Author: Andy Stern
-
February 2026 Patch Tuesday forecast: Lots of OOB love this month
Valentine’s Day is just around the corner and Microsoft has been giving us a lot of love with a non-stop supply of patches starting with January 2026 Patch Tuesday. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/february-2026-patch-tuesday-forecast/
-
OpenAI Launches Trusted Access for Cyber to Expand AI-Driven Defense While Managing Risk
OpenAI has announced a new initiative aimed at strengthening digital defenses while managing the risks that come with capable artificial intelligence systems. The effort, called Trusted Access for Cyber, is part of a broader strategy to enhance baseline protection for all users while selectively expanding access to advanced cybersecurity capabilities for vetted defenders. First seen…
-
The Other Offense and Defense
Alan discovers how the Super Bowl acts as a live-fire exercise in cybersecurity, requiring seamless coordination to manage massive attack surfaces and ensure integrity and trust in real time. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-other-offense-and-defense/
-
APT27 Launches Stealthy Attacks on Corporate Networks, Evades Detection
A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as APT-Q-27, or >>GoldenEyeDog<<. The attack began with a common, everyday task: a customer support agent clicking a link in a support…
-
Tool-Silos und Schatten-KI gefährden Compliance und Bilanz – IT-Wildwuchs trifft 2026 auf Gesetzgeber und KI
First seen on security-insider.de Jump to article: www.security-insider.de/cybersecurity-2026-compliance-strategien-a-4dfb3e7a5737c483c7de5e1f78cb15a3/
-
Your PQC Pilot Might Fail, and That’s Okay
Tags: skillsStart PQC pilots now”, not to prove readiness but to surface interoperability, vendor, inventory, and skills gaps so organizations can manage post-quantum migration risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/your-pqc-pilot-might-fail-and-thats-okay/
-
CISA Alerts Exploited React Native Community Security Flaw
Tags: cisa, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, risk, vulnerability, windowsThe Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the React Native Community CLI to its Known Exploited Vulnerabilities (KEV) catalog. Identified as CVE-2025-11953, this vulnerability is an Operating System (OS) command injection flaw that poses severe risks to development environments, particularly those running on Windows infrastructures. The addition to the KEV…
-
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC have made traditional domain spoofing difficult, attackers have evolved. They now seek ways to send…
-
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF.Claude Opus 4.6, which was launched on Thursday, comes with improved coding skills, including code review and debugging capabilities, along First seen…
-
Gartner identifiziert die wichtigsten Cybersicherheitstrends für 2026: Unbekanntes Terrain
Wachsende KI-Verbreitung macht starke Governance unverzichtbar. Der unkontrollierte Vormarsch von künstlicher Intelligenz, geopolitische Spannungen, regulatorische Unsicherheiten und eine sich zuspitzende Bedrohungslage sind laut Gartner die zentralen Treiber der wichtigsten Cybersicherheitstrends für 2026. »Verantwortliche für Cybersicherheit bewegen sich in diesem Jahr auf weitgehend unbekanntem Terrain. Das Zusammenspiel dieser Kräfte stellt die Belastbarkeit ihrer Teams in… First…
-
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over targeted systems. The campaign utilizes a simple yet effective delivery mechanism designed to evade reputation-based…
-
The hidden cost of putting off security decisions
In this Help Net Security video, Hanah Darley, Chief AI Officer, Geordie AI, talks about how putting off security risk decisions creates long-term costs that often stay … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/deferred-security-risk-decisions-video/
-
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over targeted systems. The campaign utilizes a simple yet effective delivery mechanism designed to evade reputation-based…
-
Digitale Souveränität als strategische Notwendigkeit: Die drei Grundpfeiler für Europas Zukunft
Tags: unclassifiedSeit Jahren wird über digitale Souveränität diskutiert, meist als theoretisches Ideal. Doch die geopolitische Lage hat das Thema 2026 zur existenziellen Geschäftsbedingung gemacht. Heute ist digitale Souveränität weit mehr als nur ein IT-Standard oder Datenschutz-Compliance. Es ist die Fähigkeit, als Organisation handlungsfähig zu bleiben, wenn globale Lieferketten reißen oder politische Spannungen den digitalen Datenfluss unterbrechen….…
-
Lateral Movement und RCE – Angriffe über Ivanti Endpoint Manager Mobile laufen
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-ivanti-endpoint-manager-mobile-updates-a-aca050adf9926475b601d024c1aaff43/
-
CentOS 9 Security Flaw Enables Privilege Escalation PoC Released
A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded first place in the Linux category at the TyphoonPWN 2025 hacking competition. A Proof-of-Concept (PoC) exploit has…
-
Mobile privacy audits are getting harder
Mobile apps routinely collect and transmit personal data in ways that are difficult for users, developers, and regulators to verify. Permissions can reveal what an app can … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/mopri-mobile-app-privacy-analysis/
-
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in recent ransomware campaigns. This addition mandates that Federal Civilian Executive Branch (FCEB) agencies remediate the…
-
New infosec products of the week: February 6, 2026
Tags: infosecHere’s a look at the most interesting products from the past week, featuring releases from Avast, Fingerprint, Gremlin, and Socure. Gremlin launches Disaster Recovery Testing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/new-infosec-products-of-the-week-february-6-2026/
-
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in recent ransomware campaigns. This addition mandates that Federal Civilian Executive Branch (FCEB) agencies remediate the…
-
ChatGPT-Verbesserung durch Malewarebytes: Erkennung von Scams, Malware und Online-Risiken
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/chatgpt-verbesserung-malewarebytes-erkennung-scams-malware-online-risiken
-
Four new vulnerabilities found in Ingress NGINX
Tags: access, api, authentication, container, cve, cybersecurity, data, exploit, group, injection, jobs, kubernetes, malicious, risk, service, strategy, vulnerabilitycustom-errors configuration that includes HTTP errors 401 or 403, and if the configured default custom-errors backend is defective and fails to respect the X-Code HTTP header, then an Ingress with the auth-url annotation may be accessed even when authentication fails.CVE-2026-24512 is a configuration injection vulnerability where the rules.http.paths.path Ingress field can be used to inject configuration into nginx.…
-
Fortinet Is ‘Only Leader’ In Sovereign SASE Market: CEO Ken Xie
Fortinet is seeing a surge in customer demand for its SASE (secure access service edge) platform, driven by unique capabilities including a sovereign SASE version of the offering, according to Fortinet Co-founder and CEO Ken Xie. First seen on crn.com Jump to article: www.crn.com/news/security/2026/fortinet-is-only-leader-in-sovereign-sase-market-ceo-ken-xie
-
Ad blocking is alive and well, despite Chrome’s attempts to make it harder
The end isn’t nigh after all First seen on theregister.com Jump to article: www.theregister.com/2026/02/06/chrome_mv3_no_harm_ad_blocking/
-
Hilfreiche Analogie: Das Ziel der Cybersicherheit gleicht einem Fußballtor
Tags: cyersecurityFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/analogie-ziel-cybersicherheit-fussballtor
-
New APT group breached gov and critical infrastructure orgs in 37 countries
Tags: apt, backdoor, computer, control, espionage, finance, framework, government, group, infrastructure, linux, malware, monitoring, network, software, threat, tool, usa, vulnerabilityA complex toolset of implants: In addition to Cobalt Strike, the group uses various other malware payloads and command-and-control (C2) frameworks, including VShell, Havoc, SparkRat, and Sliver. On compromised web servers, the attackers deploy a variety of web shells, including Behinder, Neo-reGeorg, and Godzilla.On Linux servers the group has been seen deploying a rootkit dubbed…
-
New APT group breached gov and critical infrastructure orgs in 37 countries
Tags: apt, backdoor, computer, control, espionage, finance, framework, government, group, infrastructure, linux, malware, monitoring, network, software, threat, tool, usa, vulnerabilityA complex toolset of implants: In addition to Cobalt Strike, the group uses various other malware payloads and command-and-control (C2) frameworks, including VShell, Havoc, SparkRat, and Sliver. On compromised web servers, the attackers deploy a variety of web shells, including Behinder, Neo-reGeorg, and Godzilla.On Linux servers the group has been seen deploying a rootkit dubbed…