Application Security Engineer Liebherr Group | Germany | Hybrid – View job details As an Application Security Engineer, you will As an Application Security Engineer, you will implement and automate application security testing, perform vulnerability assessments and penetration testing, and…
Category: EN
Product showcase: 2FAS Auth – Free, open-source 2FA for iOS
Online accounts usually rely on a password, but passwords alone can be weak if they’re reused, easily guessed, or stolen. Two-factor authentication (2FA) adds a second layer of verification, usually a six-digit code generated by an app on your phone.…
Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the state-sponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to…
Italy Steps Up Cyber Defenses as Milano–Cortina Winter Olympics Approach
Inside a government building in Rome, located opposite the ancient Aurelian Walls, dozens of cybersecurity professionals have been carrying out continuous monitoring operations for nearly a year. Their work focuses on tracking suspicious discussions and coordination activity taking place…
WhatsApp Replaces C++ Code To RUST As Shield Billion Users
WhatsApp recently announced a massive architectural shift, replacing legacy code with Rust to protect users. This deployment marks… The post WhatsApp Replaces C++ Code To RUST As Shield Billion Users appeared first on Hackers Online Club. This article has been…
Notepad++ Hack Detailed Along With the IoCs and Custom Malware Used
A sophisticated espionage campaign attributed to the Chinese Advanced Persistent Threat (APT) group Lotus Blossom (also known as Billbug). The threat actors compromised the infrastructure hosting the popular text editor Notepad++ to deliver a custom, previously undocumented backdoor named “Chrysalis”.…
Configuring WS-Federation Single Sign-on for Resources
Learn how to configure WS-Federation SSO for enterprise resources. A deep dive into identity delegation, claim mapping, and securing legacy apps for engineering leaders. The post Configuring WS-Federation Single Sign-on for Resources appeared first on Security Boulevard. This article has…
Is the Online Account Service Still Available?
Struggling with auth downtime? Learn why your online account service might be failing and how to implement Enterprise SSO and CIAM for 99.9% availability. The post Is the Online Account Service Still Available? appeared first on Security Boulevard. This article…
ISC Stormcast For Tuesday, February 3rd, 2026 https://isc.sans.edu/podcastdetail/9792, (Tue, Feb 3rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, February 3rd, 2026…
A slippery slope: Beware of Winter Olympics scams and other cyberthreats
It’s snow joke – sporting events are a big draw for cybercriminals. Make sure you’re not on the losing side by following these best practices. This article has been indexed from WeLiveSecurity Read the original article: A slippery slope: Beware…
Department of Know: CISA’s cryptography categories, Gottumukkala’s ChatGPT gotcha, NTLM says goodbye
Link to episode page This week’s Department of Know is hosted by Rich Stroffolino with guests Steve Zalewski, co-host, Defense in Depth, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Devo/Strike 48 Strike48 is…
Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor
The group targets telecoms, critical infrastructure – all the usual high-value orgs Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called Lotus Blossom (aka Lotus Panda, Billbug), which abused weaknesses in the update infrastructure…
10 must-have security technologies in 2026
<p>The ever-evolving threat landscape looks particularly ominous to security executives scanning the 2026 horizon.</p> <p>CISOs and their teams are bracing for more sophisticated, challenging and targeted <a href=”https://www.techtarget.com/searchsecurity/feature/AI-powered-attacks-What-CISOSs-need-to-know-now”>AI-enabled cyberattacks</a>. They’re anticipating more geopolitically motivated attacks. And they’re seeing their organizations’…
MoltBot Skills exploited to distribute 400+ malware packages in days
Over 400 malicious OpenClaw packages were uploaded in days, using MoltBot skills to spread password-stealing malware. Researchers uncovered a large malware campaign abusing AI skills for Claude Code and Moltbot users. Between late January and early February 2026, more than…
Infostealers without borders: macOS, Python stealers, and platform abuse
How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads. The post Infostealers without borders: macOS, Python stealers, and platform abuse appeared first on Microsoft Security Blog. This article has been…
New “Punishing Owl” Hacker Group Targets Networks Linked to Russian Security Agency
A previously unknown threat actor calling itself Punishing Owl has claimed responsibility for breaching a Russian government security agency, marking the emergence of what cybersecurity researchers believe is a new politically motivated hacktivist collective. The attack demonstrated sophisticated operational security…
Russian Hacker Alliance Launches Large-Scale Cyberattack Targeting Denmark
A pro-Russian hacker alliance calling itself “Russian Legion” has issued direct threats against Denmark, warning of large-scale cyberattacks linked to the country’s planned military support to Ukraine. The campaign appears designed to combine disruptive cyber activity with psychological pressure on…
Over 21,000 OpenClaw AI Instances Leak Personal Configuration Data
The open-source AI assistant OpenClaw experienced explosive growth, expanding from approximately 1,000 active instances to over 21,000 in just seven days. Created by Austrian developer Peter Steinberger, the personal AI assistant integrates with email, calendars, smart-home systems, and food-delivery services,…
DynoWiper Malware Targets Energy Firms in Destructive Data-Wiping Attacks
A new data-wiping malware dubbed DynoWiper, deployed against an energy company in Poland in late December 2025. The malware’s tactics, techniques, and procedures closely mirror those observed in earlier ZOV wiper incidents in Ukraine, prompting ESET to attribute DynoWiper to…
Coordinated Cyberattacks Hit 30 Wind and Solar Farms Across Poland
On December 29, 2025, Poland experienced a significant escalation in coordinated cyberattacks targeting critical energy infrastructure. More than 30 wind and photovoltaic farms, a manufacturing company, and a large combined heat and power plant supplying heating to approximately 500,000 customers…