Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Notepad++ Supply Chain Attack Explained | CrowdStrike OverWatch Identified It Months Early

Feb 20, 2026 By CrowdStrike In CrowdStrike
Your next software update could be weaponized. In this short breakdown, we examine how adversaries compromised the Notepad++ update mechanism to distribute malware and how CrowdStrike identified the activity four months before public disclosure.
View Video
aikido

What is Slopsquatting? The AI Package Hallucination Attack Already Happening

Feb 20, 2026 By Dania Durnas In Aikido
Typosquatting, registering a typoed version of a popular package and waiting for a developer to accidentally type and install the wrong package, has been around for a decade in npm. It’s nothing new— the registry has protections for it. Then AI came along and changed everything again. Slopsquatting is the new, AI flavor of typosquatting. Instead of betting on human typos, attackers bet on AI hallucinations, the package names that LLMs confidently recommend that don't actually exist.
Read Post
knowbe4

AI-Assisted Social Engineering Attacks Continue to Rise

Feb 19, 2026 By KnowBe4 Team In KnowBe4
Social engineering remained the top initial access vector for cyberattacks in 2025, with increasing assistance from AI tools, according to a report from ThreatDown. The researchers warn that AI will likely become a core component of social engineering attacks throughout 2026. “Deepfake voice, image, and video impersonation now requires minimal expertise and only a handful of reference images or seconds of audio,” the researchers write.
Read Post
foresiet

Integrating Darknet Intelligence, AI-Powered Cloud Attack Simulation & Automated Brand Protection

Feb 19, 2026 By foresiet In Foresiet
In the fast-paced digital underworld of February 2026, where threats morph daily amid law enforcement pressures, our intelligence team uncovers a landscape dominated by resilient darknet markets and fragmented forums fueling cybercrime. These spaces, once centralized, now scatter across encrypted channels, driving everything from credential theft to coordinated attacks that ripple through global supply chains.
Read Post
Snyk

How "Clinejection" Turned an AI Bot into a Supply Chain Attack

Feb 19, 2026 By Stephen Thoemmes In Snyk
On February 9, 2026, security researcher Adnan Khan publicly disclosed a vulnerability chain (dubbed "Clinejection") in the Cline repository that turned the popular AI coding tool's own issue triage bot into a supply chain attack vector. Eight days later, an unknown actor exploited the same flaw to publish an unauthorized version of the Cline CLI to npm, installing the OpenClaw AI agent on every developer machine that updated during an eight-hour window.
Read Post

Hackers Weaponize AI Tools: Watch CrowdStrike Stop the Attack

Feb 19, 2026 By CrowdStrike In CrowdStrike
Your AI tools just became the perfect hiding spot for hackers. Cybercriminals have found a new attack vector: weaponizing the AI assistants your team uses every day. In this live demonstration, we show how adversaries can turn tools like Claude into persistent backdoors and how CrowdStrike Falcon stops them cold. TIMESTAMPS: WHAT YOU'LL LEARN:– How hackers exploit AI automation features to create backdoors– Why password resets and patches won't stop this attack– How behavioral detection catches threats hiding in legitimate tools– Real-time threat prevention in action.
View Video
Acronis H2 2025 Cyberthreats Report: Cyberattacks Surge as Phishing, Ransomware, and AI-Driven Threats Escalate

Acronis H2 2025 Cyberthreats Report: Cyberattacks Surge as Phishing, Ransomware, and AI-Driven Threats Escalate

Feb 18, 2026 By Acronis In Acronis
Global organisations face AI-enhanced cybercrime, record ransomware incidents, and an uptick in phishing attacks, highlighting the need for strong cyber defences.
Read Post
cyberark

EP25 - Identity is the attack vector w/ Udi Mokady

Feb 18, 2026 By CyberArk In CyberArk
CyberArk founder and executive chairman Udi Mokady returns to Security Matters at a transformational moment—now as part of Palo Alto Networks, following the acquisition’s close on February 11. In this far‑reaching conversation, Udi and host David Puner explore why identity has become the attack vector for modern enterprises, driven by an unprecedented surge in human, machine and AI‑powered identities that attackers increasingly exploit.
Read Post
Phishing Kit Attacks Are Now Everywhere: How SOC Analysts Can Detect Them

Phishing Kit Attacks Are Now Everywhere: How SOC Analysts Can Detect Them

Feb 18, 2026 By SecuritySenses In SecuritySenses
Phishing kits have changed the speed of compromise. Attackers no longer need malware or complex tooling. With ready-made phishing platforms, they can launch large-scale credential theft campaigns that bypass MFA and deliver valid sessions almost instantly. By the time an alert reaches the SOC, the attacker may already be inside. Stopping these attacks now depends on seeing the full phishing chain early, before stolen access turns into business damage.
Read Post
Protecting Your Finances from Cyber Threats: A Comprehensive Guide

Protecting Your Finances from Cyber Threats: A Comprehensive Guide

Feb 18, 2026 By SecuritySenses In SecuritySenses
Welcome to the digital age, where convenience often comes at the cost of security. As cyber threats continue to evolve, safeguarding your financial information has never been more critical. In this guide, we'll explore practical strategies to protect your finances from cybercriminals and ensure your hard-earned money stays safe.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.