Author: Andy Stern
-
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace
OpenClaw added VirusTotal scanning to its ClawHub marketplace to curb the spread of malicious AI agent skills. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/openclaw-adds-virustotal-scanning-to-ai-agent-marketplace/
-
Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks
Staff data belonging to the regulator and judiciary’s governing body accessed First seen on theregister.com Jump to article: www.theregister.com/2026/02/09/dutch_data_protection_ivanti/
-
Sicherheitslücke aufgedeckt: Ein Sprachbefehl reicht, um diesen Roboter zu übernehmen
Tags: bugFirst seen on t3n.de Jump to article: t3n.de/news/sicherheitsluecke-aufgedeckt-ein-sprachbefehl-reicht-um-diesen-roboter-zu-uebernehmen-1723282/
-
Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities
Anthropic says Claude Opus 4.6 identified over 500 previously unknown high-severity flaws in widely used open-source libraries. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/claude-opus-4-6-exposes-hundreds-of-open-source-vulnerabilities/
-
Russia grants asylum to Spanish professor wanted for alleged pro-Moscow cyber operations
Russia has granted political asylum to a Spanish national accused in his home country of “cyberterrorism and espionage” in support of Moscow, according to Russian state media. First seen on therecord.media Jump to article: therecord.media/russia-asylum-spanish-professor-espionage
-
40 Prozent der Android-Smartphones unsicher? Was du über diese Google-Statistik wissen musst
First seen on t3n.de Jump to article: t3n.de/news/40-prozent-android-smartphones-unsicher-1728678/
-
Moltbook-Hack in 3 Minuten: KI-Netzwerk offenbart massive Sicherheitslücke
First seen on t3n.de Jump to article: t3n.de/news/moltbook-hack-in-3-minuten-1727898/
-
BeyondTrust Vulnerability Allows Pre-Auth Remote Code Execution
A BeyondTrust vulnerability lets unauthenticated attackers execute remote code on affected systems. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/beyondtrust-vulnerability-allows-pre-auth-remote-code-execution/
-
European Commission probes cyberattack on mobile device management system
The European Commission is investigating a cyberattack after detecting signs that its mobile device management system was compromised. The European Commission is investigating a cyberattack on its mobile device management platform after detecting intrusion traces. Attackers may have accessed some staff data, including names and phone numbers, but so far they have not compromised any…
-
Payment tech provider for Texas, Florida governments working with FBI to resolve ransomware attack
BridgePay Network Solutions initially warned customers on Friday that it was dealing with system-wide outages and later said that it was working with the FBI and U.S. Secret Service forensic team to resolve a ransomware attack. First seen on therecord.media Jump to article: therecord.media/payment-tech-provider-texas-florida-govs-ransomware-attack
-
Proaktiv statt reaktiv durch Automatisierung – Proaktiv statt reaktiv durch Automatisierung
Tags: unclassifiedFirst seen on security-insider.de Jump to article: www.security-insider.de/proaktiv-statt-reaktiv-durch-automatisierung-a-d3f7ec2d0fcb006c9c19e6a21e27f838/
-
EU targets Meta over WhatsApp AI access restrictions
The European Commission believes Meta breached EU competition rules by blocking other AI assistants from accessing and interacting with users on WhatsApp. The case centers on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/09/eu-meta-whatsapp-ai-services-competition-rules/
-
European Commission Mitigates Cyberattack Aimed at Employee Mobile Information
The European Commission successfully contained a cyberattack targeting its mobile device management infrastructure on January 30, 2026. The incident, which potentially exposed staff names and mobile numbers, was neutralized within nine hours of detection, demonstrating the organization’s robust cybersecurity protocols. European Commission Mitigates Cyberattack The Commission’s central system managing mobile devices detected suspicious activity that…
-
EU, Dutch government announce hacks following Ivanti zero-days
Ivanti said it was aware “a very limited number of customers” had been attacked while two vulnerabilities were still unpatched. First seen on therecord.media Jump to article: therecord.media/eu-dutch-government-announce-hacks-ivanti-zero-days
-
DI.Day: Je weniger US-basierter Dreck, desto besser
Tags: unclassifiedWir haben gefragt, wie ihr euch digital frei macht, und gelernt: Der Wechselwillen ist groß, oft fehlt es aber noch an Alternativen – oder die Bequemlichkeit siegt. First seen on golem.de Jump to article: www.golem.de/news/di-day-je-weniger-us-basierter-dreck-desto-besser-2602-205075.html
-
Shai-hulud: The Hidden Costs of Supply Chain Attacks
Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/shai-hulud-hidden-cost-supply-chain-attacks
-
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor
Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an active attack abusing SolarWinds Web Help Desk flaws. Attackers exploited unpatched versions to run code remotely, then quickly installed Zoho ManageEngine tools for persistent remote access and Cloudflare…
-
EU, Dutch government announce hacks following Ivanti zero-days
Ivanti said it was aware “a very limited number of customers” had been attacked while two vulnerabilities were still unpatched. First seen on therecord.media Jump to article: therecord.media/eu-dutch-government-announce-hacks-ivanti-zero-days
-
UAE’s TII challenges big tech dominance with open source Falcon AI models
Through its Falcon models and an open, efficiency-driven research strategy, the Technology Innovation Institute is positioning the UAE as a producer of foundational AI, not merely a consumer of global platforms First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638759/UAEs-TII-challenges-big-tech-dominance-with-open-source-Falcon-AI-models
-
âš¡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths.A clear pattern this week: attackers are abusing trust. Trusted updates, trusted marketplaces, trusted apps,…
-
This dev made a Llama with three inference engines
Tags: unclassifiedMeet llama3pure, a set of dependency-free inference engines for C, Node.js, and JavaScript First seen on theregister.com Jump to article: www.theregister.com/2026/02/08/llama3pure_incorporates_three_inference_engines/
-
US bid for Dutch ID infrastructure raises sovereignty concerns
Kyndryl’s proposed takeover shows how critical systems become exposed to foreign control without an overarching policy decision First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638606/US-bid-for-Dutch-ID-infrastructure-raises-sovereignty-concerns
-
Hackers Abuse Apple PayPal Invoice Emails in DKIM Replay Attack Campaign
A sophisticated way to bypass email security by weaponizing legitimate messages from trusted companies like Apple and PayPal. These attacks, known as DKIM replay attacks, exploit email authentication systems to deliver scams that appear completely authentic. The technique is deceptively simple. Attackers create accounts on platforms like Apple’s App Store or PayPal and manipulate user-controlled…
-
Node.js LTX Stealer Emerges as New Threat to Login Credentials
A new, sophisticated malware campaign dubbed >>LTX Stealer.<< This malware represents a shift in attacker techniques, utilizing legitimate software frameworks and cloud services to hide its activities and steal sensitive user data. By mimicking standard Windows processes, LTX Stealer is designed to operate quietly, making it difficult for traditional antivirus systems to detect. The malware…
-
BeyondTrust warns of critical RCE flaw in remote support software
BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software/
-
Kurz vor Olympia – Italien wehrt russische Hackerangriffe ab
Tags: unclassifiedFirst seen on security-insider.de Jump to article: www.security-insider.de/olympische-winterspiele-italien-abgewehrte-russische-cyberattacken-a-c734d6b7e6ea0c9b88af421c160143bd/
-
Singapore says China-linked hackers targeted telecom providers in major spying campaign
Singapore authorities said Monday that a sophisticated China-linked cyber espionage group carried out a targeted campaign against all four of the country’s major telecommunications operators. First seen on therecord.media Jump to article: therecord.media/singapore-attributes-telecoms-hacks-unc3886
-
OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks
Tags: access, ai, api, control, crowdstrike, crypto, cybersecurity, data, data-breach, email, exploit, gartner, github, governance, injection, macOS, malicious, malware, marketplace, network, risk, security-incident, skills, software, threat, tool, virus, vulnerabilityWhat prompted the response: The scanning initiative follows a series of security incidents documented by multiple firms over the past two weeks. Koi Security’s February 1 audit of all 2,857 ClawHub skills discovered 341 malicious ones in a campaign dubbed “ClawHavoc.”The professional-looking skills for cryptocurrency tools and YouTube utilities contained fake prerequisites that installed keyloggers…
-
DKnife targets network gateways in long running AitM campaign
Indicators point to China-Nexus development and targeting: Several aspects of DKnife’s design and operation suggested ties to China-aligned threat actors. Talos identified configuration data and code comments written in Simplified Chinese, as well as handling logic tailored for Chinese-language email providers and mobile applications.The framework was also found to enable credential collection from services used…
-
OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks
Tags: access, ai, api, control, crowdstrike, crypto, cybersecurity, data, data-breach, email, exploit, gartner, github, governance, injection, macOS, malicious, malware, marketplace, network, risk, security-incident, skills, software, threat, tool, virus, vulnerabilityWhat prompted the response: The scanning initiative follows a series of security incidents documented by multiple firms over the past two weeks. Koi Security’s February 1 audit of all 2,857 ClawHub skills discovered 341 malicious ones in a campaign dubbed “ClawHavoc.”The professional-looking skills for cryptocurrency tools and YouTube utilities contained fake prerequisites that installed keyloggers…