Large language models are now embedded in everyday workplace tasks, powering automated support tools and autonomous assistants that manage calendars, write code, and handle financial actions. As these systems expand in capability and adoption, they also introduce new security…
Category: EN
Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)
Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released an emergency fix last week. The exploitation CVE-2026-21509 allows unauthorized attackers to bypass a security feature (OLE mitigations in Microsoft 365…
DockerDash Exposes AI Supply Chain Weakness In Docker’s Ask Gordon
DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon This article has been indexed from www.infosecurity-magazine.com Read the original article: DockerDash Exposes AI Supply Chain Weakness In Docker’s Ask Gordon
Cyber Briefing: 2026.02.03
APT groups exploit Office flaws, vishing steals MFA, ransomware hits airports, Iran-linked ops target NGOs, extortion rises, and law enforcement seizures expand. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.02.03
RapidFort Raises $42M to Automate Software Supply Chain Security
The company will use the latest capital to scale its go-to-market efforts and expand its platform’s capabilities. The post RapidFort Raises $42M to Automate Software Supply Chain Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Rhysida Ransomware Hits California Tribal Clinics, Leaks SSNs and Medical Data
A recent ransomware attack has disrupted healthcare services and exposed sensitive patient data at the MACT Health Board, which operates clinics serving American Indian communities in California’s Sierra Foothills. The cybercriminal group Rhysida has claimed responsibility for the November…
Gremlin launches Disaster Recovery Testing for zone, region, and datacenter failovers
Gremlin, the proactive reliability platform, launched Disaster Recovery Testing: a new product built to safely and efficiently test zone, region, and datacenter evacuations and failovers. These large-scale tests ensure businesses maintain digital resilience and business continuity when faced with cloud…
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular “@react-native-community/cli” npm package. Cybersecurity company VulnCheck said it first observed exploitation of CVE-2025-11953 (aka Metro4Shell) on December 21, 2025. With a CVSS…
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor promises “complete coverage” or “AI-powered automation,” but inside most SOCs, teams are still overwhelmed, stretched thin, and unsure which tools…
UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery
UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery
JFrog Researchers Surface Vulnerabilities in AI Automation Platform from n8n
JFrog security researchers have discovered a pair of critical vulnerabilities in a workflow automation platform from n8n that makes use of large language models (LLMs) to execute tasks. A CVE-2026-1470 vulnerability, rated 9.9, enables a malicious actor to remotely execute…
Security Analysts Warn of Shadow Directory Techniques Targeting WordPress
Several theme-level vulnerabilities coupled with evolving abuse tactics are demonstrating once again how vulnerable WordPress becomes when multiple vulnerabilities are aligned. An unauthenticated file access and deletion vulnerability has been disclosed in the WPLMS theme-tracked as CVE-2024-10470 and assigned…
Ransomware Group Claims Hack of Software Company
Distinctive Systems, a UK-based software provider for the transport industry, is currently managing a cyber attack first identified in mid-January. This article has been indexed from CyberMaterial Read the original article: Ransomware Group Claims Hack of Software Company
Cl0p Targets Australian IT Providers
The Cl0p cyber extortion group has targeted nine Australian companies by listing them on its darknet leak site following alleged links to two specific IT service providers. This article has been indexed from CyberMaterial Read the original article: Cl0p Targets…
DOJ Seizes Domains Linked To Bulgarian Piracy
U.S. This article has been indexed from CyberMaterial Read the original article: DOJ Seizes Domains Linked To Bulgarian Piracy
Canadian Hacker Steals $65M And Vanishes
A twenty-two-year-old Canadian math prodigy who allegedly stole sixty-five million dollars from decentralized finance platforms has disappeared after being apprehended in Serbia. This article has been indexed from CyberMaterial Read the original article: Canadian Hacker Steals $65M And Vanishes
Nobel Hacking Likely Leaks Winner Name
An investigation into the premature disclosure of Maria Corina Machado’s Nobel Peace Prize win has concluded that a cyber breach of the Nobel organization’s computer systems was the most probable cause. This article has been indexed from CyberMaterial Read the…
Meet Moltbook, the Social Platform Where AI Agents Talk and Humans Watch
Moltbook is a new social platform where AI agents post and interact while humans observe, raising questions about autonomy, security, and agent behavior. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the…
Mozilla Unveils Kill Switch to Disable All Firefox AI features
Firefox 148 introduces comprehensive AI controls, giving users greater control over artificial intelligence features built into the browser. The new security-focused setting provides a centralized toggle to block current and future generative AI functionalities. Addressing growing privacy and security concerns…
Microsoft to Disable NTLM by Default as a Step Towards More Secure Authentication
The transition away from NTLM (New Technology LAN Manager), a legacy authentication protocol that has existed in Windows for over three decades, is being accelerated. The company has announced a phased roadmap to reduce, restrict, and ultimately disable NTLM by…