Enterprise security teams are facing a sophisticated new challenge as cybercriminals increasingly exploit trusted cloud platforms to launch phishing attacks. Instead of relying on suspicious newly registered domains, threat actors now host their malicious infrastructure on legitimate services like Microsoft…
ValleyRAT Mimic as LINE Installer Attacking Users to Steal Login Details
A sophisticated malware campaign has surfaced where threat actors are distributing the ValleyRAT backdoor disguised as a legitimate installer for the popular messaging application, LINE. This targeted attack primarily focuses on Chinese-speaking users, leveraging a deceptive executable to infiltrate systems…
Supply Chain Attack Abused Notepad++ Update Infrastructure to Deliver Targeted Malware
The developers of Notepad++ disclosed a critical security breach on February 2, 2026, affecting their update infrastructure. The popular text editor, widely used by developers worldwide, became the target of a sophisticated supply chain attack that remained undetected for several…
Firefox is giving users the AI off switch
Mozilla and other companies are starting to see why giving users a choice over AI features matters. This article has been indexed from Malwarebytes Read the original article: Firefox is giving users the AI off switch
Grok continues producing sexualized images after promised fixes
Journalists retested Grok and found it still generates offensive images even when told the subjects were vulnerable, non-consenting people. This article has been indexed from Malwarebytes Read the original article: Grok continues producing sexualized images after promised fixes
Universal £7,500 payout offered to PSNI staff over major data breach
Affected police officers squeezed mental health services, relocated over safety fears Police Service of Northern Ireland (PSNI) employees who had their details exposed in a significant 2023 data breach will each receive £7,500 ($10,279) as part of a universal offer…
Nitrogen ransomware is so broken even the crooks can’t unlock your files
Gang walks away with nothing, victims are left with irreparable hypervisors Cybersecurity experts usually advise victims against paying ransomware crooks, but that advice goes double for those who have been targeted by the Nitrogen group. There’s no way to get…
Orion Raises $32 Million for Data Security
The startup will use the funding to accelerate product development and go-to-market operations. The post Orion Raises $32 Million for Data Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Orion Raises $32…
Varonis Acquisition of AllTrue.ai Valued at $150 Million
The data security firm has acquired the AI trust, risk, and security management company to expand its capabilities. The post Varonis Acquisition of AllTrue.ai Valued at $150 Million appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Cyber Insights 2026: Cyberwar and Rising Nation State Threats
While both cyberwar and cyberwarfare will increase through 2026, cyberwarfare is likely to increase more dramatically. We hope it will never boil over – but we should be aware of the possibility and its consequences. The post Cyber Insights 2026:…
Vulnerabilities Allowed Full Compromise of Google Looker Instances
The flaws dubbed LookOut can be exploited for remote code execution and data exfiltration. The post Vulnerabilities Allowed Full Compromise of Google Looker Instances appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Vulnerabilities…
Blockchain Intelligence Firm TRM Labs Raises $70 Million at $1 Billion Valuation
The Series C funding will enable the company to expand its AI capabilities for disrupting criminal networks. The post Blockchain Intelligence Firm TRM Labs Raises $70 Million at $1 Billion Valuation appeared first on SecurityWeek. This article has been indexed…
DMARC Alerts in Slack
Originally published at DMARC Alerts in Slack by EasyDMARC. Bringing Email Security Into Enterprise ChatOps Email security … The post DMARC Alerts in Slack appeared first on EasyDMARC. The post DMARC Alerts in Slack appeared first on Security Boulevard. This…
Disclosure: SupportCandy Ticket Attachment IDOR (CVE-2026-1251)
During independent security research conducted as part of the Wordfence Bug Bounty Program, we identified a broken access control vulnerability in the SupportCandy plugin for WordPress. SupportCandy is a helpdesk and customer support ticketing plugin that enables organisations to manage…
MomentProof Deploys Patented Digital Asset Protection
Washington, DC, 4th February 2026, CyberNewsWire MomentProof Deploys Patented Digital Asset Protection on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been indexed from Latest Hacking News | Cyber Security News, Hacking…
Why Moltbook Changes the Enterprise Security Conversation
For several years, enterprise security teams have concentrated on a well-established range of risks, including users clicking potentially harmful links, employees uploading data to SaaS applications, developers inadvertently disclosing credentials on platforms like GitHub, and chatbots revealing sensitive information. However,…
Beyond the Chatbot: Why NIST is Rewriting the Rules for Autonomous AI
The chatbot era has ended. For two years, we’ve interacted with digital assistants that summarize emails and suggest recipes, but the National Institute of Standards and Technology (NIST) now draws a definitive line between machines that talk and machines that…
Orchid Security Debuts Continuous Identity Observability Platform
Over the past two decades, organizations have steadily expanded their identity security portfolios, layering IAM, IGA, and PAM to deploy access control at scale. However, identity-driven breaches continue to grow in both frequency and impact despite this sustained investment.…
Iconics SCADA Flaw Enables Privileged File Abuse and Windows DoS
A newly disclosed flaw in Mitsubishi Electric’s Iconics Suite SCADA platform, tracked as CVE-2025-0921, exposes critical industrial environments to denial-of-service attacks by abusing privileged file system operations in Windows-based engineering workstations. Rated with a CVSS score of 6.5, the…
PDFSider Malware Used in Fortune 100 Finance Ransomware Attack
A Fortune 100 finance company was targeted by ransomware actors using a new Windows malware strain called PDFSider, built to quietly deliver malicious code during intrusions. Rather than relying on brute force, the attackers used social engineering, posing as…
Major vulnerabilities found in Google Looker, putting self-hosted deployments at risk
Researchers at Tenable have disclosed two vulnerabilities, collectively referred to as “LookOut,” affecting Google Looker. Because the business intelligence platform is deployed by more than 60,000 organizations in 195 countries, the flaws could give attackers a path to system takeover…
SECNAP CloudJacket MXDR integrates SOC, SIEM, and NDR
SECNAP Network Security announced the launch of CloudJacket MXDR, a next-generation managed extended detection and response solution. Built on the company’s patented CloudJacket platform, CloudJacket MXDR enhances SECNAP’s security portfolio by extending its existing capabilities, including advanced network detection and…
ConnectSecure introduces Linux patching capability to simplify cross-distro updates
ConnectSecure announced the launch of a new cross-platform Linux operating system patching capability. The update eliminates the complexity of managing fragmented Linux environments by delivering a single, unified interface for deploying critical security updates across the four most widely used…
Incognito dark web drug market operator gets 30 years in prison
Rui-Siang Lin, a Taiwanese national, was sentenced to 30 years in U.S. federal prison for operating Incognito Market, one of the world’s largest illicit online narcotics marketplaces. Incognito Market splash page and graphical interface Incognito Market operated on the dark…