Latest news as of 2/18/2026, 9:17:43 PM
Dark Reading
A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent access, and deploy malware.
Bleeping Computer
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that allows unauthorized access to feeds or account hijacking. [...]
The Register
Latest in a rash of grab-and-leak data incidents CarGurus allegedly suffered a data breach with 1.7 million corporate records stolen, according to a notorious cybercrime crew that posted the online vehicle marketplace on its leak site on Wednesday.…
Bleeping Computer
AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate command-and-control (C2) activity. [...]
Dark Reading
Discover a strategic approach to govern scraping risks, balance security with business growth, and safeguard intellectual capital from automated data harvesting.
The Register
'First time we have detected a crime using this method,' cops say Spanish police arrested a hacker who allegedly manipulated a hotel booking website, allowing him to pay one cent for luxury hotel stays. He also raided the mini-bars and didn't settle some of those tabs, police say.…
The Hacker News
New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident's phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto's Munk School of Global Affairs & Public
The Register
State disputes the company's claim that its routers are made in Vietnam TP-Link is facing legal action from the state of Texas for allegedly misleading consumers with "Made in Vietnam" claims despite China-dominated manufacturing and supply chains, and for marketing its devices as secure despite reported firmware vulnerabilities exploited by Chinese state-sponsored actors.…
The Hacker News
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stack-based buffer overflow that could result in remote code
The Register
National rail bookings and timetables disrupted for nearly 24 hours If you wanted to book a train trip in Germany recently, you would have been out of luck. The country's national rail company says that its services were disrupted for hours because of a cyberattack.…