ImageMagick Exposed: Two Critical Vulnerabilities Found Cybersecurity experts have identified serious security flaws in the widely-used open source software, ImageMagick, which could result in denial-of-service (DoS) attacks and unauthorized information disclosure. Discovered by the Latin American cybersecurity firm Metabase Q in version 7.1.0-49, these vulnerabilities were subsequently addressed in an…
In a significant cybersecurity development, the U.S. government has implemented a ban on Kaspersky antivirus software for federal agencies, citing concerns over potential espionage. Although no concrete evidence has yet emerged, a report from The Wall Street Journal alleges that state-sponsored Russian hackers pilfered classified National Security Agency (NSA) documents…
Recently, Senate Judiciary Committee Chairman Patrick Leahy has reintroduced a revised version of the Personal Data Privacy and Security Act, which aims to impose severe criminal penalties on hackers. This initiative, originally proposed in 2005, follows significant data breaches, such as the one that occurred during the Christmas holidays involving…
Data Breach Notification, Data Privacy, Data Security HHS Launches New Enforcement Program to Uphold Patient Confidentiality in Line with HIPAA By Marianne Kolbasuk McGee (HealthInfoSec) • February 16, 2026 The HHS Office for Civil Rights has introduced a new breach reporting portal focused on the privacy of substance use disorder…
LockBit Ransomware: Version 5.0 Targets Windows, Linux, and ESXi Systems In recent developments within the cybersecurity landscape, the notorious LockBit ransomware group has unleashed a new and highly sophisticated variant, version 5.0. This latest iteration is designed to target a multitude of operating systems, including Windows, Linux, and virtual environments…
F5 Networks has issued a warning about a critical vulnerability affecting its BIG-IP appliances, which poses risks of denial-of-service (DoS) attacks or arbitrary code execution. This vulnerability stems from the iControl Simple Object Access Protocol (SOAP) interface, impacting several versions of BIG-IP, specifically versions 13.1.5, 14.1.4.6 to 14.1.5, 15.1.5.1 to…
Massive Malvertising Campaign Targets Users Through Pornhub: Cybersecurity Risks Revealed A large-scale malvertising initiative alarming cybersecurity experts has recently been reported by Proofpoint, a prominent cybersecurity firm. This campaign, still active after more than a year, has exposed countless internet users across the United States, Canada, the United Kingdom, and…
Malware Incident at Japan’s Monju Nuclear Power Plant Raises Cybersecurity Concerns In a recent incident, Japan’s Monju Nuclear Power Plant became the unwitting target of a malware attack due to a routine software update on January 2. A plant employee inadvertently installed malicious software while updating a video playback program.…
Encryption & Key Management, Identity & Access Management, Security Operations ‘Malicious Server Threat Model’ Threatens ‘Zero Knowledge Encryption’ Guarantees Mathew J. Schwartz (euroinfosec) • February 16, 2026 Image: Pniti_Studio/Shutterstock Recent accusations from a group of Swiss and Italian security researchers challenge the advertised security of popular cloud-based password managers, namely…