The Hacker News

⚠️ Four popular VS Code extensions expose developers to file theft and remote code execution. Researchers say 125M+ installs are affected. Flaws in Live Server, Code Runner, and others enable localhost abuse, malicious configs, and code injection—some still unpatched. 🔗 Read → https://thehackernews.com/2026/02/critical-flaws-found-in-four-vs-code.html

88% of AI pilots never reach production. Security and IT teams stall not on tools—but execution. Intelligent workflows blend automation, AI decisions, and human review to move phishing response, service requests, and vuln tracking from manual to real time. 🔗 Pre-built workflow breakdowns → https://thehackernews.com/2026/02/3-ways-to-start-your-intelligent.html

🚨 China-linked UNC6201 exploited a CVSS 10.0 (CVE-2026-22769) Dell RecoverPoint zero-day since 2024 using hard-coded credentials. Access led to Tomcat web shells, BRICKSTORM installs, and newer GRIMBOLT backdoors built to evade detection. 🔗 Read → https://thehackernews.com/2026/02/dell-recoverpoint-for-vms-zero-day-cve.html

⚡ Notepad++ pushed a security update after attackers hijacked its updater to deliver malware to select users. Version 8.9.2 adds a “double lock” verification system & hardens the auto-updater after a hosting breach enabled poisoned updates. 🔗 Read → https://thehackernews.com/2026/02/notepad-fixes-hijacked-update-mechanism.html

⚠️ CISA added 4 actively exploited flaws to its KEV list, including a Chrome zero-day and critical Zimbra SSRF bug. Attacks range from browser heap corruption to server command execution and worm delivery. 🔗 Exploited CVEs, affected tech, patch timelines → https://thehackernews.com/2026/02/cisa-flags-four-security-flaws-under.html

🤖 AI assistants with web browsing can be weaponized as stealth command relays. Check Point showed Copilot and Grok fetching attacker URLs and returning commands through normal responses — blending C2 traffic into enterprise use. 🔗 Read details → https://thehackernews.com/2026/02/researchers-show-copilot-and-grok-can.html

🛑 A firmware-level Android backdoor called Keenadu is being shipped inside signed tablet builds. Telemetry shows 13,715 users globally encountered its modules. It injects into every app via core system libraries, enabling remote control, data theft, and ad fraud. 🔗 Read → https://thehackernews.com/2026/02/keenadu-firmware-backdoor-infects.html

⚠️ Cloud attacks move faster than investigations. Wiz experts show how workloads vanish, identities rotate, and logs expire before response even starts. Minutes — not days — decide outcomes. See how context-aware forensics rebuilds full attack timelines fast. 🔗 See cloud breaches reconstructed step-by-step → https://thehackernews.com/2026/02/cloud-forensics-webinar-learn-how-ai.html

Infosec Compliance Now 2026 | Earn 4 CPEs Registration for the 6th annual Infosec Compliance Now virtual event is live! Attend and earn up to 4 free CPE credits while learning about AI-powered GRC, cyber resilience, continuous control monitoring using automation, and more! Register → https://thn.news/cyber-risk-event

Network Detection & Response is now central to SOC workflows—not an add-on. Testing Corelight’s Investigator showed analysts tracing exploits, reverse shells, and lateral movement in one dashboard, mapped to MITRE and guided by embedded AI. NDR serves as a force multiplier for mid-tier teams. 🔗 Inside: hunt workflows → https://thehackernews.com/2026/02/my-day-getting-my-hands-dirty-with-ndr.html

⚠️☠️🤖 A trojanized Oura AI connector is being used to spread SmartLoader malware. Attackers cloned the MCP server, staged fake GitHub contributors, and planted it in trusted registries. The payload drops StealC to steal credentials, wallets, and cloud access. 🔗 Read → https://thehackernews.com/2026/02/smartloader-attack-uses-trojanized-oura.html

Most “AI for GRC” still stops at task automation — drafting policies or extracting clauses. As Yair Kuznitsov, CEO of Anecdotes, explains, agentic GRC replaces the workflow itself. Agents collect evidence, evaluate controls, trigger remediation, and maintain audit trails autonomously. Decision-making is embedded. 🔗 CCM agent execution model → https://thehackernews.com/expert-insights/2026/02/ai-shouldnt-improve-workflows-it-should.html