Tag: infrastructure

Sandworm Blamed for Wiper Attack on Polish Power Grid

Jan 30, 2026 8:42 PM

Tags: apt, attack, infrastructure, russia

Researchers attributed the failed attempt to the infamous Russian APT Sandworm, which is notorious for wiper attacks on critical infrastructure organizations. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/sandworm-wiper-attack-poland-power-grid
Google’s disruption rips millions out of devices out of malicious network

Jan 30, 2026 5:22 PM

Tags: cybercrime, google, infrastructure, malicious, network

The actions impaired some of IPIDEA’s proxy infrastructure, but not all of it. The effort underscores the back-and-forth struggle of taking out pieces of cybercriminals’ vast and growing infrastructure. First seen on cyberscoop.com Jump to article: cyberscoop.com/ipidea-proxy-network-disrupted-google-lumen/
MCP security: How to prevent prompt injection and tool poisoning attacks

Jan 30, 2026 4:22 PM

Tags: access, ai, api, attack, authentication, automation, best-practice, business, ceo, communications, control, credentials, data, defense, detection, email, endpoint, exploit, framework, github, governance, guide, incident response, infrastructure, injection, least-privilege, LLM, malicious, monitoring, network, radius, risk, service, siem, software, sql, supply-chain, threat, tool, unauthorized, vulnerability

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with security risks. MCP servers store sensitive credentials, handle business logic, and connect to APIs. This makes them prime targets for attackers who have learned to…
Hugging Face Repositories Hijacked For Android RAT Delivery, Bypassing Traditional Defenses

Jan 30, 2026 4:22 PM

Tags: android, control, cyber, defense, detection, exploit, infrastructure, malicious, rat, service, social-engineering

A sophisticated Android RAT campaign that exploits Hugging Face’s popular machine learning platform to host and distribute malicious payloads. Attackers combine social engineering, legitimate infrastructure abuse, and Accessibility Services exploitation to gain deep device control, evading hash-based detection through rapid polymorphism. The campaign targets Android users via a dropper app named TrustBastion, often promoted through…
Threat Actors Hide Behind School-Themed Domains In Newly Uncovered Bulletproof Infrastructure

Jan 30, 2026 4:22 PM

Tags: cyber, cybercrime, infrastructure, malware, phishing, scam, threat

A sophisticated traffic distribution system (TDS) hiding behind education-themed domains. The operation uses bulletproof hosting to deliver phishing pages, scams, and malware files. Analysts triaged a first-stage JavaScript loader from hxxps[:]//toxicsnake-wifes[.]com/promise/script.js. This revealed a commodity cybercrime farm routing victims to harmful payloads. The main domain, toxicsnake-wifes[.]com, acts as a TDS node. It injects db.php with…
U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

Jan 30, 2026 1:21 PM

Tags: cisa, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, injection, ivanti, kev, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Ivanti EPMM vulnerability, tracked as CVE-2026-1281 (CVSS score of 9.8), to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is a code injection that impacts Ivanti Endpoint Manager…
WiFi-7 als Triebfeder für Manufacturing-X und die vernetzte Industrie der Zukunft

Jan 30, 2026 12:21 PM

Tags: infrastructure, wifi

Während die deutsche Industrie die Umsetzung von Manufacturing-X mit Hochdruck vorantreibt, hat sich die drahtlose Konnektivität von einer bloßen Basistechnologie zu einem strategischen Anker für die digitale Souveränität entwickelt. Im Jahr 2026 steht der Aufbau einer lückenlosen digitalen Infrastruktur im Mittelpunkt, die die Werkshalle fest mit einem kontrollierten und unabhängigen Datenverbund verbindet. Die Berliner Erklärung…
Schlag gegen globales Proxy-Netzwerk: GTIG zerschlägt zentrale Infrastruktur von IPIDEA

Jan 30, 2026 11:28 AM

Tags: infrastructure

Residential Proxys sind zu einem weit verbreiteten Werkzeug für alles geworden von hochkarätiger Spionage bis hin zu massiven kriminellen Machenschaften. Angreifer leiten den Datenverkehr über die private Internetverbindung einer Person, wodurch sie sich verstecken und gleichzeitig unbemerkt in Unternehmensumgebungen eindringen können. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/schlag-gegen-globales-proxy-netzwerk-gtig-zerschlaegt-zentrale-infrastruktur-von-ipidea/a43507/
Top 5 PCI Compliant Hosting Providers

Jan 30, 2026 8:21 AM

Tags: compliance, data, infrastructure, network, PCI

Key Takeaways When companies run payment systems, those systems operate on infrastructure provided by hosting platforms. That layer includes the servers, networks, and data centers where applications live. The term PCI compliance hosting is commonly used to describe infrastructure environments that have been structured with PCI-related security expectations in mind and that provide documentation and……
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released

Jan 30, 2026 6:21 AM

Tags: attack, cve, cybersecurity, endpoint, exploit, flaw, infrastructure, ivanti, kev, mobile, rce, remote-code-execution, update, vulnerability, zero-day

Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog.The critical-severity vulnerabilities are listed below -CVE-2026-1281 (CVSS score: First…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
ShinyHunters ramp up new vishing campaign with 100s in crosshairs

Jan 30, 2026 5:21 AM

Tags: advisory, attack, authentication, breach, communications, control, credentials, cybercrime, cybersecurity, data, data-breach, finance, google, group, hacker, hacking, infrastructure, intelligence, login, mfa, microsoft, mobile, okta, phishing, phone, saas, security-incident, social-engineering, tactics, theft, tool, unauthorized

<img loading="lazy" decoding="async" src="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?w=1024" alt="ShinyHunters data dump" class="wp-image-4124689" srcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?quality=50&strip=all 2260w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=300%2C182&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=768%2C466&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1024%2C621&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1536%2C931&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=2048%2C1241&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=1150%2C697&quality=50&strip=all 1150w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=277%2C168&quality=50&strip=all 277w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=139%2C84&quality=50&strip=all 139w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=792%2C480&quality=50&strip=all 792w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=594%2C360&quality=50&strip=all 594w, b2b-contenthub.com/wp-content/uploads/2026/01/shiny-hunters-data-dump.png?resize=412%2C250&quality=50&strip=all 412w” width=”1024″ height=”621″ sizes=”auto, (max-width: 1024px) 100vw, 1024px” /> CSOIn operation since 2020, ShinyHunters, also tracked as UNC6040, has stolen data from many well-known…
eScan AV users targeted with malicious updates

Jan 30, 2026 1:21 AM

Tags: antivirus, cybersecurity, india, infrastructure, malicious, update

The update infrastructure for eScan antivirus, a product of Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/escan-antivirus-update-supply-chain-compromised/
To stop crims, Google starts dismantling residential proxy network they use to hide

Jan 29, 2026 6:25 PM

Tags: google, infrastructure, network

The Chocolate Factory strikes again, targeting the infrastructure attackers use to stay anonymous First seen on theregister.com Jump to article: www.theregister.com/2026/01/29/google_ipidea_crime_network/
Kritische Infrastruktur: Bundestag beschließt Kritis-Dachgesetz

Jan 29, 2026 5:25 PM

Tags: infrastructure, kritis

Der Anschlag auf das Berliner Stromnetz zeigt die Verwundbarkeit der Infrastruktur. Zu deren Schutz fordert der Bundestag nun weniger Transparenzpflichten. First seen on golem.de Jump to article: www.golem.de/news/kritische-infrastruktur-bundestag-beschliesst-kritis-dachgesetz-2601-204780.html
eScan AV supply chain compromise: Users targeted with malicious updates

Jan 29, 2026 4:26 PM

Tags: antivirus, cybersecurity, india, infrastructure, malicious, supply-chain, update

The update infrastructure for eScan antivirus, a product of Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/escan-antivirus-update-supply-chain-compromised/
Swarmer Tool Abuses Windows Registry to Evade Detection and Persist on Systems

Jan 29, 2026 4:26 PM

Tags: access, cyber, defense, detection, edr, endpoint, exploit, infrastructure, monitoring, tool, windows

Swarmer, a sophisticated tool designed to manipulate Windows registry hives while bypassing endpoint detection systems. The tool exploits legacy Windows infrastructure to achieve persistent access without triggering traditional EDR monitoring systems that typically flag direct registry modifications. Endpoint Detection and Response (EDR) solutions have significantly hardened defenses against conventional registry persistence techniques. Classic methods using…
eScan Antivirus Update Server Breached to Deliver Malicious Software Updates

Jan 29, 2026 4:26 PM

Tags: antivirus, attack, cyber, endpoint, infrastructure, malicious, malware, software, supply-chain, threat, update

MicroWorld Technologies’ eScan antivirus platform fell victim to a sophisticated supply chain attack on January 20, 2026, when threat actors compromised legitimate update infrastructure to distribute multi-stage malware to enterprise and consumer endpoints worldwide. Security researchers immediately alerted the vendor, which isolated the affected infrastructure within one hour and took its global update system offline…
CISA chief uploaded sensitive government files to public ChatGPT

Jan 29, 2026 2:25 PM

Tags: access, chatgpt, cisa, compliance, control, cybersecurity, government, infrastructure, office, tool

Leadership credibility questioned: The uploads triggered an internal DHS assessment involving the department’s then-acting general counsel Joseph Mazzara and chief information officer Antoine McCord, along with CISA’s chief information officer Robert Costello and chief counsel Spencer Fisher, the report said. The outcome has not been disclosed.According to the report, CISA spokesperson Marci McCarthy confirmed that…
Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

Jan 29, 2026 2:25 PM

Tags: control, cyber, cybersecurity, data, infrastructure, network, technology, vulnerability

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues that leave critical energy infrastructure vulnerable to cyber threats.The findings are based on First seen…
QA: Why Cybersecurity Is Now a Core Business Risk, Not Just a Technical Problem

Jan 29, 2026 1:23 PM

Tags: attack, business, cyber, cybersecurity, data, government, infrastructure, resilience, risk, supply-chain, threat

Cybersecurity threats are escalating in scale and sophistication, and organisations around the world are scrambling to keep pace with the evolving digital risk landscape. Governments and corporations alike face increasing pressure to strengthen cyber resilience as attacks extend across critical infrastructure, supply chains and data systems with growing frequency. At the forefront of national and…
EU’s answer to CVE solves dependency issue, adds fragmentation risks

Jan 29, 2026 12:21 PM

Tags: access, ai, china, cisco, cve, cyber, cybersecurity, data, dos, exploit, finance, governance, grc, infrastructure, intelligence, international, nvd, open-source, risk, service, software, threat, tool, vulnerability, vulnerability-management

Coordinated disclosure: Nik Kale, principal engineer and product architect at Cisco Systems, says GCVE’s main challenge comes from building a platform that the security community can rely on for coordinated disclosure and remediation.”Viability depends far more on governance than on the data itself,” Kale says. “That includes clear attribution rules, transparent CNA processes, predictable decision-making,…
Kritik am Kritis-Dachgesetz: “Flickenteppich” befürchtet

Jan 29, 2026 11:24 AM

Tags: cyberattack, germany, governance, infrastructure, kritis

Der Gesetzesentwurf der Bundesregierung zum Schutz kritischer Infrastruktur reicht nach Meinung des Deutschen Städtetag nicht aus.Der Deutsche Städtetag hält den zur Abstimmung im Bundestag anstehenden Vorschlag der Koalition zum Schutz kritischer Infrastruktur für unzureichend. Der Entwurf von Union und SPD sieht für Unternehmen der kritischen Infrastruktur wie etwa große Energieversorger oder Verkehrsunternehmen strengere Verpflichtungen zum…
SolarWinds, again: Critical RCE bugs reopen old wounds for enterprise security teams

Jan 29, 2026 5:21 AM

Tags: access, attack, authentication, awareness, breach, cisco, control, credentials, cve, cybersecurity, data, exploit, flaw, fortinet, infrastructure, malicious, programming, radius, rce, remote-code-execution, software, threat, update, vulnerability

Remote code execution and data deserialization vulnerabilities CVE-2025-40551 (critical) and CVE-2025-40553 (critical);Authentication and bypass security flaws CVE-2025-40552 (critical), CVE-2025-40554 (critical), CVE-2025-40536 (high), and CVE-2025-40537 (high).CVE-2025-40551 and CVE-2025-40553 make WHD susceptible to untrusted data deseralization that could allow attackers to run commands on the host machine. The flaw could be exploited without authentication.The other two critical…
Crooks are hijacking and reselling AI infrastructure: Report

Jan 29, 2026 5:21 AM

Tags: access, ai, api, attack, authentication, business, cloud, communications, control, credentials, cybersecurity, data, data-breach, endpoint, exploit, firewall, group, infosec, infrastructure, intelligence, Internet, LLM, malicious, marketplace, risk, service, skills, technology, theft, threat, training, vulnerability

exposed endpoints on default ports of common LLM inference services;unauthenticated API access without proper access controls;development/staging environments with public IP addresses;MCP servers connecting LLMs to file systems, databases and internal APIs.Common misconfigurations leveraged by these threat actors include:Ollama running on port 11434 without authentication;OpenAI-compatible APIs on port 8000 exposed to the internet;MCP servers accessible without…
AI Use by CISA Chief Alarms Cyber Officials

Jan 29, 2026 12:21 AM

Tags: ai, chatgpt, cisa, compliance, cyber, cybersecurity, governance, infrastructure, tool

CISA Defends Director’s Use of AI Tool Despite Internal Compliance Review. Cybersecurity and Infrastructure Security Agency Acting Director Madhu Gottumukkala uploaded sensitive documents to ChatGPT under a temporary, approved exception, prompting internal alerts and reigniting concerns over the agency’s AI governance and leadership judgement. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-use-by-cisa-chief-alarms-cyber-officials-a-30620
What Are Service Accounts and Why Are They a Security Risk?

Jan 28, 2026 9:24 PM

Tags: api, cloud, container, credentials, cyberattack, data, identity, infrastructure, risk, service

6 min read79 percent of cyberattacks now rely purely on identity compromise, using legitimate credentials to move laterally, escalate privileges and exfiltrate data while appearing authorized at every step. Service accounts represent the automated backbone of modern infrastructure, operating continuously across cloud platforms, databases, APIs and container orchestrators as non-human identities. Their ubiquity makes them…
Critical FortiCloud SSO zero”‘day forces emergency service disablement at Fortinet

Jan 28, 2026 1:21 PM

Tags: advisory, attack, authentication, cisa, cloud, cve, cyber, exploit, fortinet, infrastructure, kev, login, malicious, risk, service, tool, update, vulnerability

Attack details and indicators: Fortinet’s investigation into the exploitation revealed attackers used two specific FortiCloud accounts: “cloud-noc@mail.io” and “cloud-init@mail.io,” though the company warned “these addresses may change in the future.”Fortinet identified multiple IP addresses associated with the attacks, including several Cloudflare-protected addresses that attackers used to obscure their activities.”Following authentication via SSO, it has been…
Delegation is a risk decision every leader makes, not an ops choice

Jan 28, 2026 10:21 AM

Tags: access, ai, awareness, breach, business, communications, compliance, control, finance, governance, infrastructure, jobs, resilience, risk, risk-assessment, service, tool

Airlines and booking platforms, overwhelmed by volume and operational pressure, delegated financial decision-making to automated systems that could issue credits, delay refunds, or apply preset rules at scale.In many cases, those systems operated exactly as configured. They stayed within internal thresholds, followed approved logic, and reduced immediate operational load. The problem surfaced later. Customers challenged outcomes.…
Skills CISOs need to master in 2026

Jan 28, 2026 9:21 AM

Tags: access, ai, business, ciso, cloud, compliance, credentials, cyber, cybersecurity, data, endpoint, finance, firewall, group, Hardware, identity, infrastructure, intelligence, jobs, resilience, risk, risk-management, skills, strategy, threat, tool, training

Top technical skills: In addition to strong knowledge of AI systems, today’s CISOs need a solid foundation in the technologies that define modern enterprise environments. The (ISC)² CISSP is still widely regarded as the gold standard for broad expertise in security architecture, risk management, and governance. “Regulators will expect this, and it still appears in…