The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet…
The Buyer’s Guide to AI Usage Control
Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely…
New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation This article has been indexed from www.infosecurity-magazine.com Read the original article: New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability
LockBit 5.0 Unveils Cross-Platform Threats for Windows, Linux & ESXi Systems
The inner workings of LockBit 5.0, a sophisticated ransomware variant targeting Windows, Linux, and VMware ESXi systems simultaneously. This latest version represents a significant evolution in the cyber threat landscape, demonstrating how ransomware operators are refining their tools to maximize…
Critical N8n Sandbox Escape Could Lead to Server Compromise
A critical sandbox escape vulnerability in the n8n AI workflow automation platform could allow attackers to execute arbitrary commands on the server, Pillar Security reports. Tracked as CVE-2026-25049 (CVSS score of 9.4), the issue impacts the manner in which the…
Asset Intelligence as Context Engineering for Cybersecurity Operations
Action depends on truth. Truth is hard to come by. There’s an old trope: “You can’t protect what you can’t see.” This burning need for total visibility has led to an abundance of security data across every domain. But abundance…
Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants. This article has been indexed from Cisco Talos Blog Read the original article: Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
The Shadow Campaigns: Uncovering Global Espionage
In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155. The post The Shadow Campaigns: Uncovering Global Espionage appeared first on Unit 42. This article has been indexed from Unit 42 Read the…
Cloud sovereignty is no longer just a public sector concern
Businesses still chase the cheapest option, but politics and licensing shocks are changing priorities, says OpenNebula Interview Sovereignty remains a hot topic in the tech industry, but interpretations of what it actually means – and how much it matters –…
Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries
Palo Alto Networks has not attributed the APT activity to any specific country, but evidence points to China. The post Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries appeared first on SecurityWeek. This article has been indexed from…
Securing Agents Isn’t the Customer’s Job, It’s the Platform’s
Securing AI agents can’t fall on customers. Platform providers must own data protection, prompt injection defense and agent guardrails. The post Securing Agents Isn’t the Customer’s Job, It’s the Platform’s appeared first on Security Boulevard. This article has been indexed…
The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments
Permission sprawl is colliding with AI regulations, creating new compliance risks across hybrid and multi-cloud environments. The post The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments appeared first on Security Boulevard. This article has been indexed…
Police shut down global DDoS operation, arrest 20-year-old
Police officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) have arrested a 20-year-old man suspected of carrying out global DDoS attacks targeting high-profile and strategically important websites. Arrest (Source: Poland’s Central Bureau for Combating Cybercrime) The suspect faces six…
GitHub enables multi-agent AI coding inside repository workflows
GitHub has expanded Agents HQ, enabling AI coding agents such as GitHub Copilot, Claude by Anthropic, and OpenAI Codex to execute development tasks directly within GitHub and developer editors while preserving repository context, session history, and review workflows. Copilot Pro+…
IT Security News Hourly Summary 2026-02-05 12h : 8 posts
8 posts were published in the last hour 10:36 : DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data 10:36 : China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025 10:36 : Beware of Weaponized Voicemail Messages that Allows Hackers…
DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens…
China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025
China-linked hackers tracked as Amaranth-Dragon targeted government and law enforcement agencies across Southeast Asia in 2025. CheckPoint says China-linked threat actors, tracked as Amaranth-Dragon, carried out cyber-espionage campaigns in 2025 targeting government and law enforcement agencies across Southeast Asia. The…
Beware of Weaponized Voicemail Messages that Allows Hackers to Remote Access to Your System
Cybercriminals are increasingly shifting tactics toward social engineering to bypass traditional security defenses, catching many users off guard. A sophisticated new campaign dubbed “Voicemail Trap” explicitly targets users with fake voicemail notifications designed to look like routine business communications. These…
DragonForce Ransomware Attacking Critical Business to Exfiltrate Sensitive Information
A new ransomware operation known as DragonForce has emerged as a major threat to organizations worldwide since its appearance in late 2023. This sophisticated malware campaign targets critical business infrastructure across multiple industries, using advanced techniques to encrypt files and…
Hackers Exploit SonicWall SSLVPN Credentials to Deploy EDR Killer and Bypass Security
Threat actors are actively leveraging compromised SonicWall SSLVPN credentials to breach networks and deploy a sophisticated “EDR killer” that can blind endpoint security solutions. In a campaign analyzed by Huntress in early February 2026, attackers utilized valid VPN accounts to…
Beware of Fake Traffic Ticket Portals that Harvest Your PII and Credit Card Data
A sophisticated phishing campaign targeting Canadian citizens has emerged, using fake traffic ticket payment portals to steal personal and financial information. The attackers employ SEO poisoning techniques to manipulate search engine results, ensuring their fraudulent websites appear legitimate when users…
Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files
A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated remote attackers to upload harmful files and gain complete control over the affected system. The security flaw, identified as CVE-2026-20098, carries a…
AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+
Pindrop warns of 1210% increase in AI-powered fraud last year This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+
Go 1.25.7 and Go 1.24.13 Released With Patches for Multiple Security Vulnerabilities
The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent potential code smuggling and authentication bypass scenarios. Overview of the Vulnerability…