Tag: cyber
-
Check Point setzt beim Schutz von KI-Transformationen auf neuen Vier-Säulen-Ansatz
Künstliche Intelligenz verändert nicht nur rapide die Unternehmensabläufe, von Tools zur Steigerung der Mitarbeiterproduktivität bis hin zu autonomen Systemen, sondern auch die Landschaft der Cyber-Bedrohungen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-setzt-beim-schutz-von-ki-transformationen-auf-neuen-vier-saeulen-ansatz/a43712/
-
Check Point setzt beim Schutz von KI-Transformationen auf neuen Vier-Säulen-Ansatz
Künstliche Intelligenz verändert nicht nur rapide die Unternehmensabläufe, von Tools zur Steigerung der Mitarbeiterproduktivität bis hin zu autonomen Systemen, sondern auch die Landschaft der Cyber-Bedrohungen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-setzt-beim-schutz-von-ki-transformationen-auf-neuen-vier-saeulen-ansatz/a43712/
-
ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks
Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised Internet-of-Things (IoT) devices, Small Office/Home Office (SOHO) routers, and rented Virtual Private Servers (VPS), these networks act like private residential proxy systems that blend malicious traffic with legitimate user activity.…
-
287 Malicious Chrome Extensions Steal Browsing Data from 37.4 Million Users
A new security investigation has uncovered 287 Chrome extensions that appear to secretly send users’ browsing data to remote servers, impacting an estimated 37.4 million installs. That is roughly 1%1% of the global Chrome user base, based on the researchers’ estimate. The researchers built an automated testing pipeline to catch “spying” behavior at scale. They ran Chrome inside a…
-
DragonForce Ransomware Group Targets 363 Companies, Expands Cartel-Like Operations Since 2023
DragonForce is a ransomware group that has rapidly evolved into a cartel-style operation, extending its reach across the cybercrime ecosystem since late 2023. Operating under a Ransomware-as-a-Service (RaaS) model, the group now positions itself not just as a single gang, but as a platform for other threat actors and affiliate crews. Over time, the group shifted from…
-
SSH Worm Exploit Detected by DShield Sensor Using Credential Stuffing and Multi-Stage Malware
A DShield honeypot sensor recently recorded a complete compromise sequence involving a self-replicating SSH worm that exploits weak passwords to spread across Linux systems. The incident highlights how poor SSH hygiene and the use of default credentials remain among the most persistent threats to Internet-connected devices. Even in 2026, attackers continue leveraging automated credential stuffing…
-
Phishing, Fake Webshops & Co.: Cyber-Bedrohungen am Valentinstag
Am Valentinstag sollte es um die Liebe gehen, nicht darum, von Cyberkriminellen missbraucht oder hereingelegt zu werden. Angesichts raffinierter gefälschter Shops, ähnlicher Dating-Websites und einer Flut von nicht klassifizierten Valentinstag-Domains sollten Verbraucher wachsam bleiben. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/phishing-fake-webshops-co-cyber-bedrohungen-am-valentinstag/a43693/
-
Phishing, Fake Webshops & Co.: Cyber-Bedrohungen am Valentinstag
Am Valentinstag sollte es um die Liebe gehen, nicht darum, von Cyberkriminellen missbraucht oder hereingelegt zu werden. Angesichts raffinierter gefälschter Shops, ähnlicher Dating-Websites und einer Flut von nicht klassifizierten Valentinstag-Domains sollten Verbraucher wachsam bleiben. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/phishing-fake-webshops-co-cyber-bedrohungen-am-valentinstag/a43693/
-
Feiniu NAS Devices Hit in Massive Netdragon Botnet Attack Exploiting Unpatched Vulnerabilities
Tags: attack, backdoor, botnet, cyber, ddos, exploit, infrastructure, malware, network, vulnerabilityFeiniu fnOS network-attached storage (NAS) devices have been pulled into a large Netdragon botnet after attackers exploited still-unpatched vulnerabilities, turning home and small”‘business storage into infrastructure for DDoS attacks.”‹ The malware opens an HTTP backdoor on port 57132, letting attackers run arbitrary system commands remotely via crafted GET requests to the /api path. Using traffic fingerprints from…
-
$44 Evilmouse Malware Grants Attackers Full Control of Systems Upon Connection
A new hardware-based threat has emerged that disguises malicious code execution capabilities inside an ordinary computer mouse. Dubbed >>EvilMouse,<< this covert keystroke injector demonstrates how everyday peripherals can become powerful attack tools for just $44 in parts. EvilMouse operates similarly to the well-known USB Rubber Ducky penetration testing tool. However, with a crucial difference: it…
-
Swiss Cyber Security Days Coreview stärkt Tenant-Resilienz und Souveränität
Coreview zeigt auf den diesjährigen Swiss Cyber Security Days (17. und 18. Februar 2026 in Bern) seine Lösung zur Verbesserung der Resilienz von Microsoft-365. Am Stand (Halle 2.2, Stand A22) zeigen die Spezialisten, wie man den M365-Tenant als zentralen Baustein von Unternehmensinfrastrukturen vor Manipulationen an Konfigurationen schützen, übermäßige Administratorenrechte begrenzen und die Betriebskontinuität auch in…
-
Swiss Cyber Security Days Coreview stärkt Tenant-Resilienz und Souveränität
Coreview zeigt auf den diesjährigen Swiss Cyber Security Days (17. und 18. Februar 2026 in Bern) seine Lösung zur Verbesserung der Resilienz von Microsoft-365. Am Stand (Halle 2.2, Stand A22) zeigen die Spezialisten, wie man den M365-Tenant als zentralen Baustein von Unternehmensinfrastrukturen vor Manipulationen an Konfigurationen schützen, übermäßige Administratorenrechte begrenzen und die Betriebskontinuität auch in…
-
OpenClaw Open Source AI Agent Application Attack Surface and Security Risk System Analysis
Background In early 2026, OpenClaw (formerly known as Clawdbot and Moltbot), an open-source autonomous AI agent project, quickly attracted global attention. As an automated intelligent application running in the form of a chatbot, it allows users to input natural language commands through Web pages and IM tools (such as Telegram, Slack, Discord, etc.) to achieve…The…
-
OpenClaw Open Source AI Agent Application Attack Surface and Security Risk System Analysis
Background In early 2026, OpenClaw (formerly known as Clawdbot and Moltbot), an open-source autonomous AI agent project, quickly attracted global attention. As an automated intelligent application running in the form of a chatbot, it allows users to input natural language commands through Web pages and IM tools (such as Telegram, Slack, Discord, etc.) to achieve…The…
-
OpenClaw Open Source AI Agent Application Attack Surface and Security Risk System Analysis
Background In early 2026, OpenClaw (formerly known as Clawdbot and Moltbot), an open-source autonomous AI agent project, quickly attracted global attention. As an automated intelligent application running in the form of a chatbot, it allows users to input natural language commands through Web pages and IM tools (such as Telegram, Slack, Discord, etc.) to achieve…The…
-
Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Exposing Critical TTPs
The cybercrime group Muddled Libra (aka Scattered Spider, UNC3944). The contents of this rogue VM and activity from the attack provide valuable insight into the operational playbook of this threat actor. This single VM acted as the attackers’ beachhead, revealing a detailed, step-by-step view of how the group conducts reconnaissance, steals credentials, and moves laterally…
-
Chrome Security Update Released to Address Code Execution Vulnerabilities
Google has released Chrome 145 to the stable channel for Windows, Mac, and Linux systems, addressing 11 security vulnerabilities that could allow attackers to execute malicious code on affected systems. The update, announced on February 10, 2026, will roll out gradually over the coming days and weeks. Critical Security Fixes The update patches several high-severity…
-
WordPress Backup Plugin Vulnerability Exposes 800,000 Sites to Remote Code Execution Attacks
Tags: attack, backup, cve, cvss, cyber, malicious, remote-code-execution, risk, vulnerability, wordpressA critical vulnerability in the popular WPvivid Backup & Migration plugin is putting more than 800,000 WordPress websites at risk of complete takeover through remote code execution (RCE) attacks. Tracked as CVE-2026-1357 and rated 9.8 on the CVSS scale, the vulnerability allows unauthenticated attackers to upload arbitrary files to vulnerable sites and execute malicious PHP…
-
Palo Alto Networks Firewall Vulnerability Lets Attackers Trigger Reboot Loops
Palo Alto Networks has disclosed a PAN-OS firewall vulnerability that can let remote attackers force repeated reboots, potentially pushing a device into a “reboot loop” that ends in maintenance mode. Tracked as CVE-2026-0229, the issue sits in the Advanced DNS Security (ADNS) feature. It can be triggered by an unauthenticated attacker using a maliciously crafted…
-
Malicious ‘duer-js’ NPM Package Distributes ‘Bada Stealer’ Malware Targeting Windows and Discord Users
A newly discovered malicious NPM package, dubbed duer-js , is being used to distribute an advanced information”‘stealing malware that primarily targets Windows systems and Discord users. Published by the user “luizaearlyx”, the package contains a custom infostealer calling itself “bada stealer”, and remains available at the time of reporting, which raises serious concerns for developers who may…
-
Hack-Backs: Deutschland plant Cyber-Gegenangriffe
Die Bundesregierung will offensive Cyberoperationen gegen ausländische Angreifer ermöglichen. Das ist ein Paradigmenwechsel in der deutschen Sicherheitspolitik. First seen on golem.de Jump to article: www.golem.de/news/hack-backs-deutschland-plant-cyber-gegenangriffe-2602-205312.html
-
Adblock Filters Expose User Location Even With VPN Protection
A new fingerprinting technique called >>Adbleed<< reveals that VPN users aren't as anonymous as they think. While VPNs hide your IP address and encrypt traffic, they can't conceal which country-specific adblock filter lists are installed in your browser and that's enough to expose your location. How Adblockers Create a Privacy Leak Most adblockers like uBlock…
-
Lazarus Group’s ‘Graphalgo’ Fake Recruiter Campaign Targets GitHub, npm, and PyPI to Spread Malware
Lazarus Group’s latest software supply chain operation is using fake recruiter lures and popular open”‘source ecosystems to deliver malware to cryptocurrency”‘focused developers quietly. The campaign, dubbed graphalgo, abuses GitHub, npm, and PyPI to hide multi”‘stage payloads behind seemingly legitimate coding tasks and packages. Since early May 2025, attackers have been approaching JavaScript and Python developers via…
-
Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices
Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero-day flaw that it said has been exploited in sophisticated cyber attacks.The vulnerability, tracked as CVE-2026-20700 (CVSS score: N/A), has been described as a memory corruption issue in dyld, Apple’s Dynamic Link Editor. Successful exploitation of the vulnerability could…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…