2026

Supply chain attacks now fuel a ‘self-reinforcing’ cybercrime economy

Researchers say breaches link identity abuse, SaaS compromise, and ransomware into a cascading cycle Cybercriminals are turning supply chain attacks into an industrial-scale operation, linking breaches, credential theft, and ransomware into a "self-reinforcing" ecosystem, researchers say.…

Feeling brave? Ministry of Defence seeks £300K digital boss to manage £4.6B spend

Whoever gets it will steer UK department's IT, AI strategy, and megabucks vendor deals The UK Ministry of Defence (MoD) is offering between £270,000 to £300,000 for a senior digital leader who will oversee more than £4.6 billion in spending and more than 3,000 specialist staff.…

Google: China’s APT31 used Gemini to plan cyberattacks against US orgs

Meanwhile, IP-stealing 'distillation attacks' on the rise A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.…

Microsoft warns that poisoned AI buttons and links may betray your trust

Businesses are embedding prompts that produce content they want you to read, not the stuff AI makes if left to its own devices Amid its ongoing promotion of AI’s wonders, Microsoft has warned customers it has found many instances of a technique that manipulates the technology to produce…

Were telcos tipped off to *that* ancient Telnet bug? Cyber pros say the signs stack up

Curious port filtering and traffic patterns suggest advisories weren’t the earliest warning signals sent Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise.…

Payroll pirates are conning help desks to steal workers’ identities and redirect paychecks

Attackers using social engineering to exploit business processes, rather than tunnelling in via tech Exclusive  When fraudsters go after people's paychecks, "every employee on earth becomes a target," according to Binary Defense security sleuth John Dwyer.…

Notepad’s new Markdown powers served with a side of remote code execution

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).…

Legacy systems blamed as ministers promise no repeat of Afghan breach

UK government grilled over progress made to prevent a second life-threatening leak Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.…

Microsoft’s Valentine’s gift to admins: 6 exploited zero-day fixes

Roses are red, violets are blue ... now get patching What better way to say I love you than with an update? Attackers exploited a whopping six Microsoft bugs as zero-days prior to Redmond releasing software fixes on February's Patch Tuesday.…

AI agents spill secrets just by previewing malicious links

Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you're feeling bold, chat for you in a messaging app. But beware: attackers can use malicious prompts in chat to trick an AI…

Copyright © 2026 Lugapel