A new critical vulnerability discovered by security research firm LayerX has exposed a fundamental architectural flaw in how Large Language Models (LLMs) handle trust boundaries. The zero-click remote code execution (RCE) flaw in Claude Desktop Extensions (DXT) allows attackers to…
Discord to Age-Restrict User Access to Key Features Starting Next Month
Discord announced it will begin globally rolling out “teen-by-default” safety controls and an expanded “age assurance” system in early March, introducing clearer boundaries around age-restricted experiences while leaving most everyday use unchanged. The company says the goal is to make…
AI chat app leak exposes 300 million messages tied to 25 million users
A security researcher found an exposed database belonging to the Chat & Ask AI app, once again traced back to a Firebase misconfiguration. This article has been indexed from Malwarebytes Read the original article: AI chat app leak exposes 300…
Ransomware group breached SmarterTools via flaw in its SmarterMail deployment
SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer, said…
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization’s network to other high-value assets. That said, the…
VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code
VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds This article has been indexed from www.infosecurity-magazine.com Read the original article: VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code
Cyber Briefing: 2026.02.09
Spear-phishing and cloud worms spread RATs and botnets, critical RCEs patched, ransomware hits payments, breaches surface, and cybercrime arrests follow. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.02.09
UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering
Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069,…
Flickr’s 35M Users Affected by Third-Party Data Exposure
Flickr disclosed a data exposure tied to a third-party email provider, highlighting how external service vulnerabilities can put millions of users at risk. The post Flickr’s 35M Users Affected by Third-Party Data Exposure appeared first on TechRepublic. This article has…
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay caused widespread U.S. payment outages, forcing some organizations to go cash-only. The post BridgePay Ransomware Causes Widespread Payment Outages appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks
Staff data belonging to the regulator and judiciary’s governing body accessed The Dutch Data Protection Authority (AP) says it was one of the many organizations popped when attackers raced to exploit recent Ivanti vulnerabilities as zero-days.… This article has been…
Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter
As only data exfiltration for extortion no longer delivers ROI, ransomware gangs may increasingly encrypting data for additional leverage. The post Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter appeared first on SecurityWeek. This article has…
BeyondTrust Vulnerability Allows Pre-Auth Remote Code Execution
A BeyondTrust vulnerability lets unauthenticated attackers execute remote code on affected systems. The post BeyondTrust Vulnerability Allows Pre-Auth Remote Code Execution appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: BeyondTrust Vulnerability…
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace
OpenClaw added VirusTotal scanning to its ClawHub marketplace to curb the spread of malicious AI agent skills. The post OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…
Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities
Anthropic says Claude Opus 4.6 identified over 500 previously unknown high-severity flaws in widely used open-source libraries. The post Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…
European Commission probes cyberattack on mobile device management system
The European Commission is investigating a cyberattack after detecting signs that its mobile device management system was compromised. The European Commission is investigating a cyberattack on its mobile device management platform after detecting intrusion traces. Attackers may have accessed some…
European Commission hit by cyberattackers targeting mobile management platform
The European Commission’s mobile device management platform was hacked but the incident was swiftly contained and no compromise of mobile devices was detected, EU’s executive branch announced on Friday. The intrusion was detected on January 30, 2026, by CERT-EU, the…
BridgePay Confirms Ransomware Attack
A significant ransomware attack against the payment gateway provider BridgePay has resulted in a nationwide outage that knocked critical systems offline. This article has been indexed from CyberMaterial Read the original article: BridgePay Confirms Ransomware Attack
Loxam Reports Data Breach Incident
Loxam announced on February 4 that a security breach involving a third-party delivery planning software may have resulted in the theft of customer data. This article has been indexed from CyberMaterial Read the original article: Loxam Reports Data Breach Incident
EU Commission Probes Staff Mobile System Intrusion
European authorities are investigating a cyberattack on the mobile device management systems of the European Commission that may have exposed staff contact information. This article has been indexed from CyberMaterial Read the original article: EU Commission Probes Staff Mobile System…
Lyft Launches Teen Accounts With Safety Features
Lyft has launched a new feature allowing teenagers between 13 and 17 to book their own rides while providing parents with real-time tracking and account management. This article has been indexed from CyberMaterial Read the original article: Lyft Launches Teen…
Men Charged In FanDuel Identity Theft Scheme
Two residents of Connecticut have been charged in a federal case for allegedly using approximately 3,000 stolen identities to defraud online gambling platforms of 3 million dollars. This article has been indexed from CyberMaterial Read the original article: Men Charged…
Criminal IP Integrates with IBM QRadar to Deliver Real-Time Threat Intelligence Across SIEM and SOAR
Torrance, United States / California, 9th February 2026, CyberNewswire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article: Criminal IP Integrates with IBM QRadar to Deliver Real-Time Threat Intelligence Across…
From Solo to Squad: The Evolution of Cyber Security Training in the AI Era
Generative AI is transforming cyber defense. Technical expertise remains critical, but AI-driven threats demand more than individual skill – they require the collective intelligence of the organization’s SOC. To understand how businesses are adapting, Infinity Global Services analyzed training consumption…