Security AffairsGoogle: state-backed hackers exploit Gemini AI for cyber recon and attacksFri, 13 Feb 2026 10:57:30 +0000 Google says nation-state actors used Gemini AI for reconnaissance and attack support in cyber operations. Google DeepMind and GTIG report a rise in model extraction or “distillation” attacks aimed at stealing AI intellectual property, which Google has detected and blocked. While APT groups have not breached frontier models, private firms and researchers have tried to […] U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalogFri, 13 Feb 2026 08:27:57 +0000 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws […] Odido confirms massive breach; 6.2 Million customers impactedThu, 12 Feb 2026 20:02:48 +0000 Hackers accessed data from 6.2 million Odido accounts, exposing names, contacts, bank details, and ID numbers. Subsidiary Ben also warned customers. Hackers broke into Dutch telecom firm Odido and accessed data from 6.2 million accounts. The company confirmed the breach and said attackers took names, addresses, phone numbers, email addresses, bank account details, dates of […] ApolloMD data breach impacts 626,540 peopleThu, 12 Feb 2026 17:58:25 +0000 A May 2025 cyberattack on ApolloMD exposed the personal data of over 626,000 patients linked to affiliated physicians and practices. ApolloMD is a US-based healthcare services company that partners with hospitals, health systems, and physician practices. It provides practice management, staffing, revenue cycle, and administrative support services. The company works with affiliated physicians across specialties […] LummaStealer activity spikes post-law enforcement disruptionThu, 12 Feb 2026 14:57:44 +0000 Bitdefender reports a surge in LummaStealer activity, showing the MaaS infostealer rebounded after 2025 law enforcement disruption. Bitdefender observed renewed LummaStealer activity, proving the MaaS infostealer recovered after 2025 takedowns. Active since 2022, it relies on affiliates, social engineering, fake cracked software, and fake CAPTCHA “ClickFix” lures. CastleLoader plays a key role in spreading it. […] Apple fixed first actively exploited zero-day in 2026Thu, 12 Feb 2026 10:50:10 +0000 Apple fixed an exploited zero-day in iOS, macOS, and other devices that allowed attackers to run code via a memory flaw. Apple released updates for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS to address an actively exploited zero-day tracked as CVE-2026-20700. The flaw is a memory corruption issue in Apple’s Dynamic Link Editor (dyld) that […] Multiple Endpoint Manager bugs patched by Ivanti, including remote auth bypassThu, 12 Feb 2026 06:13:41 +0000 Ivanti patched over a dozen Endpoint Manager flaws, including a high-severity auth bypass that let attackers steal credentials remotely. Ivanti released patches for more than a dozen vulnerabilities in Endpoint Manager, including flaws disclosed in October 2025. The update addresses a high-severity authentication bypass, tracked as CVE-2026-1603 (CVSS score of 8.6), that attackers could exploit […] Volvo Group hit in massive Conduent data breachWed, 11 Feb 2026 19:28:49 +0000 A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacted at least 25 million people, far more than initially reported. Volvo Group North America confirmed that the security breach exposed data of nearly […] Reynolds ransomware uses BYOVD to disable security before encryptionWed, 11 Feb 2026 15:00:47 +0000 Researchers discovered Reynolds ransomware, which uses BYOVD technique to disable security tools and evade detection before encryption. Researchers found a new ransomware, named Reynolds, that implements the Bring Your Own Vulnerable Driver (BYOVD) technique to disable security tools and evade detection before encrypting systems. Broadcom’s cybersecurity researchers initially attributed the attack to Black Basta due […] SSHStalker botnet targets Linux servers with legacy exploits and SSH scanningWed, 11 Feb 2026 09:49:39 +0000 A new Linux botnet, SSHStalker, has infected about 7,000 systems using old 2009-era exploits, IRC bots, and mass-scanning malware. Flare researchers uncovered a previously undocumented Linux botnet dubbed SSHStalker, observed via SSH honeypots over two months. Researchers ran an SSH honeypot with weak credentials starting in early 2026 and spotted a set of intrusions unlike […] |
The Hacker NewsMalicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing HistoryFri, 13 Feb 2026 16:55:00 +0530 Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and Facebook Business Manager. The extension, named CL Suite by @CLMasters (ID: jkphinfhmfkckkcnifhjiplhfoiefffl), is marketed as a way to scrape Meta Business Suite data, remove verification pop-ups, and generate two-factor authentication (2FA) codes. npm’s Update to Harden Their Supply Chain, and Points to ConsiderFri, 13 Feb 2026 16:15:00 +0530 In December 2025, in response to the Sha1-Hulud incident, npm completed a major authentication overhaul intended to reduce supply-chain attacks. While the overhaul is a solid step forward, the changes don’t make npm projects immune from supply-chain attacks. npm is still susceptible to malware attacks – here’s what you need to know for a safer Node community. Let’s start with the original Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 VulnerabilityFri, 13 Feb 2026 14:04:00 +0530 Threat actors have started to exploit a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products, according to watchTowr. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," Ryan Dewhurst, head of threat intelligence at watchTowr, said in a post on X. "Attackers are abusing Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack SupportThu, 12 Feb 2026 23:27:00 +0530 Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks. "The Lazarus Campaign Plants Malicious Packages in npm and PyPI EcosystemsThu, 12 Feb 2026 22:25:00 +0530 Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked to a fake recruitment-themed campaign orchestrated by the North Korea-linked Lazarus Group. The coordinated campaign has been codenamed graphalgo in reference to the first package published in the npm registry. It's assessed to be active since May 2025. " ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ StoriesThu, 12 Feb 2026 17:21:00 +0530 Threat activity this week shows one consistent signal — attackers are leaning harder on what already works. Instead of flashy new exploits, many operations are built around quiet misuse of trusted tools, familiar workflows, and overlooked exposures that sit in plain sight. Another shift is how access is gained versus how it’s used. Initial entry points are getting simpler, while post-compromise The CTEM Divide: Why 84% of Security Programs Are Falling BehindThu, 12 Feb 2026 16:00:00 +0530 A new 2026 market intelligence study of 128 enterprise security decision-makers (available here) reveals a stark divide forming between organizations – one that has nothing to do with budget size or industry and everything to do with a single framework decision. Organizations implementing Continuous Threat Exposure Management (CTEM) demonstrate 50% better attack surface visibility, 23-point 83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting InfrastructureThu, 12 Feb 2026 13:02:00 +0530 A significant chunk of the exploitation attempts targeting a newly disclosed security flaw in Ivanti Endpoint Manager Mobile (EPMM) can be traced back to a single IP address on bulletproof hosting infrastructure offered by PROSPERO. Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between February 1 and 9, 2026. An estimated 346 Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other DevicesThu, 12 Feb 2026 11:09:00 +0530 Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks. The vulnerability, tracked as CVE-2026-20700 (CVSS score: 7.8), has been described as a memory corruption issue in dyld, Apple's Dynamic Link Editor. Successful exploitation of the vulnerability could allow an First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft CredentialsWed, 11 Feb 2026 23:15:00 +0530 Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fake Microsoft login page, stealing over 4,000 credentials in the process. The activity has been APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian EntitiesWed, 11 Feb 2026 20:22:00 +0530 Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux environments with remote access trojans capable of stealing sensitive data and ensuring continued access to infected machines. The campaigns are characterized by the use of malware families like Geta RAT, Ares RAT, and DeskRAT, which are often Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network PlatformsWed, 11 Feb 2026 18:58:00 +0530 It's Patch Tuesday, which means a number of software vendors have released patches for various security vulnerabilities impacting their products and services. Microsoft issued fixes for 59 flaws, including six actively exploited zero-days in various Windows components that could be abused to bypass security features, escalate privileges, and trigger a denial-of-service (DoS) condition. Elsewhere Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud EnvironmentsWed, 11 Feb 2026 17:00:00 +0530 Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack techniques work in controlled environments. The issue is not the applications themselves, but how they are often Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-DaysWed, 11 Feb 2026 15:52:00 +0530 Microsoft on Tuesday released security updates to address a set of 59 flaws across its software, including six vulnerabilities that it said have been exploited in the wild. Of the 59 flaws, five are rated Critical, 52 are rated Important, and two are rated Moderate in severity. Twenty-five of the patched vulnerabilities have been classified as privilege escalation, followed by remote code SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel ExploitsWed, 11 Feb 2026 15:26:00 +0530 Cybersecurity researchers have disclosed details of a new botnet operation called SSHStalker that relies on the Internet Relay Chat (IRC) communication protocol for command-and-control (C2) purposes. "The toolset blends stealth helpers with legacy-era Linux exploitation: Alongside log cleaners (utmp/wtmp/lastlog tampering) and rootkit-class artifacts, the actor keeps a large back-catalog of North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency OrganizationsWed, 11 Feb 2026 12:20:00 +0530 The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft. "The intrusion relied on a social engineering scheme involving a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported usage of AI-generated DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate CompaniesTue, 10 Feb 2026 23:14:00 +0530 The information technology (IT) workers associated with the Democratic People's Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they're impersonating, marking a new escalation of the fraudulent scheme. "These profiles often have verified workplace emails and identity badges, which DPRK operatives hope will make their fraudulent Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security ToolsTue, 10 Feb 2026 20:06:00 +0530 Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver (BYOVD) component for defense evasion purposes within the ransomware payload itself. BYOVD refers to an adversarial technique that abuses legitimate but flawed driver software to escalate privileges and disable Endpoint Detection From Ransomware to Residency: Inside the Rise of the Digital ParasiteTue, 10 Feb 2026 19:29:00 +0530 Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them? According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and mapped 15.5 million adversarial actions observed across 2025, attackers are no longer optimizing for Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code ExecutionTue, 10 Feb 2026 19:00:00 +0530 Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0. "An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiClientEMS may ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code SecurityTue, 10 Feb 2026 17:10:00 +0530 January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI's total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates in security tools and making every alert Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail ServerTue, 10 Feb 2026 15:54:00 +0530 SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company's Chief Commercial Officer, Derek Curtis, said. "Prior to the breach, we had approximately 30 servers/VMs Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact DataTue, 10 Feb 2026 13:52:00 +0530 The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country's parliament on Friday. "On January 29, the National Cyber Security Center ( China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage CampaignMon, 09 Feb 2026 22:31:00 +0530 The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector. "UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore's telecommunications sector," CSA said. "All four of Singapore's major telecommunications operators ('telcos') – M1, SIMBA Telecom, Singtel, and SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed ServersMon, 09 Feb 2026 20:12:00 +0530 Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization's network to other high-value assets. That said, the Microsoft Defender Security Research Team said it's not clear whether the activity weaponized recently ⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and MoreMon, 09 Feb 2026 18:29:00 +0530 Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths. A clear pattern this week: attackers are abusing trust. Trusted updates, trusted marketplaces, trusted apps, even How Top CISOs Solve Burnout and Speed up MTTR without Extra HiringMon, 09 Feb 2026 16:53:00 +0530 Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through. Top CISOs have realized the solution isn’t hiring more people or stacking yet another tool onto the workflow, but giving their teams faster, clearer Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing CampaignMon, 09 Feb 2026 16:28:00 +0530 The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT. Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks against manufacturing, finance, and IT TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal InfrastructureMon, 09 Feb 2026 14:07:00 +0530 Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation. The activity, observed around December 25, 2025, and described as "worm-driven," leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRAMon, 09 Feb 2026 13:33:00 +0530 BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution. "BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability," the company OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub SkillsSun, 08 Feb 2026 13:02:00 +0530 OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem. "All skills published to ClawHub are now scanned using VirusTotal's threat intelligence, including their new Code Insight capability," German Agencies Warn of Signal Phishing Targeting Politicians, Military, JournalistsSat, 07 Feb 2026 16:45:00 +0530 Germany's Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging app. "The focus is on high-ranking targets in China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware DeliveryFri, 06 Feb 2026 20:26:00 +0530 Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that's operated by China-nexus threat actors since at least 2019. The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via routers and edge devices. Its primary targets seem to CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network RiskFri, 06 Feb 2026 19:13:00 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB) agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers (OEMs) over the next 12 to 18 months. The agency said the move is to drive down technical debt and minimize Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure EntitiesFri, 06 Feb 2026 17:37:00 +0530 A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42. In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155 How Samsung Knox Helps Stop Your Network Security BreachFri, 06 Feb 2026 16:00:00 +0530 As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically tailored to their Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT MalwareFri, 06 Feb 2026 14:10:00 +0530 Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below - @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31& Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source LibrariesFri, 06 Feb 2026 11:19:00 +0530 Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. Claude Opus 4.6, which was launched Thursday, comes with improved coding skills, including code review and debugging capabilities, along with AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS AttackThu, 05 Feb 2026 22:55:00 +0530 The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds. Cloudflare, which automatically detected and mitigated the activity, said it's part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the botnet in the fourth quarter of 2025. The ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ StoriesThu, 05 Feb 2026 18:27:00 +0530 This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next. Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the point. Entry is becoming less visible while impact The Buyer’s Guide to AI Usage ControlThu, 05 Feb 2026 17:00:00 +0530 Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout EndsThu, 05 Feb 2026 15:55:00 +0530 The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of January 2026. "The threat actor stopped maintaining its C2 servers on January 8 for the first time since we Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious WorkflowsThu, 05 Feb 2026 11:46:00 +0530 A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands. The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking CampaignThu, 05 Feb 2026 10:26:00 +0530 Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker's infrastructure. Datadog Security Labs said it observed threat actors associated with the recent React2Shell (CVE-2025-55182, CVSS score: 10.0) exploitation using malicious NGINX Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language ModelsWed, 04 Feb 2026 23:22:00 +0530 Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence (AI) systems. The tech giant's AI Security team said the scanner leverages three observable signals that can be used to reliably flag the presence of backdoors while maintaining a low false positive DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing FilesWed, 04 Feb 2026 22:54:00 +0530 Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass traditional detection mechanisms and deploy a remote access trojan (RAT) known as AsyncRAT. "The attack leverages IPFS-hosted VHD files, extreme script obfuscation, runtime decryption, and in-memory China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage CampaignsWed, 04 Feb 2026 19:39:00 +0530 Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025. Check Point Research is tracking the previously undocumented activity cluster under the moniker Amaranth-Dragon, which it said shares links to the APT 41 ecosystem. Targeted countries include Cambodia, Orchid Security Introduces Continuous Identity Observability for Enterprise ApplicationsWed, 04 Feb 2026 17:28:00 +0530 An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls. The Challenge: Identity Lives Outside the Identity Stack Identity and access management tools were built to govern users and directories. Modern enterprises run on applications. Over time, identity logic has moved into application code, APIs, service accounts, and custom authentication The First 90 Seconds: How Early Decisions Shape Incident Response InvestigationsWed, 04 Feb 2026 15:30:00 +0530 Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information is incomplete. I have seen IR teams recover from sophisticated intrusions with limited telemetry. I have also seen teams lose control of investigations they should have been able to handle. The Microsoft Warns Python Infostealers Target macOS via Fake Ads and InstallersWed, 04 Feb 2026 13:12:00 +0530 Microsoft has warned that information-stealing attacks are "rapidly expanding" beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted platforms for distribution at scale. The tech giant's Defender Security Research Team said it observed macOS-targeted infostealer campaigns using social engineering techniques such as ClickFix since |
darkreadingIvanti EPMM Zero-Day Bugs Spark Exploit Frenzy — AgainThu, 12 Feb 2026 22:05:32 GMT It's time to phase out the "patch and pray" approach, eliminate needless public interfaces, and enforce authentication controls, one expert says. Booz Allen Announces General Availability of Vellox Reverser to Automate Malware DefenseThu, 12 Feb 2026 21:23:06 GMT The AI-powered product delivers expert-grade malware analysis and reverse engineering in minutes. SpecterOps Launches BloodHound Scentry to Accelerate the Practice of Identity Attack Path ManagementThu, 12 Feb 2026 21:11:52 GMT Drawing on years of adversary tradecraft, SpecterOps experts work alongside customers to analyze and eliminate attack paths, protect critical assets, and stay ahead of emerging threats. Gone With the Shame: One in Two Americans Are Reluctant to Talk About Romance Scam IncidentsThu, 12 Feb 2026 21:04:25 GMT Men should take extra care on Valentine’s Day because they are nearly twice as likely as women to fall victim to romance scams. Those 'Summarize With AI' Buttons May Be Lying to YouThu, 12 Feb 2026 20:47:39 GMT Microsoft uncovered AI recommendation poisoning in 31 companies across 14 industries, and turnkey tools make it trivially easy to pull off. Senegalese Data Breaches Expose Lack of 'Security Maturity'Thu, 12 Feb 2026 09:00:00 GMT Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents. North Korea's UNC1069 Hammers Crypto Firms With AIWed, 11 Feb 2026 21:56:11 GMT In moving away from traditional banks to focus on Web3 companies, the threat actor is leveraging LLMs, deepfakes, legitimate platforms, and ClickFix. How to Stay on Top of Future Threats With a Cutting-Edge SOCWed, 11 Feb 2026 20:36:42 GMT CISOs should focus on harnessing and securing AI and building new skills among their people. Vision and change management can transform security. Automaker Secures the Supply Chain With Developer-Friendly PlatformWed, 11 Feb 2026 19:35:53 GMT How a platform engineering team embeds supply chain security into infrastructure without slowing developers. AI Rising: Do We Know Enough About the Data Populating It?Wed, 11 Feb 2026 14:31:47 GMT Organizations remain reluctant to address the fact that AI can dangerously expose business operations as well as personal data. Top Cyber Industry Defenses Spike CO2 EmissionsWed, 11 Feb 2026 14:00:00 GMT Organizations can improve their climate footprints by optimizing two specific cybersecurity protections, without incurring added risks. Asia Fumbles With Throttling Back Telnet Traffic in RegionWed, 11 Feb 2026 02:00:00 GMT Only Taiwan made the top 10 list of governments, effectively blocking the threat-ridden protocol, but overall, the region lagged in curbing Telnet traffic. SolarWinds WHD Attacks Highlight Risks of Exposed AppsTue, 10 Feb 2026 22:00:53 GMT Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime targets for attackers. In Bypassing MFA, ZeroDayRAT Is 'Textbook Stalkerware'Tue, 10 Feb 2026 21:37:15 GMT With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering. Microsoft Patches 6 Actively Exploited Zero-DaysTue, 10 Feb 2026 21:00:36 GMT Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in multiple Microsoft products. OT Attacks Get Scary With 'Living-off-the-Plant' TechniquesTue, 10 Feb 2026 16:14:29 GMT Ironically, security by obscurity has helped prevent dangerous OT attacks in recent years. It won't be that way forever. TransUnion's Real Networks Deal Focuses on Robocall BlockingMon, 09 Feb 2026 23:05:21 GMT The acquisition allows the credit reporting agency to add SMS spam and scam prevention to its robocall blocking capabilities. Warlock Gang Breaches SmarterTools Via SmarterMail BugsMon, 09 Feb 2026 21:59:02 GMT The ransomware group breached SmarterTools through a vulnerability in the company's own SmarterMail product. TeamPCP Turns Cloud Infrastructure Into Crime BotsMon, 09 Feb 2026 21:14:34 GMT The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces. 'Reynolds' Bundles BYOVD With Ransomware PayloadMon, 09 Feb 2026 20:14:22 GMT Researchers discovered a newly disclosed vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the defense-evasion technique. [Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity DefensesWhat Organizations Need to Change When Managing PrintersMon, 09 Feb 2026 17:22:18 GMT Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints. 'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E EncryptionFri, 06 Feb 2026 16:34:41 GMT The Electronic Frontier Foundation is urging major technology companies to follow through on their promises to implement end-to-end encryption (E2E) by default across their services, as privacy concerns mount amid increased AI use. Shai-hulud: The Hidden Costs of Supply Chain AttacksFri, 06 Feb 2026 16:25:14 GMT Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify. OpenClaw's Gregarious Insecurities Make Safe Usage DifficultFri, 06 Feb 2026 15:42:15 GMT Malicious "skills" and persnickety configuration settings are just some of the issues that security researchers have found when installing — and removing — the OpenClaw AI assistant. EnCase Driver Weaponized as EDR Killers PersistThu, 05 Feb 2026 22:35:20 GMT The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed Windows to load it. Agentic AI Site 'Moltbook' Is Riddled With Security RisksThu, 05 Feb 2026 22:03:29 GMT Someone used AI to build an entire Web platform, which then did something predictable and preventable: It exposed all its data through a publicly accessible API. Data Tool to Triage Exploited Vulnerabilities Can Make KEV More UsefulThu, 05 Feb 2026 20:53:34 GMT A disconnect exists between an organization's cybersecurity needs and lists like CISA's KEV Catalog. KEV Collider combines data from multiple open source vulnerability frameworks to help security teams quickly assess which are important, based on their priorities. Cyber Success Trifecta: Education, Certifications & ExperienceThu, 05 Feb 2026 14:00:00 GMT Col. Georgeo Xavier Pulikkathara, CISO at iMerit, discusses the importance of fundamentals, continuous learning, and human ingenuity in the face of AI-driven cybersecurity evolution. Protests Don't Impede Iranian Spying on Expats, Syrians, IsraelisThu, 05 Feb 2026 07:00:00 GMT Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering. Ransomware Gang Goes Full 'Godfather' With CartelWed, 04 Feb 2026 22:14:19 GMT DragonForce is taking cues from organized crime, emphasizing cooperation and coordination among ransomware gangs. CISA Makes Unpublicized Ransomware Updates to KEV CatalogWed, 04 Feb 2026 21:48:57 GMT A third of the "flipped" CVEs affected network edge devices, leading one researcher to conclude, "Ransomware operators are building playbooks around your perimeter." Attackers Use Windows Screensavers to Drop Malware, RMM ToolsWed, 04 Feb 2026 21:06:28 GMT By tapping the unusual .scr file type, attackers leverage "executables that don't always receive executable-level controls," one researcher noted. Extra Extra! Announcing DR Global Latin AmericaWed, 04 Feb 2026 13:30:00 GMT Dark Reading has something new hitting the newsstand: a content section purpose-built for Latin American readers, featuring news, analysis, features, and multimedia. Big Breach or Smooth Sailing? Mexican Gov't Faces Leak AllegationsWed, 04 Feb 2026 13:00:00 GMT A hacktivist group claims a 2.3-terabyte data breach exposes the information of 36 million Mexicans, but no sensitive accounts are at risk, says government. Google Looker Bugs Allow Cross-Tenant RCE, Data ExfilWed, 04 Feb 2026 11:00:00 GMT Attackers could even have used one vulnerable Lookout user to gain access to other GCP tenants' environments. Russian Hackers Weaponize Microsoft Office Bug in Just 3 DaysTue, 03 Feb 2026 21:52:22 GMT APT28's attacks rely on specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads. GlassWorm Malware Returns to Shatter Developer EcosystemsTue, 03 Feb 2026 20:55:51 GMT The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims with infostealer infections. AI May Supplant Pen Testers, But Oversight & Trust Are Not There YetTue, 03 Feb 2026 18:03:46 GMT Crowdsourced bug bounties and pen-testing firms see AI agents stealing the low-hanging vulnerabilities from their human counterparts. Oversight remains key. 8-Minute Access: AI Accelerates Breach of AWS EnvironmentTue, 03 Feb 2026 16:38:11 GMT The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges. Dark Patterns Undermine Security, One Click at a TimeTue, 03 Feb 2026 16:30:41 GMT People trust organizations to do the right thing, but some websites and apps have user interfaces that ultimately lead to inadequate security. Attackers Harvest Dropbox Logins Via Fake PDF LuresMon, 02 Feb 2026 22:21:33 GMT A malware-free phishing campaign targets corporate inboxes and asks employees to view "request orders," ultimately leading to Dropbox credential theft. County Pays $600K to Wrongfully Jailed Pen TestersMon, 02 Feb 2026 21:57:51 GMT Iowa police arrested two penetration testers in 2019 for doing their jobs, highlighting the risk to security professionals in red teaming exercises. Chinese Hackers Hijack Notepad++ Updates for 6 MonthsMon, 02 Feb 2026 19:57:02 GMT State-sponsored threat actors compromised the popular code editor's hosting provider to redirect targeted users to malicious downloads. ShinyHunters Expands Scope of SaaS Extortion AttacksMon, 02 Feb 2026 16:07:57 GMT Following their attacks on Salesforce instances last year, members of the cybercrime group have broadened their targeting and gotten more aggressive with extortion tactics. Torq Moves SOCs Beyond SOAR With AI-Powered Hyper AutomationFri, 30 Jan 2026 22:14:31 GMT Investors poured $140 million into Torq's Series D Round, raising the startup's valuation to $1.2 billion, to bring AI-based "hyper automation" to SOCs. 2026: The Year Agentic AI Becomes the Attack-Surface Poster ChildFri, 30 Jan 2026 21:16:15 GMT Dark Reading asked readers whether agentic AI attacks, advanced deepfake threats, board recognition of cyber as a top priority, or password-less technology adoption would be most likely to become a trending reality for 2026. Out-of-the-Box Expectations for 2026 Reveal a Grab Bag of RiskFri, 30 Jan 2026 21:14:32 GMT Security teams need to be thinking about this list of emerging cybersecurity realities to avoid rolling the dice on enterprise security risks (and opportunities). Tenable Tackles AI Governance, Shadow AI Risks, Data ExposureFri, 30 Jan 2026 20:23:53 GMT The Tenable One AI Exposure add-on discovers unsanctioned AI use in the organization and enforces policy compliance with approved tools. OpenClaw AI Runs Wild in Business EnvironmentsFri, 30 Jan 2026 16:40:34 GMT The popular open source AI assistant (aka ClawdBot, MoltBot) has taken off, raising security concerns over its privileged, autonomous control within users' computers. |
Krebs on SecurityKimwolf Botnet Swamps Anonymity Network I2PWed, 11 Feb 2026 16:08:11 +0000 For the past week, the massive "Internet of Things" (IoT) botnet known as Kimwolf has been disrupting the The Invisible Internet Project (I2P), a decentralized, encrypted communications network designed to anonymize and secure online communications. I2P users started reporting disruptions in the network around the same time the Kimwolf botmasters began relying on it to evade takedown attempts against the botnet's control servers. Patch Tuesday, February 2026 EditionTue, 10 Feb 2026 21:49:53 +0000 Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six "zero-day" vulnerabilities that attackers are already exploiting in the wild. Please Don’t Feed the Scattered Lapsus ShinyHuntersMon, 02 Feb 2026 16:15:16 +0000 A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More » Who Operates the Badbox 2.0 Botnet?Mon, 26 Jan 2026 16:11:38 +0000 The cybercriminals in control of Kimwolf -- a disruptive botnet that has infected more than 2 million devices -- recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people behind Badbox 2.0, and thanks to bragging by the Kimwolf botmasters we may now have a much clearer idea about that. Kimwolf Botnet Lurking in Corporate, Govt. NetworksTue, 20 Jan 2026 18:19:13 +0000 A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf's ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations, and new research reveals Kimwolf is surprisingly prevalent in government and corporate networks. Patch Tuesday, January 2026 EditionWed, 14 Jan 2026 00:47:38 +0000 Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft's most-dire "critical" rating, and the company warns that attackers are already exploiting one of the bugs fixed today. Who Benefited from the Aisuru and Kimwolf Botnets?Thu, 08 Jan 2026 23:23:43 +0000 Our first story of 2026 revealed how a destructive new botnet called Kimwolf rapidly grew to infect more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we'll dig through digital clues left behind by the hackers, network operators, and cybercrime services that appear to have benefitted from Kimwolf's spread. The Kimwolf Botnet is Stalking Your Local NetworkFri, 02 Jan 2026 14:20:10 +0000 The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it's time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal network behind your Internet router probably is now dangerously out of date. Happy 16th Birthday, KrebsOnSecurity.com!Mon, 29 Dec 2025 20:23:26 +0000 KrebsOnSecurity.com celebrates its 16th anniversary today! A huge "thank you" to all of our readers -- newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme running through our coverage in 2025, with a primary focus on entities that enabled complex and globally-dispersed cybercrime services. Dismantling Defenses: Trump 2.0 Cyber Year in ReviewFri, 19 Dec 2025 15:14:55 +0000 The Trump administration has pursued a staggering range of policy pivots this past year that threaten to weaken the nation’s ability and willingness to address a broad spectrum of technology challenges, from cybersecurity and privacy to countering disinformation, fraud and corruption. These shifts, along with the president’s efforts to restrict free speech and freedom of the press, have come at such a rapid clip that many readers probably aren’t even aware of them all. |
Hackread – Cybersecurity News, Data Breaches, AI and MoreThe $17 Billion Wake-Up Call: Securing Crypto in the Age of AI ScamsFri, 13 Feb 2026 11:24:37 +0000 AI-driven crypto scams surge as cybercrime hits $17B, with deepfakes, fraud kits, and industrial social engineering reshaping digital asset threats and defenses. Static Design to Adaptive Control: How Artificial Intelligence Improves Modern Material Handling Equipment SystemsFri, 13 Feb 2026 11:11:44 +0000 AI enables material handling systems to adapt to demand volatility through predictive design, dynamic control, and smarter maintenance without replacing core engineering. GitGuardian Raises $50M Series C to Address Non-Human Identities Crisis and AI Agent Security GapWed, 11 Feb 2026 13:05:15 +0000 New York, NY, 11th February 2026, CyberNewswire Best Tools for Test Data Management to Accelerate QA Teams in 2026Tue, 10 Feb 2026 20:50:44 +0000 Test Data Management tools for 2026 ranked for QA and DevOps teams, comparing speed, self service, masking, CI/CD fit, and enterprise readiness. New Cybercrime Group 0APT Accused of Faking Hundreds of Breach ClaimsTue, 10 Feb 2026 15:47:33 +0000 Researchers reveal the new 0APT cyber group is fabricating attacks on large organisations. Learn how they use fake data to trick companies into paying. Most Engagement Data Is Compromised and That’s a Major Security ProblemTue, 10 Feb 2026 14:00:00 +0000 Most engagement data is compromised by bots and spoofing. Datavault AI treats engagement as a security problem, verifying real human actions at the source. Pride Month Phishing Targets Employees via Trusted Email ServicesTue, 10 Feb 2026 12:19:15 +0000 Attackers are using Pride Month themed phishing emails to target employees worldwide, abusing trusted email platforms like SendGrid to harvest credentials. Navigating MiCA: A Practical Compliance Guide for European CASPsTue, 10 Feb 2026 09:12:37 +0000 MiCA creates a single EU crypto rulebook, replacing national regimes with unified licensing, capital, and compliance rules for all CASPs. Hackers Deliver Global Group Ransomware Offline via Phishing EmailsMon, 09 Feb 2026 21:41:04 +0000 Global Group ransomware is delivered through phishing emails and can encrypt files offline without any internet connection. Cyber Attack Hits European Commission Staff Mobile SystemsMon, 09 Feb 2026 18:16:09 +0000 The European Commission reports a cyber attack on its central mobile infrastructure that may have exposed staff names and phone numbers. |
Hacker CombatSnowflake Data Breach: What Happened and How to Prevent ItTue, 05 Aug 2025 18:00:42 +0000 In 2024, the cybersecurity landscape was shaken by an unexpected and widespread incident—the Snowflake data breach. Despite being a leading provider of cloud-based data warehousing solutions, Snowflake found itself at... The post Snowflake Data Breach: What Happened and How to Prevent It appeared first on Hacker Combat. Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk ManagementFri, 13 Dec 2024 12:04:08 +0000 Cyber threats can wreak havoc on businesses, from data breaches to loss of reputation. Luckily, there are effective strategies available that can reduce cybersecurity risk. Avoidance is one of the... The post Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management appeared first on Hacker Combat. Zero Trust ArchitectureMon, 02 Dec 2024 10:43:16 +0000 Zero trust security takes an “never trust, always verify” approach to access control. Access is only granted once an individual’s identity and context have been confirmed through multifactor authentication and... The post Zero Trust Architecture appeared first on Hacker Combat. What Is a Security Operations Center (SOC)?Mon, 02 Dec 2024 07:51:03 +0000 A Security Operations Center (SOC) specializes in monitoring and analyzing data to detect cyber threats and prevent attacks from them. They work to sort actual threats from false positives before... The post What Is a Security Operations Center (SOC)? appeared first on Hacker Combat. XDR vs SIEM Security Information and Event ManagementFri, 29 Nov 2024 12:53:23 +0000 The Extended Detection and Response Platform (XDR) ingestion and correlation technology captures and correlates high-fidelity data across your security layers, such as endpoint, network, logs, cloud services and identities to... The post XDR vs SIEM Security Information and Event Management appeared first on Hacker Combat. Best Free EDR for Windows PCFri, 29 Nov 2024 11:19:32 +0000 Endpoint detection and response (EDR) tools offer businesses that employ hybrid work models or remote employees an extra layer of cybersecurity protection. Utilizing artificial intelligence (AI) and machine learning (ML),... The post Best Free EDR for Windows PC appeared first on Hacker Combat. Free EDR Solutions for Home Users in 2025Tue, 26 Nov 2024 07:46:59 +0000 EDR can detect and respond to emerging and advanced cyber threats quickly and efficiently, making it an essential component of modern business ecosystems. Beyond signature-based detection capabilities, its features go... The post Free EDR Solutions for Home Users in 2025 appeared first on Hacker Combat. Cloud Security EssentialsMon, 28 Oct 2024 04:57:20 +0000 Cloud security involves employing perimeter defenses like firewalls, IDPSs and VPNs as well as guaranteeing isolation through network segmentation and virtual LANs while monitoring traffic for anomalies and threats –... The post Cloud Security Essentials appeared first on Hacker Combat. Antivirus SoftwareMon, 28 Oct 2024 02:43:18 +0000 Antivirus software protects devices against viruses, malware, and other cyberthreats by detecting, quarantining, and deleting malicious code. Modern antivirus products also offer additional security features such as password protection, identity... The post Antivirus Software appeared first on Hacker Combat. How to Protect Against Ransomware Attacks?Fri, 25 Oct 2024 03:57:42 +0000 Criminal hackers employ ransomware attacks against their targets by encrypting their data and demanding that a ransom be paid within an allotted timeframe or risk losing it forever. When an... The post How to Protect Against Ransomware Attacks? appeared first on Hacker Combat. |
Flipboard.com CybercriminalitéAlerte sur l'iPhone : Apple met en garde contre une cyberattaque « extrêmement sophistiquée »Thu, 12 Feb 2026 08:16:48 GMT Une faille de sécurité zero day a été découverte sur l’iPhone. Débusquée par Google, la vulnérabilité est exploitée dans le cadre d’une cyberattaque … Puissant, mais à double-tranchant : Gemini est la nouvelle coqueluche des hackersThu, 12 Feb 2026 14:47:00 GMT Google vient de dévoiler l'autre face de son IA vedette : Gemini est massivement détourné par des groupes de pirates sponsorisés par la Chine, … Notre sélection des meilleurs antivirus gratuits pour AndroidFri, 13 Feb 2026 11:00:00 GMT Protégez votre smartphone sans dépenser un seul euro. Voici les meilleurs antivirus gratuits pour Android en 2026 : Avast, Avira et Bitdefender. Votre … Ciblées par les criminels, comment les PME s’arment-elles face aux cyberrisques ?Fri, 13 Feb 2026 11:30:00 GMT Les attaques deviennent plus rapides et plus précises, grâce à l’intelligence artificielle. Mais les chefs d’entreprise sont aussi plus … Deux services de renseignement allemands alertent les utilisateurs de Signal et WhatsApp : simple, mais redoutable, cette attaque peut faire de gros dégâtsTue, 10 Feb 2026 08:15:53 GMT Deux services de renseignement allemands, le BfV et le BSI, alertent les utilisateurs de Signal. Des attaques sont menées pour tenter d’accéder aux … +281% en dix ans, face à l'explosion de la cybercriminalité, la police fédérale lance #SCAM une campagne de prévention contre les arnaques en ligneFri, 13 Feb 2026 08:55:44 GMT La police fédérale lance une campagne de prévention contre les arnaques en ligne à l'occasion du Safer Internet Day. En dix ans, la cybercriminalité … « Je ne dors plus beaucoup depuis deux jours » : victime de hackers, ce garagiste normand se voit réclamer 600Tue, 10 Feb 2026 19:35:42 GMT Deux garages automobiles du Calvados ont été victimes d’une usurpation de leur accès au système d’immatriculation des véhicules. D’après la … Madeleine et Daisy, ces fausses grands-mères qui piègent les escrocsFri, 13 Feb 2026 09:00:00 GMT Sept Britanniques sur dix disent avoir été l’objet de démarchage abusif au cours de l’année 2024. Face à un tel constat, un opérateur téléphonique … Darty annonce avoir été victime d'une cyberattaque qui aurait compromis les données personnelles de 80.000 clients: l’enseigne appelle "à faire preuve de vigilance" face au phishingWed, 11 Feb 2026 16:48:16 GMT Le groupe Fnac-Darty annonce que plusieurs dizaines de milliers de clients ont vu certaines de leur données être récupérées durant une … "Une escalade significative" : comment des agents russes ont failli provoquer le chaos en PologneMon, 09 Feb 2026 06:30:00 GMT Géopolitique. Une attaque informatique de grande ampleur cet hiver en Pologne témoigne de préparatifs alarmants de Moscou contre l’Europe. À la veille … Darty alerte ses clients suite à une cyberattaqueWed, 11 Feb 2026 14:42:38 GMT Darty a fait l'objet d'une cyberattaque entraînant une fuite de données de ses clients «Cuisine», prévenus par l'enseigne par mail, ce mercredi 11 … Vous utilisez une de ces deux IA ? Toutes vos conversations sont probablement dans la natureTue, 10 Feb 2026 17:00:00 GMT Deux fuites massives viennent de toucher des chatbots IA populaires. OmniGPT a vu 34 millions de messages publiés sur un forum de hackers, et l'app … Immatriculation : des fraudeurs profitent d'une faille du système, les garagistes alertent sur une fraude massiveWed, 11 Feb 2026 11:06:41 GMT C’est une fraude massive passée pourtant inaperçue pendant plusieurs semaines. Plusieurs garagistes français ont été victimes d’une vaste opération … L'infrastructure mobile de la Commission européenne cyberattaquéeMon, 09 Feb 2026 12:58:13 GMT L'infrastructure centrale de gestion des terminaux mobiles de la Commission européenne a été touchée par une cyberattaque. (...) Logiciel espion : une attaque pirate cible Android et iOSFri, 13 Feb 2026 05:05:20 GMT ► En bref Menace multiplateforme sophistiquée ciblant simultanément Android et iOS • Capacité d’extraction totale : messages, appels, micros et … Clients Darty, vos données sont sûrement dans la nature, 80 000 comptes victimes d'un nouveau piratageThu, 12 Feb 2026 11:53:00 GMT Les fuites de données pullulent encore et toujours en France, et c’est maintenant Darty qui en subit les conséquences avec les informations … « On a tendance à être pris pour un tour opérateur ». Les outils de France Travail pour lutter contre la fraudeWed, 11 Feb 2026 16:19:59 GMT « On a tendance à être pris pour un tour opérateur ». Les outils de France Travail pour lutter contre la fraude Le directeur général de France Travail … A Paris, la cybercriminalité ordinaire au procès d’un couple accusé d’attaques par rançongicielWed, 11 Feb 2026 06:00:19 GMT Deux ressortissants russes comparaissent à Paris dans une affaire symptomatique de la vague d’attaques par rançongiciel qui touche la France depuis … Souveraineté des données : l'angle mort dont personne ne parleWed, 11 Feb 2026 14:35:28 GMT Tout le monde parle de souveraineté. On le martèle : "Choisissez un cloud français ", " Adoptez une solution souveraine ". C'est indispensable. Mais … 9 000 recrutements dont 1 630 en Île-de-France… Thales annonce une vague massive d’embauchesMon, 09 Feb 2026 15:57:05 GMT Le géant français vient d’annoncer l’embauche de 9 000 collaborateurs en 2026, dont près de 20 % dans la région francilienne. Les sites de Vélizy et … Darty : une cyberattaque siphonne les données de 80 000 clientsThu, 12 Feb 2026 14:14:00 GMT L'enseigne française spécialisée dans l'électroménager est à son tour victime d'un piratage. Cette fois, ce sont 80 000 clients qui voient leurs … Arnaque à la livraison de colis : comment les escrocs en savent-ils autant sur vous ? | TF1 InfoSun, 08 Feb 2026 07:30:00 GMT Il y a deux mois, Alexis a reçu un mail d'une entreprise de livraison lui indiquant que son colis n'avait pas pu être livré. Or, il attendait … Victime d’une cyberattaque, un collège Diwan du Finistère visé par de prétendues menaces terroristesWed, 11 Feb 2026 20:33:00 GMT Des menaces à caractère terroriste ont été adressées aux élèves du collège Diwan du Relecq-Kerhuon (29), ce mercredi, après une intrusion sur le … « Iran, Israël et la bombe » : la guerre invisibleSun, 08 Feb 2026 17:00:08 GMT Sélection Dans leur documentaire, Miyuki Droz Aramaki et Sylvain Lepetit retracent vingt ans d’opérations clandestines, de sabotages et de … Cyberattaques d'"origine russe" aux JO de Milan : " Un bon coup de publicité pour les auteurs"Tue, 10 Feb 2026 13:00:02 GMT Les autorités italiennes révèlent avoir neutralisé, juste avant l’ouverture des JO d'hiver de Milan, des cyberattaques attribuées à des réseaux d’« … Nancy : un afterwork sur l'impact psychologique des cyberattaquesWed, 11 Feb 2026 10:21:00 GMT Le crime numérique ne se résume pas à des lignes de code ; il ébranle avant tout l'équilibre humain de l'entreprise. Coorganisé par le MEDEF 54 et … Mais qu’est-ce qu’Orion 26, la «guerre» conduite par l’Otan en France ?Sun, 08 Feb 2026 06:20:02 GMT L’exercice Orion 26, auquel 24 pays vont participer pendant trois mois, débute dimanche 8 février dans l’Hexagone. En simulant une agression venue de … Des hackers affirment avoir accédé aux emails de Jeffrey Epstein après une fuite de mots de passeFri, 06 Feb 2026 17:46:35 GMT Plusieurs comptes de Jeffrey Epstein ont été piratés Crédit photo : ZUMA Press Inc La controverse autour des archives judiciaires liées à Jeffrey … Linedata : le résultat net chute de 47,9%Wed, 11 Feb 2026 16:51:00 GMT (Boursier.com) — Linedata réalisé en 2025 un chiffre d'affaires de 169,6 M€, en diminution de 7,7% en données publiées et de 6,1% en organique. … "Dans un petit village, ça paraît fou" : quatre hommes mis en examen pour espionnage au profit de la ChineThu, 05 Feb 2026 17:03:47 GMT Dans le petit village paisible de Camblanes-et-Meynac, en Gironde, la découverte d'une parabole dans le jardin d'une location a donné l'alerte. … |
CyberScoopProofpoint acquires Acuvity to tackle the security risks of agentic AIFri, 13 Feb 2026 00:04:18 +0000 Proofpoint is snapping up the startup to solve the industry’s newest headache: knowing what your autonomous AI is actually doing. The post Proofpoint acquires Acuvity to tackle the security risks of agentic AI appeared first on CyberScoop. Apple discloses first actively exploited zero-day of 2026Thu, 12 Feb 2026 23:48:20 +0000 The vendor said the memory-corruption defect was exploited to target specific people, but it did not describe the objectives of the attack. The post Apple discloses first actively exploited zero-day of 2026 appeared first on CyberScoop. Google finds state-sponsored hackers use AI at ‘all stages’ of attack cycleThu, 12 Feb 2026 21:24:46 +0000 The research underscores how AI tools have matured in their cyber offensive capabilities, even as it doesn’t reveal novel or paradigm shifting uses of the technology. The post Google finds state-sponsored hackers use AI at ‘all stages’ of attack cycle appeared first on CyberScoop. CISA to host industry feedback sessions on cyber incident reporting regulationThu, 12 Feb 2026 17:09:53 +0000 One industry official told CyberScoop the town halls are probably not what CIRCIA needs right now. The post CISA to host industry feedback sessions on cyber incident reporting regulation appeared first on CyberScoop. 0APT ransomware group rises swiftly with bluster, along with genuine threat of attackWed, 11 Feb 2026 22:29:26 +0000 Most signs suggest the group is running a massive hoax by claiming hundreds of initial victims, but at least some of the threat 0APT poses is grounded in truth backed by proven capabilities. The post 0APT ransomware group rises swiftly with bluster, along with genuine threat of attack appeared first on CyberScoop. Acting CISA chief says DHS funding lapse would limit, halt some agency workWed, 11 Feb 2026 22:04:31 +0000 Acting Director Madhu Gottumukkala said it could affect everything from responding to threats to finalizing CIRCIA regulations. The post Acting CISA chief says DHS funding lapse would limit, halt some agency work appeared first on CyberScoop. Your AI doctor doesn’t have to follow the same privacy rules as your real oneWed, 11 Feb 2026 19:51:01 +0000 AI apps are making their way into healthcare. It’s not clear that rigorous data security or privacy practices will be part of the package. The post Your AI doctor doesn’t have to follow the same privacy rules as your real one appeared first on CyberScoop. GOP Congress moves to shape election law in Trump’s imageWed, 11 Feb 2026 13:21:57 +0000 The MEGA Act and SAVE Act would dramatically transform U.S. election laws in a quest to curb election fraud. Audits and experts say improprieties are extremely rare. The post GOP Congress moves to shape election law in Trump’s image appeared first on CyberScoop. Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilitiesTue, 10 Feb 2026 20:50:08 +0000 Microsoft said three of the exploited vulnerabilities were publicly known, suggesting attackers already had details about the defects prior to Tuesday’s release. The post Microsoft Patch Tuesday matches last year’s zero-day high with six actively exploited vulnerabilities appeared first on CyberScoop. After major Poland energy grid cyberattack, CISA issues warning to U.S. audienceTue, 10 Feb 2026 15:54:42 +0000 The Cybersecurity and Infrastructure Security Agency said the attack highlighted threats from vulnerable edge devices to operational technology and industrial control systems. The post After major Poland energy grid cyberattack, CISA issues warning to U.S. audience appeared first on CyberScoop. |