Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access. The post Recent SolarWinds Flaws Potentially Exploited as Zero-Days appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Recent SolarWinds…
Tag: EN
New Node.js Based LTX Stealer Attack Users to Exfiltrate Login Credentials
A sophisticated new malware strain dubbed “LTX Stealer” has emerged in the cyber threat landscape, utilizing a unique Node.js-based architecture to compromise Windows systems. First surfacing in early 2026, this malicious tool is designed to harvest sensitive user information, including…
Roundcube Webmail Vulnerability Let Attackers Track Email Opens
Roundcube, one of the world’s most popular open-source webmail solutions, has released critical security updates to address a privacy bypass vulnerability. The flaw detailed by NULL CATHEDRAL allowed attackers to load remote images and track email opens, even when users…
Hackers Exploit Legitimate Apple and PayPal Invoice Emails in DKIM Replay Attacks
Cybersecurity threats are swiftly evolving beyond easily spotted, poorly written phishing emails to sophisticated methods that leverage trusted digital infrastructure. Attackers are now exploiting legitimate business workflows within widely used platforms, effectively turning reputable services into unwitting accomplices for financial…
Microsoft Exchange Online Flags Customers Legitimate Email as Phishing
Microsoft Exchange Online is experiencing a service degradation that incorrectly flags legitimate customer emails as phishing, quarantining them and disrupting communications. The issue, identified as EX1227432, started on February 5, 2026, at 10:31 AM EST and remains ongoing. Microsoft classifies…
SmarterTools Hit by Ransomware via Vulnerability in Its Own Product
SmarterTools says customers were impacted after hackers compromised a data center used for quality control testing. The post SmarterTools Hit by Ransomware via Vulnerability in Its Own Product appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
ShinyHunters Targets Okta and Microsoft SSO in Data Breach
Several voice-based social engineering attacks have prompted renewed scrutiny of single sign-on ecosystem security assumptions. The cybercrime collective ShinyHunters has publicly announced that it has carried out an extensive campaign to harvest SSO credentials from approximately 100 organizations, signaling…
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through.…
YARA-X 1.13.0 Release, (Mon, Feb 9th)
YARA-X's 1.13.0 release brings 4 improvements and 4 bugfixes. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: YARA-X 1.13.0 Release, (Mon, Feb 9th)
Quick Howto: Extract URLs from RTF files, (Mon, Feb 9th)
Malicious RTF (Rich Text Format) documents are back in the news with the exploitation of CVE-2026-21509 by APT28. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Quick Howto: Extract URLs from RTF…
ISC Stormcast For Monday, February 9th, 2026 https://isc.sans.edu/podcastdetail/9800, (Mon, Feb 9th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, February 9th, 2026…
ScarCruft Exploits Trusted Cloud Services and OLE Documents to Deliver Malware
The North Korean-backed advanced persistent threat (APT) group known as ScarCruft has significantly evolved its attack techniques. In a departure from their established methods, the group is now using a sophisticated OLE-based dropper to distribute its signature malware, ROKRAT. This…
How the GNU C Compiler became the Clippy of cryptography
Security devs forced to hide Boolean logic from overeager optimizer FOSDEM 2026 The creators of security software have encountered an unlikely foe in their attempts to protect us: modern compilers.… This article has been indexed from The Register – Security…
AI Is Here to Replace Nuclear Treaties. Scared Yet?
The last major nuclear arms treaty between the US and Russia just expired. Some experts believe a combination of satellite surveillance, AI, and human reviewers can take its place. Others, not so much. This article has been indexed from Security…
Follow the money: Switzerland remains Europe’s top destination for tech pay
Average Swiss salaries dwarf those on offer across the rest of the continent European techies looking for the biggest payday are far better off in Switzerland than anywhere else, with average salaries eclipsing all other countries on the continent.… This…
Linux kernel 6.19 reaches stable release, kernel 7.0 work is already underway
Development activity on the Linux kernel continues into early 2026 with the stable release of version 6.19. Kernel maintainers have completed the pre-release cycle and merged the final set of changes into the mainline tree. The release follows the ongoing…
BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)
BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day (CVE-2024-12356) that…
BridgePay Confirms Ransomware Attack, No Card Data Compromised
The services of Florida-based payments platform BridgePay are offline due to a ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: BridgePay Confirms Ransomware Attack, No Card Data Compromised
Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering
A new evolution in ClawHub skill-based attacks that effectively sidesteps recent security measures. Rather than embedding base64-encoded payloads directly in SKILL.md files, threat actors have now shifted to a simpler approach: hosting malware on convincing lookalike websites and using skills…
Iran’s Digital Surveillance Machine Is Almost Complete
After more than 15 years of draconian measures, culminating in an ongoing internet shutdown, the Iranian regime seems to be staggering toward its digital surveillance endgame. This article has been indexed from Security Latest Read the original article: Iran’s Digital…