piyokango

VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731) CVE-2026-1731 is an RCE vulnerability in identity platform BeyondTrust. This flaw allows attackers control of systems without login credentials.

BeyondTrustの深刻な脆弱性（CVE-2026-1731）を悪用したVShellとSparkRATを確認
#CybersecurityNews
unit42.paloaltonetworks.com/beyondtrust-...

Remcos Revisited: Inside the RAT’s Evolving Command-and-Control Techniques | Point Wild

Remcos再考：RATの進化するコマンドアンドコントロール技術の内幕
#CybersecurityNews
www.pointwild.com/threat-intel...

LLM-generated passwords 'fundamentally weak,' experts say : Seemingly complex strings are actually highly predictable, crackable within hours

AIが生成したパスワード、ランダムではなくランダムに見えるだけ
#CybersecurityNews
www.theregister.com/2026/02/18/g...

Record Number of Ransomware Victims and Groups in 2025 Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025

2025年のランサムウェア被害者数とグループ数が過去最高に
#CybersecurityNews
www.infosecurity-magazine.com/news/record-...

Chinese APT Group Exploits Dell Zero-Day for Two Years Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines

中国のAPTグループがDellのゼロデイ攻撃を2年間にわたり悪用
#CybersecurityNews
www.infosecurity-magazine.com/news/chinese...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

ClickFix の新しい攻撃、 nslookup を悪用し、DNS 経由で PowerShell ペイロードを取得
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

How ClickFix Opens the Door to Stealthy StealC Information Stealer This analysis examines an attack chain targeting Windows systems through social engineering using fake CAPTCHA to trick users into executing PowerShell commands.

ClickFix、ステルス性の高いStealC インフォスティーラーへの扉を開く仕組み
#CybersecurityNews
www.levelblue.com/blogs/spider...

PromptSpy is the first known Android malware to use generative AI at runtime Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google's Gemini model to adapt its persistence across different devices.

PromptSpy、実行時に生成AIを使用する最初のAndroidマルウェア
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

ClickFix攻撃、Macのインフォスティーラー拡散目的にClaude LLMのアーティファクト悪用
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealt...

「Starkiller」フィッシングサービスプロキシ、本物のログインページとMFA
#CybersecurityNews
krebsonsecurity.com/2026/02/star...

Hacker reveals 6.8 billion emails online and warns victims “your data is public” Attacker posts 6.8 billion email addresses online, though researchers estimate only 3 billion are legitimate. The massive database enables unprecedented phishing attacks.

ハッカーが68億通のメールをオンラインで公開、被害者に「あなたのデータは公開されています」と警告
#CybersecurityNews
cybernews.com/security/mas...

Apple discloses first actively exploited zero-day of 2026 The vendor said the memory-corruption defect was exploited to target specific people, but it did not describe the objectives of the attack.

Apple、2026年に初めて実際に悪用されたゼロデイ脆弱性を公開
#CybersecurityNews
cyberscoop.com/apple-zero-d...

Russia tries to block WhatsApp, Telegram in communication blockade The Russian government is attempting to block WhatsApp in the country as its crackdown on communication platforms not under its control intensifies.

ロシア、通信封鎖でWhatsAppとTelegramをブロックしようと試みる
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

AMOS infostealer targets macOS through a popular AI app AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the...

AMOSインフォスティーラー、人気のAIアプリを通じてmacOSを標的に
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Fake AI Chrome extensions with 300K users steal credentials, emails A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information.

利用者30万人の偽AI Chrome拡張機能、認証情報やメールを盗む
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Time to Exploit Plummets as N-Day Flaws Dominate Flashpoint warns of a dramatic drop in the average time between vulnerability disclosure and exploitation

N-Day脆弱性が蔓延、攻撃までに要する時間激減
#CybersecurityNews
www.infosecurity-magazine.com/news/time-ex...

Google says hackers are abusing Gemini AI for all attacks stages Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to sy...

Google、ハッカーがあらゆる攻撃段階でGemeniAIを悪用と言及
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

New Zero-Click Flaw in Claude Extensions, Anthropic Declines Fix Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution

Claudeデスクトップ拡張機能に新たなゼロクリック脆弱性、Anthropic Declinesが修正
#CybersecurityNews
www.infosecurity-magazine.com/news/zerocli...

New Linux botnet SSHStalker uses old-school IRC for C2 comms A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.

新たなLinuxボットネットSSHStalker、C2通信に旧式のIRCを使用
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Click Fix access broker campaign hits Windows with Python-driven backdoors Businesses are being warned about a new cyber campaign targeting Windows environments where getting in is only the beginning – not the end – of the attack.

ClickFixアクセスブローカーキャンペーンがPython駆動型バックドアでWindowsを攻撃
#CybersecurityNews
cybernews.com/security/cli...

Fake 7-Zip downloads are turning home PCs into proxy nodes A convincing lookalike of the popular 7-Zip archiver site has been silently turning victims’ machines into residential proxy nodes.

偽の7-Zipダウンロードが家庭用PCをプロキシノードに
#CybersecurityNews
www.malwarebytes.com/blog/threat-...

FIRST Forecasts Record-Breaking 50,000+ CVEs in 2026 This year should break all the records in terms of vulnerability disclosed, reaching or even surpassing 50,000 new CVEs disclosed

FIRST、2026年にCVEが過去最高の5万件以上になると予測
#CybersecurityNews
www.infosecurity-magazine.com/news/first-f...

Moscow moves to throttle Telegram as Kremlin pushes its own messaging app Russia’s communications regulator, Roskomnadzor, confirmed Tuesday that it has deliberately “slowed down” the app, which has nearly 90 million local users, citing the company’s failure to comply with ...

モスクワ、Telegramを制限し、クレムリンが独自のメッセージングアプリを推進
#CybersecurityNews
therecord.media/russia-throt...

LummaStealer infections surge after CastleLoader malware campaigns A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.

CastleLoaderマルウェアキャンペーン後、LummaStealer感染急増
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Crazy ransomware gang abuses employee monitoring tool in attacks A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support tool to maintain persistence in corporate networks, evade detection, and prep...

Crazy ランサムウェア集団が従業員監視ツールを悪用して攻撃
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

Interim CISA chief: ‘When the government shuts down, cyber threats do not’ A shutdown would “degrade our capacity to provide timely and actionable guidance to help partners defend their networks,” acting CISA Director Madhu Gottumukkala told the House Appropriations Homeland...

政府閉鎖時のサイバー脅威についてのCISA暫定長官の警告
#CybersecurityNews
therecord.media/interim-cisa...

Free Tool Says it Can Bypass Discord's Age Verification Check With a 3D Model The tool presents users with a 3D model they can then manipulate to, the creator says, bypass Discord's age verification system.

Discordの年齢認証を3Dモデルで回避できる無料ツール
#CybersecurityNews
www.404media.co/free-tool-sa...

Security researcher finds 287 Chrome extensions leaking data : Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says

悪魔的な開発者が287個のChrome拡張機能を生み出し、ブラウザの履歴をデータブローカーに売却
#CybersecurityNews
www.theregister.com/2026/02/11/s...

Microsoft Store Outlook add-in hijacked to steal 4,000 Microsoft accounts The AgreeTo add-in for Outlook has been hijacked and turned into a phishing kit that stole more than 4,000 Microsoft account credentials.

Microsoft Store の Outlook アドインが乗っ取られ、4,000 件の Microsoft アカウントが盗まれる
#CybersecurityNews
www.bleepingcomputer.com/news/securit...

North Korea's UNC1069 Hammers Crypto Firms With AI In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix.

北朝鮮のUNC1069、AIで暗号資産企業を攻撃
#CybersecurityNews
www.darkreading.com/threat-intel...