IT Security News Daily Summary 2026-02-02

158 posts were published in the last hour

• 22:34 : MoltBot Skills exploited to distribute 400+ malware packages in days
• 22:33 : Infostealers without borders: macOS, Python stealers, and platform abuse
• 21:34 : New “Punishing Owl” Hacker Group Targets Networks Linked to Russian Security Agency
• 21:34 : Russian Hacker Alliance Launches Large-Scale Cyberattack Targeting Denmark
• 21:34 : Over 21,000 OpenClaw AI Instances Leak Personal Configuration Data
• 21:34 : DynoWiper Malware Targets Energy Firms in Destructive Data-Wiping Attacks
• 21:34 : Coordinated Cyberattacks Hit 30 Wind and Solar Farms Across Poland
• 21:34 : Panera Bread breach affected 5.1 Million accounts, HIBP Confirms
• 21:7 : From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized
• 20:38 : Fast-Growing Chinese Crime Networks Launder 20% of Illicit Crypto: Chainalysis
• 20:9 : 2026-02-02: KongTuke ClickFix activity leads to Async RAT
• 20:9 : OpenClaw’s Rapid Rise Exposes Thousands of AI Agents to the Public Internet
• 20:9 : How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization
• 20:9 : Reorient Your Thinking to Tackle AI Security Risks
• 20:5 : IT Security News Hourly Summary 2026-02-02 21h : 9 posts
• 19:32 : Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
• 19:32 : Devices
• 19:32 : Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
• 19:32 : StopICE hacked to send alarming text messages, admins accuse border patrol agent of sabotage
• 19:16 : AI Threats in 2026: A SecOps Playbook
• 19:16 : Russian Hacker Alliance Targeting Denmark in Large-Scale Cyberattack
• 19:16 : 30 Wind and Solar Farms in Poland Faced Coordinated Cyberattacks
• 19:16 : DynoWiper Data-Wiping Malware Attacking Energy Companies to Destroy Data
• 19:16 : How Manifest v3 forced us to rethink Browser Guard, and why that’s a good thing
• 18:36 : Fake Dating App Delivers Android Spyware in Targeted Campaign
• 18:36 : Notepad++ says Chinese government hackers hijacked its software updates for months
• 18:36 : Russia-linked APT28 attackers already abusing new Microsoft Office zero-day
• 18:8 : CultureAI Launches Global Partner Program
• 18:7 : Iran-Linked Hackers Target Human Rights Groups in Redkitten Malware Campaign
• 18:7 : Open-Source AI Models Pose Growing Security Risks, Researchers Warn
• 18:7 : OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
• 18:7 : This Is How They Tell Me the World Ends
• 17:41 : Notepad++ Updates Delivered Malware After Hosting Provider Breach
• 17:41 : Fake Clawdbot VS Code Extension Deploys ScreenConnect RAT
• 17:40 : ShinyHunters escalates tactics in extortion campaign linked to Okta environments
• 17:14 : McDonald’s is not lovin’ your bigmac, happymeal, and mcnuggets passwords
• 17:14 : Please Don’t Feed the Scattered Lapsus ShinyHunters
• 17:14 : ShinyHunters Leads Surge in Vishing Attacks to Steal SaaS Data
• 17:14 : FCC urges telecoms to boost cybersecurity amid growing ransomware threat
• 17:5 : IT Security News Hourly Summary 2026-02-02 18h : 13 posts
• 16:34 : Please Don’t Feed the Scattered Lapsus Shiny Hunters
• 16:34 : Notepad++ Update Servers Hijacked in Targeted Supply Chain Attack
• 16:34 : NationStates Suffers Databreach – Game site Temporarily Offline
• 16:34 : 21,000+ OpenClaw AI Instances With Personal Configurations Exposed Online
• 16:34 : New Punishing Owl Hacker Group Targeting Networks of Russian Government Security Agency
• 16:34 : ShinyHunters flip the script on MFA in new data theft attacks
• 16:34 : Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos
• 16:34 : NSA Publishes New Zero Trust Implementation Guidelines
• 16:12 : Hugging Face Repositories Abused in New Android Malware Campaign
• 16:12 : WhatsApp Launches High-Security Mode for Ultimate User Protection
• 16:12 : Apple’s New Feature Will Help Users Restrict Location Data
• 16:12 : ShinyHunters Claims Match Group Data Breach Exposing 10 Million Records
• 16:12 : Open VSX Supply Chain Breach Delivers GlassWorm Malware Through Trusted Developer Extensions
• 15:34 : Scanning for exposed Anthropic Models, (Mon, Feb 2nd)
• 15:34 : Important Notice: Preserving Free Access While Evolving the Wordfence Intelligence Vulnerability API
• 15:34 : Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack
• 15:34 : Hackers exploit unsecured MongoDB instances to wipe data and demand ransom
• 15:34 : ShinyHunters-Branded Extortion Activity Expands, Escalates
• 15:34 : AI Agent Orchestration: How It Works and Why It Matters
• 15:34 : Notepad++ Update Hijacking Linked to Hosting Provider Compromise
• 15:34 : Cyber Briefing: 2026.02.02
• 15:4 : Windows 11 Bug Causing Password Sign-in Option to Disappear from the Lock Screen on
• 15:4 : Hackers Exploiting Microsoft Office 0-day Vulnerability to Deploy Malware
• 15:4 : Pulsar RAT Attacking Windows Systems via Per-user Run Registry Key and Exfiltrates Sensitive Details
• 14:32 : Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack
• 14:32 : Vulnerability Summary for the Week of January 26, 2026
• 14:32 : Malwarebytes in ChatGPT delivers AI-powered protection against scams
• 14:14 : Spotify and Major Music Labels Sue Anna’s Archive for $13 Trillion
• 14:14 : Modern Vulnerability Detection: Using GNNs to Find Subtle Bugs
• 14:13 : Scam-checking just got easier: Malwarebytes is now in ChatGPT
• 14:13 : OpenClaw patches one-click RCE as security Whac-A-Mole continues
• 14:13 : Gakido CRLF Injection Vulnerability Let Attackers Bypass Security Controls
• 14:13 : New Stealthy Fileless Linux Malware ‘ShadowHS’ Emphasizes Automated Propagation
• 14:13 : Autonomous AI Agents Are Becoming the New Operating System of Cybercrime
• 14:13 : Default ICS Credentials Exploited in Destructive Attack on Polish Energy Facilities
• 14:13 : Chinese Crime Networks Move Billions
• 14:13 : Apple Privacy Feature Limits Tracking
• 14:5 : IT Security News Hourly Summary 2026-02-02 15h : 15 posts
• 13:34 : Iconics SCADA Vulnerability Can Render Systems Unbootable
• 13:34 : Notepad++ update service hijacked in targeted state-linked attack
• 13:34 : How state-sponsored attackers hijacked Notepad++ updates
• 13:34 : Securing the Mid-Market Across the Complete Threat Lifecycle
• 13:34 : ⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
• 13:34 : Open Vsx Supply Chain Attack Spreads Glassworm
• 13:34 : Nationstates Confirms Breach Shuts Site
• 13:34 : Crypto Investor Loses Millions To Scam
• 13:34 : Cyberattacks Disrupt Polish Energy Sites
• 13:34 : Arrests Trigger Scam Worker Exodus
• 13:9 : Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links
• 13:9 : Top 10 Cyber Risk Management and GRC Companies in the UK and Globally
• 13:9 : Bitbucket Alternatives in 2026
• 13:9 : Span Cyber Security Arena 2026: Only 10 days left to secure early bird tickets
• 13:9 : Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
• 12:7 : Microsoft Moves Closer to Disabling NTLM
• 12:7 : Over 1,400 MongoDB Databases Ransacked by Threat Actor
• 12:7 : Cyber Insights 2026: Malware and Cyberattacks in the Age of AI
• 11:36 : ICE and Qatari Security Forces at the Winter Olympics Put Italians on Edge
• 11:36 : Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates
• 11:36 : SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
• 11:36 : Aisuru Botnet Drives DDoS Attack Volumes to Historic Highs
• 11:36 : Microsoft sets a path to switch off NTLM across Windows
• 11:11 : Arsink Rat Attacking Android Devices to Exfiltrate Sensitive Data and Enable Remote Access
• 11:11 : Hackers Attacking MongoDB Instances to Delete Database and Add Ransom Note
• 11:11 : How fake party invitations are being used to install remote access tools
• 11:11 : Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows
• 11:11 : Android RAT Uses Hugging Face to Host Malware
• 11:5 : IT Security News Hourly Summary 2026-02-02 12h : 7 posts
• 10:34 : Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION
• 10:34 : Infrastructure cyberattacks are suddenly in fashion. We can buck the trend
• 10:34 : Voice channels are the next major attack vector that security teams can’t monitor
• 10:11 : Designing for the Long Term: How Education Must Evolve for Augmented Work
• 10:11 : Designing for the Long Term: Head-to-Head
• 10:11 : BreachForums Breach Exposes Names of 324K Cybercriminals, Upends the Threat Intel Game
• 10:11 : Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
• 9:40 : Windows 11 Introduces New Feature to Block Unauthorized Access to System Files
• 9:40 : ShadowHS: New Stealthy Fileless Linux Malware Spreads Automatically
• 9:40 : Notepad++ Users Targeted After State-Backed Attackers Hijack Update Servers
• 9:39 : PeckBirdy Hackers Abuse LOLBins Across Environments to Deploy Advanced Malware
• 9:39 : Hackers Target MongoDB Instances to Delete Databases and Plant Ransom Notes
• 9:39 : A tiny light trap could unlock million qubit quantum computers
• 9:39 : Notepad++ Supply Chain Hack Conducted by China via Hosting Provider
• 9:39 : Former Google Engineer Found Guilty of Stealing AI Secrets
• 9:7 : Apple Buys Israel’s Q.ai For Wearable Tech, In Major Deal
• 9:7 : Windows 11 New Security Feature Denies Unauthorized Access to System Files
• 9:7 : Google Uncovered Significant Expansion in ShinyHunters Threat Activity with New Tactics
• 9:6 : Flaw in Broadcom Wi-Fi Chipsets Illuminates Importance of Wireless Dependability and Business Continuity
• 8:32 : Waymo Hopes For September Launch In London
• 8:32 : A week in security (January 26 – February 1)
• 8:32 : Police question Coupang CEO, Russia bakery cyberattack, Australian real estate scandal
• 8:5 : IT Security News Hourly Summary 2026-02-02 09h : 5 posts
• 8:4 : ASA Bans Coinbase Adverts In UK
• 8:4 : Why native cloud security falls short
• 7:36 : State-Sponsored Actors Hijacked Notepad++ Update Servers to Redirect Users to Malicious Servers
• 7:36 : 1-Click Clawdbot Vulnerability Enable Malicious Remote Code Execution Attacks
• 7:36 : StrongestLayer: Top ‘Trusted’ Platforms are Key Attack Surfaces
• 6:36 : Where NSA zero trust guidance aligns with enterprise reality
• 6:36 : Open-source AI pentesting tools are getting uncomfortably good
• 6:3 : eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware
• 6:3 : What boards need to hear about cyber risk, and what they don’t
• 6:3 : Pompelmi: Open-source secure file upload scanning for Node.js
• 6:2 : Google’s Proxy Network Takedown, AI Agent Hijack, and More: Cybersecurity Today for February 2, 2026
• 5:32 : State-Sponsored Actors Hijacked Notepad++ Update to Redirect Users to Malicious Servers
• 5:32 : Why Gen Z is Ditching Smartphones for Dumbphones
• 5:32 : AI is flooding IAM systems with new identities
• 5:32 : Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
• 5:9 : 2026-02-01: Seven days of scans and probes and web traffic hitting my web server
• 5:9 : Web Single Sign-on with WS-Federation
• 5:9 : OAuth User-Managed Access Protocol Overview
• 2:5 : IT Security News Hourly Summary 2026-02-02 03h : 1 posts
• 2:4 : ISC Stormcast For Monday, February 2nd, 2026 https://isc.sans.edu/podcastdetail/9790, (Mon, Feb 2nd)
• 0:7 : Open-source AI is a global security nightmare waiting to happen, say researchers
• 23:36 : How powerful is AI in managing non-human identities
• 23:36 : Can Agentic AI handle complex cloud-native security tasks
• 23:36 : Are cloud secrets safe with automatic rotation systems
• 23:36 : What new technologies are boosting Agentic AI capabilities
• 23:5 : IT Security News Hourly Summary 2026-02-02 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 05
• 22:55 : IT Security News Daily Summary 2026-02-01