Amazon: AI-assisted Hacker Breached 600 FortiGate Firewalls in 5 Weeks

, ,

Russian-speaking hacker used AI to breach 600 Fortinet firewalls in 55 countries within five weeks, exploiting weak credentials and exposed interfaces without zero-day exploits. The attack involved automating access and reconnaissance tasks with AI-generated tools, leading to stolen configurations and credentials. Recommendations for FortiGate admins include disabling internet exposure of management interfaces and enabling MFA.

https://www.bleepingcomputer.com/news/security/amazon-ai-assisted-hacker-breached-600-fortigate-firewalls-in-5-weeks/

Wikipedia Blacklists Archive.today, Starts Removing 695,000 Archive Links

, , ,

The English-language edition of Wikipedia is blacklisting Archive.today after discovering the site altered webpage snapshots to insert the name of a targeted blogger. This alteration, along with the site’s use in a DDoS attack, led to a consensus among Wikipedia editors to remove all links to Archive.today. The decision was influenced by concerns over the site’s reliability and the potential security risks it poses to users.

https://arstechnica.com/tech-policy/2026/02/wikipedia-bans-archive-today-after-site-executed-ddos-and-altered-web-captures/

Password Managers’ Promise That They Can’t See Your Vaults Isn’t Always True

,

Password managers, despite claims of “zero-knowledge” security, may still have vulnerabilities that allow data theft under certain conditions, particularly during account recovery or when sharing vaults. Researchers warn that these flaws can be exploited by malicious actors, undermining the touted security benefits.

https://arstechnica.com/security/2026/02/password-managers-promise-that-they-cant-see-your-vaults-isnt-always-true/

I Hacked ChatGPT and Google’s AI – And It Only Took 20 Minutes

, , ,

User hacked ChatGPT and Google's AI in 20 minutes. Demonstrated that AI tools can easily be manipulated to spread misinformation, even about serious topics. Created a fake ranking of “best tech journalists at eating hot dogs,” and AI accepted it as fact. Experts say AI is now easier to trick, raising concerns about misinformation's impact on public safety. Solutions include enhancing disclaimers and promoting critical thinking when using AI for information.

https://www.bbc.co.uk/future/article/20260218-i-hacked-chatgpt-and-googles-ai-and-it-only-took-20-minutes

PayPal Data Breach Exposes SSNs and Business PII of Customers for Over Six Months

, ,

PayPal experienced a data breach due to a coding error in its Working Capital loan application, exposing customers' personal information, including Social Security numbers and business details, for about six months. The breach was identified on December 12, 2025, and reported to affected customers on February 10, 2026. No external intrusion was involved; it was an internal issue. PayPal has since rolled back the problematic code, terminated unauthorized access, initiated a full investigation, and is offering affected users two years of free credit monitoring.

https://cybersecuritynews.com/paypal-data-breach-expose-customer-data/

Vibe Password Generation: Predictable by Design

,

LLM-generated passwords seem strong but are insecure due to their predictable nature, as LLMs are designed to predict tokens, not create random characters. Users unknowingly use these weak passwords, mistaking them for secure options. Testing reveals that popular LLMs like GPT, Claude, and Gemini generate passwords with predictable patterns and low entropy, risking brute-force attacks. Recommendations include avoiding LLM-generated passwords and prioritizing secure password generation methods in coding contexts.

https://www.irregular.com/publications/vibe-password-generation

Anthropic Rolls Out Embedded Security Scanning for Claude

, ,

Anthropic introduces Claude Code Security, an AI tool for scanning codebases for vulnerabilities and suggesting patches. Initially available to select enterprise users after extensive testing, it aims to automate software security reviews. The tool improves vulnerability detection, with promises of faster discovery and reduced error rates, though experienced human oversight is still recommended for complex issues. Users must apply for access and agree to scan only their own code.

https://cyberscoop.com/anthropic-claude-code-security-automated-security-review/

Connected and Compromised: When IoT Devices Turn Into Threats

, ,

IoT devices, often lacking sufficient security features, pose significant risks to both home and enterprise networks. Reused passwords, lack of encryption, and poor data storage practices make these devices vulnerable to credential theft and unauthorized access. While vendors are moving towards more secure devices, the sheer number of existing IoT devices means it will take years to fully mitigate these risks.

https://www.darkreading.com/iot/connected-compromised-iot-devices-turn-threats

Google Blocked Over 1.75 Million Play Store App Submissions in 2025

, ,

Google blocked over 1.75 million Play Store app submissions in 2025 due to policy violations, enhancing app security. They implemented 10,000 safety checks, identified malicious patterns using AI, and banned 80,000 bad developer accounts. Additionally, Play Protect scanned over 350 billion apps, identifying millions of risks, while new protections against fraudulent activities were added. Google continues to invest in AI for future app safety.

https://www.bleepingcomputer.com/news/security/google-blocked-over-175-million-play-store-app-submissions-in-2025/

Emoji Smuggling: Hiding Malicious Code in Plain Sight

,

TLDR: Emoji smuggling uses Unicode characters to hide malware from security systems, exploiting gaps in text detection, leveraging look-alike characters, emojis as code, invisible characters, and direction trickery. Attackers bypass security filters, making detection difficult. Defenses include input normalization, context-aware security, monitoring, user education, and security design. As AI and LLMs evolve, they face challenges from Unicode attacks, complicating security. Understanding these techniques is crucial for effective defenses against evolving threats.

https://sosintel.co.uk/emoji-smuggling-hiding-malicious-code-in-plain-sight/

Android Malware Taps Gemini to Navigate Infected Devices

, , , ,

Android malware named PromptSpy employs generative AI (Gemini) for adaptive navigation on infected devices. It mainly functions to deploy remote access via VNC, utilizing natural language prompts to interact with user interfaces, enhancing the malware's versatility across different devices. Developed by Chinese speakers, PromptSpy is still largely theoretical, with no live telemetry reports from ESET, but suspected distribution domains hint at potential real-world application. The malware can intercept security codes, record screens, and prevent uninstallation, indicating a disturbing evolution in Android threats.

https://www.theregister.com/2026/02/19/genai_malware_android/

Hackers Target Microsoft Entra Accounts in Device Code Vishing Attacks

, , , ,

Hackers are targeting Microsoft Entra accounts using device code phishing and voice vishing, compromising accounts through legitimate Microsoft OAuth flows without needing traditional phishing methods. This allows attackers to gain valid authentication tokens and access victims' accounts, enabling corporate data theft. The ShinyHunters gang is suspected to be behind these attacks, with recommendations for organizations to monitor OAuth apps, revoke suspicious consents, and consider disabling device code flows when unnecessary.

https://www.bleepingcomputer.com/news/security/hackers-target-microsoft-entra-accounts-in-device-code-vishing-attacks/

Spain Orders NordVPN, ProtonVPN to Block LaLiga Piracy Sites

, , ,

Spain's court orders NordVPN and ProtonVPN to block 16 piracy websites related to LaLiga, granting measures without hearings. LaLiga cites VPNs as facilitating illegal streaming. ProtonVPN claims lack of proper notice, while NordVPN states it's not aware of legal proceedings. Both argue that blocking VPNs won't effectively combat piracy.

https://www.bleepingcomputer.com/news/legal/spain-orders-nordvpn-protonvpn-to-block-laliga-piracy-sites/

Microsoft Says Bug Causes Copilot to Summarize Confidential Emails

, , ,

Microsoft 365 Copilot bug since January causes AI to incorrectly summarize confidential emails, bypassing DLP policies. A code error allows emails marked with confidentiality labels to be processed, prompting Microsoft to initiate a fix. As of mid-February, they continue monitoring the situation but have not disclosed the full impact or timeline for resolution.

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-bug-causes-copilot-to-summarize-confidential-emails/

Flaws in Popular VSCode Extensions Expose Developers to Attacks

,

Flaws in popular VSCode extensions allow attackers to steal files and execute code. Vulnerabilities affect extensions like Code Runner and Markdown Preview Enhanced, with over 128 million total downloads. Discovered by Ox Security, the issues pose risks such as data exfiltration and system takeover. Developers are advised against using untrusted configurations and to only install reputable extensions.

https://www.bleepingcomputer.com/news/security/flaws-in-popular-vscode-extensions-expose-developers-to-attacks/

Scroll to Top