Kurz: Es sind wichtige Sicherheitsupdates für unter anderem Dell RecoverPoint for Virtual Machines und Avamar Server erschienen. Es gibt bereits Attacken.
Critical infra Honeywell CCTVs vulnerable to auth bypass flaw (2026-02-18 20:58 UTC)
Kurz: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that allows unauthorized access to feeds or account hijacking. […]
AI platforms can be abused for stealthy malware communication (2026-02-18 20:18 UTC)
Kurz: AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate command-and-control (C2) activity. […]
Kurz: Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE-2026-24423 and CVE-2026-23760 tied to r…
Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody (2026-02-18 17:30 UTC)
Kurz: New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident’s phone, making it the latest case of abuse …
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution (2026-02-18 16:35 UTC)
Kurz: Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329, carries a …
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs (2026-02-18 13:16 UTC)
Kurz: Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow threat actors to steal local files and execute code re…
Kurz: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Free sp in error path to fix system crash System crash seen during load/unload test in a loop, [61110.449331] qla2xxx [0000:27:00.0]-0042…
Kurz: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Validate sp before freeing associated memory System crash with the following signature [154563.214890] nvme nvme2: NVME-FC{1}: controller…
Kurz: In the Linux kernel, the following vulnerability has been resolved: x86/vmware: Fix hypercall clobbers Fedora QA reported the following panic: BUG: unable to handle page fault for address: 0000000040003e54 #PF: superviso…