Unit 42 researchers say an Asian threat group behind what they call the Shadow Campaigns has targeted government agencies in 37 countries in a wide-ranging global cyberespionage campaign that has involved phishing attacks and the exploitation of a more than…
Tag: EN
The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
Most security incidents happen in the gap between knowing what matters and actually implementing security controls consistently. Read how Microsoft is helping organizations close this implementation gap. The post The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD…
OpenClaw and the Growing Security Risks of Agentic AI
OpenClaw’s rise shows how agentic AI can expand attack surfaces and introduce new enterprise security risks. The post OpenClaw and the Growing Security Risks of Agentic AI appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet…
AI and Regulation Redefine Application Security, New Global Study Finds
Artificial intelligence has overtaken all other forces shaping application security, according to a major new industry study that shows organisations racing to secure AI-generated code while responding to growing regulatory pressure. The 16th edition of the Building Security In Maturity…
Attackers Use Legitimate Forensic Driver to Disable Endpoint Security, Huntress Warns
Cybercriminals are increasingly turning trusted software against defenders, according to new research from Huntress, which has uncovered a real-world attack in which threat actors used a legitimate but vulnerable driver to disable endpoint security tools before deploying further malicious activity.…
Proton Warns European Startups: No One Is Too Small to Be Targeted by Hackers
Swiss privacy company Proton is urging European startups to rethink their cybersecurity approach after new research based on dark-web breach monitoring found that early-stage companies are increasingly targeted by cybercriminals, with significant consequences for innovation, data protection, and business continuity.…
Harlan Parrott Appointed as KnowBe4’s VP of AI Innovation
KnowBe4 has announced the appointment of Harlan Parrott as VP of AI Innovation, following the company’s 10-year anniversary celebration of pioneering Artificial Intelligence (AI) in cybersecurity. As VP, Parrott will lead the AI Center of Excellence by overseeing the company’s…
Orchid Security Adds Ability to Audit Behaviors by Identity
Orchid Security today added an ability to conduct audits to its platform that enables cybersecurity teams to track behaviors of specific identities. Company CEO Roy Katmor said Identity Audit is designed to make it possible to unify proprietary audit data…
Experts Find Malicious Browser Extensions, Chrome, Safari, and Edge Affected
Threat actors exploit extensions Cybersecurity experts found 17 extensions for Chrome, Edge, and Firefox browsers which track user’s internet activity and install backdoors for access. The extensions were downloaded over 840,000 times. The campaign is not new. LayerX claimed that…
China-Linked Hackers Step Up Quiet Spying Across South-East Asia
Threat actors linked to China have been blamed for a new wave of cyber-espionage campaigns targeting government and law-enforcement agencies across South-East Asia during 2025, according several media reports. Researchers at Check Point Research said they are tracking a previously…
Smart Homes Under Threat: How to Reduce the Risk of IoT Device Hacking
Most households today use some form of internet of things (IoT) technology, whether it’s a smartphone, tablet, smart plugs, or a network of cameras and sensors. Learning that nearly 120,000 home security cameras were compromised in South Korea and…
Tactical Wireless Security
A hands-on guide to testing wireless defenses, mastering SDR, and understanding modern RF attack techniques. This article has been indexed from CyberMaterial Read the original article: Tactical Wireless Security
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 26, 2026 to February 1, 2026)
📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…
Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics
Italy stopped Russian-linked cyberattacks targeting Foreign Ministry offices and Winter Olympics websites and hotels, Foreign Minister Tajani said. Italy has thwarted a series of Russian-linked cyberattacks aimed at Foreign Ministry offices, including one in Washington, as well as Winter Olympics…
170+ SolarWinds Help Desk Installations Vulnerable to RCE Attacks Exposed Online
Over 170 SolarWinds Web Help Desk installations remain vulnerable to a critical remote code execution (RCE) flaw that has been actively exploited in the wild and recently added to CISA’s Known Exploited Vulnerabilities catalog. The vulnerability, tracked as CVE-2025-40551, carries…
Attackers Mimic RTO Challan Notifications to Deliver Android Malware
A sophisticated Android malware campaign targeting Indian users has emerged, disguising itself as legitimate Regional Transport Office (RTO) challan notifications. The malicious applications are distributed outside the Google Play Store, primarily through WhatsApp and similar messaging platforms, exploiting user trust…
Betterment Data Breach Exposes 1.4 million Customers Personal Details
Betterment has disclosed a social engineering–driven data breach that exposed personal information for approximately 1.4 million customer accounts, significantly expanding the fallout from a January 2026 security incident tied to fraudulent crypto scam messages. In early January 2026, Betterment, a…
Betterment breach may expose 1.4M users after social engineering attack
Breach-tracking site flags dataset following impersonation-based intrusion Breach-tracking site Have I Been Pwned (HIBP) claims a cyberattack on Betterment affected roughly 1.4 million users – although the investment company has yet to publicly confirm how many customers were affected by…
CISA confirms exploitation of VMware ESXi flaw by ransomware attackers
CVE-2025-22225, a VMware ESXi arbitrary write vulnerability, is being used in ransomware campaigns, CISA confirmed on Wednesday by updating the vulnerability’s entry in its Known Exploited Vulnerabilities (KEV) catalog. Researchers linked VMware ESXi zero-day trio to single exploit toolkit Broadcom…
Data breach at govtech giant Conduent balloons, affecting millions more Americans
The ransomware attack at Conduent allowed hackers to steal a “significant number of individuals’ personal information” from the govtech giant’s systems. Conduent handles personal and health data of more than 100 million people across America. This article has been indexed…