Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack servers, steal credentials, and quietly disrupt AI-driven business processes.……
Italy claims cyberattacks ‘of Russian origin’ are pelting Winter Olympics
Right on cue, petulant hacktivists attempt to disrupt yet another global sporting event Italy’s foreign minister says the country has already started swatting away cyberattacks from Russia targeting the Milano Cortina Winter Olympics.… This article has been indexed from The…
International sting dismantles illegal streaming empire serving millions
Actions by authorities from Italy, Romania, Spain, the United Kingdom, Canada, Kosovo and South Korea, supported by Eurojust and Europol, led to the seizure of multiple illegal streaming services. A total of 31 suspected members have been linked to the…
Why a decade-old EnCase driver still works as an EDR killer
Attackers are leaning on a new EDR killer malware that can shut down 59 widely used endpoint security products by misusing a kernel driver that once shipped with Guidance Software’s EnCase digital forensics tool, Huntress researchers warn. This particular driver…
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet…
The Buyer’s Guide to AI Usage Control
Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely…
New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability
Researchers at Check Point link ‘Amarath-Dragon’ attacks to prolific Chinese cyber-espionage operation This article has been indexed from www.infosecurity-magazine.com Read the original article: New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability
LockBit 5.0 Unveils Cross-Platform Threats for Windows, Linux & ESXi Systems
The inner workings of LockBit 5.0, a sophisticated ransomware variant targeting Windows, Linux, and VMware ESXi systems simultaneously. This latest version represents a significant evolution in the cyber threat landscape, demonstrating how ransomware operators are refining their tools to maximize…
Critical N8n Sandbox Escape Could Lead to Server Compromise
A critical sandbox escape vulnerability in the n8n AI workflow automation platform could allow attackers to execute arbitrary commands on the server, Pillar Security reports. Tracked as CVE-2026-25049 (CVSS score of 9.4), the issue impacts the manner in which the…
Asset Intelligence as Context Engineering for Cybersecurity Operations
Action depends on truth. Truth is hard to come by. There’s an old trope: “You can’t protect what you can’t see.” This burning need for total visibility has led to an abundance of security data across every domain. But abundance…
Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
Cisco Talos uncovered “DKnife,” a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants. This article has been indexed from Cisco Talos Blog Read the original article: Knife Cutting the Edge: Disclosing a China-nexus gateway-monitoring AitM framework
The Shadow Campaigns: Uncovering Global Espionage
In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155. The post The Shadow Campaigns: Uncovering Global Espionage appeared first on Unit 42. This article has been indexed from Unit 42 Read the…
Cloud sovereignty is no longer just a public sector concern
Businesses still chase the cheapest option, but politics and licensing shocks are changing priorities, says OpenNebula Interview Sovereignty remains a hot topic in the tech industry, but interpretations of what it actually means – and how much it matters –…
Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries
Palo Alto Networks has not attributed the APT activity to any specific country, but evidence points to China. The post Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries appeared first on SecurityWeek. This article has been indexed from…
Securing Agents Isn’t the Customer’s Job, It’s the Platform’s
Securing AI agents can’t fall on customers. Platform providers must own data protection, prompt injection defense and agent guardrails. The post Securing Agents Isn’t the Customer’s Job, It’s the Platform’s appeared first on Security Boulevard. This article has been indexed…
The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments
Permission sprawl is colliding with AI regulations, creating new compliance risks across hybrid and multi-cloud environments. The post The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments appeared first on Security Boulevard. This article has been indexed…
Police shut down global DDoS operation, arrest 20-year-old
Police officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) have arrested a 20-year-old man suspected of carrying out global DDoS attacks targeting high-profile and strategically important websites. Arrest (Source: Poland’s Central Bureau for Combating Cybercrime) The suspect faces six…
GitHub enables multi-agent AI coding inside repository workflows
GitHub has expanded Agents HQ, enabling AI coding agents such as GitHub Copilot, Claude by Anthropic, and OpenAI Codex to execute development tasks directly within GitHub and developer editors while preserving repository context, session history, and review workflows. Copilot Pro+…
IT Security News Hourly Summary 2026-02-05 12h : 8 posts
8 posts were published in the last hour 10:36 : DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data 10:36 : China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025 10:36 : Beware of Weaponized Voicemail Messages that Allows Hackers…
DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens…
China-linked Amaranth-Dragon hackers target Southeast Asian governments in 2025
China-linked hackers tracked as Amaranth-Dragon targeted government and law enforcement agencies across Southeast Asia in 2025. CheckPoint says China-linked threat actors, tracked as Amaranth-Dragon, carried out cyber-espionage campaigns in 2025 targeting government and law enforcement agencies across Southeast Asia. The…
Beware of Weaponized Voicemail Messages that Allows Hackers to Remote Access to Your System
Cybercriminals are increasingly shifting tactics toward social engineering to bypass traditional security defenses, catching many users off guard. A sophisticated new campaign dubbed “Voicemail Trap” explicitly targets users with fake voicemail notifications designed to look like routine business communications. These…
DragonForce Ransomware Attacking Critical Business to Exfiltrate Sensitive Information
A new ransomware operation known as DragonForce has emerged as a major threat to organizations worldwide since its appearance in late 2023. This sophisticated malware campaign targets critical business infrastructure across multiple industries, using advanced techniques to encrypt files and…
Hackers Exploit SonicWall SSLVPN Credentials to Deploy EDR Killer and Bypass Security
Threat actors are actively leveraging compromised SonicWall SSLVPN credentials to breach networks and deploy a sophisticated “EDR killer” that can blind endpoint security solutions. In a campaign analyzed by Huntress in early February 2026, attackers utilized valid VPN accounts to…