Tag: network
-
Moltbook Gave Everyone Control of Every AI Agent
Database Misconfiguration Exposed 1.5 million API Tokens. A misconfigured database at Moltbook, the viral social network for AI agents, exposed 1.5 million API authentication tokens, 35,000 email addresses, and private messages. Security researchers discovered unauthenticated read and write access to all platform data within days of launch. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/moltbook-gave-everyone-control-every-ai-agent-a-30710
-
Asian Cyber Espionage Campaign Breached 37 Countries
Palo Alto Networks says an Asian cyber espionage campaign breached 70 organizations in 37 countries, targeting government agencies and critical infrastructure. The post Asian Cyber Espionage Campaign Breached 37 Countries appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-asian-cyber-espionage-campaign-breached-37-countries/
-
Six more vulnerabilities found in n8n automation platform
CVE-2026-21893, a command injection hole in the community edition of n8n. An unauthenticated user with administration permission could execute arbitrary system commands on the n8n host.”The risk is amplified by the trust typically placed in community extensions,” Upwinds said in its commentary, “making this a high-impact attack path that directly bridges application-level functionality with host-level…
-
CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB) agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers (OEMs) over the next 12 to 18 months.The agency said the move is to drive down technical…
-
CISA gives federal agencies 18 months to purge unsupported edge devices
Tags: authentication, cisa, cyber, data, exploit, firmware, Hardware, infrastructure, monitoring, network, risk, risk-assessment, service, software, technology, threat, updateImplementation hurdles: Sunil Varkey, advisor at Beagle Security, warns of implementation complexities. “The operational reality of removing legacy systems is not straightforward,” Varkey said. “Legacy devices continue to exist not by design, but by necessity.”He pointed to orphaned systems that remain live and embedded in workflows but lack clear ownership, and operational technology environments where…
-
CISA orders US federal agencies to replace unsupported edge devices
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new binding operational directive aimed at reducing a long-standing cyber risk across federal networks: … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/cisa-orders-us-federal-agencies-to-replace-unsupported-edge-devices/
-
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155…
-
Zscaler extends zero-trust security to browsers with SquareX acquisition
Tags: access, ai, ceo, ciso, control, crowdstrike, cybersecurity, edr, endpoint, least-privilege, network, risk, service, strategy, tool, vpn, zero-trustA win-win for customers?: Zscaler has acknowledged that browser runtime behaviour was a missing piece in its zero-trust security, and having SquareX solution in its portfolio can help fill the gap, noted Gogia.For Zscaler customers, this acquisition would mean browser security is no longer an afterthought or a separate tool to evaluate but a native…
-
China-Nexus Hackers Target Linux Devices to Redirect Traffic and Deploy Malware
>>DKnife,<< a sophisticated gateway-monitoring and adversary-in-the-middle (AitM) framework that turns Linux-based routers and edge devices into surveillance tools. Active since at least 2019, this campaign employs seven distinct Linux implants to inspect network traffic, hijack legitimate software downloads, and deploy advanced malware. The framework remains active as of January 2026, targeting personal computers, mobile phones,…
-
How Samsung Knox Helps Stop Your Network Security Breach
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically First seen…
-
CISA orders federal agencies to replace endlife edge devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring federal agencies to identify and remove network edge devices that no longer receive security updates from manufacturers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-replace-end-of-life-edge-devices/
-
APT27 Launches Stealthy Attacks on Corporate Networks, Evades Detection
A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as APT-Q-27, or >>GoldenEyeDog<<. The attack began with a common, everyday task: a customer support agent clicking a link in a support…
-
New APT group breached gov and critical infrastructure orgs in 37 countries
Tags: apt, backdoor, computer, control, espionage, finance, framework, government, group, infrastructure, linux, malware, monitoring, network, software, threat, tool, usa, vulnerabilityA complex toolset of implants: In addition to Cobalt Strike, the group uses various other malware payloads and command-and-control (C2) frameworks, including VShell, Havoc, SparkRat, and Sliver. On compromised web servers, the attackers deploy a variety of web shells, including Behinder, Neo-reGeorg, and Godzilla.On Linux servers the group has been seen deploying a rootkit dubbed…
-
New APT group breached gov and critical infrastructure orgs in 37 countries
Tags: apt, backdoor, computer, control, espionage, finance, framework, government, group, infrastructure, linux, malware, monitoring, network, software, threat, tool, usa, vulnerabilityA complex toolset of implants: In addition to Cobalt Strike, the group uses various other malware payloads and command-and-control (C2) frameworks, including VShell, Havoc, SparkRat, and Sliver. On compromised web servers, the attackers deploy a variety of web shells, including Behinder, Neo-reGeorg, and Godzilla.On Linux servers the group has been seen deploying a rootkit dubbed…
-
CISA Directs Federal Agencies to Update Edge Devices
Binding Directive Requires Inventories and Replacements. U.S. federal agencies have 12 months to start replacing risky network appliances running past their vendor support cutoff date under a directive published Thursday by U.S. Cybersecurity and Infrastructure Security Agency. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisa-directs-federal-agencies-to-update-edge-devices-a-30689
-
CISA orders feds to disconnect unsupported network edge devices
The government is worried about hackers accessing systems through insecure and poorly monitored routers, firewalls and similar equipment at the network perimeter. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-edge-devices-binding-operational-directive/811539/
-
Asia-based government spies quietly broke into critical networks across 37 countries
And their toolkit includes a new, Linux kernel rootkit First seen on theregister.com Jump to article: www.theregister.com/2026/02/05/asia_government_spies_hacked_37_critical_networks/
-
Asian government’s espionage campaign breached critical infrastructure in 37 countries
The victims included national telecommunications firms, finance ministries and police agencies, with most targets suggesting an economic focus, Palo Alto Networks said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/asian-governments-espionage-campaign-breached-critical-infrastructure-in-3/811472/
-
When cloud logs fall short, the network tells the truth
Cloud logs can be inconsistent or incomplete, creating blind spots as environments scale and change. Corelight shows how network-level telemetry provides reliable visibility when cloud logs fall short. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/when-cloud-logs-fall-short-the-network-tells-the-truth/
-
Palo Alto Networks Revamps NextWave Program: 5 Biggest Updates
Palo Alto Networks is unveiling a major set of updates to its NextWave Partner Program including expanded incentives and new AI-powered training, along with increased expectations for top partners around driving platform adoption, Channel Chief Michael Khoury tells CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/palo-alto-networks-revamps-nextwave-program-5-biggest-updates
-
Network-Mapping und Netzwerk-Monitoring für transparentes und effizientes IT-Management
Durch hybride Infrastrukturen stehen IT-Teams und Netzwerkadministratoren vor immer komplexeren Anforderungen. Lokal oder in der Cloud, mit Endpoints und entfernten Standorten oder eine Kombination aus allem Netzwerke werden zunehmend komplexer und dynamischer, müssen aber effektiv verwaltet und überwacht werden. Für verlässliche Informationen über die IT-Umgebung ist Transparenz im Netzwerk entscheidend. Eine Kombination aus Network-Mapping […]…
-
CISA Makes Unpublicized Ransomware Updates to KEV Catalog
A third of the flipped CVEs affected network edge devices, leading one researcher to conclude, Ransomware operators are building playbooks around your perimeter. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/cisa-hidden-ransomware-updates-kev-catalog
-
Harvard, UPenn Data Leaked in ShinyHunters Shakedown
Leaked Financial and Admissions Data Includes Contact Details for ‘Top Donors’. Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group’s ongoing live phishing attacks that often attempt to trick IT help desks into giving attackers direct access to a victim’s network and…
-
Critical ASUSTOR NAS Security Flaw Enables Complete Device Takeover
A severe vulnerability affecting ASUSTOR Network Attached Storage (NAS) devices has been disclosed, potentially allowing unauthenticated attackers to seize full control of affected systems. Tracked as CVE-2026-24936, this critical flaw carries a CVSS v4.0 base score of 9.5, highlighting the urgency for administrators to apply available updates immediately. The vulnerability resides within the ASUSTOR Data Master (ADM)…
-
Zero trust in practice: A deep technical dive into going fully passwordless in hybrid enterprise environments
Tags: access, attack, authentication, backup, breach, business, cloud, compliance, credentials, cybersecurity, data, endpoint, group, Hardware, identity, infrastructure, lessons-learned, network, password, phishing, phone, risk, service, technology, update, windows, zero-trustArchitecture decisions: Hybrid authentication flows and Windows Hello for Business: Once your prerequisites are in place, you face critical architectural decisions that will shape your deployment for years to come. The primary decision point is whether to use Windows Hello for Business, FIDO2 security keys or phone sign-in as your primary authentication mechanism.In my experience,…
-
Should I stay or should I go?
Tags: access, breach, business, ceo, cio, ciso, communications, compliance, cybersecurity, finance, fraud, insurance, jobs, network, risk, strategy, supply-chain, update, vulnerabilityRed flag: Cognitive disconnect: Lack of access to executives and the board comes up repeatedly in Cybersecurity Ventures reports as a top reason CISO’s decide to leave their jobs, according to Steve Morgan, founder of Cybersecurity Ventures. He cites lack of support as another top reason CISO’s leave.Splunk’s 2025 CISO report found 29% of respondents…
-
Shadow DNS Operation Abuses Compromised Routers to Manipulate Internet Traffic
A sophisticated shadow DNS network that hijacks internet traffic by compromising home and business routers. The operation, active since mid-2022, manipulates DNS resolution through malicious resolvers hosted by Aeza International (AS210644), a bulletproof hosting provider sanctioned by the U.S. Treasury Department in July 2025. The threat campaign targets older router models, modifying their DNS configuration…
-
Security Researchers Breach Moltbook in Record Time
Security researchers from cloud cybersecurity firm Wiz disclosed a critical vulnerability in Moltbook, a newly launched social network designed for AI agents, that allowed them to breach the platform’s backend and access private information in under three minutes. Moltbook is a newly launched social network built exclusively for “authentic” AI agents. According to the researcher,……