Author: Andy Stern
-
69% of CISOs open to career move, including leaving role entirely
CISO as single point of failure: Zach Lewis, CISO at the University of Health Sciences and Pharmacy in St. Louis, believes the portion of CISOs looking to exit is even higher than the IANS findings.”I think it absolutely is higher than that. Every CISO I know now is open [to leaving]. They are all heavily…
-
State-sponsored hackers targeting defence sector employees, Google says
Cyber-espionage campaigns are targeting employees directly, including through hiring processes, report claimsDefence companies, their hiring processes and their employees have become a key target of state-sponsored cyber-espionage campaigns, according to a report from Google released before the Munich Security Conference.The report catalogues a “relentless barrage of cyber operations”, most by state-sponsored groups, against EU and…
-
25 Million Users Affected as AI Chat Platform Leaks 300 Million Messages
>>Chat & Ask AI,<< a highly popular mobile application available on both Google Play and the Apple App Store, has suffered a significant data exposure. An independent security researcher discovered a vulnerability that left approximately 300 million private messages accessible to the public. This breach impacts more than 25 million users, raising serious concerns about…
-
How to govern agentic AI so as not to lose control
assisting and start acting. We will witness a qualitative leap towards agent-based or agentive AI, capable of making autonomous decisions, managing complex workflows, and executing end-to-end tasks without constant intervention. However, this autonomy carries with it a serious warning for businesses: the ability to operate alone exponentially multiplies the impact of any error or security…
-
GuLoader Leverages Polymorphic Malware and Trusted Cloud Infrastructure to Evade Detection
GuLoader, also known as CloudEye, is a sophisticated malware downloader that has been active since late 2019. Its primary function is to download and install secondary malware, such as Remote Access Trojans (RATs) and information stealers, onto compromised systems. One of GuLoader’s most effective evasion strategies is its use of legitimate cloud services. Instead of…
-
Autonome KI-Agenten handeln schneller als Security-Teams reagieren – Schatten-KI und Maschinenidentitäten überfordern Unternehmen
Tags: aiFirst seen on security-insider.de Jump to article: www.security-insider.de/schatten-ki-maschinenidentitaeten-sicherheit-a-9ebc68059c1bb766429c346f879a8ed8/
-
Microsoft Acknowledges Exchange Online Spam Filter Mistakenly Blocks Valid Email
Microsoft is currently tackling a significant service degradation within Exchange Online that is disrupting business communications by incorrectly flagging legitimate emails as phishing attempts. The incident, tracked under the identifier EX1227432, began on February 5, 2026, and is causing valid messages to be trapped in quarantine rather than reaching their intended recipients. Spam Filter Mistakenly Blocks…
-
Bloody Wolf Cybercrime Group Uses NetSupport RAT to Breach Organizations
The latest campaign, they have switched to misusing a legitimate remote administration tool called NetSupport RAT. A cybercriminal group known as >>Stan Ghouls<< (or Bloody Wolf) has launched a fresh wave of attacks targeting organizations across Central Asia and Russia. Active since at least 2023, this group focuses heavily on the manufacturing, finance, and IT…
-
Singapore mounts largest ever cyber operation to oust APT actor
Operation Cyber Guardian mobilised over 100 defenders to neutralise UNC3886 which infiltrated Singtel, StarHub, M1 and Simba networks, operators issue joint pledge on defence-in-depth First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638973/Singapore-mounts-largest-ever-cyber-operation-to-oust-APT-actor
-
What happens when cybersecurity knowledge walks out the door
In this Help Net Security interview, Andrew Northern, Principal Security Researcher at Censys, explains why mentorship matters and what organizations risk losing when senior … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/10/andrew-northern-censys-cybersecurity-mentorship/
-
Chinese Hackers Target Singapore Telecoms in Edge Device Compromise Campaign
A massive, eleven-month campaign to root out sophisticated attackers from the nation’s critical infrastructure. The Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) revealed details of >>Operation CYBER GUARDIAN,<< a multi-agency effort to defend the country's four major telecommunications providers Singtel, StarHub, M1, and SIMBA from a persistent cyber espionage…
-
17 WhatsApp-Betrugsmaschen, die Sie kennen sollten (und wie Sie sich schützen)
WhatsApp-Betrug breitet sich schneller aus denn je. Allein im Dezember 2025 verschickten Betrüger schätzungsweise 19,2 Milliarden Spam-Nachrichten, was Messenger-Dienste zu einem der effektivsten Werkzeuge für Online-Betrug macht. Von falschen Gewinnen und Identitätsdiebstahl bis hin zu Investment- und Kontoübernahmebetrug ist WhatsApp zu einem bevorzugten Ziel für Cyberkriminelle geworden. Viele dieser Nachrichten wirken auf den ersten… First…
-
OpenClaw Moltbook: KI-Agenten, die handeln und die Hacker, die zuschauen
KI-Agenten wie OpenClaw und Moltbook unterscheiden sich von klassischen Chatbots, da sie eigenständig handeln, Informationen speichern und Aufgaben über längere Zeiträume koordinieren können, was neue Sicherheitsrisiken birgt. Besonders gefährlich ist, dass Angreifer durch Prompt Injection die Agenten dazu bringen können, ihre legitimen Zugriffsrechte missbräuchlich zu nutzen, ohne das System direkt zu hacken. Um Risiken zu……
-
Untersuchung von Tenable – Kritische Sicherheitslücken in Business-Intelligence-Tool Google Looker
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecken-google-looker-a-897f9eac9a222e74007a18ba636f6393/
-
Safer Internet Day: Wenn Bots den digitalen Alltag dominieren
Das Internet steht an einem Wendepunkt. Zum Safer Internet Day wird deutlich, dass automatisierte Systeme den digitalen Alltag zunehmend dominieren und das mit Folgen für Sicherheit, Vertrauen und Fairness im Netz. Aktuelle Entwicklungen zeigen dabei, dass digitale Interaktionen immer häufiger ohne menschliche Beteiligung stattfinden. Warum diese Entwicklung für Nutzerinnen und Nutzer in Deutschland relevant… First…
-
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems.The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0.”An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in…
-
Threat Actors Using Ivanti EPMM Flaws to Install Stealth Backdoors
A sophisticated new cyber campaign has been detected targeting Ivanti Endpoint Manager Mobile (EPMM) systems. Starting on February 4, 2026, threat actors began exploiting two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, to plant dormant backdoors. Unlike typical attacks that immediately steal data or deploy ransomware, this campaign focuses on silence and persistence. Stealth Backdoors The attackers…
-
DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote Employment
A new wave of identity fraud has hit the remote job market, with North Korean (DPRK) operatives adopting a sophisticated new tactic to bypass hiring screens. This development marks a significant shift in tradecraft. Previously, these operatives often relied on fabricated profiles with AI-generated headshots and fake resumes. However, hiring managers and security teams have…
-
0-Click RCE Found in Claude Desktop Extensions, Putting 10,000+ Users at Risk
A critical >>zero-click<< vulnerability in Claude Desktop Extensions (DXT) that allows attackers to compromise a computer using nothing more than a Google Calendar event. The flaw, which has been assigned a maximum severity score of CVSS 10/10, affects more than 10,000 active users and over 50 different extensions. The vulnerability stems from a fundamental architectural decision.…
-
Critics warn America’s ‘move fast’ AI strategy could cost it the global market
As the U.S. promises a light-touch approach to AI regulation, businesses and other stakeholders must work out the rules of the road for themselves. First seen on cyberscoop.com Jump to article: cyberscoop.com/trump-ai-policy-global-adoption-safety-regulation-critics/
-
‘Reynolds’ Bundles BYOVD With Ransomware Payload
Researchers discovered a newly disclosed vulnerable driver embedded in Reynolds’ ransomware, illustrating the increasing popularity of the defense-evasion technique. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/black-basta-bundles-byovd-ransomware-payload
-
Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges
Difference are ‘stark’: Principal AI Security Researcher at LayerX Security Roy Paz said that he tested DXT against Perplexity’s Comet, OpenAI’s Atlas, and Microsoft’s CoPilot, and the differences were stark.”When you ask Copilot, Atlas, or Perplexity to use a tool, then it will use that tool for you. But Claude DXT allows tools to talk…
-
India makes Aadhaar more ubiquitous, but critics say security and privacy concerns remain
India’s Aadhaar is moving into wallets, hotels and policing through a new app. Critics say that amid the broader Aadhaar rollout, it’s unclear how data shared through the new app would prevent breaches or leaks. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/09/india-makes-aadhaar-more-ubiquitous-but-critics-say-privacy-concerns-remain/
-
Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges
Difference are ‘stark’: Principal AI Security Researcher at LayerX Security Roy Paz said that he tested DXT against Perplexity’s Comet, OpenAI’s Atlas, and Microsoft’s CoPilot, and the differences were stark.”When you ask Copilot, Atlas, or Perplexity to use a tool, then it will use that tool for you. But Claude DXT allows tools to talk…
-
Safer Internet Day 2026: Plattform Privatheit fordert verbesserten Datenschutz für Kinder
Tags: InternetFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/safer-internet-day-2026-plattform-privatheit-forderung-verbesserung-datenschutz-kinder
-
European Commission Hit by Mobile Management Data Breach
The European Commission is investigating a mobile device management breach that exposed staff data amid similar attacks across Europe. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/european-commission-hit-by-mobile-management-data-breach/
-
Chinese cyberspies breach Singapore’s four largest telcos
The Chinese threat actor tracked as UNC3886 breached Singapore’s four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-cyberspies-breach-singapores-four-largest-telcos/
-
Warlock Gang Breaches SmarterTools Via SmarterMail Bugs
The ransomware group breached SmarterTools through a vulnerability in the company’s own SmarterMail product. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/warlock-gang-breaches-smartertools-smartermail-bugs
-
Fallout from latest Ivanti zero-days spreads to nearly 100 victims
Shadowserver scans have identified 86 compromised instances, and researchers warn multiple threat groups are involved. First seen on cyberscoop.com Jump to article: cyberscoop.com/ivanti-zero-day-vulnerabilities-netherlands-european-commission-shadowserver/