Daily Digest

Fintech Firm Figure Breached by ShinyHunters, Critical Flaws in OpenClaw AI and WordPress Emerge

Fintech Firm Figure Breached by ShinyHunters, Critical Flaws in OpenClaw AI and WordPress Emerge

February 15, 2026
11 articles (10 new, 1 updated)
33 min read

Summary

In the past 24 hours, the cybersecurity landscape has been dominated by a significant data breach at fintech firm Figure Technologies, attributed to the ShinyHunters group after a social engineering attack. Concurrently, the popular OpenClaw AI framework is reeling from multiple critical vulnerabilities, including a zero-click RCE, prompting its founder to join OpenAI. Other major developments include a critical privilege escalation flaw in a WordPress plugin, a private key leak vulnerability in Python's cryptography library, and new malware campaigns attributed to Russian state actors targeting Ukraine. These incidents highlight persistent threats from social engineering, unpatched software, and insecure supply chains.

Filter by Category

New Articles (10)

Critical Zero-Click RCE Flaw (CVE-2026-25253) Hits OpenClaw AI Agent Framework

CRITICAL

Critical Zero-Click RCE Vulnerability, CVE-2026-25253, Disclosed in Popular OpenClaw AI Agent Framework

A critical zero-click remote code execution (RCE) vulnerability, CVE-2026-25253, has been discovered in the widely-used OpenClaw AI Agent Framework. The flaw allows a remote attacker to gain complete control of a developer's machine with minimal to no user interaction, posing a severe security risk. This disclosure adds to a series of security crises for the open-source project, which was already dealing with hundreds of malicious 'skills' on its marketplace. The vulnerability has drawn advisories from international cybersecurity agencies, compounding the pressure on the project.

February 15, 2026
6 min read
OpenClawCVE-2026-25253RCEZero-ClickVulnerability +2 more
Critical Zero-Click RCE Flaw (CVE-2026-25253) Hits OpenClaw AI Agent Framework
Vulnerability
Cyberattack
Supply Chain Attack

OpenClaw Founder Peter Steinberger Joins OpenAI Amidst Project's Security Turmoil

INFORMATIONAL

OpenClaw Founder Peter Steinberger Joins OpenAI to Develop Personal AI Agents

Peter Steinberger, the creator of the popular but embattled OpenClaw open-source AI framework, has announced he is joining OpenAI. The move, confirmed by OpenAI CEO Sam Altman, will see Steinberger focus on building the "next generation of personal agents." This decision comes during a turbulent period for OpenClaw, which is grappling with a critical RCE vulnerability and a marketplace flooded with malicious packages. Steinberger stated his goal is to build a safe, accessible AI agent for a broad audience, suggesting a pivot away from the complexities of maintaining a large open-source project.

February 15, 2026
4 min read
OpenAIOpenClawPeter SteinbergerAIOpen Source +1 more
OpenClaw Founder Peter Steinberger Joins OpenAI Amidst Project's Security Turmoil
Threat Intelligence
Policy and Compliance
Other

Python 'cryptography' Library Flaw (CVE-2026-26007) Leaks Private Key Information

HIGH

Vulnerability in Popular Python 'cryptography' Library Allows Private Key Information Leak

A significant vulnerability, CVE-2026-26007, has been disclosed in the widely-used Python 'cryptography' package. The flaw, which affects versions prior to 46.0.5, is due to improper input validation on public keys. An attacker can supply a specially crafted weak public key, causing cryptographic operations like ECDH to leak bits of the victim's private key. This also weakens signature forging defenses. Users are urged to update to the patched version immediately.

February 15, 2026
5 min read
PythoncryptographyCVE-2026-26007VulnerabilityPrivate Key +2 more
Python 'cryptography' Library Flaw (CVE-2026-26007) Leaks Private Key Information
Vulnerability
Patch Management
Supply Chain Attack

Critical 9.8 CVSS Unauthenticated Privilege Escalation Flaw Hits WordPress Plugin

CRITICAL

Critical Privilege Escalation Flaw (CVE-2025-14892) in Prime Listing Manager WordPress Plugin

A critical unauthenticated privilege escalation vulnerability, CVE-2025-14892, has been disclosed in the Prime Listing Manager WordPress plugin. The flaw, affecting versions up to and including 1.1, has been assigned a CVSS score of 9.8, reflecting its extreme severity. It allows any remote, unauthenticated attacker to elevate their privileges on an affected website, potentially leading to a full site compromise. Administrators are urged to deactivate the plugin immediately or apply WAF rules as no patch is currently available.

February 15, 2026
6 min read
WordPressVulnerabilityCVE-2025-14892Privilege EscalationPlugin +1 more
Critical 9.8 CVSS Unauthenticated Privilege Escalation Flaw Hits WordPress Plugin
Vulnerability
Patch Management
Cyberattack

Google and Entrust Form Strategic Partnership for AI-Driven Identity Security

INFORMATIONAL

Google and Entrust Partner on AI-Powered Identity Verification Security

Global security provider Entrust and tech giant Google have announced a strategic collaboration to integrate their technologies for AI-driven identity verification. The partnership aims to develop advanced solutions to combat the growing threat of sophisticated, AI-powered fraud. By combining their expertise, the companies intend to strengthen security defenses while streamlining user and employee onboarding processes, reflecting a broader industry trend of using AI to bolster cybersecurity.

February 15, 2026
3 min read
GoogleEntrustAIIdentity VerificationIAM +1 more
Google and Entrust Form Strategic Partnership for AI-Driven Identity Security
Threat Intelligence
Policy and Compliance
Other

Google Attributes New 'CANFAIL' Malware Attacks in Ukraine to Russian State Actor

HIGH

Google Threat Intelligence Links Russian State Actor to "CANFAIL" Malware Attacks in Ukraine

Google's Threat Intelligence group has attributed a new malware campaign targeting Ukrainian organizations to a suspected Russian nation-state actor. The report, published on February 15, 2026, details the use of a new malware framework dubbed 'CANFAIL'. This discovery, along with other novel malware like 'VoidLink', highlights the continuous development of custom tools for cyber warfare in the region. Security analysts stress the need for behavior-based detection methods to counter these rapidly evolving threats, particularly in high-value sectors like defense and energy.

February 15, 2026
5 min read
CANFAILMalwareGoogleRussiaUkraine +2 more
Google Attributes New 'CANFAIL' Malware Attacks in Ukraine to Russian State Actor
Malware
Threat Actor
Threat Intelligence

Patch Released for "ClawJacked" WebSocket Hijacking Flaw in OpenClaw AI Agent

HIGH

Patch Shipped for "ClawJacked" WebSocket Hijacking Vulnerability in OpenClaw AI Agent

A patch has been released for a high-severity vulnerability, dubbed "ClawJacked," in the OpenClaw AI agent. The flaw, fixed in version 2026.2.13, allowed a malicious website to hijack a locally running OpenClaw agent by abusing its WebSocket connection. An attacker could trick a developer into visiting a malicious site, which would then silently connect to and control the local agent. The vulnerability also exposed a risk of indirect prompt injection. The flaw was responsibly disclosed, and a fix was promptly issued.

February 15, 2026
5 min read
OpenClawClawJackedWebSocketVulnerabilityHijacking +1 more
Patch Released for "ClawJacked" WebSocket Hijacking Flaw in OpenClaw AI Agent
Vulnerability
Patch Management
Cyberattack

Fedora Project Patches Vulnerabilities in Python-aiohttp Component for Fedora 43

MEDIUM

Fedora Project Issues Security Advisory for Flaw in Python-aiohttp Component

The Fedora Project released an important security advisory on February 14, 2026, for its Fedora 43 distribution. The advisory, 2026-66cb8ecfc2, addresses vulnerabilities in the 'python-aiohttp' package, a key component for asynchronous HTTP clients and servers in Python. An updated version, 3.13.3-4.fc43, has been released to mitigate the unspecified security issues. Administrators of Fedora 43 systems are urged to apply the update promptly to protect their systems.

February 15, 2026
3 min read
FedoraLinuxpython-aiohttpPatch ManagementVulnerability
Fedora Project Patches Vulnerabilities in Python-aiohttp Component for Fedora 43
Patch Management
Vulnerability

Firms Face 2026 Compliance Countdown for RBI and SAMA Cybersecurity Mandates

INFORMATIONAL

Analysis Released on Navigating 2026 RBI and SAMA Cybersecurity Mandates

Cybersecurity firm Foresiet has published a strategic analysis for financial institutions navigating the upcoming 2026 compliance deadlines for external threat mandates from the Reserve Bank of India (RBI) and the Saudi Central Bank (SAMA). The guide addresses the specific regulatory frameworks and offers a roadmap for banks and financial firms in India and Saudi Arabia to enhance their security posture against external threats. This reflects a global trend of financial regulators imposing stricter cybersecurity rules to protect national financial sectors.

February 15, 2026
4 min read
ComplianceRegulatoryRBISAMAFinance +2 more
Firms Face 2026 Compliance Countdown for RBI and SAMA Cybersecurity Mandates
Policy and Compliance
Regulatory

Blast Audit and SafePorter Formalize Researcher Relations with New VDPs

INFORMATIONAL

New Vulnerability Disclosure Policies Released by Blast Audit and SafePorter

On February 15, 2026, cybersecurity firms Blast Audit and SafePorter each published new Vulnerability Disclosure Policies (VDPs). These policies provide a formal framework, including legal safe harbor, for security researchers to responsibly report vulnerabilities they discover in the companies' systems. Both policies outline the scope of testing, reporting procedures, and expected response times, reflecting a growing industry best practice for fostering positive relationships with the independent security research community.

February 15, 2026
3 min read
VDPVulnerability DisclosureSafe HarborCybersecurity Policy
Blast Audit and SafePorter Formalize Researcher Relations with New VDPs
Policy and Compliance
Security Operations

Updated Articles (1)

Open-Source Malware Skyrockets by 75%, Sonatype's 2026 Report Warns

INFORMATIONAL

Sonatype 2026 Report: Open-Source Malware Surges 75% Amid AI-Driven Development

Update:

A new report focuses on the npm package registry, detailing how attackers exploit it through techniques like typosquatting, dependency confusion, maintainer account takeover, and malicious install scripts. It introduces a 'shared responsibility' model, stressing that while npm improves platform security, developers must actively vet dependencies, monitor package behavior, and maintain SBOMs. This deep dive into npm-specific threats provides crucial context to the broader open-source supply chain risks, urging developers to adopt proactive defense-in-depth strategies to prevent IP theft, data breaches, and reputational damage from compromised packages.

January 29, 2026
Updated: February 15, 2026
5 min read
open sourcesupply chain securityDevSecOpsmalwareAI +1 more
Open-Source Malware Skyrockets by 75%, Sonatype's 2026 Report Warns
Supply Chain Attack
Threat Intelligence
Malware

📢 Share This Publication

Help others stay informed about cybersecurity threats