Hackvolt — IT Security News, Cybersecurity & Research & Security Audits

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

NEWSFebruary 27, 202603 mins

The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of…

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

NEWSFebruary 27, 202605 mins

Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to…

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

NEWSFebruary 26, 202608 mins

A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has…

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

NEWSFebruary 25, 202605 mins

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result…

SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

NEWSFebruary 25, 202606 mins

The notorious cybercrime collective known as Scattered LAPSUS$ Hunters (SLH) has been observed offering financial incentives to recruit women to…

Manual Processes Are Putting National Security at Risk

NEWSFebruary 25, 2026014 mins

Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still rely on…

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

NEWSFebruary 24, 2026012 mins

Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control…

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

NEWSFebruary 23, 202609 mins

Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a…

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

NEWSFebruary 23, 2026038 mins

Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some…

How Exposed Endpoints Increase Risk Across LLM Infrastructure

NEWSFebruary 23, 2026014 mins

As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming…

Hackvolt — IT Security News

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

Manual Processes Are Putting National Security at Risk

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

SLH Offers $500–$1,000 Per Call to Recruit Women for IT Help Desk Vishing Attacks

Manual Processes Are Putting National Security at Risk

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb

⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More

How Exposed Endpoints Increase Risk Across LLM Infrastructure

ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

Orchid Security Introduces Continuous Identity Observability for Enterprise Applications

AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries

Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM

You May Have Missed