The Hacker News

⚡ Microsoft warns some firms are embedding manipulative prompts in “Summarize with AI” buttons. Researchers identified 50+ hidden instructions that push assistants to remember and recommend specific brands — with effects persisting across future chats, often without user awareness. 🔗 Read → https://thehackernews.com/2026/02/microsoft-finds-summarize-with-ai.html

🔒 Apple’s latest beta brings end-to-end encryption to RCS — but only for Apple-to-Apple chats so far. It’s part of iOS 26.4 testing alongside new memory protections designed to block spyware at the kernel level. 🔗 Inside Apple’s new security stack → https://thehackernews.com/2026/02/apple-tests-end-to-end-encrypted-rcs.html

🛑 A new academic study mapped password recovery attack paths across Bitwarden, LastPass, and Dashlane—testing zero-knowledge designs against a malicious server model. Researchers identified 25 attack scenarios impacting vault integrity and recovery flows. No active exploitation reported. 🔗 Research scope, attack methods and vendor fixes → https://thehackernews.com/2026/02/study-uncovers-25-password-recovery.html

The week in cyber: 📎 Add-in supply chain abuse 🧠 AI in attack workflows 🐛 Active zero-days patched 🔐 Privileged access exploits ☁️ Cloud infra hijacks 🤖 Crypto mining botnets 📡 IRC-based C2 returns 🛠️ PoC exploits weaponized 🏭 Defense sector targeting 🔗 Full Weekly Cybersecurity Recap → https://thehackernews.com/2026/02/weekly-recap-outlook-add-ins-hijack-0.html

⚡ Lithuania is investing €24.1M to harden its digital society against AI-era cybercrime. The national mission links universities, industry, and government to build fraud detection, disinformation tracking, and critical infrastructure defenses as GenAI reshapes attack tactics. 🔗 Inside the program and threat shift → https://thehackernews.com/2026/02/safe-and-inclusive-esociety-how.html

⚠️ Researchers uncovered ZeroDayRAT, a commercial mobile spyware sold on Telegram targeting Android and iOS. It enables live camera/mic feeds, GPS tracking, SMS and OTP theft, and wallet hijacking via a self-hosted panel — turning phones into full surveillance nodes. 🔗 Read → https://thehackernews.com/2026/02/new-zerodayrat-mobile-spyware-enables.html

Security teams have more telemetry than ever. They’re also falling further behind. In a new exposure management analysis, Yochai Corem argues the gap isn’t visibility — it’s action. Attackers now scale faster than human response cycles, exploiting known exposures while remediation lags. 🔗 From dashboards to validated fixes → https://thehackernews.com/expert-insights/2026/02/the-uncomfortable-truth-about-more.html

🚨 Google patched Chrome zero-day CVE-2026-2441, a CVSS 8.8 bug already exploited in attacks. The CSS use-after-free flaw allows sandboxed remote code execution via malicious pages. 🔗 Read → https://thehackernews.com/2026/02/new-chrome-zero-day-cve-2026-2441-under.html First active Chrome zero-day fixed this year. Update now.

⚠️ Microsoft detailed a new ClickFix variant abusing DNS lookups via nslookup to stage malware. Victims run commands that fetch payloads from attacker-controlled resolvers, bypassing web defenses and blending into normal traffic. Leads to RAT deployment and persistence. 🔗 Read here → https://thehackernews.com/2026/02/microsoft-discloses-dns-based-clickfix.html

A newly tracked actor tied to Russian intelligence is deploying CANFAIL against Ukraine. Targets span defense, energy, and government, with spillover into drone and nuclear research. GTIG says LLM use now supports recon, phishing, and C2 setup despite limited resources. 🔗 Read → https://thehackernews.com/2026/02/google-ties-suspected-russian-actor-to.html

🌐🛡️ Google says defense contractors face sustained cyber targeting from China, Iran, North Korea, and Russia. Campaigns span battlefield tech theft, hiring infiltration, and supply-chain breaches. Actors now focus on individuals and edge devices to bypass EDR visibility. 🔗 Threat clusters, malware families, intrusion paths → https://thehackernews.com/2026/02/google-links-china-iran-russia-north.html

The SANS State of ICS/OT Security 2025 Report reveals an industry advancing at two speeds. Detection is faster, but recovery still lags—with one in five incidents taking over a month to restore operations. Get the intel 👉https://thn.news/sans-ot-report