Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF This article has been indexed from www.infosecurity-magazine.com Read the original article: New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials
IT Security News Hourly Summary 2026-02-03 12h : 5 posts
5 posts were published in the last hour 10:34 : Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom 10:34 : APT28 Hackers Exploiting Microsoft Office 0-Day in the Wild to Deploy Malware 10:34 : Apache Syncope Vulnerability Let…
Notepad++ infrastructure hack likely tied to China-nexus APT Lotus Blossom
Rapid7 researchers say the Notepad++ hosting breach is likely linked to the China-nexus Lotus Blossom APT group. Recently, the Notepad++ maintainer revealed that nation-state hackers compromised the hosting provider’s infrastructure, redirecting update traffic to malicious servers. The attack did not…
APT28 Hackers Exploiting Microsoft Office 0-Day in the Wild to Deploy Malware
APT28, the Russia-linked advanced persistent threat group, has launched a sophisticated campaign targeting Central and Eastern Europe using a zero-day vulnerability in Microsoft Office. The threat actors leveraged specially crafted Microsoft Rich Text Format (RTF) files to exploit the vulnerability…
Apache Syncope Vulnerability Let Attackers Hijack User Sessions
A critical XML External Entity (XXE) vulnerability has been disclosed in the Syncope identity management console. The flaw could allow administrators to expose sensitive user data and compromise session security inadvertently. The vulnerability, tracked as CVE-2026-23795, affects multiple versions of…
DIY AI bot farm OpenClaw is a security ‘dumpster fire’
Your own personal Jarvis. A bot to hear your prayers. A bot that cares. Just not about keeping you safe OpenClaw, the AI-powered personal assistant users interact with via messaging apps and sometimes entrust with their credentials to various online…
Vibe-Coded Moltbook Exposes User Data, API Keys and More
Wiz Security claims Moltbook misconfiguration allowed full read and write access This article has been indexed from www.infosecurity-magazine.com Read the original article: Vibe-Coded Moltbook Exposes User Data, API Keys and More
British military to get legal OK to swat drones near bases
Armed Forces Bill would let troops take action against unmanned threats around defense sites Britain’s defense personnel will be given the authority to neutralize drones threatening military bases under measures being introduced in the Armed Forces Bill, currently making its…
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group…
OpenAI Launches Stand-Alone Codex Programming App
OpenAI offers stand-alone app for Codex AI programming tool, as it faces increased competition from Anthropic, Cursor This article has been indexed from Silicon UK Read the original article: OpenAI Launches Stand-Alone Codex Programming App
Rocket Maker SpaceX Acquires AI Start-Up xAI
Deal values combined company at about $1.25tn, gives aerospace company ownership of xAI, chatbot Grok, social media platform X This article has been indexed from Silicon UK Read the original article: Rocket Maker SpaceX Acquires AI Start-Up xAI
Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan
A malicious application on the Google Play Store masquerading as a legitimate document reader. The deceptive application, which has accumulated over 50,000 downloads, functions as a dropper for the notorious Anatsa banking trojan, a sophisticated malware strain known for targeting…
Abuse of OpenClaw AI Capabilities Enables Stealthy Malware Campaigns
Hundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain attack vector. Threat actors are weaponizing the platform’s extensibility features to deliver droppers, backdoors, and infostealers disguised as legitimate automation…
GhostChat Malware Locks Victims’ Devices, Demands Passcodes for Restoration
A new Android spyware campaign that uses romance scams and fake chat profiles to spy on users in Pakistan. The malicious app, named GhostChat and detected as Android/Spy.GhostChat.A, disguises itself as a dating chat platform but is actually built for…
Mozilla Introduces Global Kill Switch for Firefox AI Capabilities
Mozilla has rolled out comprehensive AI controls in Firefox 148, launching February 24, 2026, allowing users to globally disable all generative AI features across the browser. The update addresses growing user concerns about AI integration while maintaining optional AI functionality…
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware
In March 2025, the Ricochet Chollima APT group, widely recognized as APT37 and linked to North Korean state-sponsored operations, launched a targeted spear-phishing campaign against activists focused on North Korean affairs. The threat actors initiated the attack chain via spear-phishing…
Self-Healing AI for Security as Code: A Deep Dive Into Autonomy and Reliability
Explore the transformative role of self-healing AI in cybersecurity. This article delves into its integration within DevSecOps, the balance between AI autonomy and human oversight, industry applications, and the challenges of implementation in protecting complex digital environments. The post Self-Healing…
Jan Recap: New AWS Privileged Permissions and Services
As January 2026 comes to a close, Sonrai’s latest review of newly released AWS permissions highlights a sharp expansion of privilege concentrated in networking, traffic control, and collaboration services. This month’s updates focus heavily on AWS Network Firewall, Route 53…
The Notepad++ supply chain attack — unnoticed execution chains and new IoCs
Kaspersky GReAT experts discovered previously undocumented infection chains used in the Notepad++ supply chain attacks. The article provides new IoCs related to those incidents which employ DLL sideloading and Cobalt Strike Beacon delivery. This article has been indexed from Securelist…
User-Managed Access Overview
Explore User-Managed Access (UMA) 2.0 for enterprise CIAM. Learn how UMA extends OAuth 2.0 to provide fine-grained, asynchronous party-to-party authorization. The post User-Managed Access Overview appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the…
The Future of Single Sign-on: Insights for 2025
Explore the evolution of Enterprise SSO and CIAM in 2025. Insights on SAML, passwordless authentication, and developer-first IAM solutions for CTOs. The post The Future of Single Sign-on: Insights for 2025 appeared first on Security Boulevard. This article has been…
Single Sign-On with External Security Token Services
Learn how to implement Single Sign-On with External Security Token Services (STS). A deep dive into SAML, OIDC, and token exchange for CTOs and VP Engineering. The post Single Sign-On with External Security Token Services appeared first on Security Boulevard.…
The Ultimate Guide to Single Sign-On in 2025
Master Enterprise SSO in 2025. Learn about SAML, OIDC, and CIAM strategies for CTOs and VP Engineering to secure B2B platforms and prevent data breach. The post The Ultimate Guide to Single Sign-On in 2025 appeared first on Security Boulevard.…
OpenClaw targets ClawHub users, Notepad++ update delivers malware, APT28 attackers abuse Microsoft Office zero-day
OpenClaw targets ClawHub users Notepad++ update delivers malware APT28 attackers abuse Microsoft Office zero-day Get the show notes here: Huge thanks to our sponsor, Strike48 It’s no secret that AI is only as good as the data available to it.…