Tag: attack

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

Jan 31, 2026 9:15 PM

Tags: attack, computer, cyber

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country.The incident took place on December 29, 2025.…
Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

Jan 31, 2026 9:15 PM

Tags: attack, cyber, cybersecurity, hacking, intelligence, russia, technology

The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy First…
Russia-Aligned ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid

Jan 31, 2026 9:15 PM

Tags: attack, cyber, cybersecurity, hacking, intelligence, russia, technology

The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy First…
Startup Amutable plotting Linux security overhaul to counter hacking threats

Jan 31, 2026 9:15 PM

Tags: attack, backdoor, ceo, cloud, computer, computing, container, cve, cybercrime, data, exploit, fortinet, hacking, infrastructure, kubernetes, linux, microsoft, open-source, skills, software, startup, supply-chain, technology, threat, tool, training, vpn, vulnerability

systemd, he has alongside him two other ex-Microsoft employees, Chris Kühl as CEO, and Christian Brauner as CTO.A clue to Amutable’s plans lies in the announcement’s emphasis on some of its founders’ backgrounds in Kubernetes, runc, LXC, Incus, and containerd, all connected in different ways to the Linux container stack. Computing is full of security…
ISMG Editors: Real-Time Vishing Is Breaking MFA

Jan 31, 2026 9:15 PM

Tags: ai, attack, governance, mfa

Also: Why AI Agents Are Colliding, What Good Governance Ought to Look Like. In this week’s panel, four ISMG editors discussed real-time vishing attacks that are defeating MFA, the growing problem of AI agents making conflicting decisions inside of enterprises and why the next phase of AI adoption depends on governance, accountability and control. First…
Polish Grid Hack Underlines European Need for Active Defense

Jan 31, 2026 9:15 PM

Tags: attack, cyberattack, defense, hacking, infrastructure, russia

Russian Hacking Shows Limits of Preventive Measures. Europe must step up its active defenses against cyberattacks and modernize its IT infrastructure, a leading expert has warned in the wake of a major attack on Poland’s energy grid attributed to Russian hackers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/polish-grid-hack-underlines-european-need-for-active-defense-a-30651
Mandiant details how ShinyHunters abuse SSO to steal cloud data

Jan 31, 2026 9:15 PM

Tags: attack, authentication, cloud, credentials, data, mandiant, mfa, phishing, saas, theft

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mandiant-details-how-shinyhunters-abuse-sso-to-steal-cloud-data/
Metasploit Update Introduces 7 Exploit Modules Affecting Popular Enterprise Platforms

Jan 31, 2026 9:15 PM

Tags: attack, authentication, cyber, exploit, framework, update, vulnerability

A significant Metasploit Framework update (version 6.4.111) featuring seven new exploit modules that target critical vulnerabilities across widely deployed enterprise systems. This release demonstrates the increasing sophistication of attack chains leveraging authentication bypass vulnerabilities chained with subsequent code execution techniques. FreePBX Vulnerability Chain Takes Center Stage Rapid7 introduces three specialized modules targeting FreePBX, a popular…
AI Compliance Tools: What to Look For FireTail Blog

Jan 30, 2026 8:42 PM

Tags: ai, antivirus, api, attack, automation, backdoor, business, cloud, compliance, control, credit-card, data, defense, email, finance, framework, GDPR, governance, grc, guide, identity, injection, intelligence, jobs, LLM, login, malicious, mitre, network, nist, okta, remote-code-execution, risk, risk-management, siem, software, threat, tool, training, unauthorized, vulnerability

Jan 30, 2026 – Alan Fagan – Quick Facts: AI Compliance ToolsManual tracking often falls short: Spreadsheets cannot track the millions of API calls and prompts generated by modern AI systems.Real-time is required: The best AI compliance tools monitor live traffic, not just static policy documents.Framework mapping matters: Firetail automatically maps activity to the OWASP…
Sandworm Blamed for Wiper Attack on Polish Power Grid

Jan 30, 2026 8:42 PM

Tags: apt, attack, infrastructure, russia

Researchers attributed the failed attempt to the infamous Russian APT Sandworm, which is notorious for wiper attacks on critical infrastructure organizations. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
Holiday Hits: Hackers Love to Strike When Defenders Are Away

Jan 30, 2026 7:24 PM

Tags: attack, cybersecurity, defense, hacker

Honeypots Reveal Automated Bots’ ‘Attack Intensity’ Surged Over Christmastime 2025. Memo for cybersecurity defenders: Honeypots reveal attack intensity surged over the recent holiday period, as hackers continued their well-known propensity for probing defenses and striking in the off hours, using highly automated bots, to try and maximize their dwell time before discovery. First seen on…
AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities

Jan 30, 2026 6:21 PM

Tags: ai, attack, best-practice, breach, cve, cyber, data, exploit, kali, linux, network, open-source, tool, update, vulnerability

From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates how barriers to the use of AI in relatively autonomous…
Manufacturers fortify cyber defenses in response to dramatic surge in attacks

Jan 30, 2026 6:21 PM

Tags: attack, cyber, defense, network, vulnerability

IT/OT convergence and other trends are making the manufacturing industry’s networks more vulnerable and more frequently targeted, but sector leaders are working to improve their cyber posture. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/manufacturing-sector-cyber-threats-collaboration-ransomware/810930/
MCP security: How to prevent prompt injection and tool poisoning attacks

Jan 30, 2026 4:22 PM

Tags: access, ai, api, attack, authentication, automation, best-practice, business, ceo, communications, control, credentials, data, defense, detection, email, endpoint, exploit, framework, github, governance, guide, incident response, infrastructure, injection, least-privilege, LLM, malicious, monitoring, network, radius, risk, service, siem, software, sql, supply-chain, threat, tool, unauthorized, vulnerability

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with security risks. MCP servers store sensitive credentials, handle business logic, and connect to APIs. This makes them prime targets for attackers who have learned to…
Over 200 Magento Stores Compromised In Rootkit Rampage via Zero-Day Exploit

Jan 30, 2026 4:22 PM

Tags: attack, authentication, cve, cyber, exploit, vulnerability, zero-day

A dangerous wave of attacks exploiting CVE-2025-54236, dubbed >>SessionReaper,<< in Magento e-commerce platforms. This vulnerability lets attackers bypass authentication by reusing invalid session tokens, paving the way for session hijacking and full server takeovers. Researchers uncovered multiple intrusion campaigns hitting Magento sites worldwide, with over 200 stores suffering root-level compromises. In the most alarming incident,…
Why API Security Is No Longer an AppSec Problem And What Security Leaders Must Do Instead

Jan 30, 2026 3:28 PM

Tags: api, application-security, attack, business, exploit, flaw, risk

APIs are one of the most important technologies in digital business ecosystems. And yet, the responsibility for their security often falls to AppSec teams and that’s a problem. This organizational mismatch creates systemic risk: business teams assume APIs are “secured,” while attackers exploit logic flaws, authorization gaps, and automated attacks in production. As Tim […]…
Helpdesk Impersonation: A High-Risk Social Engineering Attack

Jan 30, 2026 11:28 AM

Tags: attack, risk, social-engineering, tactics, threat, unauthorized

With organizations becoming more digitally interconnected, threat actors are placing greater emphasis on manipulating people instead of breaching systems directly. One of the most deceptive and damaging tactics is helpdesk impersonation, a form of social engineering in which attackers pose as legitimate users or trusted personnel to manipulate support staff into granting unauthorized access…. First…
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released

Jan 30, 2026 6:21 AM

Tags: attack, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, rce, remote-code-execution, update, vulnerability, zero-day

Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog.The critical-severity vulnerabilities are listed below -CVE-2026-1281 (CVSS score: First…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
Measuring Agentic AI Posture: A New Metric for CISOs

Jan 30, 2026 5:21 AM

Tags: access, ai, api, attack, breach, business, ciso, cybersecurity, data, data-breach, defense, endpoint, finance, governance, identity, injection, intelligence, metric, radius, risk, strategy, update, waf

In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers indicate to the Board how quickly we respond when issues arise. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
NDSS 2025 Reinforcement Unlearning

Jan 30, 2026 5:21 AM

Tags: access, attack, conference, data, Internet, network, regulation, technology, training

Session 10D: Machine Unlearning Authors, Creators & Presenters: Dayong Ye (University of Technology Sydney), Tianqing Zhu (City University of Macau), Congcong Zhu (City University of Macau), Derui Wang (CSIRO’s Data61), Kun Gao (University of Technology Sydney), Zewei Shi (CSIRO’s Data61), Sheng Shen (Torrens University Australia), Wanlei Zhou (City University of Macau), Minhui Xue (CSIRO’s Data61)…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
Ivanti warns of two EPMM flaws exploited in zero-day attacks

Jan 30, 2026 12:21 AM

Tags: attack, cve, endpoint, exploit, flaw, ivanti, mobile, zero-day

Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that were exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-warns-of-two-epmm-flaws-exploited-in-zero-day-attacks/
Hacking attack leaves Russian car owners locked out of their vehicles

Jan 29, 2026 10:24 PM

Tags: attack, hacking, russia

Imagine the scene. It’s a cold Monday morning in Moscow. You walk out to your car, coffee in hand, ready to face the day. You press the button to unlock your car, and … nothing happens. You try again. Still nothing. The alarm starts blaring. You can’t turn it off. First seen on fortra.com Jump…
Inside Real-World SOC Detections: A Practical View of Modern Attack Patterns

Jan 29, 2026 8:22 PM

Tags: attack, credentials, cyberattack, detection, endpoint, identity, network, service, soc, tool

Executive Overview Modern cyberattacks rarely appear as a single loud event. Instead, they unfold as low-and-slow sequences across endpoints, networks, and identity platforms. Attackers blend into normal enterprise activity, using legitimate tools, valid credentials, and trusted services to evade traditional detection. This analysis presents real-world attack detections observed in enterprise environments, illustrating how correlated endpoint,…
Marquis blames ransomware breach on SonicWall cloud backup hack

Jan 29, 2026 7:21 PM

Tags: attack, backup, breach, cloud, finance, ransomware, service, software

Marquis Software Solutions, a Texas-based financial services provider, is blaming a ransomware attack that impacted its systems and affected dozens of U.S. banks and credit unions in August 2025 on a security breach reported by SonicWall a month later. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/marquis-blames-ransomware-breach-on-sonicwall-cloud-backup-hack/
The Agentic AI Posture Score: A New Metric for CISOs

Jan 29, 2026 6:25 PM

Tags: ai, api, attack, breach, business, ciso, cybersecurity, data, data-breach, defense, endpoint, finance, governance, identity, injection, metric, radius, risk, strategy, threat, update, waf

In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers tell the Board how fast we react when things go wrong. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
CISA, security researchers warn FortiCloud SSO flaw is under attack

Jan 29, 2026 6:25 PM

Tags: attack, authentication, cisa, exploit, flaw, vulnerability

The exploitation activity comes weeks after a similar authentication bypass vulnerability was found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-researchers-warn-forticloud-flaw-attack/810861/
Latvia says Russia remains its top cyber threat as attacks hit record high

Jan 29, 2026 4:26 PM

Tags: attack, country, cyber, russia, service, threat, ukraine

In its annual report released this week, Latvia’s national security service, SAB, said 2025 marked an all-time high in registered cyber threats targeting the country, with activity surging significantly past levels seen before Russia’s invasion of Ukraine in 2022. First seen on therecord.media Jump to article: therecord.media/latvia-says-russia-remains-top-cyber-threat-record-attacks
Aisuru botnet sets new record with 31.4 Tbps DDoS attack

Jan 29, 2026 4:26 PM

Tags: attack, botnet, ddos, service

The Aisuru/Kimwolf botnet launched a new massive distributed denial of service (DDoS) attack in December 2025, peaking at 31.4 Tbps and 200 million requests per second. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/aisuru-botnet-sets-new-record-with-314-tbps-ddos-attack/