Tag Archives: it security

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate

Most security teams today are buried under tools. Too many dashboards. Too much noise. Not...

03
Feb
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server...

03
Feb
When Cloud Outages Ripple Across the Internet

Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such...

03
Feb
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks...

03
Feb
Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that...

03
Feb
Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to...

03
Feb
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple...

02
Feb
OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and...

02
Feb
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?
February 2, 2026

CSPM tools are big business. Could they be the answer to your cloud configuration problems?...

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as...

02
Feb
The Quiet Compliance Gap: Why Risk Persists Despite Security Training

Most financial institutions can confidently say they are compliant. Employees complete annual security awareness training....

02
Feb
⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some...

02
Feb
Securing the Mid-Market Across the Complete Threat Lifecycle

For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential...

02
Feb
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to...

02
Feb
eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld...

02
Feb
Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry...

02
Feb
Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a...

31
Jan
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft...

31
Jan
CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more...

31
Jan
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate...

30
Jan
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as...

30
Jan
Badges, Bytes and Blackmail

Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals?...

30
Jan
Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup

A former Google engineer accused of stealing thousands of the company’s confidential documents to build...

30
Jan
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score

SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security...

30
Jan
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released

Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager...

30
Jan
Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries

A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial...

29
Jan
ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories

This week’s updates show how small changes can create real problems. Not loud incidents, but...

29
Jan
Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks...

29
Jan
3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026

Beyond the direct impact of cyberattacks, enterprises suffer from a secondary but potentially even more...

29
Jan
SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk,...

29
Jan