Daily Security Briefing #179

February 28, 2026 | Read Online

Malicious botnet control, fake Zoom and Google Meet phishing campaigns, AI hijacking vulnerabilities, and cryptocurrency theft…

Executive Summary

Cybersecurity threats continue to evolve with malicious actors adapting to disruptions. The recent Kimwolf botnet disruption highlights the need for collaborative efforts between industry partners. Meanwhile, critical vulnerabilities in OpenClaw have been exposed, allowing malicious sites to hijack local AI agents. Additionally, phishing campaigns are targeting .arpa TLD and IPv6 tunnels to evade security measures.

Top Articles

Who is the Kimwolf Botmaster “Dort”? The person controlling the world’s largest botnet, Kimwolf, has coordinated a barrage of attacks against researchers and journalists. The botmaster, known as “Dort,” has used DDoS, doxing, and email flooding to disrupt operations. KrebsOnSecurity

Fake Zoom and Google Meet Phishing Campaigns Deploy Teramind Surveillance Software Threat actors are executing sophisticated phishing campaigns that impersonate Zoom and Google Meet to silently deploy Teramind onto Windows devices. While Teramind is a legitimate enterprise endpoint monitoring product, scammers are abusing its stealth features. GBHackers

The Great Transition A comprehensive overview of the current cybersecurity landscape, discussing emerging threats and trends. The article touches on topics such as AI-powered attacks and the need for industry-wide collaboration. Daniel Miessler Blog

Hackers Exploit Windows File Explorer and WebDAV to Distribute Malware Cybersecurity researchers have uncovered an ongoing campaign where threat actors abuse Windows File Explorer to distribute malware. By exploiting the legacy WebDAV protocol, attackers are tricking victims into downloading RATs. GBHackers

Phishing Attacks Impersonate Zoom and Google Meet to Distribute Teramind Spyware Threat actors are deploying a new phishing campaign that uses fake Zoom and Google Meet updates to secretly install surveillance software. Instead of creating custom malware, attackers are abusing Teramind. CyberPress

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control. The Hacker News

Phishing Campaigns Target .arpa TLD and IPv6 Tunnels to Evade Security Measures Phishing campaigns are utilizing a newly discovered evasion technique by exploiting the .arpa top-level domain (TLD) and IPv6 tunnels to bypass traditional security controls. CyberPress

QuickLens Chrome extension steals crypto, shows ClickFix attack A Chrome extension named “QuickLens - Search Screen with Google Lens” has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of users. BleepingComputer

$4.8M in crypto stolen after Korean tax agency exposes wallet seed South Korea’s National Tax Service accidentally exposed the mnemonic recovery phrase of a seized cryptocurrency wallet, allowing hackers to steal 6.4 billion won ($4.8M) worth in cryptocurrency. BleepingComputer

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The Hacker News

SentinelOne Intelligence Brief: Iranian Cyber Activity Outlook Iran-linked cyber activity may surge after strikes, targeting US and Israeli sectors; SentinelOne provides intel and urges vigilance. SentinelOne Blog

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.