AI-generated React2Shell malware infects 90-plus hosts

Laura FrenchFebruary 11, 2026

The malware was discovered through a Docker honeypot and is used for cryptojacking.

RESOURCES

Application security
Modernizing SaaS security for the agentic AI era
Application security
The next evolution of application security: AI-accelerated DevSecOps
Government security
ICIT’s Center for FCEB Resilience: Strengthening federal civilian agencies
AI/ML
Trusted automation: Building autonomous IT with confidence
AI/ML
SASE’s role in securing AI adoption: How existing tools can manage AI security

PODCASTS

Leadership
Preparing For Q-Day as CISOs Face Quantum Disruption and Cyber Resilience Pressures – Sandy Carielli – BSW #434
Vulnerability Management
Idoru, Singapore, Gambling, Smartertools, Ivanti, ZeroDayRat, Twiki, Aaran Leyland… – SWN #554
Application security
Bringing Strong Authentication and Granular Authorization To GenAI – Dan Moore – ASW #369
Supply chain
Beyond Vendor Risk: Real-Time GRC, AI, and Protecting App User Data – Jadee Hanson – CSP #221
Malware
Clickfixed, Zero Trust World, and OpenClaw is out of control – but that’s the point – Rob Allen – ESW #445

FEATURED

Perspectives Spotlight: Expert Insights

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

IRC acronym (Internet Relay Chat - application layer protocol)

Security Operations

SSHStalker botnet hijacks 7,000 Linux systems using IRC and SSH

Steve ZurierFebruary 10, 2026

SSHStalker blends IRC control with automated SSH attacks; compromise 7K cloud-hosted Linux systems.

SmarterMail vulnerabilities exploited in ransomware campaigns

Laura FrenchFebruary 10, 2026

CVE-2026-23760 and CVE-2026-24423 could both lead to RCE and are under active exploitation.

Innovative ai showcase global tech summit 2025 digital innovations futuristic environment interactive viewpoint advancements in ai technology

Application security

AIBOM generator finds new home at OWASP to boost AI transparency

OWASP GenAI Security Project Team February 10, 2026

AIBOM Generator joins OWASP, advancing community-led AI supply chain transparency and security.

The Future of Digital Security A Comprehensive Look at Shield Concepts and Cyber Threat Mitigation Strategies for Protection and Safeguarding Data

Endpoint/Device Security

Emergency patches advised after attacks on Ivanti EPMM devices

Steve ZurierFebruary 9, 2026

Exploited Ivanti EPMM RCEs hit agencies, prompting emergency patching amid fears of global spread.

(Credit: sauloangelo – stock.adobe.com)

Application security

Anthropic: Latest Claude model finds more than 500 vulnerabilities

Laura FrenchFebruary 6, 2026

The AI company says all bugs were validated by human researchers to weed out false positives.

Washington D.C. skyline at night with major monuments in view - Washington D.C. United States of America

Governance, Risk and Compliance

CISA gives federal agencies one year to replace outdated edge devices

Steve ZurierFebruary 6, 2026

Experts agree that it’s time for the federal government replace antiquated network infrastructure.

(Credit: monticellllo – stock.adobe.com)

Vulnerability Management

Google patches RCE, internal database leak flaws in Looker

Laura FrenchFebruary 6, 2026

Researchers used a crafted Git repo and exploited a race condition to achieve RCE.

Coding background, Application development and code programming. Technology business computers concept

Application security

VS Code config files abused to launch RCEs via GitHub Codespaces

Steve ZurierFebruary 5, 2026

Experts point out that exploited VS Code presents supply chain, credential theft, and network access risks.

EVENTS