# Archive
Browse past daily curated stories
Saturday, February 28, 2026
-
1The Hacker News generalCisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
Cisco disclosed CVE-2026-20127, a maximum-severity authentication bypass vulnerability in Catalyst SD-WAN Controller and Manager that allows unauthenticated remote attackers to gain administrative privileges. The zero-day has been actively exploited since 2023 by sophisticated threat actors and was immediately added to CISA's KEV catalog.
-
2BleepingComputer generalAPT37 hackers use new malware to breach air-gapped networks
North Korean APT37 (ScarCruft) deployed new tools including a backdoor using Zoho WorkDrive for C2 communications and USB-based malware to breach air-gapped networks and conduct covert surveillance. The Ruby Jumper campaign demonstrates advanced techniques for moving data between isolated and internet-connected systems via removable media.
-
3BleepingComputer generalCISA warns that RESURGE malware can be dormant on Ivanti devices
CISA released details about RESURGE malware used in zero-day attacks exploiting CVE-2025-0282 against Ivanti Connect Secure devices. The malicious implant can remain dormant on compromised systems, allowing persistent access even after apparent remediation efforts by administrators.
-
4The Hacker News general900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
Over 900 Sangoma FreePBX instances remain infected with web shells following attacks that exploited a command injection vulnerability starting in December 2025. The Shadowserver Foundation identified 401 compromised instances in the US, with additional infections across Brazil (51), Canada (43), Germany (40), and France (36).
-
5BleepingComputer generalEuropol-led crackdown on The Com hackers leads to 30 arrests
Europol's "Project Compass" operation resulted in 30 arrests and identified 179 suspects linked to "The Com," an online cybercrime collective targeting children and teenagers. The yearlong coordinated crackdown demonstrates increased international cooperation against youth-focused cybercrime networks.
-
6Ars Technica Security generalGoogle quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space
Google implemented Merkle Tree Certificate support in Chrome to prepare HTTPS for quantum computing threats by compressing 2.5kB of cryptographic data into 64-byte spaces. This quantum-resistant technology is already deployed in Chrome and will expand to other platforms as part of post-quantum cryptography migration efforts.
-
7The Hacker News generalDoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams
The US Department of Justice seized $61 million worth of Tether cryptocurrency linked to pig butchering investment scams. The confiscated funds were traced to cryptocurrency addresses used for laundering proceeds stolen from victims of fraudulent cryptocurrency investment schemes.
-
8BleepingComputer generalUkrainian man pleads guilty to running AI-powered fake ID site
Ukrainian national pleaded guilty to operating OnlyFake, an AI-powered website that generated and sold over 10,000 fake identification documents to customers worldwide. The service used artificial intelligence to create realistic-looking identity documents for fraudulent purposes across multiple countries.
-
9Ars Technica Security generalNew AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises
Researchers disclosed the "AirSnitch" attack that breaks Wi-Fi encryption in homes, offices, and enterprises by exploiting weaknesses in guest network configurations. The attack technique allows unauthorized access to encrypted wireless networks by leveraging vulnerabilities in how guest networks interact with primary network infrastructure.
-
10BleepingComputer generalRansomware payment rate drops to record low despite attack surge
Ransomware victim payment rates dropped to a record low of 28% in 2025 despite a significant surge in the total number of ransomware attacks claimed by threat actors. The Chainalysis data indicates organizations are becoming more resistant to extortion demands even as attack volumes reach unprecedented levels.