Author: Andy Stern
-
New Mobile Spyware ZeroDayRAT Targets Android and iOS
ZeroDayRAT is a new mobile spyware targeting Android and iOS, offering attackers persistent access First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/zerodayrat-mobile-spyware-android/
-
Trojanized 7-Zip downloads turn home computers into proxy nodes
A trojanized version of the popular 7-Zip software is quietly turning home computers into residential proxy nodes, Malwarebytes warns. Spurred by a Reddit post in which a user … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/10/trojanized-7-zip-software-malware-distribution/
-
Germany warns of state-linked phishing campaign targeting journalists, government officials
Tags: access, advisory, communications, cybersecurity, germany, government, intelligence, office, phishingIn a joint advisory issued late last week, Germany’s domestic intelligence agency (BfV) and federal cybersecurity office (BSI) said attackers are attempting to gain access to private messaging accounts in order to monitor confidential communications and potentially compromise broader networks. First seen on therecord.media Jump to article: therecord.media/germany-warns-phishing-campaign-signal-gov-officials-journalists
-
Microsoft announces new mobile-style Windows security controls
Microsoft wants to introduce smartphone-style app permission prompts in Windows 11 to request user consent before apps can access sensitive resources such as files, cameras, and microphones. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-mobile-style-windows-security-controls/
-
Hackers Weaponize 7-Zip Downloads to Turn Home PCs Into Proxy Nodes
A fake website impersonating the popular 7-Zip file archiver has been distributing malicious software that secretly converts infected computers into residential proxy nodes. The counterfeit site has been operating undetected for an extended period, exploiting user trust in what appears to be legitimate software. The scam begins when users accidentally visit 7zip[.]com instead of the…
-
How the Supreme Court’s “Third Party” Subpoena Doctrine Empowers Governments to Seize Sensitive Information Without Your Knowledge
This article examines the widespread collection of personal data and the legal challenges individuals face from third-party subpoenas. It discusses key court rulings on government access to personal information and highlights the complexities of data privacy in the digital age. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/how-the-supreme-courts-third-party-subpoena-doctrine-empowers-governments-to-seize-sensitive-information-without-your-knowledge/
-
Singapore spent 11 months booting China-linked snoops out of telco networks
Operation Cyber Guardian involved 100-plus staff across government and industry First seen on theregister.com Jump to article: www.theregister.com/2026/02/10/singapore_telco_espionage/
-
SAP Security Patch Day Fixes Critical Code Injection Flaw in SAP CRM and S/4HANA
SAP said the February 10, 2026 Patch Day delivered fixes across multiple SAP products and urged customers to apply patches with priority via the Support Portal to protect their SAP landscape. The highest-risk item highlighted this month is CVE-2026-0488, described as a code injection vulnerability affecting SAP CRM and SAP S/4HANA (Scripting Editor) and tracked…
-
ZeroDayRAT malware grants full access to Android, iOS devices
A new commercial mobile spyware platform dubbed ZeroDayRAT is being advertised to cybercriminals on Telegram as a tool that provides full remote control over compromised Android and iOS devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zerodayrat-malware-grants-full-access-to-android-ios-devices/
-
Satellitendaten abgefangen – Frankreich nimmt vier mutmaßliche chinesische Spione fest
Tags: unclassifiedFirst seen on security-insider.de Jump to article: www.security-insider.de/festnahme-chinesische-spione-frankreich-abfangen-militaerdaten-a-ded6e95f0064e9453ffbea687505ffff/
-
What Organizations Need to Change When Managing Printers
Tags: controlAsk the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/what-organizations-need-to-change-when-managing-printers
-
BBC bumps telly tax to £180 as Netflix lurks with cheaper tiers
Tags: unclassifiedUK’s pay-to-watch license fee gets inflation-linked hike amid funding debate First seen on theregister.com Jump to article: www.theregister.com/2026/02/09/bbc_tv_licensing_hike/
-
React2Shell Vulnerability Exploited in the Wild, Analysts Warn
React2Shell (CVE-2025-55182) is a critical, pre-auth remote code execution weakness in React Server Components that impacts multiple React versions used across the React 19 ecosystem. WXA Internet Abuse Signal Collective (WXA IASC) is inaugurating To Cache A Predator, a threat research series that correlates global telemetry, enrichment datasets, and honeypot observations to map attacker infrastructure and…
-
TransUnion’s Real Networks Deal Focuses on Robocall Blocking
The acquisition allows the credit reporting agency to add SMS spam and scam prevention to its robocall blocking capabilities. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/transunion-s-real-networks-deal-focuses-on-robocall-blocking
-
Threat Actors Weaponize Bing Ads for Azure Tech Support Scams
A sophisticated tech support scam campaign has emerged, exploiting malicious advertisements on Bing search results to redirect victims to fraudulent websites hosted on Microsoft’s Azure Blob Storage platform. The attack, first detected on February 2, 2026, affected users across 48 organizations in the United States within hours, demonstrating the effectiveness of weaponizing legitimate advertising channels…
-
APT36 Targets Linux Systems With New Tools Designed to Disrupt Services
Critical infrastructure worldwide faces mounting threats from sophisticated, state-sponsored >>espionage ecosystems.<< These well-funded organizations deploy various tools designed to disrupt essential services and gather intelligence. Some launch denial-of-service (DDoS) attacks against transport hubs and supply chains. In contrast, others seek geopolitical advantage by mining sensitive information and bypassing traditional security measures. For over a decade,…
-
(g+) Chinesische Cyberkriminelle: Im Dienst der Spionage
Tags: unclassifiedChinesische Cyberkriminelle gehören weltweit zu den technisch fähigsten und arbeiten oft wie IT-Abteilungen. Sie sind teilweise eng verzahnt mit staatlichen Stellen. First seen on golem.de Jump to article: www.golem.de/news/chinesische-cyberkriminelle-im-dienst-der-spionage-2602-205110.html
-
Windows shortcut weaponized in Phorpiex-linked ransomware campaign
Phorpiex as the distribution layer: Forcepoint attributed the email distribution in this campaign to the Phorpiex botnet, also known as Trik. Phorpiex has been operating for more than a decade and is known for maintaining a large global footprint capable of delivering spam at scale. In this campaign, infected systems within the botnet are used…
-
Senegal shuts National ID office after ransomware attack
Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned…
-
Unpatched SolarWinds WHD instances under active attack
Internet”‘exposed and vulnerable SolarWinds Web Help Desk (WHD) instances are under attack by threat actors looking to gain an initial foothold into target organizations’ … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/10/solarwinds-whd-under-active-attack/
-
TeamPCP Turns Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform
Tags: api, attack, cloud, cyber, cybercrime, data-breach, docker, group, infrastructure, kubernetes, malware, threat, vulnerabilityTeamPCP, operating under aliases including PCPcat, ShellForce, and DeadCatx3, emerged in late 2025 as a cloud-native cybercrime operation that transforms misconfigured infrastructure into automated attack platforms. Unlike traditional malware groups, this threat actor doesn’t break into systems they walk through doors left open by exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and React2Shell-vulnerable…
-
Socelars Malware Targets Windows Systems to Steal Sensitive Data
Security researchers are tracking Socelars, an information-stealing Trojan aimed at Windows users that focuses on quietly harvesting browser-based access rather than damaging files. The malware is designed to collect authenticated session data and other system identifiers that can let attackers reuse a victim’s existing “logged-in” state to reach online services.”‹ Public reporting has linked Socelars to…
-
Windows shortcut weaponized in Phorpiex-linked ransomware campaign
Phorpiex as the distribution layer: Forcepoint attributed the email distribution in this campaign to the Phorpiex botnet, also known as Trik. Phorpiex has been operating for more than a decade and is known for maintaining a large global footprint capable of delivering spam at scale. In this campaign, infected systems within the botnet are used…
-
ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security
January 5, 2026, Seattle, USA, ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI’s total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates in…
-
Trojaner an Bord: Mit Schadcode verseuchte 7-Zip-Version in Umlauf
Wer das Packprogramm 7-Zip herunterlädt, sollte dringend auf die korrekte Domain achten. Eine mit Malware verseuchte Version wurde gesichtet. First seen on golem.de Jump to article: www.golem.de/news/trojaner-an-bord-mit-schadcode-verseuchte-7-zip-versionen-in-umlauf-2602-205223.html
-
Single prompt breaks AI safety in 15 major language models
Fundamental changes to safety mechanisms: The research went beyond measuring attack success rates to examine how the technique alters models’ internal safety mechanisms. When Microsoft tested Gemma3-12B-It on 100 diverse prompts, asking the model to rate their harmfulness on a 0-9 scale, the unaligned version systematically assigned lower scores, with mean ratings dropping from 7.97…
-
Singapore Takes Down Chinese Hackers Targeting Telco Networks
Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/singapore-takes-down-china-hackers/
-
Pride Month Phishing Targets Employees via Trusted Email Services
Attackers are using Pride Month themed phishing emails to target employees worldwide, abusing trusted email platforms like SendGrid to harvest credentials. First seen on hackread.com Jump to article: hackread.com/pride-month-phishing-employees-trusted-email-services/
-
Nearly 17,000 Volvo staff dinged in supplier breach
HR outsourcer Conduent confirms intruders accessed benefits-related records tied to US personnel First seen on theregister.com Jump to article: www.theregister.com/2026/02/10/conduent_volvo_breach/