Cybersecurity shouldn’t block mission outcomes. Cross Domain Solutions show how secure data access enables speed, trust and better decisions. The post Rebrand Cybersecurity from “Dr. No” to “Let’s Go” appeared first on Security Boulevard. This article has been indexed from…
Fingerprint enables enterprises to tell trusted AI agents apart from bots and scrapers
Fingerprint has released Authorized AI Agent Detection, its new ecosystem of AI agents, including OpenAI, AWS AgentCore, Browserbase, Manus and Anchor Browser. The ecosystem enables enterprises to detect authorized agentic AI traffic with 100% certainty, allowing organizations to distinguish trusted,…
Socure unifies identity, fraud, and program integrity for government at scale
Socure has released Socure for Government (SocureGov) RiskOS to help public sector organizations deliver simpler, faster, and more transparent digital identity verification and fraud prevention at scale. SocureGov RiskOS unifies identity proofing, fraud detection, and program integrity into a single…
Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers
Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted platforms for distribution at scale. The tech giant’s Defender Security Research Team said it observed…
CISA Adds SolarWinds Web Help Desk RCE Flaw to Known Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because it enables remote code execution (RCE) and can be exploited without authentication. According…
Chrome Vulnerabilities Let Attackers Execute Arbitrary Code and Crash System
Google has released a critical security update for the Chrome Stable channel, addressing two high-severity vulnerabilities that expose users to potential arbitrary code execution (ACE) and denial-of-service (DoS) attacks. The update pushes the browser version to 144.0.7559.132/.133 for Windows and…
AI is Supercharging Work…and Your Attack Surface
AI boosts productivity, but weak data governance and shadow AI are expanding the enterprise attack surface. The post AI is Supercharging Work…and Your Attack Surface appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the…
Building a Zero-Trust Framework for Cloud Banking
Zero-trust architecture helps banks secure cloud environments, meet regulations, and scale innovation through identity-first security. The post Building a Zero-Trust Framework for Cloud Banking appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original…
Detectify Internal Scanning finds and fixes vulnerabilities behind the firewall
Detectify has launched Internal Scanning, a solution that eliminates the visibility gap between external perimeters and internal environments, allowing security teams to discover and remediate vulnerabilities behind the firewall with the same speed and precision they apply to external assets.…
Metro bug, more social bans, leaky Moltbook
React Native Metro bug impacts thousands of servers Greece and Spain set to ban social media for kids Moltbook shows the dangers of vibe coding Get the show notes here: https://cisoseries.com/cybersecurity-news-metro-bug-more-social-bans-leaky-moltbook/ Huge thanks to our sponsor, Strike48 Security teams are…
Chrome Flaws Enable Arbitrary Code Execution and System Crashes
Google has released a new Stable Channel update for Chrome (version 144.0.7559.132/.133) on February 3, 2026, addressing two high‑severity vulnerabilities that could allow attackers to execute arbitrary code or cause system crashes. The update is rolling out gradually for Windows, macOS, and…
ValleyRAT Masquerades as LINE Installer to Target Users and Harvest Login Credentials
A malware campaign where cybercriminals distribute a fake LINE messenger installer that secretly deploys the ValleyRAT malware to steal credentials and evade detection. Since early 2025, threat actors have increasingly used fraudulent software installers to deliver malware. This campaign shares techniques with previously discovered LetsVPN-themed attacks,…
Navigating the AI Revolution in Cybersecurity: Risks, Rewards, and Evolving Roles
In the rapidly changing landscape of cybersecurity, AI agents present both opportunities and challenges. This article examines the findings from Darktrace’s 2026 State of AI Cybersecurity Report, highlighting the benefits of AI in enhancing security measures while addressing concerns regarding…
IT Security News Hourly Summary 2026-02-04 09h : 4 posts
4 posts were published in the last hour 7:38 : Microsoft and Google Platforms Abused in New Enterprise Cyberattacks 7:38 : Orion Security raises $32 million to build AI-powered data loss prevention solution 7:38 : CISA Adds Actively Exploited SolarWinds…
Microsoft and Google Platforms Abused in New Enterprise Cyberattacks
A dangerous shift in phishing tactics, with threat actors increasingly hosting malicious infrastructure on trusted cloud platforms like Microsoft Azure, Google Firebase, and AWS CloudFront. Unlike traditional phishing campaigns that rely on newly registered suspicious domains, these attacks leverage legitimate…
Orion Security raises $32 million to build AI-powered data loss prevention solution
Orion Security has raised $32 million in a Series A round led by Norwest Venture Partners, with participation from IBM and existing investors including PICO Venture Partners, Lama Partners, and others. The round comes less than a year after the…
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks. The vulnerability, tracked as CVE-2025-40551…
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code (VS Code) extensions are published to the open-source repository to combat supply chain threats. The move marks a shift…
Ingress-NGINX Flaw Enables Arbitrary Code Execution Attacks
A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and potentially compromise entire clusters. Tracked as CVE-2026-24512, this high-severity flaw enables malicious actors to inject configuration directives through the ingress controller and…
Shadow DNS Operation Abuses Compromised Routers to Manipulate Internet Traffic
A sophisticated shadow DNS network that hijacks internet traffic by compromising home and business routers. The operation, active since mid-2022, manipulates DNS resolution through malicious resolvers hosted by Aeza International (AS210644), a bulletproof hosting provider sanctioned by the U.S. Treasury…
Global Threat Map: Open-source real-time situational awareness platform
Global Threat Map is an open-source project offering security teams a live view of reported cyber activity across the globe, pulling together open data feeds into a single interactive map. It visualizes indicators such as malware distribution, phishing activity, and…
Critical Django Flaw Allows DoS and SQL Injection Attacks
The Django Software Foundation has issued emergency security patches addressing six critical vulnerabilities affecting multiple versions of the popular Python web framework. Released on February 3, 2026, the updates fix severe flaws that could enable attackers to execute SQL injection…
Chrome Add-On Caught Stealing Amazon Commissions
A Chrome extension posing as an Amazon ad blocker was caught hijacking affiliate links in the background, redirecting commissions without user consent. The post Chrome Add-On Caught Stealing Amazon Commissions appeared first on TechRepublic. This article has been indexed from…
Why incident response breaks down when it matters most
In this Help Net Security video, Jon David, Managing Director, NR Labs, discusses why incident response often breaks down during a breach. Drawing on years of experience watching real attackers operate across many industries, he walks through what tends to…