Sign in Subscribe

InfoSec News 16FEB2026

General

The fake guide provides instructions to visit Swapzone.io and manually load a Bitcoin node by executing JavaScript directly in their browser's address bar.
The instructions tell victims to visit a URL on paste[.]sh and copy a JavaScript snippet hosted on the page.
...
By convincing victims to run this code on Swapzone.io, attackers can manipulate the page and alter the swap process.
the issue is caused by Family Safety's web filtering tool, which prompts children to ask their parents for approval to use other browsers. However, the bug also causes Family Safety to block new versions of previously approved web browsers, inadvertently preventing them from launching or causing them to shut down unexpectedly.
A draft version of the report by Palo Alto’s Unit 42, the company’s threat intelligence arm, said that the prolific hackers - dubbed “TGR-STA-1030” in a report published on Thursday of last week - were connected to Beijing, the two people said. The finished report instead described the hacking group more vaguely as a “state-aligned group that operates out of Asia.”
...
sources told Reuters that Unit 42’s researchers were confident, based on a wealth of forensic clues, that the newly uncovered hacking campaign was tied to China too.
The change, the sources said, was ordered by Palo Alto executives because they were concerned by the software ban and feared drawing retaliation from Chinese authorities, either against the company’s personnel in China or its clients elsewhere.
Internationally, the Chinese government is pushing for self-censorship on foreign policy and human rights abuses in China. Through pressure, threats, inducement and coercion, many countries silence themselves out of fear of harming their interests or upsetting Beijing. There is no easy solution to self-censorship. We can call on dissenters to be more vocal, but then we are also asking them to overcome their fear of a repressive government and risk the dramatic consequences that might ensue.
Despite faking his own death, the suspect continued to live at his normal residence in Uzhhorod, a Ukrainian city near the border with Slovakia, so not the smartest tool in the shed when it comes to OpSec.
He was finally arrested in December of last year. During a search of his home, he tried to pass as another person and even showed fake documents in the new name.

Getting Techy

  • Eaton Works is back at it, this time hacking an Indian Pharmacy. Ludicrously easy just POST to the right URL, and you have an account - a super-admin account. Standard password-recovery and you can login to the account.
My first disclosure in the healthcare industry has arrived! Ever wondered what it would be like to gain administrative access to a major pharmacy? You’re about to find out.
The target was Dava Industry Pharmacy, a division of Zota Healthcare. If you are in the US, you probably haven’t heard of them, but those in India probably will have since they have 2,100+ stores and they claim they are "India’s largest private generic pharmacy retail chain".

Geo-Politics

  • There are a few speeches coming out of the Munich Cyber Security Conference, with countries declaring (and attempting to garner support) for their position.
  • [EE] Estonia is pushing for more sovereign security capabilities.
“My call to the European industry is not only to think about cyber defense technology, but start to think about cyber offensive solutions too,” said Rosin.
“The tools currently available to the services are mostly non-European solutions. There are other countries who actively conduct research and development and produce solutions which are very expensive, of course. I would love to coordinate and cooperate with Europeans more on that,” he added.
Cyber and hybrid threats are now a permanent feature of Europe’s security environment, a senior Swedish defense official said Thursday, warning that societies must be built to function under sustained pressure rather than assuming disruptions will be rare.
Lisa Gustafsson, director of foreign intelligence and cyber at the Swedish Ministry of Defence, made the remarks at the Munich Cyber Security Conference, citing Russia’s full-scale invasion of Ukraine as a turning point that has normalized the combined use of military force, economic pressure, information operations and cyber activity.
“We assess operations [like Volt Typhoon] may serve as real-world testing to paralyze infrastructure,” Lee said during a keynote speech at the conference. “Taiwan being a honeypot has taught us defense is not enough.”
...
“Taiwan is one of the most targeted countries in the world,” Lee said. Which makes the island less like a victim — and more like a proving ground.
“I think we really need to move beyond reactive defense and set the risk calculus of adversaries in cyber space,” said Anny Vu, a senior official in the State Department’s Bureau of Cyberspace and Digital Policy. “To do that, we have to be proactive about disrupting adversaries by imposing real costs, and consequences to malicious actors.”
...
The result, though, is a paradox: the U.S. is urging allies to align behind “trusted” technologies and coordinated responses, even as it steps away from many of the institutions designed to organize that very cooperation.
The covers of two French newspapers — Libération and Le Parisien, both showing the date Jan. 27 — were presented on screen to corroborate his allegations. However, it later emerged that the front pages displayed on Russian television were fabrications created and spread by the “Matryoshka” bot network, according to analysis conducted by the Bot Blocker project.
...
The information campaign known as Matryoshka has been operating since at least September 2023, and the Bot Blocker project was the first to document and draw attention to its activity. The scheme centers on distributing fake posts featuring anti-Ukrainian content through a network of coordinated accounts.

Privacy

  • Amazon's Ring (makers of video-enabled doorbells) have withdrawn from a partnership with Flock (makers of surveillance systems, including Automated Licence Plate Recognition - ALPR, aimed at law enforcement).
The announcement came days after a Ring Super Bowl ad generated backlash from consumers concerned about privacy. The ad, ostensibly about how Ring camera videos can be shared to find lost dogs, raised questions about how the facial recognition-enabled cameras can also be used to surveil and monitor the movements of people.
...
Ring and Flock had announced their partnership in October, saying that Ring customers would soon be empowered to share their doorbell camera videos with police through Ring’s Community Requests program.

AI

  • The LLM release wars continue - Google's released Gemini 3 Deep Think. Impressive results on academic and reasoning tests - even compared to the very latest models (Claude Opus 4.6, GPT-5.2). Whilst they report one coding benchmark ("Codeforces") this is clearly not the focus of the model.
  • If you're willing to trade a loss in quality for a significant speed boost - this one may be for you - OpenAI's GPT-5.3-Codex-Spark. Created as part of OpenAI's partnership with Cerebras, this is using Cerebras' "Wafer Scale Engine 3". As can be seen on their website, this is a massive slice of silicon, dwarfing Nvidia GPU's (even their datacentre models).
OpenAI claim 1,000 tokens/second for their new model, and I expect it will prove to be a ferociously useful partner for hands-on iterative coding sessions.
It's not yet clear what the pricing will look like for this new model.
According to independent benchmarks from Artificial Analysis, OpenAI’s fastest models on Nvidia hardware top out well below that mark: GPT-4o delivers roughly 147 tokens per second, o3-mini hits about 167, and GPT-4o mini clocks around 52.
On SWE-Bench Pro and Terminal-Bench 2.0, two benchmarks for evaluating software engineering ability, Spark reportedly outperforms the older GPT-5.1-Codex-mini while completing tasks in a fraction of the time, according to OpenAI. The company did not share independent validation of those numbers.
HDD capacity from one of the world's largest manufacturers has started to run dry, according to Western Digital's CEO
...
the manufacturer's entire capacity for this year is booked out. Speaking at the Q2 earnings call, Tan revealed that the focus has been on developing products that cater to the needs of enterprise customers. Given the pace of hyperscaler buildout, it's fair to say demand for HDDs will only increase going forward.
...
WD's VP of Investor Relations noted that the company's cloud revenue accounted for 89% of total revenue. In comparison, consumer revenue accounted for just 5%.
...
The demand is primarily driven by the large-scale data center buildout occurring worldwide, with HDD requirements being more prevalent in US-based facilities. For those unaware, AI is nothing without data, and to store large quantities of data, CSPs use HDDs, which are the most cost-effective and efficient storage medium.
Coinbase rolls out AI tool to 'give any agent a wallet'
AI bots will now be able to independently hold funds, send payments, trade tokens, earn yield, and transact onchain.

Subscribe to Deuxieme RE Banque News

Sign up now to get access to the library of members-only issues.
Jamie Larson
Subscribe