The vulnerability added to CISA’s KEV catalog affects ThreatSonar Anti-Ransomware and it was patched in 2024.
GTIG and Mandiant said the zero-day tracked as CVE-2026-22769 has been exploited by UNC6201 since at least 2024.
New research shows attackers increasingly abusing APIs at machine speed as AI-driven systems widen exposure and amplify impact.
Developers must view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed. Without such a mindset, crippling tech debt is inevitable.
Security failures don’t always start with attackers, sometimes they start with missing truth.
Living off the AI isn’t a hypothetical but a natural continuation of the tradecraft we’ve all been defending against, now mapped onto assistants, agents, and MCP.
The fastest way to squander the promise of AI is to mistake automation for assurance, and novelty for resilience.
To all those who are fighting the good fight in the world of cyber, keep collaborating to ensure our world never succumbs to the chaos of the Upside Down.
Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise.
RegisterSecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats.
Register
SecurityWeek’s 2026 Ransomware Summit is a must-attend event for cybersecurity professionals as ransomware attacks continue to hit big-name victims across industries with ruthless efficiency.
[February 25, 2026 | Virtual]
SecurityWeek’s 2026 Supply Chain Security Summit is where top security experts unpack the complexity of modern software supply chain threats and proven strategies to mitigate risk.
[March 18, 2026 | Virtual]
SecurityWeek’s 2026 ICS Lockdown is an online extension of the ICS Cybersecurity Conference and will dive deep into the world of industrial cybersecurity to help those charged with protecting OT environments.
[April 29, 2026 | Virtual]
SecurityWeek’s 2026 Threat Detection & IR Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and more.
[May 20, 2026 | Virtual]
-
Novee researchers discovered 16 vulnerabilities in Foxit and Apryse PDF tools that could have been exploited via malicious documents or URLs. (February 18, 2026)
-
The vulnerability added to CISA’s KEV catalog affects ThreatSonar Anti-Ransomware and it was patched in 2024. (February 18, 2026)
-
GTIG and Mandiant said the zero-day tracked as CVE-2026-22769 has been exploited by UNC6201 since at least 2024. (February 18, 2026)
-
New research shows attackers increasingly abusing APIs at machine speed as AI-driven systems widen exposure and amplify impact. (February 17, 2026)
-
Polish police said they found evidence of cybercrime on the 47-year-old suspect’s devices. (February 17, 2026)
-
Threat actors from Russia, China, North Korea and Iran have been observed launching attacks. (February 12, 2026)
-
Other noteworthy stories that might have slipped under the radar: AT&T and Verizon response to Salt Typhoon, AI agents solve security challenges, man arrested… (February 6, 2026)
-
Criminals are using AI to clone professional websites at an industrial scale. A new report shows how one AI-powered network grew to 150+ domains… (February 5, 2026)
