Author: Andy Stern
-
37 Millionen Downloads: 287 Chrome-Extensions bei der Spionage erwischt
Forscher haben den Traffic zahlreicher Chrome-Erweiterungen analysiert. 287 davon spionieren für Datenbroker das Surfverhalten aus. First seen on golem.de Jump to article: www.golem.de/news/37-millionen-downloads-287-chrome-extensions-bei-der-spionage-erwischt-2602-205381.html
-
Brutus: Open-source credential testing tool for offensive security
Brutus is an open-source, multi-protocol credential testing tool written in pure Go. Designed to replace legacy tools that have long frustrated penetration testers with … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/brutus-open-source-credential-testing-tool-offensive-security/
-
37 Millionen Downloads: 287 Chrome-Extensions bei der Spionage erwischt
Forscher haben den Traffic zahlreicher Chrome-Erweiterungen analysiert. 287 davon spionieren für Datenbroker das Surfverhalten aus. First seen on golem.de Jump to article: www.golem.de/news/37-millionen-downloads-287-chrome-extensions-bei-der-spionage-erwischt-2602-205381.html
-
The Law of Cyberwar is Pretty Discombobulated
This article explores the complexities of cyberwarfare, emphasizing the need to reconsider how we categorize cyber operations within the framework of the Law of Armed Conflict (LOAC). It discusses the challenges posed by AI in transforming traditional warfare notions and highlights the potential risks associated with the misuse of emerging technologies in conflicts. First seen…
-
Top Security Incidents of 2025: The Emergence of the ChainedShark APT Group
In 2025, NSFOCUS Fuying Lab disclosed a new APT group targeting China’s scientific research sector, dubbed “ChainedShark” (tracking number: Actor240820). Been active since May 2024, the group’s operations are marked by high strategic coherence and technical sophistication. Its primary targets are professionals in Chinese universities and research institutions specializing in international relations, marine technology, and related…The…
-
Malicious Chrome AI Extensions Target 260,000 Users with Injected Iframes
As AI tools like ChatGPT, Claude, Gemini, and Grok gain mainstream adoption, cybercriminals are weaponizing their popularity to distribute malicious browser extensions. Security researchers have uncovered a coordinated campaign involving 30 Chrome extensions that masquerade as legitimate AI assistants while secretly deploying dangerous surveillance capabilities affecting over 260,000 users. The malicious extensions pose as AI-powered…
-
Malicious Chrome AI Extensions Target 260,000 Users with Injected Iframes
As AI tools like ChatGPT, Claude, Gemini, and Grok gain mainstream adoption, cybercriminals are weaponizing their popularity to distribute malicious browser extensions. Security researchers have uncovered a coordinated campaign involving 30 Chrome extensions that masquerade as legitimate AI assistants while secretly deploying dangerous surveillance capabilities affecting over 260,000 users. The malicious extensions pose as AI-powered…
-
Why secure OT protocols still struggle to catch on
Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/cisa-secure-ot-communication-protocols/
-
Why secure OT protocols still struggle to catch on
Industrial control system networks continue to run on legacy communication protocols that were built for reliability and uptime, not authentication or data integrity. In many … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/cisa-secure-ot-communication-protocols/
-
New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection
Tags: attack, control, cve, cyber, cybercrime, data, ddos, detection, exploit, marketplace, phishing, ransomware, rat, theft, windowsXWorm, a multi-functional .NET”‘based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators thanks to its rich feature set and plugin-based architecture. Once deployed, it enables full remote control of compromised Windows systems, including data theft, remote desktop control, DDoS attacks, and ransomware execution.…
-
OpenAI released GPT-5.3-Codex-Spark, a real-time coding model
OpenAI has released a research preview of GPT-5.3-Codex-Spark, an ultra-fast model for real-time coding in Codex. It is available to ChatGPT Pro users in the latest versions … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/13/openai-gpt-5-3-codex-spark/
-
OpenClaw 2026.2.12 Released to Patch Over 40 Security Vulnerabilities
The OpenClaw team has officially released version 2026.2.12, a comprehensive update focused heavily on security hardening and architectural stability. This release addresses over 40 security vulnerabilities and stability issues, marking a significant milestone for the AI agent framework. The update arrives just five hours after the initial code merge, underscoring the urgency of these patches.…
-
Microsoft fixes bug that blocked Google Chrome from launching
Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching Google Chrome and other web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-fixes-family-safety-bug-that-blocks-google-chrome-from-launching/
-
Be Breach Ready: The True North of Zero Trust 2.0 in the Age of Autonomous Cyberattacks
I was fascinated by the recent stories about the sudden ascension of Clawdbot, aka Moltbot, aka OpenClaw, driven by its capabilities and social media attention, marketed as “the AI that actually does things,” amid growing interest in AI agents that can autonomously complete tasks, make decisions, and take actions on behalf of users without constant human guidance. While……
-
U.S. CISA adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SolarWinds Web Help Desk, Notepad++, Microsoft Configuration Manager, and Apple devices flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws…
-
Add-in kompromittiert: Tausende Microsoft-Konten über Outlook gekapert
Tags: microsoftEin Angreifer hat die Domain eines einst nützlichen Add-ins für Outlook übernommen und bei den Nutzern Zugangsdaten abgefischt. First seen on golem.de Jump to article: www.golem.de/news/add-in-kompromittiert-tausende-microsoft-konten-ueber-outlook-gekapert-2602-205367.html
-
CISA Alerts Users to Notepad++ Flaw Allowing Code Execution
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Notepad++ text editor to its Known Exploited Vulnerabilities catalog, warning users of a flaw that could allow attackers to execute malicious code on affected systems. Tracked as CVE-2025-15556, the vulnerability affects Notepad++’s WinGUp updater component and stems from downloading code without…
-
Cyberangriffe: Staatliche Hacker nutzen Google-KI
Google beobachtet, wie Hacker KI für Zielprofiling, Täuschungsversuche und Schadcode einsetzen – bislang aber ohne grundlegenden Durchbruch. First seen on golem.de Jump to article: www.golem.de/news/cyberangriffe-staatliche-hacker-nutzen-google-ki-2602-205365.html
-
Cyberangriffe: Staatliche Hacker nutzen Google-KI
Google beobachtet, wie Hacker KI für Zielprofiling, Täuschungsversuche und Schadcode einsetzen – bislang aber ohne grundlegenden Durchbruch. First seen on golem.de Jump to article: www.golem.de/news/cyberangriffe-staatliche-hacker-nutzen-google-ki-2602-205365.html
-
How AutoSecT VMDR Tool Simplifies Vulnerability Management
As it is said, the ‘why’ and ‘how’ is much important than ‘should’. It’s exactly applicable in today’s cyberspace. Every day, organizations survive in an unpredictable cyber-risk climate. If your defense storehouse comprises just fragmented tools and manual processes, you are not playing it safe. If you are ‘not safe’, you are just seconds away……
-
Cybersecurity Sicherheitstechnologie kommt in die Telekom Shops
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-sicherheitstechnologie-kommt-in-die-telekom-shops-a-489f590138f95f503a055a0ace5510bc/
-
150+ Key Compliance Statistics: AI, Data Privacy, Cybersecurity Regulatory Trends to Know in 2026
In 2026, compliance sits at the intersection of AI adoption, expanding privacy regulations, and rising cybersecurity risk. As regulatory expectations tighten and digital systems grow more complex, organizations are under. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/150-key-compliance-statistics-ai-data-privacy-cybersecurity-regulatory-trends-to-know-in-2026/
-
Why Every Enterprise Needs a Strong Identity and Access Management Framework
Most enterprises still run identity and access on spreadsheets, tickets, and organizational knowledge”, until a breach or audit exposes a harder truth: no one can clearly explain who can do what in their most critical systems, or why. If you still treat Identity and Access Management (IAM) as IT plumbing rather than your primary control…
-
CISA Issues Urgent Warning on Microsoft Configuration Manager SQL Injection Vulnerability Under Active Exploitation
Tags: cisa, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, risk, sql, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SQL injection vulnerability in Microsoft Configuration Manager to its Known Exploited Vulnerabilities (KEV) catalogue. The threat actors are actively exploiting the flaw in the wild. The addition signals immediate risk to organisations using the enterprise management platform. SQL Injection Enables Command Execution Tracked as…
-
CVE-2026-1281 CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM
Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/cve-2026-1281-cve-2026-1340-actively-exploited-pre-authentication-rce-in-ivanti-epmm/
-
Mehr Fokus auf Kundenerlebnis: Kelly Morgan übernimmt CCO-Rolle bei KnowBe4
Tags: serviceMorgan bringt mehr als 20 Jahre Erfahrung mit und übernimmt künftig die weltweite Verantwortung für den gesamten Kundenlebenszyklus. Dazu zählen Customer Success, Customer Support, Managed Services und Professional Services. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/mehr-fokus-auf-kundenerlebnis-kelly-morgan-uebernimmt-cco-rolle-bei-knowbe4/a43718/
-
OysterLoader Evasion Tactics Exposed: Advanced Obfuscation and Rhysida Ransomware Ties Uncovered
OysterLoader, also tracked as Broomstick and CleanUp, is a multi”‘stage loader malware written in C++ and actively leveraged in campaigns linked to the Rhysida ransomware group. First highlighted in mid”‘2024 during malvertising and SEO”‘poisoning campaigns abusing trojanized installers for popular IT tools such as PuTTY, WinSCP, and Google Authenticator, OysterLoader masquerades as legitimate software download…
-
Adversaries Exploiting Proprietary AI Capabilities, API Traffic to Scale Cyberattacks
In the fourth quarter of 2025, the Google Threat Intelligence Group (GTIG) reported a significant uptick in the misuse of artificial intelligence by threat actors. According to GTIG’s AI threat tracker, what initially appeared as experimental probing has evolved into systematic, repeatable exploitation of large language models (LLMs) to enhance reconnaissance, phishing, malware development, and post-compromise…
-
AI Governance. When AI becomes an Identity.
Building the Control Plane for ERP, Finance, and SaaS AI didn’t come with a rollout plan; it crept in unnoticed. Someone turned on a copilot in a finance or CRM application, an IT team tested an agent on a non”‘production system that still contained real audit data, or a regional team started using an AI……
-
Die Lage der physischen Sicherheit 2026 – KI und Cloud verwandeln physische Sicherheit in ein Business-Asset
First seen on security-insider.de Jump to article: www.security-insider.de/physische-sicherheit-ki-business-asset-a-a29b67cbc8d192a3e4bd05d9bbb75425/