CVE-2025-66614: Apache Tomcat mTLS Bypass Lets Attackers Slip Past Client Certificate Authentication via SNI Mismatch Vulnerabilities AegironFebruary 18, 2026February 18, 202611 mins0 Apache Tomcat — SNI-Based Client Certificate Authentication Bypass CVE ID: CVE-2025-66614Vendor: ApacheProduct: Apache TomcatVulnerability Type: Authentication BypassCWE:…continue reading..
CVE-2026-22769: Critical Hardcoded Credential in Dell RecoverPoint Enables Remote Root Takeover Vulnerabilities AegironFebruary 18, 2026February 18, 202610 mins0 Dell RecoverPoint for Virtual Machines – Hardcoded Credential Leading to Remote Root Access CVE ID: CVE-2026-22769Affected Product:…continue reading..
CRESCENTHARVEST Cyberespionage Campaign Targets Iranian Protestors with Stealthy Malware and DLL Sideloading Techniques CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 20267 mins0 In early 2026, researchers from the Acronis Threat Research Unit (TRU) identified a sophisticated cyberespionage campaign —…continue reading..
Supply Chain Subversion: How SmartLoader Leveraged a Trojanized Oura MCP Server to Deploy StealC CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 20267 mins0 The ongoing evolution of malware distribution tactics has taken another significant turn with the discovery of a…continue reading..
Cybercriminals Exploit ScreenConnect in SmartScreen Bypass Campaign to Gain Stealth Remote Access CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 20267 mins0 1. Introduction: Threat Overview ConnectWise ScreenConnect (ConnectWise Control) is a remote support and Remote Monitoring & Management…continue reading..
Researchers Warn: “Zero-Knowledge” Password Managers May Not Be as Secure as Claimed CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 20267 mins0 Cloud-based password managers have become fundamental tools in modern digital life, helping users store and retrieve hundreds…continue reading..
Firmware-Level Android Backdoor “Keenadu” Discovered, Exposing Supply Chain Compromise in Pre-Installed Devices CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 20267 mins0 In early 2026, researchers at Kaspersky’s Global Research & Analysis Team (GReAT) uncovered a sophisticated Android backdoor,…continue reading..
Notepad++ v8.9.2 Released — Reinforcing Update Security with a Double-Lock Mechanism CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 20266 mins0 In response to a highly publicized supply-chain security incident, the Notepad++ development team has launched version 8.9.2,…continue reading..
Chinese-Linked UNC6201 Exploits Critical Dell RecoverPoint Zero-Day to Deploy GRIMBOLT Backdoor, Researchers Warn CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 202610 mins0 On February 18, 2026, security researchers from Mandiant and the Google Threat Intelligence Group (GTIG) disclosed detailed…continue reading..
Critical VS Code Flaw (CVE-2025-65717) Exposes Millions of Developers to Remote File Theft via Live Server Extension CyberSecurity News CyberDefenderFebruary 18, 2026February 18, 20267 mins0 On 16 February 2026, a critical vulnerability identified as CVE-2025-65717 was published in the Common Vulnerabilities and…continue reading..
