Tag: access
-
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT.Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks…
-
NIS2: Supply chains as a risk factor
Why supply chains are particularly vulnerable: The supply chain is an attractive target for attackers for several reasons. External partners often have privileged access, work with sensitive data, or are deeply integrated into operational processes. At the same time, they are often not subject to the same security standards as large organizations.Furthermore, there is a structural lack…
-
Behörden warnen vor Hackerangriffen auf Politik und Militär
Tags: access, cyberattack, germany, hacker, infrastructure, military, qr, verfassungsschutz, vulnerabilityCyberkriminelle haben es auf Signal-Konten von deutschen Politikern, Soldaten, Diplomaten und Journalisten abgesehen.Mit gefälschten Chatnachrichten vor allem im Messengerdienst Signal nehmen Hacker zurzeit hochrangige deutsche Politiker, Soldaten, Diplomaten und auch Journalisten ins Visier davor warnen die Bundesämter für Verfassungsschutz und für Sicherheit in der Informationstechnik. Ziel des “wahrscheinlich staatlich gesteuerten” Angriffs sei es, unbemerkt Zugriff…
-
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.”BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability,” the company First seen on…
-
BeyondTrust Remote Access Products Hit by 0-Day RCE Vulnerability
BeyondTrust has issued an urgent security advisory regarding a critical zero-day vulnerability affecting its popular remote access solutions. The flaw, tracked as CVE-2026-1731, carries a near-maximum severity score of 9.9 out of 10 on the CVSSv4 scale. It poses a significant risk to organizations using self-hosted versions of BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). The…
-
Italian university La Sapienza still offline to mitigate recent cyber attack
Rome’s La Sapienza University was hit by a cyberattack that disrupted IT systems and caused widespread operational issues. Since February 2, Rome’s La Sapienza University, one of the most important Italian universities, has been offline due to a cyberattack. For days, students have been unable to book exams, check tuition payments, or access faculty contacts.…
-
Moltbook Gave Everyone Control of Every AI Agent
Database Misconfiguration Exposed 1.5 million API Tokens. A misconfigured database at Moltbook, the viral social network for AI agents, exposed 1.5 million API authentication tokens, 35,000 email addresses, and private messages. Security researchers discovered unauthenticated read and write access to all platform data within days of launch. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/moltbook-gave-everyone-control-every-ai-agent-a-30710
-
Six more vulnerabilities found in n8n automation platform
CVE-2026-21893, a command injection hole in the community edition of n8n. An unauthenticated user with administration permission could execute arbitrary system commands on the n8n host.”The risk is amplified by the trust typically placed in community extensions,” Upwinds said in its commentary, “making this a high-impact attack path that directly bridges application-level functionality with host-level…
-
Attackers Used AI to Breach an AWS Environment in 8 Minutes
Threat actors using LLMs needed only eight minutes to move from initial access to full admin privileges in an attack on a company’s AWS cloud environment in the latest example of cybercriminals expanding their use of AI in their operations, Sysdig researchers said. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/attackers-used-ai-to-breach-an-aws-environment-in-8-minutes/
-
Poland’s energy control systems were breached through exposed VPN access
On 29 December 2025, coordinated cyberattacks unfolded across Poland’s critical infrastructure, targeting energy and industrial organizations. The attackers struck numerous … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/poland-cyberattacks-energy-sector-industrial-organizations/
-
Zscaler extends zero-trust security to browsers with SquareX acquisition
Tags: access, ai, ceo, ciso, control, crowdstrike, cybersecurity, edr, endpoint, least-privilege, network, risk, service, strategy, tool, vpn, zero-trustA win-win for customers?: Zscaler has acknowledged that browser runtime behaviour was a missing piece in its zero-trust security, and having SquareX solution in its portfolio can help fill the gap, noted Gogia.For Zscaler customers, this acquisition would mean browser security is no longer an afterthought or a separate tool to evaluate but a native…
-
How Samsung Knox Helps Stop Your Network Security Breach
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically First seen…
-
OpenAI Launches Trusted Access to Strengthen Cybersecurity Protections
OpenAI has unveiled Trusted Access for Cyber, a new identity- and trust-based framework designed to enhance cybersecurity defenses while mitigating risks posed by its most advanced AI models. The initiative centers on GPT-5.3-Codex, OpenAI’s most cyber-capable frontier-reasoning model, which can operate autonomously for hours or days to complete complex security tasks. Enhanced Capabilities for Defenders…
-
KI als AWS-Angriffsturbo
Kriminelle Hacker haben ihre Angriffe auf AWS-Umgebungen mit KI beschleunigt.Forscher des Sicherheitsanbieters Sysdig haben einen Angriff aufgedeckt, bei dem kriminelle Angreifer eine AWS-Umgebung in weniger als acht Minuten vollständig kompromittieren konnten. Laut den Threat-Spezialisten nutzten die Bedrohungsakteure dabei eine Cloud-Fehlkonfiguration mit der Hilfe von Large Language Models (LLMs) aus, um den gesamten Angriffs-Lebenszyklus zu komprimieren…
-
The blind spot every CISO must see: Loyalty
Tags: access, ai, ciso, corporate, data, espionage, exploit, finance, framework, gartner, government, intelligence, jobs, malicious, monitoring, risk, strategy, tool, training, vulnerability, zero-trustHow the misread appears in practice: Recent examples illustrate the point. In the US federal sphere, abrupt terminations under workforce reduction initiatives have left former employees with lingering access to sensitive systems, amplifying the potential for data exposure or retaliation. Corporate cases show a similar dynamic: engineers or executives who have spent years building institutional…
-
OpenAI Launches Trusted Access for Cyber to Expand AI-Driven Defense While Managing Risk
OpenAI has announced a new initiative aimed at strengthening digital defenses while managing the risks that come with capable artificial intelligence systems. The effort, called Trusted Access for Cyber, is part of a broader strategy to enhance baseline protection for all users while selectively expanding access to advanced cybersecurity capabilities for vetted defenders. First seen…
-
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC have made traditional domain spoofing difficult, attackers have evolved. They now seek ways to send…
-
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over targeted systems. The campaign utilizes a simple yet effective delivery mechanism designed to evade reputation-based…
-
Hackers Exploit Windows Screensaver to Deploy RMM Tools, Gain Remote Access
A new spear phishing campaign that weaponizes a forgotten file type to bypass modern defenses. Attackers are luring victims into downloading Windows screensaver (.scr) files, which silently deploy legitimate Remote Monitoring and Management (RMM) software to establish persistent control over targeted systems. The campaign utilizes a simple yet effective delivery mechanism designed to evade reputation-based…
-
Four new vulnerabilities found in Ingress NGINX
Tags: access, api, authentication, container, cve, cybersecurity, data, exploit, group, injection, jobs, kubernetes, malicious, risk, service, strategy, vulnerabilitycustom-errors configuration that includes HTTP errors 401 or 403, and if the configured default custom-errors backend is defective and fails to respect the X-Code HTTP header, then an Ingress with the auth-url annotation may be accessed even when authentication fails.CVE-2026-24512 is a configuration injection vulnerability where the rules.http.paths.path Ingress field can be used to inject configuration into nginx.…
-
Fortinet Is ‘Only Leader’ In Sovereign SASE Market: CEO Ken Xie
Fortinet is seeing a surge in customer demand for its SASE (secure access service edge) platform, driven by unique capabilities including a sovereign SASE version of the offering, according to Fortinet Co-founder and CEO Ken Xie. First seen on crn.com Jump to article: www.crn.com/news/security/2026/fortinet-is-only-leader-in-sovereign-sase-market-ceo-ken-xie
-
Varonis Acquires AllTrue.ai to Extend Security for AI Agents
Varonis CEO Yaki Faitelson Warns Misconfigured AI Is an Accident Waiting to Happen. Varonis has acquired AllTrue.ai to close visibility gaps in AI security. CEO Yaki Faitelson said enterprises are deploying AI agents that access vast datasets at high speed without understanding permissions identity context or abnormal behavior creating urgent demand for data-first AI security.…
-
Keeper Security Announces 2026 MSP Partner Program
Keeper Security has announced the launch of its 2026 Managed Service Provider (MSP) Partner Program. The program helps managed service providers to deliver enterprise-grade privileged access management while growing their recurring revenue. This new launch is aligned with Keeper’s strategy to invest in its channel sales program that combines aggressive partner economics, expanded enablement materials…
-
Orchid Security Adds Ability to Audit Behaviors by Identity
Orchid Security today added an ability to conduct audits to its platform that enables cybersecurity teams to track behaviors of specific identities. Company CEO Roy Katmor said Identity Audit is designed to make it possible to unify proprietary audit data captured from unmanaged applications with audit logs data collected from third-party identity and access management..…
-
Researchers uncover vast cyberespionage operation targeting dozens of governments worldwide
Unit 42 tracked the compromise of at least 70 institutions across the 37 countries, with the hackers maintaining access to some victims for months. In one country, the hackers gained access to the parliament and a senior elected official. First seen on therecord.media Jump to article: therecord.media/research-cyber-espionage-targeting-dozens-worldwide
-
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next.Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the point. Entry is…

