A new critical vulnerability discovered by security research firm LayerX has exposed a fundamental architectural flaw in how Large Language Models (LLMs) handle trust boundaries. The zero-click remote code execution (RCE) flaw in Claude Desktop Extensions (DXT) allows attackers to…
Outtake Raises $40 Million to Bolster Digital Trust Against AI-Driven Threats
The Series B funding round brings the cybersecurity startup’s total raised to $60 million. The post Outtake Raises $40 Million to Bolster Digital Trust Against AI-Driven Threats appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Sandworm Hackers Fail in DynoWiper Attack on Poland’s Power Grid
A recently disclosed cyberattack against Poland’s energy infrastructure has been linked to the Russian state-backed hacking group Sandworm, highlighting the persistent threat facing Europe’s critical sectors. The incident occurred between December 29 and 30, 2025, and reportedly targeted elements…
EU targets Meta over WhatsApp AI access restrictions
The European Commission believes Meta breached EU competition rules by blocking other AI assistants from accessing and interacting with users on WhatsApp. The case centers on a change Meta announced on 15 October 2025 to the WhatsApp Business Solution Terms.…
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same…
IT Security News Hourly Summary 2026-02-09 15h : 9 posts
9 posts were published in the last hour 13:41 : European Commission Mitigates Cyberattack Aimed at Employee Mobile Information 13:41 : Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack Campaign 13:40 : Officials sound the alarm: Phishing…
European Commission Mitigates Cyberattack Aimed at Employee Mobile Information
The European Commission successfully contained a cyberattack targeting its mobile device management infrastructure on January 30, 2026. The incident, which potentially exposed staff names and mobile numbers, was neutralized within nine hours of detection, demonstrating the organization’s robust cybersecurity protocols.…
Hackers Abuse Apple & PayPal Invoice Emails in DKIM Replay Attack Campaign
A sophisticated way to bypass email security by weaponizing legitimate messages from trusted companies like Apple and PayPal. These attacks, known as DKIM replay attacks, exploit email authentication systems to deliver scams that appear completely authentic. The technique is deceptively…
Officials sound the alarm: Phishing attacks on politicians, journalists via Signal messenger
Attackers believed to be state-sponsored are currently attempting to take control of Signal accounts belonging to politicians, journalists, and other high-profile individuals in Germany and across Europe. In doing so, they pose, for example, as a Signal support chatbot. This…
Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor
Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an active attack abusing SolarWinds Web Help Desk flaws. Attackers exploited unpatched versions to…
Cybersecurity M&A Roundup: 34 Deals Announced in January 2026
Significant cybersecurity M&A deals announced by CrowdStrike, Infoblox, JumpCloud, LevelBlue, OneSpan, and Radware. The post Cybersecurity M&A Roundup: 34 Deals Announced in January 2026 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cybersecurity…
Hackers Use Signal QR Codes to Spy on Military and Political Leaders
Hackers are using Signal QR codes and fake support scams to spy on military and political leaders, German security agencies warn. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
Active Exploitation of SolarWinds Web Help Desk RCE Used to Drop Custom Malware
Threat actors are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to deploy custom malware and establish persistent remote control. Security researchers observed these attacks starting on February 7, 2026, targeting organizations that had not yet applied the…
Node.js LTX Stealer Emerges as New Threat to Login Credentials
A new, sophisticated malware campaign dubbed “LTX Stealer.” This malware represents a shift in attacker techniques, utilizing legitimate software frameworks and cloud services to hide its activities and steal sensitive user data. By mimicking standard Windows processes, LTX Stealer is…
Recent SolarWinds Flaws Potentially Exploited as Zero-Days
Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access. The post Recent SolarWinds Flaws Potentially Exploited as Zero-Days appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Recent SolarWinds…
New Node.js Based LTX Stealer Attack Users to Exfiltrate Login Credentials
A sophisticated new malware strain dubbed “LTX Stealer” has emerged in the cyber threat landscape, utilizing a unique Node.js-based architecture to compromise Windows systems. First surfacing in early 2026, this malicious tool is designed to harvest sensitive user information, including…
Roundcube Webmail Vulnerability Let Attackers Track Email Opens
Roundcube, one of the world’s most popular open-source webmail solutions, has released critical security updates to address a privacy bypass vulnerability. The flaw detailed by NULL CATHEDRAL allowed attackers to load remote images and track email opens, even when users…
Hackers Exploit Legitimate Apple and PayPal Invoice Emails in DKIM Replay Attacks
Cybersecurity threats are swiftly evolving beyond easily spotted, poorly written phishing emails to sophisticated methods that leverage trusted digital infrastructure. Attackers are now exploiting legitimate business workflows within widely used platforms, effectively turning reputable services into unwitting accomplices for financial…
Microsoft Exchange Online Flags Customers Legitimate Email as Phishing
Microsoft Exchange Online is experiencing a service degradation that incorrectly flags legitimate customer emails as phishing, quarantining them and disrupting communications. The issue, identified as EX1227432, started on February 5, 2026, at 10:31 AM EST and remains ongoing. Microsoft classifies…
SmarterTools Hit by Ransomware via Vulnerability in Its Own Product
SmarterTools says customers were impacted after hackers compromised a data center used for quality control testing. The post SmarterTools Hit by Ransomware via Vulnerability in Its Own Product appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
ShinyHunters Targets Okta and Microsoft SSO in Data Breach
Several voice-based social engineering attacks have prompted renewed scrutiny of single sign-on ecosystem security assumptions. The cybercrime collective ShinyHunters has publicly announced that it has carried out an extensive campaign to harvest SSO credentials from approximately 100 organizations, signaling…
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through.…
YARA-X 1.13.0 Release, (Mon, Feb 9th)
YARA-X's 1.13.0 release brings 4 improvements and 4 bugfixes. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: YARA-X 1.13.0 Release, (Mon, Feb 9th)
Quick Howto: Extract URLs from RTF files, (Mon, Feb 9th)
Malicious RTF (Rich Text Format) documents are back in the news with the exploitation of CVE-2026-21509 by APT28. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Quick Howto: Extract URLs from RTF…