13 posts were published in the last hour 16:34 : Please Don’t Feed the Scattered Lapsus Shiny Hunters 16:34 : Notepad++ Update Servers Hijacked in Targeted Supply Chain Attack 16:34 : NationStates Suffers Databreach – Game site Temporarily Offline 16:34…
Please Don’t Feed the Scattered Lapsus Shiny Hunters
A prolific data ransom gang that calls itself Scattered Lapsus Shiny Hunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and……
Notepad++ Update Servers Hijacked in Targeted Supply Chain Attack
Attackers hijacked Notepad++ update servers to selectively deliver trojanized installers through a trusted update channel. The post Notepad++ Update Servers Hijacked in Targeted Supply Chain Attack appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
NationStates Suffers Databreach – Game site Temporarily Offline
A long-running online nation simulation game has been taken temporarily offline following a security breach that compromised its central production server. The team estimates the downtime will last 2 to 5 days as they rebuild core infrastructure and audit the…
21,000+ OpenClaw AI Instances With Personal Configurations Exposed Online
21,000+ publicly exposed instances of an open-source personal AI assistant, raising significant concerns about unprotected access to sensitive user configurations and personal data. OpenClaw, a rapidly emerging personal AI assistant created by Austrian developer Peter Steinberger, has experienced explosive growth…
New Punishing Owl Hacker Group Targeting Networks of Russian Government Security Agency
A previously unknown hacktivist group called Punishing Owl has emerged with sophisticated cyberattacks targeting Russian government security agencies. The group first surfaced on December 12, 2025, when it announced the successful breach of a Russian government security agency’s network. The…
ShinyHunters flip the script on MFA in new data theft attacks
Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it. Among those successfully targeted in these latest…
Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos
Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options. The development comes more than two years after the tech giant revealed its…
NSA Publishes New Zero Trust Implementation Guidelines
NSA released new guidelines to help organizations achieve target-level Zero Trust maturity This article has been indexed from www.infosecurity-magazine.com Read the original article: NSA Publishes New Zero Trust Implementation Guidelines
Hugging Face Repositories Abused in New Android Malware Campaign
Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of malware variants. The post Hugging Face Repositories Abused in New Android Malware Campaign appeared first on TechRepublic. This article has been indexed…
WhatsApp Launches High-Security Mode for Ultimate User Protection
WhatsApp has launched a new high-security mode called “Strict Account Settings,” providing users with enhanced defenses against sophisticated cyber threats. This feature, introduced on January 27, 2026, allows one-click activation and builds on the platform’s existing end-to-end encryption. It…
Apple’s New Feature Will Help Users Restrict Location Data
Apple has introduced a new privacy feature that allows users to restrict the accuracy of location data shared with cellular networks on a few iPad models and iPhone. About the feature The “Limit Precise Location” feature will start after updating…
ShinyHunters Claims Match Group Data Breach Exposing 10 Million Records
A new data theft has surfaced linked to ShinyHunters, which now claims it stole more than 10 million user records from Match Group, the U.S. company behind several major swipe-based dating platforms. The group has positioned the incident as…
Open VSX Supply Chain Breach Delivers GlassWorm Malware Through Trusted Developer Extensions
Cybersecurity experts have uncovered a supply chain compromise targeting the Open VSX Registry, where unknown attackers abused a legitimate developer’s account to distribute malicious updates to unsuspecting users. According to findings from Socket, the attackers infiltrated the publishing environment…
Scanning for exposed Anthropic Models, (Mon, Feb 2nd)
Yesterday, a single IP address (%%ip:204.76.203.210%%) scanned a number of our sensors for what looks like an anthropic API node. The IP address is known to be a Tor exit node. This article has been indexed from SANS Internet Storm…
Important Notice: Preserving Free Access While Evolving the Wordfence Intelligence Vulnerability API
In 2022, Wordfence introduced a completely free vulnerability database to support the WordPress security community. We made sure that included completely free access to the Wordfence Intelligence Vulnerability Database API on the founded belief that WordPress vulnerability information should be…
Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack
Ivanti has disclosed two critical remote code execution (RCE) flaws (CVE-2026-1281 & CVE-2026-1340) in its EPMM software. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: Ivanti Issues Urgent Fix…
Hackers exploit unsecured MongoDB instances to wipe data and demand ransom
Over 1,400 exposed MongoDB servers have been hijacked and wiped by hackers, who left ransom notes after exploiting weak or missing access controls. Cybersecurity firm Flare reports that unsecured MongoDB databases remain easy targets, with 1,416 of 3,100 exposed servers…
ShinyHunters-Branded Extortion Activity Expands, Escalates
Hackers rely on evolved vishing and login harvesting to compromise SSO credentials for unauthorized MFA enrollment. The post ShinyHunters-Branded Extortion Activity Expands, Escalates appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ShinyHunters-Branded Extortion…
AI Agent Orchestration: How It Works and Why It Matters
AI agent orchestration is reshaping how businesses build intelligent systems. It moves beyond single chatbots or generative interfaces, coordinating multiple specialized AI agents to complete…Read More The post AI Agent Orchestration: How It Works and Why It Matters appeared first…
Notepad++ Update Hijacking Linked to Hosting Provider Compromise
A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Notepad++ Update Hijacking Linked to Hosting Provider Compromise
Cyber Briefing: 2026.02.02
Supply-chain attacks poison software updates, crypto scams steal millions, energy sites face attacks, crime networks move billions, and Apple boosts privacy. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.02.02
Windows 11 Bug Causing Password Sign-in Option to Disappear from the Lock Screen on
Microsoft has acknowledged a strange user interface bug affecting specific Windows environments where the password sign-in option appears to vanish from the lock screen. The issue, which originated with updates released in late 2025, primarily impacts managed IT infrastructures and…
Hackers Exploiting Microsoft Office 0-day Vulnerability to Deploy Malware
The Russia-linked threat group UAC-0001, also known as APT28, has been actively exploiting a critical zero-day vulnerability in Microsoft Office. The group is using this flaw to deploy sophisticated malware against Ukrainian government entities and European Union organizations. The vulnerability,…