Author: Andy Stern
-
Police arrests distributor of JokerOTP password-stealing bot
The Dutch National Police arrested a 21-year-old man from Dordrecht as part of a cybercrime investigation by Team Cybercrime Oost-Brabant. The suspect is believed to have … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/jokerotp-bot-netherlands-cybercrime-arrest/
-
The Law of Cyberwar is Pretty Discombobulated
This article explores the complexities of cyberwarfare, emphasizing the need to reconsider how we categorize cyber operations within the framework of the Law of Armed Conflict (LOAC). It discusses the challenges posed by AI in transforming traditional warfare notions and highlights the potential risks associated with the misuse of emerging technologies in conflicts. First seen…
-
Malicious Chrome AI Extensions Target 260,000 Users with Injected Iframes
As AI tools like ChatGPT, Claude, Gemini, and Grok gain mainstream adoption, cybercriminals are weaponizing their popularity to distribute malicious browser extensions. Security researchers have uncovered a coordinated campaign involving 30 Chrome extensions that masquerade as legitimate AI assistants while secretly deploying dangerous surveillance capabilities affecting over 260,000 users. The malicious extensions pose as AI-powered…
-
Post”‘Quantum Authentication: How Consumer Apps Can Stay Secure in a Quantum”‘Ready World?
Post-quantum authentication helps consumer apps stay secure against quantum computing threats with future-proof encryption and identity protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/post%e2%80%91quantum-authentication-how-consumer-apps-can-stay-secure-in-a-quantum%e2%80%91ready-world/
-
Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group
In 2025, NSFOCUS Fuying Lab disclosed a new APT group targeting China’s scientific research sector, dubbed “ChainedShark” (tracking number: Actor240820). Been active since May 2024, the group’s operations are marked by high strategic coherence and technical sophistication. Its primary targets are professionals in Chinese universities and research institutions specializing in international relations, marine technology, and related…The…
-
Security-Insider Podcast Folge 110 – Wer haftet bei Verstößen gegen NIS2?
Tags: nis-2First seen on security-insider.de Jump to article: www.security-insider.de/security-insider-podcast-nis-2-haftung-a-0e2fc5c36277e553be91874b5046b3ee/
-
New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection
Tags: attack, control, cve, cyber, cybercrime, data, ddos, detection, exploit, marketplace, phishing, ransomware, rat, theft, windowsXWorm, a multi-functional .NET”‘based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators thanks to its rich feature set and plugin-based architecture. Once deployed, it enables full remote control of compromised Windows systems, including data theft, remote desktop control, DDoS attacks, and ransomware execution.…
-
Why secure OT protocols still struggle to catch on
Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/cisa-secure-ot-communication-protocols/
-
OpenClaw 2026.2.12 Released to Patch Over 40 Security Vulnerabilities
The OpenClaw team has officially released version 2026.2.12, a comprehensive update focused heavily on security hardening and architectural stability. This release addresses over 40 security vulnerabilities and stability issues, marking a significant milestone for the AI agent framework. The update arrives just five hours after the initial code merge, underscoring the urgency of these patches.…
-
CISA Alerts Users to Notepad++ Flaw Allowing Code Execution
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Notepad++ text editor to its Known Exploited Vulnerabilities catalog, warning users of a flaw that could allow attackers to execute malicious code on affected systems. Tracked as CVE-2025-15556, the vulnerability affects Notepad++’s WinGUp updater component and stems from downloading code without…
-
Be Breach Ready: The True North of Zero Trust 2.0 in the Age of Autonomous Cyberattacks
I was fascinated by the recent stories about the sudden ascension of Clawdbot, aka Moltbot, aka OpenClaw, driven by its capabilities and social media attention, marketed as “the AI that actually does things,” amid growing interest in AI agents that can autonomously complete tasks, make decisions, and take actions on behalf of users without constant human guidance. While……
-
Add-in kompromittiert: Tausende Microsoft-Konten über Outlook gekapert
Tags: microsoftEin Angreifer hat die Domain eines einst nützlichen Add-ins für Outlook übernommen und bei den Nutzern Zugangsdaten abgefischt. First seen on golem.de Jump to article: www.golem.de/news/add-in-kompromittiert-tausende-microsoft-konten-ueber-outlook-gekapert-2602-205367.html
-
U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws…
-
Microsoft fixes bug that blocked Google Chrome from launching
Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching Google Chrome and other web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-family-safety-bug-that-blocks-google-chrome-from-launching/
-
OpenAI released GPT-5.3-Codex-Spark, a real-time coding model
OpenAI has released a research preview of GPT-5.3-Codex-Spark, an ultra-fast model for real-time coding in Codex. It is available to ChatGPT Pro users in the latest versions … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/openai-gpt-5-3-codex-spark/
-
Why secure OT protocols still struggle to catch on
Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/cisa-secure-ot-communication-protocols/
-
OysterLoader Evasion Tactics Exposed: Advanced Obfuscation and Rhysida Ransomware Ties Uncovered
OysterLoader, also tracked as Broomstick and CleanUp, is a multi”‘stage loader malware written in C++ and actively leveraged in campaigns linked to the Rhysida ransomware group. First highlighted in mid”‘2024 during malvertising and SEO”‘poisoning campaigns abusing trojanized installers for popular IT tools such as PuTTY, WinSCP, and Google Authenticator, OysterLoader masquerades as legitimate software download…
-
Cyberangriffe: Staatliche Hacker nutzen Google-KI
Google beobachtet, wie Hacker KI für Zielprofiling, Täuschungsversuche und Schadcode einsetzen – bislang aber ohne grundlegenden Durchbruch. First seen on golem.de Jump to article: www.golem.de/news/cyberangriffe-staatliche-hacker-nutzen-google-ki-2602-205365.html
-
Cybersecurity Sicherheitstechnologie kommt in die Telekom Shops
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-sicherheitstechnologie-kommt-in-die-telekom-shops-a-489f590138f95f503a055a0ace5510bc/
-
CVE-2026-1281 CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM
Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/cve-2026-1281-cve-2026-1340-actively-exploited-pre-authentication-rce-in-ivanti-epmm/
-
Mehr Fokus auf Kundenerlebnis: Kelly Morgan übernimmt CCO-Rolle bei KnowBe4
Tags: serviceMorgan bringt mehr als 20 Jahre Erfahrung mit und übernimmt künftig die weltweite Verantwortung für den gesamten Kundenlebenszyklus. Dazu zählen Customer Success, Customer Support, Managed Services und Professional Services. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/mehr-fokus-auf-kundenerlebnis-kelly-morgan-uebernimmt-cco-rolle-bei-knowbe4/a43718/
-
CISA Issues Urgent Warning on Microsoft Configuration Manager SQL Injection Vulnerability Under Active Exploitation
Tags: cisa, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, risk, sql, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SQL injection vulnerability in Microsoft Configuration Manager to its Known Exploited Vulnerabilities (KEV) catalogue. The threat actors are actively exploiting the flaw in the wild. The addition signals immediate risk to organisations using the enterprise management platform. SQL Injection Enables Command Execution Tracked as…
-
Cyberangriffe: Staatliche Hacker nutzen Google-KI
Google beobachtet, wie Hacker KI für Zielprofiling, Täuschungsversuche und Schadcode einsetzen – bislang aber ohne grundlegenden Durchbruch. First seen on golem.de Jump to article: www.golem.de/news/cyberangriffe-staatliche-hacker-nutzen-google-ki-2602-205365.html
-
AI Governance. When AI becomes an Identity.
Building the Control Plane for ERP, Finance, and SaaS AI didn’t come with a rollout plan; it crept in unnoticed. Someone turned on a copilot in a finance or CRM application, an IT team tested an agent on a non”‘production system that still contained real audit data, or a regional team started using an AI……
-
How AutoSecT VMDR Tool Simplifies Vulnerability Management
As it is said, the ‘why’ and ‘how’ is much important than ‘should’. It’s exactly applicable in today’s cyberspace. Every day, organizations survive in an unpredictable cyber-risk climate. If your defense storehouse comprises just fragmented tools and manual processes, you are not playing it safe. If you are ‘not safe’, you are just seconds away……
-
150+ Key Compliance Statistics: AI, Data Privacy, Cybersecurity Regulatory Trends to Know in 2026
In 2026, compliance sits at the intersection of AI adoption, expanding privacy regulations, and rising cybersecurity risk. As regulatory expectations tighten and digital systems grow more complex, organizations are under. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/150-key-compliance-statistics-ai-data-privacy-cybersecurity-regulatory-trends-to-know-in-2026/
-
Why Every Enterprise Needs a Strong Identity and Access Management Framework
Most enterprises still run identity and access on spreadsheets, tickets, and organizational knowledge”, until a breach or audit exposes a harder truth: no one can clearly explain who can do what in their most critical systems, or why. If you still treat Identity and Access Management (IAM) as IT plumbing rather than your primary control…
-
Adversaries Exploiting Proprietary AI Capabilities, API Traffic to Scale Cyberattacks
In the fourth quarter of 2025, the Google Threat Intelligence Group (GTIG) reported a significant uptick in the misuse of artificial intelligence by threat actors. According to GTIG’s AI threat tracker, what initially appeared as experimental probing has evolved into systematic, repeatable exploitation of large language models (LLMs) to enhance reconnaissance, phishing, malware development, and post-compromise…
-
Die Lage der physischen Sicherheit 2026 – KI und Cloud verwandeln physische Sicherheit in ein Business-Asset
First seen on security-insider.de Jump to article: www.security-insider.de/physische-sicherheit-ki-business-asset-a-a29b67cbc8d192a3e4bd05d9bbb75425/
-
next-mdx-remote Vulnerability Allows Arbitrary Code Execution in React SSR
A security vulnerability has been discovered in next-mdx-remote, a popular TypeScript library used for rendering MDX content in React applications. The flaw, tracked as CVE-2026-0969 and identified by researchers at Sejong University, enables attackers to execute arbitrary code on servers when untrusted MDX content is processed. The vulnerability affects the serialize function in next-mdx-remote versions…