A sophisticated phishing campaign targeting macOS users has emerged, using fake compliance emails as a delivery mechanism for advanced malware. Chainbase Lab recently detected this campaign, which impersonates legitimate audit and compliance notifications to deceive users. The attack chain combines…
Stronger Incident Prevention Takes Just One CISO Decision
There is a comforting illusion in cybersecurity leadership: when things get noisy, you add more people. More analysts. More shifts. More headcount. It feels decisive. It looks responsible. It even photographs well for internal reports. But SOC inefficiency is rarely a…
RADICL Raises $31 Million for vSOC
The company will use the investment to accelerate development of its autonomous virtual security operations center (vSOC). The post RADICL Raises $31 Million for vSOC appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
National cybersecurity strategies depend on public-private trust, report warns
An influential cybersecurity think tank urged governments to consult extensively with a wide variety of business stakeholders before making ambitious plans. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: National cybersecurity strategies depend…
Hundreds of Malicious Skills Found in OpenClaw’s ClawHub
Researchers found hundreds of malicious skills in OpenClaw’s ClawHub, revealing a coordinated AI supply chain attack. The post Hundreds of Malicious Skills Found in OpenClaw’s ClawHub appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Promptware Threats Turn LLM Attacks Into Multi-Stage Malware Campaigns
Large language models are now embedded in everyday workplace tasks, powering automated support tools and autonomous assistants that manage calendars, write code, and handle financial actions. As these systems expand in capability and adoption, they also introduce new security…
Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)
Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released an emergency fix last week. The exploitation CVE-2026-21509 allows unauthorized attackers to bypass a security feature (OLE mitigations in Microsoft 365…
DockerDash Exposes AI Supply Chain Weakness In Docker’s Ask Gordon
DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon This article has been indexed from www.infosecurity-magazine.com Read the original article: DockerDash Exposes AI Supply Chain Weakness In Docker’s Ask Gordon
Cyber Briefing: 2026.02.03
APT groups exploit Office flaws, vishing steals MFA, ransomware hits airports, Iran-linked ops target NGOs, extortion rises, and law enforcement seizures expand. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.02.03
RapidFort Raises $42M to Automate Software Supply Chain Security
The company will use the latest capital to scale its go-to-market efforts and expand its platform’s capabilities. The post RapidFort Raises $42M to Automate Software Supply Chain Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Rhysida Ransomware Hits California Tribal Clinics, Leaks SSNs and Medical Data
A recent ransomware attack has disrupted healthcare services and exposed sensitive patient data at the MACT Health Board, which operates clinics serving American Indian communities in California’s Sierra Foothills. The cybercriminal group Rhysida has claimed responsibility for the November…
Gremlin launches Disaster Recovery Testing for zone, region, and datacenter failovers
Gremlin, the proactive reliability platform, launched Disaster Recovery Testing: a new product built to safely and efficiently test zone, region, and datacenter evacuations and failovers. These large-scale tests ensure businesses maintain digital resilience and business continuity when faced with cloud…
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular “@react-native-community/cli” npm package. Cybersecurity company VulnCheck said it first observed exploitation of CVE-2025-11953 (aka Metro4Shell) on December 21, 2025. With a CVSS…
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor promises “complete coverage” or “AI-powered automation,” but inside most SOCs, teams are still overwhelmed, stretched thin, and unsure which tools…
UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery
UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery
JFrog Researchers Surface Vulnerabilities in AI Automation Platform from n8n
JFrog security researchers have discovered a pair of critical vulnerabilities in a workflow automation platform from n8n that makes use of large language models (LLMs) to execute tasks. A CVE-2026-1470 vulnerability, rated 9.9, enables a malicious actor to remotely execute…
Security Analysts Warn of Shadow Directory Techniques Targeting WordPress
Several theme-level vulnerabilities coupled with evolving abuse tactics are demonstrating once again how vulnerable WordPress becomes when multiple vulnerabilities are aligned. An unauthenticated file access and deletion vulnerability has been disclosed in the WPLMS theme-tracked as CVE-2024-10470 and assigned…
Ransomware Group Claims Hack of Software Company
Distinctive Systems, a UK-based software provider for the transport industry, is currently managing a cyber attack first identified in mid-January. This article has been indexed from CyberMaterial Read the original article: Ransomware Group Claims Hack of Software Company
Cl0p Targets Australian IT Providers
The Cl0p cyber extortion group has targeted nine Australian companies by listing them on its darknet leak site following alleged links to two specific IT service providers. This article has been indexed from CyberMaterial Read the original article: Cl0p Targets…
DOJ Seizes Domains Linked To Bulgarian Piracy
U.S. This article has been indexed from CyberMaterial Read the original article: DOJ Seizes Domains Linked To Bulgarian Piracy
Canadian Hacker Steals $65M And Vanishes
A twenty-two-year-old Canadian math prodigy who allegedly stole sixty-five million dollars from decentralized finance platforms has disappeared after being apprehended in Serbia. This article has been indexed from CyberMaterial Read the original article: Canadian Hacker Steals $65M And Vanishes
Nobel Hacking Likely Leaks Winner Name
An investigation into the premature disclosure of Maria Corina Machado’s Nobel Peace Prize win has concluded that a cyber breach of the Nobel organization’s computer systems was the most probable cause. This article has been indexed from CyberMaterial Read the…
Meet Moltbook, the Social Platform Where AI Agents Talk and Humans Watch
Moltbook is a new social platform where AI agents post and interact while humans observe, raising questions about autonomy, security, and agent behavior. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the…
Mozilla Unveils Kill Switch to Disable All Firefox AI features
Firefox 148 introduces comprehensive AI controls, giving users greater control over artificial intelligence features built into the browser. The new security-focused setting provides a centralized toggle to block current and future generative AI functionalities. Addressing growing privacy and security concerns…