Patients receiving care at several tribal healthcare clinics in California have been warned that a cyber incident led to the exposure of both personal identification details and private medical information. The clinics are operated by a regional health organization…
IT Security News Hourly Summary 2026-02-04 21h : 1 posts
1 posts were published in the last hour 19:32 : ACFW firewall test prologue – still failing at the basics
ACFW firewall test prologue – still failing at the basics
The results of our soon-to-be-published Advanced Cloud Firewall (ACFW) test are hard to ignore. Some vendors are failing badly at the basics like SQL injection, command injection, Server-Side Request Forgery (SSRF) and API abuse with block percentages under 20%, sometimes…
Top open source and commercial threat intelligence feeds
<p>Cybersecurity threat intelligence feeds play an important role in security. They detail current attacks and their sources. These characteristics, better known as <a href=”https://www.techtarget.com/searchsecurity/definition/Indicators-of-Compromise-IOC”>indicators of compromise</a>, include, among other factors, IP addresses, domain names, URLs, email addresses, malware file hashes…
DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of “disciplined tradecraft and clever abuse of legitimate system features” to bypass traditional detection mechanisms and deploy a remote access trojan (RAT) known…
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence (AI) systems. The tech giant’s AI Security team said the scanner…
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google has patched two high-severity Chrome flaws that could allow code execution or browser crashes. The post Chrome Vulnerabilities Allow Code Execution and Browser Crashes appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
False Negatives Are a New SOC Headache. Here’s the Fast Way to Fix It
False negatives are becoming the most expensive “quiet” failure in SOCs. In 2026, AI-generated phishing and multi-stage malware chains are built to look clean on the outside, behave normally at first, and only reveal intent after real interaction. The result…
Interlock Ransomware Actors New Tool Exploiting Gaming Anti-Cheat Driver 0-Day to Disable EDR and AV
The Interlock ransomware group has emerged as a distinct threat in the cybersecurity landscape, particularly targeting the education sector in the United States and United Kingdom. Unlike many contemporary ransomware operations that function under a Ransomware-as-a-Service (RaaS) model, Interlock operates…
PhantomVAI Custom Loader Uses RunPE Utility to Attack Users
A sophisticated custom loader named PhantomVAI has emerged in global phishing campaigns, delivering various stealers and remote access trojans (RATs) to compromised systems. This malware loader operates by masquerading as legitimate software and employing process hollowing techniques to inject malicious…
SystemBC Botnet Hijacked 10,000 Devices Worldwide to Use for DDoS Attacks
The SystemBC malware family, a persistent threat first documented in 2019, has evolved into a massive botnet infrastructure controlling over 10,000 hijacked devices globally. Functioning primarily as a SOCKS5 proxy and a backdoor, this malware enables threat actors to mask…
Critical SolarWinds Web Help Desk bug under attack
US agencies told to patch by Friday Attackers are exploiting a critical SolarWinds Web Help Desk bug – less than a week after the vendor disclosed and fixed the 9.8-rated flaw. That’s according to America’s lead cyber-defense agency, which set…
Managed SaaS Threat Detection | AppOmni Scout
AppOmni Scout – Managed Threat Detection Service Expertise to detect SaaS and AI threats and protect your critical data SaaS and AI threat detection led by threat experts Security teams don’t have the resources for timely detection to protect critical…
Detecting backdoored language models at scale
We’re releasing new research on detecting backdoors in open-weight language models and highlighting a practical scanner designed to detect backdoored models at scale and improve overall trust in AI systems. The post Detecting backdoored language models at scale appeared first…
Hackers publish personal information stolen during Harvard, UPenn data breaches
The prolific cybercrime group ShinyHunters took responsibility for hacking Harvard and the University of Pennsylvania, and published the stolen data on its extortion website. This article has been indexed from Security News | TechCrunch Read the original article: Hackers publish…
AI-Driven Attack Gains AWS Admin Privileges in Under 10 Minutes
Threat actors get AWS Admin access in under 10 minutes. The post AI-Driven Attack Gains AWS Admin Privileges in Under 10 Minutes appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: AI-Driven…
Researchers Disclose Patched Flaw in Docker AI Assistant that Enabled Code Execution
Researchers have disclosed details of a previously fixed security flaw in Ask Gordon, an artificial intelligence assistant integrated into Docker Desktop and the Docker command-line interface, that could have been exploited to execute code and steal sensitive data. The vulnerability,…
Federal Agencies Worldwide Hunt for Black Basta Ransomware Leader
International operation to catch Ransomware leader International law enforcement agencies have increased their search for individuals linked to the Black Basta ransomware campaign. Agencies confirmed that the suspected leader of the Russia-based Ransomware-as-a-service (RaaS) group has been put in the…
Why Cloud Outages Turn Identity Systems into a Critical Business Risk
Recent large-scale cloud outages have become increasingly visible. Incidents involving major providers like AWS, Azure, and Cloudflare have disrupted vast portions of the internet, knocking critical websites and services offline. Because so many digital platforms are interconnected, these failures…
Why Hydrolix Partnered with Akamai to Solve Observability at Scale
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Why Hydrolix Partnered with Akamai to Solve Observability at Scale
Exposed AWS Credentials Lead to AI-Assisted Cloud Breach in 8 Minutes
Researchers recently tracked a high-speed cloud attack where an intruder gained full admin access in just eight minutes. Discover how AI automation and a simple storage error led to a major security breach. This article has been indexed from Hackread…
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
A new spy campaign by Mustang Panda uses fake US diplomatic briefings to target government officials. Discover how this silent surveillance operation works. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the…
Critical ASUSTOR NAS Security Flaw Enables Complete Device Takeover
A severe vulnerability affecting ASUSTOR Network Attached Storage (NAS) devices has been disclosed, potentially allowing unauthenticated attackers to seize full control of affected systems. Tracked as CVE-2026-24936, this critical flaw carries a CVSS v4.0 base score of 9.5, highlighting the urgency for…
PhantomVAI Custom Loader Abuses RunPE Utility to Launch Stealthy Attacks on Users
A new threat called PhantomVAI, a custom “loader” used to launch cyberattacks worldwide. A loader is a type of malicious software designed to secretly download and start other dangerous programs on a victim’s computer. What makes PhantomVAI special is that…