Login Subscribe

7secure Coverage

Articles

Search and filter the broader reporting stream across incidents, AI security, policy, and operational coverage.

AI‑augmented attacks and new RCE exploit pressure defenses 🛡️. Infrastructure interdependency and regulation intensify 📈.

February 25, 2026 – Daily briefing for security leaders. Today's headlines * BeyondTrust RCE vulnerability shows early exploitation activity. * AI‑augmented threat actors target FortiGate devices at scale. * GreyNoise report highlights attack concentration and defense gaps. * CLAIR model maps critical infrastructure interdependencies. * UK regulators fine adult platforms for child safety

Manual Data‑Handoffs Threaten National‑Security Networks via Stolen Media

Manual Data‑Handoffs Threaten National‑Security Networks via Stolen Media

The CYBER360 study, cited by The Hacker News, found that a large share of national‑security agencies still move sensitive files using manual, offline methods—USB sticks, external hard drives, CDs, and even printed media. These “air‑gap” transfers are treated as low‑risk, yet they give adversaries a predictable

Vulnerabilities & Exploits

Unpatched Web Flaw Lets Hackers Steal Data of 2.5M Student Loan Borrowers

Unpatched Web Flaw Lets Hackers Steal Data of 2.5M Student Loan Borrowers

A threat‑actor group compromised a leading student loan servicer by exploiting a known but unpatched web application vulnerability. The attackers gained unauthorized access to the backend database and siphoned personally identifiable information—including names, Social Security numbers, dates of birth, and loan details—from roughly 2.5 million borrowers.

Vulnerabilities & Exploits

Starkiller Phishing Service Mirrors Real Logins, Skips MFA and Harvests Tokens

Starkiller Phishing Service Mirrors Real Logins, Skips MFA and Harvests Tokens

KrebsOnSecurity exposed a new phishing‑as‑a‑service platform dubbed “Starkiller” that routes victims through live, unmodified login pages of targeted services. By acting as a transparent proxy, the service captures usernames, passwords, and one‑time MFA codes in real time, then forwards the authentication request to the legitimate site,

Threat Intelligence

Manual Data Transfers Turn National‑Security Networks Into Easy Targets

Manual Data Transfers Turn National‑Security Networks Into Easy Targets

A recent CYBER360 analysis highlighted that numerous national‑security agencies still depend on manual data‑transfer methods—such as USB sticks, external hard drives, and optical media—to move sensitive information between isolated systems. These physical media are frequently exchanged without rigorous sanitization or authentication, creating a predictable attack surface

Malware & Ransomware

Typosquatting Domains Slip Past Filters, Deliver Malware at Scale

Typosquatting Domains Slip Past Filters, Deliver Malware at Scale

Attackers are registering domains that differ by a single character or visual similarity from well‑known brands. These look‑alike URLs are used in phishing emails and malicious ads, allowing the payloads—ranging from credential‑stealers to ransomware droppers—to bypass traditional URL filtering solutions and corporate whitelists that rely

Malware & Ransomware

AI-Driven Threats Surge: Generative Models Fuel Malware, Phishing, and Deepfake Attacks

AI-Driven Threats Surge: Generative Models Fuel Malware, Phishing, and Deepfake Attacks

CrowdStrike’s Global Threat Report for 2026 reveals a sharp rise in adversaries exploiting generative AI to automate the creation of malicious code, craft highly personalized phishing lures, and generate convincing deep‑fake voice recordings for social engineering. The report documents multiple campaigns where AI‑generated payloads were deployed within

Malware & Ransomware

Malicious NuGet Packages Exfiltrate ASP.NET Identity and Install Persistent Backdoors

Malicious NuGet Packages Exfiltrate ASP.NET Identity and Install Persistent Backdoors

Security researchers at Socket identified a supply‑chain attack that distributes malicious NuGet packages targeting ASP.NET developers. The packages appear legitimate but contain code that harvests ASP.NET Identity credentials—usernames, password hashes, and authentication tokens—and then writes a hidden backdoor into the compromised web application, allowing attackers