CyberSecure Specialist

20 Feb

PromptSpy ushers in the era of Android threats using GenAI

Information

ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to similar ends already – just recently, researchers at Dr.WEB found Android.Phantom, which uses TensorFlow machine learning models to analyze advertisement screenshots and automatically click on detected elements for large scale ad fraud – this is the first time we have seen generative AI deployed in this manner. Because the attackers…

Read More
18 Feb

Is it OK to let your children post selfies online?

Information

Kids Online When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech. Phil Muncaster 17 Feb 2026  •  , 4 min. read The lives our children lead today are very different to our own, 20, 30 or even 40-plus years ago. And the main reason for that difference is technology. For good and bad, the advent of smartphones and social media has…

Read More
17 Feb

VulnCheck Raises $25 Million in Series B Funding to Scale Vulnerability Intelligence

Information, News

Vulnerability intelligence company VulnCheck announced on Tuesday that it has raised $25 million to meet demand for its solutions. The Series B funding round, which brings the total raised by the company to $45 million, was led by Sorenson Capital, with participation from National Grid Partners, Ten Eleven Ventures, and In-Q-Tel. The money will be used to expand product development and scale growth. VulnCheck provides a platform for tracking the lifecycle of vulnerabilities and their…

Read More
14 Feb

Naming and shaming: How ransomware groups tighten the screws on victims

Information

Ransomware When corporate data is exposed on a dedicated leak site, the consequences linger long after the attack fades from the news cycle 12 Feb 2026  •  , 6 min. read In the realm of cybercrime, change is arguably the only constant. While cyber-extortion as a broader category of crime has proved its staying power, ransomware – its arguably most damaging ‘flavor’ – doesn’t live or die on encryption alone. The playbook of ‘yore’ largely…

Read More
11 Feb

Kimwolf Botnet Swamps Anonymity Network I2P

Information, Insights

For the past week, the massive “Internet of Things” (IoT) botnet known as Kimwolf has been disrupting The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet’s control servers. Kimwolf is a botnet that surfaced in late 2025 and quickly infected millions…

Read More
11 Feb

Taxing times: Top IRS scams to look out for in 2026

Information

It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy. Phil Muncaster 10 Feb 2026  •  , 5 min. read To misquote Benjamin Franklin, nothing is certain in this world except for death, taxes and scammers. Unfortunately, with tax filing season now in full swing, the fraudsters are also out in force, doing their best to cash in. The risk of unwittingly sharing personal and…

Read More
10 Feb

Patch Tuesday, February 2026 Edition

Information, Insights

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six “zero-day” vulnerabilities that attackers are already exploiting in the wild. Zero-day #1 this month is CVE-2026-21510, a security feature bypass vulnerability in Windows Shell wherein a single click on a malicious link can quietly bypass Windows protections and run attacker-controlled content without warning or consent dialogs. CVE-2026-21510 affects all currently…

Read More
10 Feb

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

Attacks, Insights, Malware

The purpose of this Alert is to amplify Poland’s Computer Emergency Response Team (CERT Polska’s) Energy Sector Incident Report published on Jan. 30, 2026, and highlight key mitigations for Energy Sector stakeholders.  In December 2025, a malicious cyber actor(s) targeted and compromised operational technology (OT) and industrial control systems (ICS) in Poland’s Energy Sector—specifically renewable energy plants, a combined heat and power plant, and a manufacturing sector company—in a cyber incident. The malicious cyber activity…

Read More
07 Feb

Organizations Urged to Replace Discontinued Edge Devices

Information, News

US and UK government agencies this week warned of the risks posed by discontinued edge devices, urging organizations to replace them as soon as possible. Edge devices include firewalls, IoT, load balancers, network security appliances, routers, switches, wireless access points, and other software and hardware appliances that route network traffic. Edge devices that have reached end-of-support (EOS) status and no longer receive security updates pose a significant risk to federal networks and enterprise environments, as…

Read More
05 Feb

OfferUp scammers are out in force: Here’s what you should know

Information

The mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams. Phil Muncaster 04 Feb 2026  •  , 6 min. read OfferUp has been in business for nearly 15 years. Although little known outside the US, the marketplace app competes for consumer hearts and minds with industry giants Craigslist, Facebook Marketplace and eBay. And like them, it has a problem with fraud. If…

Read More