Author: Andy Stern
-
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155…
-
Kostenloser AIChecker von Bitdefender hilft, bösartigen Payload in Skills zu identifizieren
KI-Skills können bösartigen Payload ausspielen. Das ist ein enormes Risiko, denn kein Nutzer hat die Zeit, jedes Skript oder Kommando zu überprüfen, welches im ersten Moment hilfreich und bekannt erscheint. Bitdefender stellt daher als Reaktion auf die aktuelle Bedrohungslage des funktionsstarken und deshalb gefährlichen KI-Assistenten OpenClaw einen kostenlosen AI-Skill-Checker zur Verfügung. Mit dem neuen Tool…
-
Romania’s oil pipeline operator confirms cyberattack as hackers claim data theft
Romania’s national oil pipeline operator Conpet said a cyberattack disrupted parts of its technology infrastructure and knocked its website offline earlier this week, adding that oil transport operations were not affected. First seen on therecord.media Jump to article: therecord.media/romania-conpet-oil-pipeline-ransomware-attack
-
Claude Opus 4.6 Launches Enhanced Security Capabilities to Validate 500+ Critical Vulnerabilities
Anthropic has released Claude Opus 4.6, marking a significant leap in the defensive application of artificial intelligence. Released yesterday, the model has already identified and validated over 500 high-severity >>zero-day<< vulnerabilities in open-source software. This development signals a major shift in cybersecurity, moving beyond traditional brute-force testing to intelligent, reason-based analysis that mimics human security…
-
Zendesk: Supportsysteme fluten EPostfächer massenhaft mit Spam
Bei einigen Nutzern platzt vor lauter Support-Mails regelrecht das E-Mail-Postfach. Angreifer missbrauchen abermals Zendesk für den Spam-Versand. First seen on golem.de Jump to article: www.golem.de/news/e-mail-postfaecher-geflutet-zendesk-instanzen-nerven-wieder-mit-massig-spam-2602-205106.html
-
Bulletproof Hosting Providers Exploit Legitimate ISPs to Power Cybercrime Servers
A surprising link between legitimate IT software and major cybercriminal operations. While investigating attacks by the >>WantToCry<< ransomware gang, analysts noticed that the attackers were using virtual machines (VMs) with identical, computer names (hostnames) like WIN-J9D866ESIJ2 and WIN-LIVFRVQFMKO. These names were not random. They were automatically generated by ISPsystem, a completely legitimate company that makes software for managing web…
-
SaferDay-2026 KnowBe4-Experten fordern digitale Achtsamkeit und Skepsis angesichts der Dominanz von KI
Im Zuge des Safer-Internet-Days ermutigt KnowBe4 Menschen jeden Alters, eine Haltung der ‘digitalen Achtsamkeit” einzunehmen, um online sicher zu bleiben. Das diesjährige Thema ‘Intelligente Technologie, sichere Entscheidungen Erkundung der sicheren und verantwortungsvollen Nutzung von KI” unterstreicht die dringende Notwendigkeit neuer digitaler Kompetenzen in der Welt der KI. KI ist mittlerweile fester Bestandteil im Leben […]…
-
CISA gives federal agencies 18 months to purge unsupported edge devices
Tags: authentication, cisa, cyber, data, exploit, firmware, Hardware, infrastructure, monitoring, network, risk, risk-assessment, service, software, technology, threat, updateImplementation hurdles: Sunil Varkey, advisor at Beagle Security, warns of implementation complexities. “The operational reality of removing legacy systems is not straightforward,” Varkey said. “Legacy devices continue to exist not by design, but by necessity.”He pointed to orphaned systems that remain live and embedded in workflows but lack clear ownership, and operational technology environments where…
-
CISA orders US federal agencies to replace unsupported edge devices
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new binding operational directive aimed at reducing a long-standing cyber risk across federal networks: … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/cisa-orders-us-federal-agencies-to-replace-unsupported-edge-devices/
-
SaferDay-2026 KnowBe4-Experten fordern digitale Achtsamkeit und Skepsis angesichts der Dominanz von KI
Im Zuge des Safer-Internet-Days ermutigt KnowBe4 Menschen jeden Alters, eine Haltung der ‘digitalen Achtsamkeit” einzunehmen, um online sicher zu bleiben. Das diesjährige Thema ‘Intelligente Technologie, sichere Entscheidungen Erkundung der sicheren und verantwortungsvollen Nutzung von KI” unterstreicht die dringende Notwendigkeit neuer digitaler Kompetenzen in der Welt der KI. KI ist mittlerweile fester Bestandteil im Leben […]…
-
Auch in Deutschland: Mysteriöse Spione infiltrieren Infrastrukturen in 37 Ländern
Tags: germanyDie Cyberspione haben es unter anderem auf Deutschland und andere EU-Länder abgesehen – vor allem auf deren Behörden und kritische Infrastrukturen. First seen on golem.de Jump to article: www.golem.de/news/auch-in-deutschland-mysterioese-spione-infiltrieren-infrastruktur-in-37-laendern-2602-205099.html
-
Zscaler extends zero-trust security to browsers with SquareX acquisition
Tags: access, ai, ceo, ciso, control, crowdstrike, cybersecurity, edr, endpoint, least-privilege, network, risk, service, strategy, tool, vpn, zero-trustA win-win for customers?: Zscaler has acknowledged that browser runtime behaviour was a missing piece in its zero-trust security, and having SquareX solution in its portfolio can help fill the gap, noted Gogia.For Zscaler customers, this acquisition would mean browser security is no longer an afterthought or a separate tool to evaluate but a native…
-
The Cyber Express Weekly Roundup: Global Cybersecurity Incidents and Policy Shifts
Tags: ai, attack, cyber, cybersecurity, data, government, incident, infrastructure, intelligence, technologyAs the first week of February 2026 concludes, The Cyber Express weekly roundup examines the developments shaping today’s global cybersecurity landscape. Over the past several days, governments, technology companies, and digital platforms have confronted a wave of cyber incidents ranging from disruptive attacks on public infrastructure to large-scale data exposures and intensifying regulatory scrutiny of artificial intelligence systems. First…
-
Digitale Souveränität: Wie Deutschland sich von US-Software löst
Nach Rekordbeteiligung an der EU-Konsultation treibt der Bund Open Source und souveräne Clouds voran – der Weg ist lang. First seen on golem.de Jump to article: www.golem.de/news/digitale-souveraenitaet-wie-deutschland-sich-von-us-software-loest-2602-205092.html
-
FvncBot Targets Android Users, Exploiting Accessibility Services for Attacks
A previously undocumented Android banking trojan dubbed >>FvncBot.<< First observed in late 2025, this sophisticated malware disguises itself as a security application from mBank, a major Polish financial institution. Unlike many recent threats that recycle code from leaked sources like Ermac or Hook, FvncBot appears to be a completely new creation, demonstrating that threat actors…
-
Die Vertrauensstellung des Domain Name System wird zum Risiko Tunneling: Der blinde Fleck in der Netzwerksicherheitsstrategie
First seen on security-insider.de Jump to article: www.security-insider.de/dns-tunneling-der-blinde-fleck-in-der-netzwerksicherheitsstrategie-a-d628faf43c2a7f0dd37e8eb0939f8933/
-
Auch in Deutschland: Mysteriöse Spione infiltrieren Infrastruktur in 37 Ländern
Die Cyberspione haben es unter anderem auf Deutschland und andere EU-Länder abgesehen – vor allem auf deren Behörden und kritische Infrastrukturen. First seen on golem.de Jump to article: www.golem.de/news/auch-in-deutschland-mysterioese-spione-infiltrieren-infrastruktur-in-37-laendern-2602-205099.html
-
Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
For the third time in two weeks, CISA added a vulnerability (CVE-2026-24423) affecting SmarterTools’ SmarterMail email and collaboration server to its Known Exploited … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/ransomware-smartermail-cve-2026-24423/
-
How Samsung Knox Helps Stop Your Network Security Breach
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically First seen…
-
Claude Opus 4.6 improves agentic performance and model safety
Tags: vulnerabilityClaude Opus 4.6 builds on earlier releases with improved coding performance and more consistent behavior in complex tasks. Opus 4.6 finds real vulnerabilities in codebases … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/anthropic-claude-opus-4-6-coding/
-
China-Nexus Hackers Target Linux Devices to Redirect Traffic and Deploy Malware
>>DKnife,<< a sophisticated gateway-monitoring and adversary-in-the-middle (AitM) framework that turns Linux-based routers and edge devices into surveillance tools. Active since at least 2019, this campaign employs seven distinct Linux implants to inspect network traffic, hijack legitimate software downloads, and deploy advanced malware. The framework remains active as of January 2026, targeting personal computers, mobile phones,…
-
U.S. CISA adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SmarterTools SmarterMail and React Native Community CLI flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Attackers are…
-
Cybersicherheit wird zur Frage digitaler Souveränität Europas – Warum agentische KI-Angriffe Europas Infrastrukturen bedrohen
First seen on security-insider.de Jump to article: www.security-insider.de/agentische-ki-angriffe-quantenkrypto-iot-a-c9b0fc8bad0eba7b7b84c597d0f504e0/
-
Ex-Nuance IT Worker Faces More Charges in Geisinger Breach
Terminated Employee Accused of Stealing 1 Million Patient Records. A former Nuance Communications IT worker is facing additional federal charges in an ongoing criminal case alleging he downloaded and stored on a personal hard drive with more than 1 million patient records of a Nuance client two days after he was terminated from his job…
-
Nearly 5 Million Web Servers Found Exposing Git Metadata Study Reveals Widespread Risk of Code and Credential Leaks
A study found nearly 5 million servers exposing Git metadata, with 250,000 leaking deployment credentials via .git/config files. A new 2026 study by the Mysterium VPN research team reveals that nearly 5 million public web servers are exposing Git repository metadata, with over 250,000 of them exposing .git/config files containing deployment credentials. Such misconfigurations […]…
-
Flickr discloses potential data breach exposing users’ names, emails
Photo-sharing platform Flickr is notifying users of a potential data breach after a vulnerability at a third-party email service provider exposed their real names, email addresses, IP addresses, and account activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/flickr-discloses-potential-data-breach-exposing-users-names-emails/
-
La Sapienza Cyberattack Forces Italy’s Largest University Offline
Rome’s Sapienza University, Europe’s largest university by number of on-campus students, is grappling with a major IT outage following a cyberattack on La Sapienza that disrupted digital services across the institution. The La Sapienza cyberattack has forced the university to take critical systems offline as officials work to contain the incident and restore operations. First seen on thecyberexpress.com Jump to article:…
-
Next Gen Spotlights: AI Assurance for Autonomous Systems QA with CybPass CEO PingChen Lin
CybPass is on a mission to ensure that autonomous systems, from drones and robotics to self-driving vehicles, are safe, secure and ready for real-world deployment. In an era of fast, AI-driven automation, this is becoming increasingly important. We spoke with co-founder and CEO PingChen Lin about turning academic research into a commercial venture, the unique…
-
OpenAI Launches Trusted Access to Strengthen Cybersecurity Protections
OpenAI has unveiled Trusted Access for Cyber, a new identity- and trust-based framework designed to enhance cybersecurity defenses while mitigating risks posed by its most advanced AI models. The initiative centers on GPT-5.3-Codex, OpenAI’s most cyber-capable frontier-reasoning model, which can operate autonomously for hours or days to complete complex security tasks. Enhanced Capabilities for Defenders…
-
RenEngine Loader Deploys Stealthy Multi-Stage Execution to Bypass Security Measures
The malware family, RenEngine Loader, after discovering malicious logic embedded within what appears to be a legitimate Ren’Py-based game launcher. Active since April 2025, the operation has already compromised over 400,000 victims globally, with a localized focus on India, the United States, and Brazil. The campaign currently infects approximately 5,000 new machines daily by hiding malicious…