Author: Andy Stern
-
Moltbook: Cutting Through the AI Hype to the Real Security Risks
Moltbook has exploded into the security and AI communities with remarkable speed. In a matter of days, it has gone from an experimental curiosity to a viral talking point, with some observers framing it as a glimpse into autonomous AI behaviour and others warning it could signal something far more unsettling. The reality, however, is…
-
Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare
AISURU/Kimwolf botnet hit a record 31.4 Tbps DDoS attack lasting 35 seconds in Nov 2025, which Cloudflare automatically detected and blocked. The AISURU/Kimwolf botnet was linked to a record-breaking DDoS attack that peaked at 31.4 Tbps and lasted just 35 seconds. Cloudflare said the November 2025 incident was part of a surge in hyper-volumetric HTTP…
-
AI Threats, Botnets, and Cloud Exploits Define This Week’s Cyber Risks
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ai-threats-botnets-and-cloud-exploits-define-this-weeks-cyber-risks/
-
‘Strenge Kontoeinstellungen” – Neue WhatsApp-Einstellungen sollen vor Cybernagriffen schützen
Tags: unclassifiedFirst seen on security-insider.de Jump to article: www.security-insider.de/whatsapp-sicherheitsupdate-strenge-kontoeinstellungen-aktivieren-a-bbc790e6bdaecf34e4298766588d9ea7/
-
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that’s operated by China-nexus threat actors since at least 2019.The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via routers and edge devices. Its primary targets seem to First seen…
-
Fraud Prevention Is a Latency Game
Tags: fraudThere is a time window for every act of online fraud. When a transaction occurs, a fraud system must review it and decide if it’s legitimate before the payment clears or if the account could be compromised. That window happens in a blink, often one-tenth of a second or less. During that time, models must..…
-
Goßangelegter Missbrauch namhafter SaaS-Plattformen für Telefon-Betrug
Check Point Research (CPR), die Sicherheitsforschungs-abteilung von Check Point Software Technologies, hat eine groß angelegte Phishing-Kampagne identifiziert, die bekannte SaaS-Dienste von Microsoft, Amazon, Zoom oder Youtube ausnutzt, um ihre Opfer zu betrügerischen Telefonaten zu verleiten. Anstatt Domänen zu fälschen oder bösartige Links zu versenden, missbrauchen Angreifer gezielt legitime Software-as-a-Service-Plattformen, um telefonbasierte Betrugsversuche durchzuführen, die für…
-
China’s Salt Typhoon hackers broke into Norwegian companies
Norway’s government accused China’s Salt Typhoon hacking group of conducting a cyberespionage campaign in the country. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/06/chinas-salt-typhoon-hackers-broke-into-norwegian-companies/
-
Flickr Notifies Users of Data Breach After External Partner Security Flaw
Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs,… First seen on hackread.com Jump to article: hackread.com/flickr-data-breach-external-partner-security-flaw/
-
Norwegian intelligence discloses country hit by Salt Typhoon campaign
The assessment said Chinese security and intelligence services have strengthened their ability to operate in Norway, including through cyber operations and human intelligence collection. First seen on therecord.media Jump to article: therecord.media/norawy-intelligence-discloses-salt-typhoon-attacks
-
Poland’s energy control systems were breached through exposed VPN access
On 29 December 2025, coordinated cyberattacks unfolded across Poland’s critical infrastructure, targeting energy and industrial organizations. The attackers struck numerous … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/poland-cyberattacks-energy-sector-industrial-organizations/
-
Microsoft engineer speedruns Raspberry Pi magic smoke in five minutes
Only cool dudes should wear a HAT backward First seen on theregister.com Jump to article: www.theregister.com/2026/02/04/microsoft_manager_pi_smoke/
-
State-backed phishing attacks targeting military officials and journalists on Signal
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/
-
Workday reveals around 400 staff soon won’t have to work another day
Tags: jobsJob cuts to fall hardest on non-revenue generating roles on the Global Customer Operations team First seen on theregister.com Jump to article: www.theregister.com/2026/02/04/workday_layoffs_400_jobs/
-
17% of 3rd-Party Add-Ons for OpenClaw Used in Crypto Theft and macOS Malware
Bitdefender Labs reveals that 17% of OpenClaw AI skills analyzed in February 2026 are malicious. With over 160,000… First seen on hackread.com Jump to article: hackread.com/openclaw-add-ons-crypto-theft-macos-malware/
-
Check Point Research enttarnt Missbrauch namhafter SaaS-Plattformen für Telefon-Betrug
Diese Kampagne zeigt, wie Angreifer zunehmend vertrauenswürdige SaaS-Plattformen und native Benachrichtigungsworkflows als Waffen einsetzen, um telefonbasierte Betrugsversuche in großem Umfang durchzuführen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-research-enttarnt-missbrauch-namhafter-saas-plattformen-fuer-telefon-betrug/a43632/
-
CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB) agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers (OEMs) over the next 12 to 18 months.The agency said the move is to drive down technical…
-
EU says TikTok faces large fine over “addictive design”
Tags: serviceThe European Commission said today that TikTok is facing a fine because its addictive features, including infinite scroll, autoplay, push notifications, and personalized recommendation systems, are breaching the EU’s Digital Services Act (DSA). First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-commission-says-tiktok-facing-fine-over-addictive-design/
-
Transparent Tribe Hacker Group Targets India’s Startup Ecosystem in Cyber Attack
A worrying shift in the tactics of >>Transparent Tribe,<< a notorious threat group also known as APT36. Historically focused on Indian government, defense, and educational sectors, the group has now expanded its scope to target India's growing startup ecosystem. This new campaign uses sophisticated lures themed around real startup founders to infect victims with the…
-
Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful
A disconnect exists between the organization’s cybersecurity needs and lists like CISA’s KEV Catalog. KEV Collider combines data from multiple open source vulnerability frameworks to help security teams quickly assess which are important, based on their priorities. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/data-tool-triage-exploited-vulnerabilities-make-kev-catalog-more-useful
-
Keine elektronische Kommunikation – Cyberangriff betrifft IT der Beweisstückstelle der Polizei
Tags: cyberattackFirst seen on security-insider.de Jump to article: www.security-insider.de/ransomware-angriff-werkstatt-bremen-a-4560af7c3190eaa3becad3903b75aa8f/
-
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155…
-
CISA orders US federal agencies to replace unsupported edge devices
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new binding operational directive aimed at reducing a long-standing cyber risk across federal networks: … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/cisa-orders-us-federal-agencies-to-replace-unsupported-edge-devices/
-
Romania’s oil pipeline operator confirms cyberattack as hackers claim data theft
Romania’s national oil pipeline operator Conpet said a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier this week, adding that oil transport operations were not affected. First seen on therecord.media Jump to article: therecord.media/romania-conpet-oil-pipeline-ransomware-attack
-
CISA gives federal agencies 18 months to purge unsupported edge devices
Tags: authentication, cisa, cyber, data, exploit, firmware, Hardware, infrastructure, monitoring, network, risk, risk-assessment, service, software, technology, threat, updateImplementation hurdles: Sunil Varkey, advisor at Beagle Security, warns of implementation complexities. “The operational reality of removing legacy systems is not straightforward,” Varkey said. “Legacy devices continue to exist not by design, but by necessity.”He pointed to orphaned systems that remain live and embedded in workflows but lack clear ownership, and operational technology environments where…
-
Bulletproof Hosting Providers Exploit Legitimate ISPs to Power Cybercrime Servers
A surprising link between legitimate IT software and major cybercriminal operations. While investigating attacks by the >>WantToCry<< ransomware gang, analysts noticed that the attackers were using virtual machines (VMs) with identical, computer names (hostnames) like WIN-J9D866ESIJ2 and WIN-LIVFRVQFMKO. These names were not random. They were automatically generated by ISPsystem, a completely legitimate company that makes software for managing web…
-
Zendesk: Supportsysteme fluten EPostfächer massenhaft mit Spam
Bei einigen Nutzern platzt vor lauter Support-Mails regelrecht das E-Mail-Postfach. Angreifer missbrauchen abermals Zendesk für den Spam-Versand. First seen on golem.de Jump to article: www.golem.de/news/e-mail-postfaecher-geflutet-zendesk-instanzen-nerven-wieder-mit-massig-spam-2602-205106.html
-
Man pleads guilty to hacking nearly 600 women’s Snapchat accounts
Tags: hackingAn Illinois man pleaded guilty to hacking nearly 600 women’s Snapchat accounts to steal nude photos that he kept, sold, or traded online, including accounts he compromised at the request of a former university track coach who was later convicted of sextortion. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/man-pleads-guilty-to-hacking-nearly-600-womens-snapchat-accounts/
-
Claude Opus 4.6 Launches Enhanced Security Capabilities to Validate 500+ Critical Vulnerabilities
Anthropic has released Claude Opus 4.6, marking a significant leap in the defensive application of artificial intelligence. Released yesterday, the model has already identified and validated over 500 high-severity >>zero-day<< vulnerabilities in open-source software. This development signals a major shift in cybersecurity, moving beyond traditional brute-force testing to intelligent, reason-based analysis that mimics human security…