An urgent cybersecurity alert has been issued to households across Ireland amid warnings of “large scale” cyberattacks that could compromise everyday home devices. Grant Thornton Ireland has cautioned that devices such as Android TV boxes and TV streaming hardware…
SolarWinds Web Help Desk Compromised for RCE Multi Stage
SolarWinds compromised The threat actors used internet-exposed SolarWinds Web Help Desk (WHD) instances to gain initial access and then proceed laterally across the organization’s network to other high-value assets, according to Microsoft’s disclosure of a multi-stage attack. However, it is…
Microsoft Patch Tuesday – January 2026, (Tue, Feb 10th)
Today's patch Tuesday addresses 59 different vulnerabilities (plus two Chromium vulnerabilities affecting Microsoft Edge). While this is a lower-than-normal number, this includes six vulnerabilities that are already exploited. Three vulnerabilities have already been exploited and made public. In addition, five…
Picus Red Report 2026 Shows Attackers Favor Stealth Over Disruption
The Picus Red Report 2026 shows attackers shifting from ransomware to stealthy, long-term access techniques. The post Picus Red Report 2026 Shows Attackers Favor Stealth Over Disruption appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…
AI agents spill secrets just by previewing malicious links
Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, program for you, and, if you’re feeling bold, chat for you in a messaging app. But beware: attackers can use…
Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps
The company has fixed several critical vulnerabilities that can be exploited for arbitrary code execution. The post Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
EU Unconditionally Approves Google’s $32B Acquisition of Wiz
The European Commission’s ruling is based on extensive feedback from customers and rival cloud security and infrastructure vendors. The post EU Unconditionally Approves Google’s $32B Acquisition of Wiz appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier
Read Microsoft’s new Cyber Pulse report for straightforward, practical insights and guidance on new cybersecurity risks. The post 80% of Fortune 500 use active AI Agents: Observability, governance, and security shape the new frontier appeared first on Microsoft Security Blog.…
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies
The information technology (IT) workers associated with the Democratic People’s Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they’re impersonating, marking a new escalation of the fraudulent scheme. “These profiles often have…
800,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in WPvivid Backup WordPress Plugin
On January 12th, 2026, we received a submission for an Arbitrary File Upload vulnerability in WPvivid Backup, a WordPress plugin with more than 800,000 active installations. This vulnerability can be used by unauthenticated attackers to upload arbitrary files to a…
ZOLL ePCR IOS Mobile Application
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to protected health information (PHI) or device telemetry. The following versions of ZOLL ePCR IOS Mobile Application are affected: ePCR IOS Mobile Application 2.6.7…
AVEVA PI to CONNECT Agent
View CSAF Summary Successful exploitation of this vulnerability could result in an unauthorized access to the proxy server. The following versions of AVEVA PI to CONNECT Agent are affected: PI to CONNECT Agent <=v2.4.2520 (CVE-2026-1495) CVSS Vendor Equipment Vulnerabilities v3…
AVEVA PI Data Archive
View CSAF Summary Successful exploitation of this vulnerability could result in a denial-of-service condition. The following versions of AVEVA PI Data Archive are affected: PI Data Archive PI Server <=2018_SP3_Patch_7 (CVE-2026-1507) PI Data Archive PI Server 2023 (CVE-2026-1507) PI Data…
Yokogawa FAST/TOOLS
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to redirected users to malicious sites, decrypt communications, perform a man-in-the-middle (MITM) attack, execute malicious scripts, steal files, and perform other various attacks. The following versions of Yokogawa…
Vega Raises $120M in Series B Funding to Grow Security Analytics Platform
Led by existing investor Accel, with participation from Cyberstarts, Redpoint, and CRV, the Series B round brings the total amount raised by the company to $185 million. The post Vega Raises $120M in Series B Funding to Grow Security Analytics…
Reco Raises $30 Million to Enhance AI SaaS Security
This investment comes less than 10 months after Reco’s last raise, bringing total funding to $85 million. The post Reco Raises $30 Million to Enhance AI SaaS Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
IT Security News Hourly Summary 2026-02-10 18h : 17 posts
17 posts were published in the last hour 16:33 : Singapore says China-backed hackers targeted its four largest phone companies 16:32 : ZeroDayRAT spyware grants attackers total access to mobile devices 16:32 : From Theory to Pressure: What the Third…
Singapore says China-backed hackers targeted its four largest phone companies
The Singaporean government said the China-backed hackers gained “limited access to critical systems” run by the country’s top four telecommunication giants, but said they did not disrupt services or steal customers’ data. This article has been indexed from Security News…
ZeroDayRAT spyware grants attackers total access to mobile devices
ZeroDayRAT is a commercial mobile spyware that grants full remote access to Android and iOS devices for spying and data theft. ZeroDayRAT is a newly discovered commercial mobile spyware toolkit that gives attackers full control over Android and iOS devices.…
From Theory to Pressure: What the Third AI-Enabled Cybercrime Tabletop Exercise Revealed
The third AI-enabled cybercrime tabletop exercise (TTX) reveals how AI-driven impersonation, third-party compromise, and ransomware pressure converge, reshaping governance, trust, and executive decision-making. This article has been indexed from Industry Trends & Insights Read the original article: From Theory…
TeamPCP Industrializes Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform
TeamPCP, also known as PCPcat, ShellForce, and DeadCatx3, emerged in December 2025 as a sophisticated cloud-native threat actor targeting exposed Docker APIs, Kubernetes clusters, Ray dashboards, Redis servers, and React2Shell vulnerabilities. The group launched a massive campaign designed to build…
ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload
The cybersecurity sector has been impacted by the sudden appearance of “React2Shell” (CVE-2025-55182), a critical vulnerability affecting Next.js and React Server Components. Following its public disclosure on December 4, 2025, threat actors mobilized with alarming speed, launching exploitation attempts against…
SAP Security Patch Day – Critical SAP CRM and SAP S/4HANA Code Injection Vulnerabilities Fixed
SAP’s February 2026 Security Patch Day delivered fixes that SAP urges customers to prioritize to reduce exposure across core enterprise workloads. The release includes 26 new SAP Security Notes and one update to a previously published note. SAP’s monthly bulletin…
Hackers Weaponizing 7-Zip Downloads to Turn Your Home Computers into Proxy Nodes
A deceptive campaign targeting unsuspecting users has emerged, using a counterfeit version of the widely used 7-Zip file archiving software to silently transform home computers into residential proxy nodes. The malicious operation relies on a lookalike domain, 7zip[.]com, which closely…