Login Subscribe

7secure Coverage

Articles

Search and filter the broader reporting stream across incidents, AI security, policy, and operational coverage.

Malware & Ransomware

Ransomware Cripples Romania’s National Oil Pipeline Operator, Threatens Grid Coordination

Ransomware Cripples Romania’s National Oil Pipeline Operator, Threatens Grid Coordination

Check Point’s weekly threat intel bulletin reported that a ransomware group breached Conpet, Romania’s state‑run oil pipeline operator. The attackers deployed encryption across core control and logistics systems, compelling Conpet to shut down its public‑facing services. The incident halted real‑time coordination of fuel deliveries and

Vulnerabilities & Exploits

Ivanti EPMM Zero‑Day Campaign Traced to One Hardened IP

Ivanti EPMM Zero‑Day Campaign Traced to One Hardened IP

Security researchers have identified a focused attack campaign exploiting two critical Ivanti EPMM flaws—CVE‑2026‑1281 and CVE‑2026‑1340. The entire operation originates from a single, heavily fortified IP address that has been used to target high‑profile European public‑sector organizations. The attackers achieve unauthenticated remote code

Vulnerabilities & Exploits

Amaranth‑Dragon Exploits CVE‑2025‑8088 to Target SE Asian Critical Infrastructure

Check Point Research has identified the APT group Amaranth‑Dragon actively weaponizing the newly disclosed CVE‑2025‑8088 flaw. The actors are leveraging sophisticated multi‑stage payloads—initial spear‑phishing lures, custom‑crafted exploits, and fileless loaders—to gain footholds in ministries, energy utilities, and related supply‑chain networks across

Advanced espionage campaigns and critical zero‑day flaws are reshaping risk landscapes. AI‑powered attacks and supply‑chain compromises demand swift strategic response 🚀🛡️

Feb 12, 2026 – Good morning, security leaders. Today's headlines * Amaranth‑Dragon exploits CVE‑2025‑8088 targeting Southeast Asian entities. * Ivanti EPMM zero‑days leveraged from a single bullet‑proof IP against European agencies. * LummaStealer evolves with CastleLoader, mimicking legitimate user behavior. * Notepad++ supply‑chain compromised by nation‑state

Vulnerabilities & Exploits

AI‑Powered Zero Trust Automates Policy, Shrinks Attack Surface

AI‑Powered Zero Trust Automates Policy, Shrinks Attack Surface

VMware unveiled an AI‑driven platform that ingests user and device behavior data, then automatically creates and tunes granular zero‑trust access policies. The system continuously scores risk, revokes or grants permissions in real time, and updates policy rules without any manual input, effectively turning behavioral insight into enforceable controls.

Vulnerabilities & Exploits

VMware’s vDefend Adds Real‑Time Lateral‑Movement Blocking for Private Clouds

VMware’s vDefend Adds Real‑Time Lateral‑Movement Blocking for Private Clouds

VMware introduced vDefend, a new security layer that brings zero‑trust micro‑segmentation to private cloud environments. By continuously analyzing workload traffic with AI‑driven analytics, the platform automatically detects anomalous lateral‑movement patterns and enforces isolation policies without manual intervention. For defenders, vDefend means faster containment of ransomware, credential‑

Malware & Ransomware

CrowdStrike flags six zero‑day patches, RDP exploit threatens Windows servers

CrowdStrike flags six zero‑day patches, RDP exploit threatens Windows servers

CrowdStrike’s February 2026 Patch Tuesday analysis uncovered six zero‑day vulnerabilities that were actively exploited before Microsoft issued patches. The most critical is a Remote Desktop Services flaw (CVE‑2026‑21533) that allows attackers to bypass authentication and execute code with system‑level privileges on vulnerable Windows servers. Evidence

Malware & Ransomware

Notepad Markdown Preview on Windows 11 Can Trigger Remote Code Execution

Notepad Markdown Preview on Windows 11 Can Trigger Remote Code Execution

Security researchers have found that the new markdown preview feature in Windows 11’s Notepad can be abused to achieve remote code execution. By opening a maliciously crafted markdown file, an attacker can cause Notepad to load and execute arbitrary code without any user interaction, leveraging a flaw in the