomes more continuous and less audit-driven; policy and governance work becomes easier to standardize and maintain. Identity operations, in particular, benefit from AI-assisted workflows that improve provisioning hygiene, strengthen recertification by focusing reviews on meaningful risk and reduce audit burden by accelerating evidence collection and anomaly detection.

This is the shift that matters. Security programs stop spending energy assembling complexity and start spending it steering outcomes . Security becomes a lifecycle discipline across digital ecosystems Most breaches do not start with a vulnerability. They start with an architectural decision made months earlier.

Cloud platforms, SaaS ecosystems, APIs, identity federation and AI services continue to expand digital environments at a faster rate than traditional security models can absorb. The key shift is not merely that the attack surface grows, but that
interconnectedness changes what “risk” means
. Security is therefore becoming a
lifecycle discipline: integrated throughout the entire system lifecycle, not just development. It starts at architecture and procurement, continues through integration and configuration, extends into operations and change management and is proven during incidents and recovery.

In practice, that means the lifecycle now includes what modern ecosystems are actually made of: secure-by-design delivery through the SDLC and digital supply chain security to manage the risks inherited from third-party software, cloud services and dependencies. Leading organizations move away from security models focused on isolated components or single phases. Instead, security is increasingly designed as an end-to-end capability that evolves with the system, rather than trying to bolt on controls after the fact. Zero Trust as a continuous decisioning and adaptive control In a world where the perimeter dissolved long ago, Zero Trust stops being a strategy and becomes the default infrastructure.

Especially as
trust itself becomes dynamic
. The key shift is that access is no longer treated as a one-time gate. Zero Trust increasingly means
continuous decisioning: permission is evaluated repeatedly, not granted once. Identity, device posture, session risk, behavior and context become live inputs into decisions that can tighten, step up, or revoke access as conditions change.

With identity designed as a dynamic control plane , Zero Trust expands beyond users to include non-human identities such as service accounts, workload identities, API tokens and OAuth grants. This is why identity threat detection and response becomes essential: detecting token abuse, suspicious session behavior and privilege path anomalies early, then containing them fast. Continuous authorization makes stolen credentials less durable, limits how far compromise can travel and reduces the Time-To-Detection dependency by increasing the Time-To-Usefulness friction for attackers. Segmentation then does the other half of the job by keeping local compromise from turning into systemic spread by containing the blast radius by design.

The most mature Zero Trust programs stop measuring success by deployment milestones and start measuring it by
operational outcomes: how quickly access can be constrained when risk rises, how fast sessions can be invalidated, how small the blast radius remains when an identity is compromised and how reliably sensitive actions require stronger proof than routine access. Data security and privacy engineering unlock scalable AI Data is the foundation of digital value and simultaneously the fastest path to regulatory, ethical and reputational damage. That tension is why data security and privacy engineering are becoming non-negotiable foundations, not governance add-ons. When organizations can’t answer basic questions such as what data exists, where it lives, who can access it, what is it used for and how it moves, every initiative built on data becomes fragile.

This is what ultimately determines whether AI projects can scale without turning into a liability. Data security programs must evolve from “protect what we can see” to govern how the business actually uses data . That means building durable foundations around visibility (discovery, classification, lineage), ownership, enforceable access and retention rules and protections that follow data across cloud, SaaS, platforms and partners. A practical way to build this capability is through a Data Security Maturity Model to identify gaps across the core building blocks, prioritize what to strengthen first and initiate a maturity journey toward consistent, measurable and continuous data protection throughout its lifecycle.

Privacy engineering becomes also the discipline that makes those foundations usable and scalable. It shifts privacy from documentation to design through purpose-based access , minimization by default and privacy-by-design patterns embedded in delivery teams. The result is data that can move quickly with guardrails , without turning growth into hidden liability. Post-Quantum Risk makes crypto agility a design requirement Quantum computing is still emerging, but its security impact is already tangible because adversaries plan around time.

“Harvest now, decrypt later” turns encrypted traffic collected now into future leverage. “Trust now, forge later” carries the same logic into trust systems: certificates, signed code and long-lived signatures that anchor security decisions today could become vulnerable later. Governments have understood this timing problem and started to put dates on it, with first milestones as early as 2026 for EU governments and critical infrastructure operators to develop national post-quantum roadmaps and cryptographic inventories. Even if the rules start in the public sector, they travel fast through the supply chain and into the private sector.

This is why crypto agility becomes a design requirement rather than a future upgrade project. Cryptography is not a single control in one place. It is embedded across protocols, applications, identity systems, certificates, hardware, third-party products and cloud services. If an organization cannot rapidly locate where cryptography lives, understand what it protects and change it without breaking operations, it is not “waiting for PQC.” It is accumulating cryptographic debt under a regulatory clock.

Post-quantum preparedness therefore becomes less about picking replacement algorithms and more about building the ability to evolve: cryptographic asset visibility, disciplined key and certificate lifecycle management, upgradable trust anchors where possible and architectures that can rotate algorithms and parameters without disruption. Cryptographic risk is no longer a future problem. It is a present design decision with long-term consequences. Taken together, these shifts change what “good” looks like.

Security stops being judged by how much it covers and starts being judged by what it enables: resilience, clarity and controlled adaptation when conditions refuse to cooperate. The strongest security programs are not the most rigid ones. They are the ones that adapt without losing control. The digital environment does not promise stability, but it does reward preparation .

Organizations that integrate security across the system lifecycle, treat data as a strategic asset, engineer for cryptographic evolution and reduce human friction are better positioned to operate with confidence in a world that keeps shifting. Turbulence is no longer exceptional. It’s the baseline. The organizations that succeed are the ones designed to operate anyway.

Read Digital Security Magazine – 18th Edition . Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024

A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zero-day by a suspected China-nexus threat cluster dubbed UNC6201 since mid-2024, according to a new report from Google Mandiant and Google Threat Intelligence Group (GTIG). The activity involves the exploitation of CVE-2026-22769 (CVSS score: 10.0), a case of hard-coded credentials affecting versions prior to 6.0.3.1 HF1. Other products, including RecoverPoint Classic, are not vulnerable to the flaw. “This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability, leading to unauthorized access to the underlying operating system and root-level persistence,” Dell said in a bulletin released Tuesday.

The issue impacts the following products - RecoverPoint for Virtual Machines Version 5.3 SP4 P1 - Migrate from RecoverPoint for Virtual Machines 5.3 SP4 P1 to 6.0 SP3, and then upgrade to 6.0.3.1 HF1 RecoverPoint for Virtual Machines Versions 6.0, 6.0 SP1, 6.0 SP1 P1, 6.0 SP1 P2, 6.0 SP2, 6.0 SP2 P1, 6.0 SP3, and 6.0 SP3 P1 - Upgrade to 6.0.3.1 HF1 RecoverPoint for Virtual Machines Versions 5.3 SP4, 5.3 SP3, 5.3 SP2, and earlier - Upgrade to version 5.3 SP4 P1 or a 6.x version, and then apply the necessary remediation “Dell recommends that RecoverPoint for Virtual Machines be deployed within a trusted, access-controlled internal network protected by appropriate firewalls and network segmentation,” it noted . “RecoverPoint for Virtual Machines is not intended for use on untrusted or public networks.” Per Google, the hard-coded credential relates to an “admin” user for the Apache Tomcat Manager instance that could be used authenticate to the Dell RecoverPoint Tomcat Manager, upload a web shell named SLAYSTYLE via the “/manager/text/deploy” endpoint, and execute commands as root on the appliance to drop the BRICKSTORM backdoor and its newer version dubbed GRIMBOLT. “This is a C# backdoor compiled using native ahead-of-time (AOT) compilation, making it harder to reverse engineer,” Mandiant’s Charles Carmakal added . Google told The Hacker News that the activity has targeted organizations across North America, with GRIMBOLT incorporating features to better evade detection and minimize forensic traces on infected hosts.

“GRIMBOLT is even better at blending in with the system’s own native files,” it added. UNC6201 is also assessed to share overlaps with UNC5221 , another China-nexus espionage cluster known for its exploitation of virtualization technologies and Ivanti zero-day vulnerabilities to distribute web shells and malware families like BEEFLUSH, BRICKSTORM, and ZIPLINE. Despite the tactical similarities, the two clusters are assessed to be distinct at this stage. It’s worth noting that the use of BRICKSTORM has also been linked by CrowdStrike to a third China-aligned adversary tracked as Warp Panda in attacks aimed at U.S.

entities. A noteworthy aspect of the latest set of attacks revolves around UNC6201’s reliance on temporary virtual network interfaces – referred to as “Ghost NICs” – to pivot from compromised virtual machines into internal or SaaS environments, and then delete those NICs to cover up the tracks in an effort to impede investigation efforts. “Consistent with the earlier BRICKSTORM campaign, UNC6201 continues to target appliances that typically lack traditional endpoint detection and response (EDR) agents to remain undetected for long periods,” Google said. Exactly how initial access is obtained remains unclear, but like UNC5221, it’s also known to target edge appliances to break into target networks.

An analysis of the compromised VMware vCenter appliances has also uncovered iptable commands executed by means of the web shell to perform the following set of actions - Monitor incoming traffic on port 443 for a specific HEX string Add the source IP address of that traffic to a list and if the IP address is on the list and connects to port 10443, the connection is ACCEPTED Silently redirect subsequent traffic to port 443 to port 10443 for the next 300 seconds (five minutes) if the IP is on the approved list Furthermore, the threat actor has been found replacing old BRICKSTORM binaries with GRIMBOLT in September 2025. While GRIMBOLT also provides a remote shell capability and uses the same command-and-control (C2) as BRICKSTORM, it’s not known what prompted the shift to the harder-to-detect malware, and whether it was a planned transition or a response to public disclosures about BRICKSTORM. “Nation-state threat actors continue targeting systems that don’t commonly support EDR solutions, which makes it very hard for victim organizations to know they are compromised and significantly prolongs intrusion dwell times,” Carmakal said. The disclosure comes as Dragos warned of attacks mounted by Chinese groups like Volt Typhoon (aka Voltzite ) to compromise Sierra Wireless Airlink gateways located in electric and oil and gas sectors, followed by pivoting to engineering workstations to dump config and alarm data.

The activity, according to the cybersecurity company, took place in July 2025. The hacking crew is said to acquire initial access from Sylvanite, which rapidly weaponizes edge device vulnerabilities before patches are applied and hands off access for deeper operational technology (OT) intrusions. “Voltzite moved beyond data exfiltration to direct manipulation of engineering workstations investigating what would trigger processes to stop,” Dragos said . “ This represents the removal of the last practical barrier between having access and causing physical consequences.

Cellular gateways create unauthorized pathways into OT networks bypassing traditional security controls.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

3 Ways to Start Your Intelligent Workflow Program

Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isn’t enough. 88% of AI proofs-of-concept never make it to production, even though 70% of workers cite freeing time for high-value work as the primary AI automation motivation. Real impact comes from intelligent workflows that combine automation, AI-driven decisioning, and human ingenuity into seamless processes that work across teams and systems.

In this article, we’ll highlight three use cases across Security and IT that can serve as powerful starting points for your intelligent workflow program. For each use case, we’ll share a pre-built workflow to help you tackle real bottlenecks in your organization with automation while connecting directly into your existing tech stack. These use cases are great starting points to help you turn theory into practice and achieve measurable gains from day one. Workflow #1 Automated Phishing Response For security teams, responding to phishing emails can be a slow, burdensome process given the number of alerts and the growing sophistication of phishing attacks.

By streamlining phishing analysis with automated workflows, security teams of all sizes get time back to focus on more critical issues and alerts. Our first workflow, Analyze phishing email senders, URLs, and attachments , uses VirusTotal, URLScan.io, and Sublime Security to analyze key aspects of phishing emails such as file attachments, website behavior, email sender reputation, and detection rule matching. It then consolidates all of the results and displays them in a Tines page, which can be sent via email for archiving or further analysis. Workflow #2 Agents for IT Service Request Automation IT service desks are often overwhelmed with repetitive, time-consuming requests like password resets, software access provisioning, hardware troubleshooting, and account management.

These tasks pull valuable technical resources away from strategic initiatives. When AI agents are deployed to handle these routine service requests, organizations can dramatically reduce response times from hours to seconds, be more likely to ensure 24/7 availability, and free IT teams to focus on complex problems that require human expertise. The Automate IT service requests using Slack and agents workflow creates AI agents to categorize and process IT service requests. From a Slack message, the workflow categorizes requests into 3 categories: password resets, application access, or another action.

Each request is then handled by a specialized agent. The password reset agent verifies user identity and management relationships before processing. The application request agent identifies the correct application owner and facilitates access. Responses are handled over Slack, creating a self-serve flow that reduces manual IT involvement while letting teams decide when AI acts and when humans stay in the loop.

Workflow #3 Monitor and Manage Vulnerabilities Security teams face an unrelenting stream of newly disclosed vulnerabilities. CISA’s Known Exploited Vulnerabilities catalog is updated continuously as threat actors actively weaponize critical flaws. Automating the connection between vulnerability intelligence feeds and your asset inventory transforms this reactive scramble into a proactive rather than reactive defense. By automating the vulnerability detection process, security teams can cut response windows from days to minutes, and ensure they prioritize patching efforts based on real exposure rather than theoretical risk.

Without automation, organizations rely on manual monitoring of security bulletins, time-consuming spreadsheet comparisons between vulnerability databases and asset inventories, and delayed communications that leave critical gaps unaddressed while attackers move at machine speed. The result is increased breach risk, compliance failures, and security teams buried in manual triage work instead of strategic threat hunting and remediation. The Check for new CISA vulnerabilities workflow monitors the CISA Vulnerability RSS feed and then uses the Tenable Vulnerability Management platform to check for any vulnerable systems. If vulnerabilities are detected, a message is sent via Microsoft Teams.

Intelligent Workflows that Keep Humans in the Loop Intelligent workflows aren’t about replacing people, they’re about amplifying them. The three workflows above demonstrate how you can quickly move from isolated automation to connected, intelligent systems that blend AI, integrations, and human oversight to solve real operational problems. Whether you’re responding to security threats, streamlining IT requests, or improving visibility into risk, these pre-built workflows provide practical, production-ready foundations you can adapt and extend as your needs evolve. Tines’ intelligent workflow platform unites automation, AI agents, and human-in-the-loop controls to reduce repetitive “muckwork,” speed execution, and free teams to focus on higher-value work — while ensuring governance, integration, and scale so pilots don’t stall before they realize true value.

Get started today with one of these pre-built workflows or another from our broader story library. Prove the value first-hand and use it as a blueprint to scale an intelligent workflow program that drives meaningful impact across your organization. Found this article interesting? This article is a contributed piece from one of our valued partners.

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a “double lock” design that aims to make the update process “robust and effectively unexploitable.” This includes verification of the signed installer downloaded from GitHub (implemented in version 8.8.9 and later), as well as the newly added verification of the signed XML returned by the update server at notepad-plus-plus[.]org. In addition to these enhancements, security-focused changes have been introduced to WinGUp, the auto-updater component - Removal of libcurl.dll to eliminate DLL side-loading risk Removal of two unsecured cURL SSL options: CURLSSLOPT_ALLOW_BEAST and CURLSSLOPT_NO_REVOKE Restriction of plugin management execution to programs signed with the same certificate as WinGUp The update also addresses a high-severity vulnerability (CVE-2026-25926, CVSS score: 7.3) that could result in arbitrary code execution in the context of the running application. “An Unsafe Search Path vulnerability ( CWE-426 ) exists when launching Windows Explorer without an absolute executable path,” Ho said .

“This may allow execution of a malicious explorer.exe if an attacker can control the process working directory. Under certain conditions, this could lead to arbitrary code execution in the context of the running application.” The development comes weeks after Notepad++ disclosed that a breach at the hosting provider level enabled threat actors to hijack update traffic starting June 2025 and redirect requests from certain users to malicious servers to serve a poisoned update. The issue was detected in early December 2025. According to Rapid7 and Kaspersky, the tampered updates enabled the attackers to deliver a previously undocumented backdoor dubbed Chrysalis .

The supply chain incident, tracked under the CVE identifier CVE-2025-15556 (CVSS score: 7.7), has been attributed to a China-nexus hacking group called Lotus Panda. The attack is assessed to have targeted individuals and organizations located in Vietnam, El Salvador, Australia, the Philippines, the U.S., South America, and Europe, spanning cloud hosting, energy, financial, government, manufacturing, and software development sectors, per data from Kaspersky and Palo Alto Networks Unit 42. Notepad++ users are recommended to update to version 8.9.2, and make sure that the installers are downloaded from the official domain. Found this article interesting?

CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2026-2441 (CVSS score: 8.8) - A use-after-free vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2024-7694 (CVSS score: 7.2) - An arbitrary file upload vulnerability in TeamT5 ThreatSonar Anti-Ransomware versions 3.4.5 and earlier that could allow an attacker to upload malicious files and achieve arbitrary system command execution on the server.

CVE-2020-7796 (CVSS score: 9.8) - A server-side request forgery (SSRF) vulnerability in Synacor Zimbra Collaboration Suite (ZCS) that could allow an attacker to send a crafted HTTP request to a remote host and obtain unauthorized access to sensitive information. CVE-2008-0015 (CVSS score: 8.8) - A stack-based buffer overflow vulnerability in Microsoft Windows Video ActiveX Control that could allow an attacker to achieve remote code execution by setting up a specially crafted web page. The addition of CVE-2026-2441 to the KEV catalog comes days after Google acknowledged that “an exploit for CVE-2026-2441 exists in the wild.” It’s currently not known how the vulnerability is being weaponized, but such information is typically withheld until a majority of the users are updated with a fix so as to prevent other threat actors from joining the exploitation bandwagon. As for CVE-2020-7796, a report published by threat intelligence firm GreyNoise in March 2025 revealed that a cluster of about 400 IP addresses was actively exploiting multiple SSRF vulnerabilities, including CVE-2020-7796, to target susceptible instances in the U.S., Germany, Singapore, India, Lithuania, and Japan.

“When a user visits a web page containing an exploit detected as Exploit:JS/CVE-2008-0015, it may connect to a remote server and download other malware,” Microsoft notes in its threat encyclopedia. It also said it’s aware of cases where the exploit is used to download and execute Dogkild , a worm that propagates via removable drives. The worm comes with capabilities to retrieve and run additional binaries, overwrite certain system files, terminate a long list of security-related processes, and even replace the Windows Hosts file in an attempt to prevent users from accessing websites associated with security programs. It’s presently unclear how the TeamT5 ThreatSonar Anti-Ransomware vulnerability is being exploited.

Federal Civilian Executive Branch (FCEB) agencies are recommended to apply the necessary fixes by March 10, 2026, for optimal protection. Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Webinar: How Modern SOC Teams Use AI and Context to Investigate Cloud Breaches Faster

Cloud attacks move fast — faster than most incident response teams. In data centers, investigations had time. Teams could collect disk images, review logs, and build timelines over days. In the cloud, infrastructure is short-lived.

A compromised instance can disappear in minutes. Identities rotate. Logs expire. Evidence can vanish before analysis even begins.

Cloud forensics is fundamentally different from traditional forensics. If investigations still rely on manual log stitching, attackers already have the advantage. Register: See Context-Aware Forensics in Action ➜ Why Traditional Incident Response Fails in the Cloud Most teams face the same problem: alerts without context. You might detect a suspicious API call, a new identity login, or unusual data access — but the full attack path remains unclear across the environment.

Attackers use this visibility gap to move laterally, escalate privileges, and reach critical assets before responders can connect the activity. To investigate cloud breaches effectively, three capabilities are essential: Host-Level Visibility: See what occurred inside workloads, not just control-plane activity. Context Mapping: Understand how identities, workloads, and data assets connect. Automated Evidence Capture: If evidence collection starts manually, it starts too late.

What Modern Cloud Forensics Looks Like In this webinar session, you will see how automated, context-aware forensics works in real investigations . Instead of collecting fragmented evidence, incidents are reconstructed using correlated signals such as workload telemetry, identity activity, API operations, network movement, and asset relationships. This allows teams to rebuild complete attack timelines in minutes, with full environmental context. Cloud investigations often stall because evidence lives across disconnected systems.

Identity logs reside in one console, workload telemetry in another, and network signals elsewhere. Analysts must pivot across tools just to validate a single alert, slowing response and increasing the chance of missing attacker movement. Modern cloud forensics consolidates these signals into a unified investigative layer. By correlating identity actions, workload behavior, and control-plane activity, teams gain clear visibility into how an intrusion unfolded — not just where alerts triggered.

Investigations shift from reactive log review to structured attack reconstruction. Analysts can trace sequences of access, movement, and impact with context attached to every step. The result is faster scoping, clearer attribution of attacker actions, and more confident remediation decisions — without relying on fragmented tooling or delayed evidence collection. Register for the Webinar ➜ Join the session to see how context-aware forensics makes cloud breaches fully visible.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Cybersecurity researchers have disclosed that artificial intelligence (AI) assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control (C2) relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade detection. The attack method, which has been demonstrated against Microsoft Copilot and xAI Grok, has been codenamed AI as a C2 proxy by Check Point. It leverages “anonymous web access combined with browsing and summarization prompts,” the cybersecurity company said. “The same mechanism can also enable AI-assisted malware operations, including generating reconnaissance workflows, scripting attacker actions, and dynamically deciding ‘what to do next’ during an intrusion.” The development signals yet another consequential evolution in how threat actors could abuse AI systems, not just to scale or accelerate different phases of the cyber attack cycle, but also leverage APIs to dynamically generate code at runtime that can adapt its behavior based on information gathered from the compromised host and evade detection.

AI tools already act as a force multiplier for adversaries , allowing them to delegate key steps in their campaigns, whether it be for conducting reconnaissance, vulnerability scanning, crafting convincing phishing emails, creating synthetic identities, debugging code, or developing malware. But AI as a C2 proxy goes a step further. It essentially leverages Grok and Microsoft Copilot’s web-browsing and URL-fetch capabilities to retrieve attacker-controlled URLs and return responses through their web interfaces, essentially transforming it into a bidirectional communication channel to accept operator-issued commands and tunnel victim data out. Notably, all of this works without requiring an API key or a registered account, thereby rendering traditional approaches like key revocation or account suspension useless.

Viewed differently, this approach is no different from attack campaigns that have weaponized trusted services for malware distribution and C2. It’s also referred to as living-off-trusted-sites ( LOTS ). However, for all this to happen, there is a key prerequisite: the threat actor must have already compromised a machine by some other means and installed malware, which then uses Copilot or Grok as a C2 channel using specially crafted prompts that cause the AI agent to contact the attacker-controlled infrastructure and pass the response containing the command to be executed on the host back to the malware. Check Point also noted that an attacker could go beyond command generation to make use of the AI agent to devise an evasion strategy and determine the next course of action by passing details about the system and validating if it’s even worth exploiting.

“Once AI services can be used as a stealthy transport layer, the same interface can also carry prompts and model outputs that act as an external decision engine, a stepping stone toward AI-Driven implants and AIOps-style C2 that automate triage, targeting, and operational choices in real time,” Check Point said. The disclosure comes weeks after Palo Alto Networks Unit 42 demonstrated a novel attack technique where a seemingly innocuous web page can be turned into a phishing site by using client-side API calls to trusted large language model (LLM) services for generating malicious JavaScript dynamically in real time. The method is similar to Last Mile Reassembly ( LMR ) attacks, which involves smuggling malware through the network via unmonitored channels like WebRTC and WebSocket, and piecing them directly in the victim’s browser, effectively bypassing security controls in the process. “Attackers could use carefully engineered prompts to bypass AI safety guardrails, tricking the LLM into returning malicious code snippets,” Unit 42 researchers Shehroze Farooqi, Alex Starov, Diva-Oriane Marty, and Billy Melicher said .

“These snippets are returned via the LLM service API, then assembled and executed in the victim’s browser at runtime, resulting in a fully functional phishing page.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.

Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates

A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky. The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu , in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build phase. Keenadu has been detected in Alldocube iPlay 50 mini Pro firmware dating back to August 18, 2023. In all cases, the backdoor is embedded within tablet firmware, and the firmware files carry valid digital signatures.

The names of the other vendors were not disclosed. “In several instances, the compromised firmware was delivered with an OTA update,” security researcher Dmitry Kalinin said in an exhaustive analysis published today. “A copy of the backdoor is loaded into the address space of every app upon launch. The malware is a multi-stage loader granting its operators the unrestricted ability to control the victim’s device remotely.” Some of the payloads retrieved by Keenadu allow it to hijack the search engine in the browser, monetize new app installs, and stealthily interact with ad elements.

One of the payloads has been found embedded in several standalone apps distributed via third-party repositories, as well as official app marketplaces like Google Play and Xiaomi GetApps. Telemetry data suggests that 13,715 users worldwide have encountered Keenadu or its modules, with the majority of the users attacked by the malware located in Russia, Japan, Germany, Brazil, and the Netherlands. Keenadu was first disclosed by Kaspersky in late December 2025, describing it as a backdoor in libandroid_runtime.so, a critical shared library in the Android operating system that’s loaded during boot. Once it’s active on an infected device, it’s injected into the Zygote process, a behavior also observed in another Android malware called Triada .

The malware is invoked by means of a function call added to the libandroid_runtime.so, following which it checks if it’s running within system apps belonging either to Google services or to cellular carriers like Sprint or T-Mobile. If so, the execution is aborted. It also has a kill switch to terminate itself if it finds files with certain names in system directories. “Next, the Trojan checks if it is running within the system_server process,” Kalinin said.

“This process controls the entire system and possesses maximum privileges; it is launched by the Zygote process when it starts.” If this check is true, the malware proceeds to create an instance of the AKServer class. Otherwise, it creates an instance of the AKClient class. The AKServer component contains the core logic and command-and-control (C2) mechanism, while AKClient is injected into every app launched on the device and serves as the bridge for interacting with AKServer. This client-server architecture enables AKServer to execute custom malicious payloads tailored to the specific app it has targeted.

AKServer also exposes another interface that malicious modules downloaded within the contexts of other apps can use to grant or revoke permissions to/from an arbitrary app on the device, get the current location, and exfiltrate device information. The AKServer component is also designed to run a series of checks that cause the malware to terminate if the interface language is Chinese and the device is located within a Chinese time zone, or if Google Play Store or Google Play Services are absent from the device. Once the necessary criteria are satisfied, the Trojan decrypts the C2 address and sends device metadata in encrypted format to the server. In response, the server returns an encrypted JSON object containing details about the payloads.

However, in what appears to be an attempt to complicate analysis and evade detection, an added check built into the backdoor prevents the C2 server from serving any payloads until 2.5 months have elapsed since the initial check-in. “The attacker’s server delivers information about the payloads as an object array,” Kaspersky explained. “Each object contains a download link for the payload, its MD5 hash, target app package names, target process names, and other metadata. Notably, the attackers chose Alibaba Cloud as their CDN provider.” Some of the identified malicious modules are listed below - Keenadu loader , which targets popular online storefronts like Amazon, Shein, and Temu to deliver unspecified payloads.

However, it’s suspected that they make it possible to add items to the apps’ shopping carts without the victim’s knowledge. Clicker loader , which is injected into YouTube, Facebook, Google Digital Wellbeing, and Android System launcher to deliver payloads that can interact with advertising elements on gaming, recipes, and news websites. Google Chrome module , which targets the Chrome browser to hijack search requests and redirect them to a different search engine. However, it’s worth noting that the hijacking attempt may fail if the victim selects an option from the autocomplete suggestions based on keywords entered in the address bar.

Nova clicker , which is embedded within the system wallpaper picker and uses machine learning and WebRTC to interact with advertising elements. The same component was codenamed Phantom by Doctor Web in an analysis published last month. Install monetization , which is embedded into the system launcher and monetizes app installations by deceiving advertising platforms into believing that an app was installed from a legitimate ad tap. Google Play module , which retrieves the Google Ads advertising ID and stores it under the key “S_GA_ID3” for likely use by other modules for uniquely identifying a victim.

Kaspersky said it also identified other Keenadu distribution vectors, including by embedding the Keenadu loader within various system apps, such as the facial recognition service and system launcher, in the firmware of several devices. This tactic has been observed in another Android malware known as Dwphon , which was integrated into system apps responsible for OTA updates. A second method concerns a Keenadu loader artifact that’s designed to operate within a system where the system_server process had already been compromised by a different pre-installed backdoor that shares similarities with BADBOX . That’s not all.

Keenadu has also been discovered being propagated via trojanized apps for smart cameras on Google Play. The names of the apps, which were published by a developer named Hangzhou Denghong Technology Co., Ltd., are as follows - Eoolii (com.taismart.global) - 100,000+ downloads Ziicam (com.ziicam.aws) - 100,00+ downloads Eyeplus-Your home in your eyes (com.closeli.eyeplus) - 100,000+ downloads While these apps are no longer available for download from Google Play, the developer has published the same set of apps to the Apple App Store as well. When reached for comment, Kaspersky told The Hacker News that the iOS versions of the apps do not include the malicious functionality. This lends credence to the prevailing view that Keenadu is mainly designed to target Android tablets.

With BADBOX acting as a distribution vector for Keenadu in some cases, further analysis has also uncovered infrastructure connections between Triada and BADBOX, indicating that these botnets are interacting with one another. In March 2025, HUMAN said it identified overlaps between BADBOX and Vo1d , an Android malware targeting off-brand Android-based TV boxes. The discovery of Keenadu is troubling for two main reasons - Given that the malware is embedded in libandroid_runtime.so, it operates within the context of every app on the device. This allows it to gain covert access to all data and render Android’s app sandboxing ineffective.

The malware’s ability to bypass permissions used to control app privileges within the operating system turns it into a backdoor that grants attackers unfettered access and control over the compromised device. “Developers of pre-installed backdoors in Android device firmware have always stood out for their high level of expertise,” Kaspersky concluded. “This is still true for Keenadu: the creators of the malware have a deep understanding of the Android architecture, the app startup process, and the core security principles of the operating system.” “Keenadu is a large-scale, complex malware platform that provides attackers with unrestricted control over the victim’s device. Although we have currently shown that the backdoor is used primarily for various types of ad fraud, we do not rule out that in the future, the malware may follow in Triada’s footsteps and begin stealing credentials.” Update Following the publication of the story, Google confirmed to The Hacker News that the three identified malicious apps have been removed from Google Play, urging users to ensure that their devices are Play Protect certified.

The entire statement from the Google spokesperson has been reproduced verbatim below - Android users are automatically protected from known versions of this malware by Google Play Protect , which is on by default on Android devices with Google Play Services. Google Play Protect can warn users and disable apps known to exhibit Keenadu-associated behavior, even when those apps come from sources outside of Play. As a best security practice, we recommend users ensure their device is Play Protect certified . Found this article interesting?

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

Cybersecurity researchers have disclosed details of a new SmartLoader campaign that involves distributing a trojanized version of a Model Context Protocol ( MCP ) server associated with Oura Health to deliver an information stealer known as StealC . “The threat actors cloned a legitimate Oura MCP Server – a tool that connects AI assistants to Oura Ring health data – and built a deceptive infrastructure of fake forks and contributors to manufacture credibility,” Straiker’s AI Research (STAR) Labs team said in a report shared with The Hacker News. The end game is to leverage the trojanized version of the Oura MCP server to deliver the StealC infostealer, allowing the threat actors to steal credentials, browser passwords, and data from cryptocurrency wallets. SmartLoader, first highlighted by OALABS Research in early 2024, is a malware loader that’s known to be distributed via fake GitHub repositories containing artificial intelligence (AI)-generated lures to give the impression that they are legitimate.

In an analysis published in March 2025, Trend Micro revealed that these repositories are disguised as game cheats, cracked software, and cryptocurrency utilities, typically coaxing victims with promises of free or unauthorized functionality to make them download ZIP archives that deploy SmartLoader. The latest findings from Straiker highlight a new AI twist, with threat actors creating a network of bogus GitHub accounts and repositories to serve trojanized MCP servers and submitting them to legitimate MCP registries like MCP Market . The MCP server is still listed on the MCP directory. By poisoning MCP registries and weaponizing platforms like GitHub, the idea is to leverage the trust and reputation associated with these services to lure unsuspecting users into downloading malware.

“Unlike opportunistic malware campaigns that prioritize speed and volume, SmartLoader invested months building credibility before deploying their payload,” the company said. “This patient, methodical approach demonstrates the threat actor’s understanding that developer trust requires time to manufacture, and their willingness to invest that time for access to high-value targets.” The attack essentially unfolded over four stages - Created at least 5 fake GitHub accounts (YuzeHao2023, punkpeye, dvlan26, halamji, and yzhao112) to build a collection of seemingly legitimate repository forks of Oura MCP server , the original project that provides access to the Oura API. Created another Oura MCP server repository with the malicious payload under a new account “SiddhiBagul” Added the newly created fake accounts as “contributors” to lend a veneer of credibility, while deliberately excluding the original author from contributor lists Submitted the trojanized MCP server to MCP Market This also means that users who end up searching for the Oura MCP server on the registry would end up finding the rogue server listed among other benign alternatives. Once launched via a ZIP archive, it results in the execution of an obfuscated Lua script that’s responsible for dropping SmartLoader, which then proceeds to deploy StealC.

The evolution of the SmartLoader campaign indicates a shift from attacking users looking for pirated software to developers, whose systems have become high-value targets, given that they tend to contain sensitive data such as API keys, cloud credentials, cryptocurrency wallets, and access to production systems. The stolen data could then be abused to fuel follow-on intrusions. As mitigations to combat the threat, organizations are recommended to inventory installed MCP servers, establish a formal security review before installation, verify the origin of MCP servers, and monitor for suspicious egress traffic and persistence mechanisms. “This campaign exposes fundamental weaknesses in how organizations evaluate AI tooling,” Straiker said.

“SmartLoader’s success depends on security teams and developers applying outdated trust heuristics to a new attack surface.” Found this article interesting? Follow us on Google News , Twitter and LinkedIn to read more exclusive content we post.