February Patch Tuesday delivers 57 packages
After January’s deluge, a calmer update volume returns
Similar Posts
Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025
Bys sCybersecurity researchers have shed light on a new campaign targeting Brazilian users since the start of 2025 to infect users with a malicious extension for Chromium-based web browsers and siphon user authentication data. “Some of the phishing emails were sent from the servers of compromised companies, increasing the chances of a successful attack,” Positive Technologies…
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
Bys sCybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious….
Meta fixes bug that could leak users’ AI prompts and generated content
Bys sZack Whittaker reports: Meta has fixed a security bug that allowed Meta AI chatbot users to access and view the private prompts and AI-generated responses of other users. Sandeep Hodkasia, the founder of security testing firm AppSecure, exclusively told TechCrunch that Meta paid him $10,000 in a bug bounty reward for privately disclosing the bug…
Nikkei Says 17,000 Impacted by Data Breach Stemming From Slack Account Hack
Bys sEduard Kovacs reports: Japanese media giant Nikkei on Tuesday reported that hackers had gained access to employee Slack accounts, stealing information pertaining to thousands of individuals. Nikkei, which is best known for major financial publications such as The Nikkei and Financial Times, said the incident involved malware stealing Slack credentials from an employee’s personal computer…….
Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents
Bys sCybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX. Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool…
How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024
Bys sDom DiFurio reports: In October, four companies collectively paid nearly $7 million as part of a settlement with the Securities and Exchange Commission for allegedly failing to properly inform investors of a cyberbreach affecting their companies, a liability American businesses have not previously faced. The companies were compromised in a cyberattack targeting their IT software provider in…