News•Feb 6, 2026
How Samsung Knox Helps Stop Your Network Security Breach
Samsung Knox introduces a per‑app firewall and Zero‑Trust Network Access (ZTNA) that extend traditional enterprise security to mobile devices. The firewall provides granular, app‑specific rules and detailed logging, shrinking investigation times from days to hours. Knox ZTNA works alongside existing VPNs, offering micro‑segmentation and dynamic policy evaluation based on device health and context. Integrated with Samsung Galaxy hardware, Knox delivers real‑time threat response, SOC 2 and GDPR compliance, and seamless compatibility with leading MDM, UEM, and SIEM platforms.
By The Hacker News
News•Feb 6, 2026
How to Spot a Bitcoin Scammer: 5 Red Flags That Could Save Your Crypto
A Singapore trader lost $480,000 after a fake Binance support account stole his recovery phrase, highlighting the rise of social‑engineering scams in crypto. The FBI reports $9.3 billion in cryptocurrency fraud for 2024, driven largely by impersonation, false promises, and urgency...
By TechBullion
News•Feb 6, 2026
Flickr Discloses Potential Data Breach Exposing Users' Names, Emails
Flickr disclosed a potential data breach after a vulnerability in a third‑party email service provider exposed user names, email addresses, IP locations and activity logs. The company acted quickly, shutting down the affected system within hours on February 5, 2026. While...
By BleepingComputer
News•Feb 6, 2026
RenEngine Loader Deploys Stealthy Multi-Stage Execution to Bypass Security Measures
RenEngine Loader, a new malware family, embeds malicious code in legitimate Ren’Py game launchers used for cracked games. Since its emergence in April 2025, it has infected over 400,000 users, adding roughly 5,000 new victims each day, primarily in India,...
By GBHackers On Security
News•Feb 6, 2026
‘DKnife’ Implant Used by Chinese Threat Actor for Adversary-in-the-Middle Attacks
Cisco’s Talos researchers have identified a China‑linked adversary‑in‑the‑middle framework called DKnife, operating since at least 2019. The platform comprises seven Linux‑based implants that perform deep packet inspection, traffic manipulation, and delivery of backdoors such as ShadowPad and DarkNimbus. DKnife targets...
By SecurityWeek
News•Feb 6, 2026
Compromised dYdX Npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Security researchers uncovered a supply‑chain attack on dYdX's official npm package @dydxprotocol/v4-client-js and its PyPI counterpart dydx‑v4‑client. The compromised versions, published with legitimate maintainer credentials, embed wallet‑stealing code and, in the Python case, a remote‑access trojan. dYdX acknowledged the breach,...
By The Hacker News
News•Feb 6, 2026
MintMCP’s Governance Platform Helps Organizations Deploy, Monitor, and Secure AI Agents
MintMCP introduced an enterprise governance platform that lets organizations deploy, monitor, and secure AI agents and MCP servers at scale. The solution offers one‑click MCP server provisioning, real‑time agent activity tracing, and configurable guardrails to block risky actions. It also...
By Help Net Security
News•Feb 6, 2026
5 Bills to Boost Energy Sector Cyber Defenses Clear House Panel
The House Energy Subcommittee advanced five bipartisan bills aimed at strengthening both physical and cyber defenses of the United States electric grid and broader energy infrastructure. The legislation updates Department of Energy programs, extends cybersecurity support for rural utilities through...
By SecurityWeek
News•Feb 6, 2026
Why Attackers No Longer Need to Break In: The Rise of Identity-Based Attacks
Attackers increasingly purchase stolen credentials on dark‑web markets, enabling silent, long‑duration breaches without traditional malware. Identity‑based attacks now dominate, with 97 % involving passwords and machine accounts outnumbering human users by roughly 82 to 1, creating unmanaged attack surfaces. Social‑engineering phone...
By Security Boulevard
News•Feb 6, 2026
New Wave of Odyssey Stealer Targets macOS Users in Active Cyberattack Campaign
A new wave of Odyssey Stealer is actively targeting macOS users across more than twenty countries, expanding far beyond its initial foothold in the United States and Western Europe. The malware is delivered through fake CAPTCHA pages that mimic legitimate...
By GBHackers On Security
News•Feb 6, 2026
February 2026 Patch Tuesday Forecast: Lots of OOB Love This Month
Microsoft’s February 2026 Patch Tuesday follows a heavy January with 92 Windows 11/Server 2025 and 79 Windows 10 vulnerabilities addressed. Three out‑of‑band (OOB) patches were released in January to fix remote‑desktop credential prompts, Outlook .pst cloud storage errors, and a zero‑day Office vulnerability...
By Help Net Security
News•Feb 6, 2026
Kasada Account Intelligence Combats Manual Fraud and Abuse
Kasada has launched Account Intelligence, a real‑time solution that detects manual, account‑level fraud and abuse before financial loss occurs. The product uses high‑fidelity device telemetry linked to account behavior, allowing early identification of credential abuse, promo fraud, and coordinated multi‑account...
By Help Net Security
News•Feb 6, 2026
Your PQC Pilot Might Fail, and That’s Okay
Enterprises are moving from curiosity to action on post‑quantum cryptography (PQC), launching pilots that often stumble because existing stacks lack support. The article argues that pilot failures are intentional, serving to surface interoperability, skill and inventory gaps before regulatory or...
By Security Boulevard
News•Feb 6, 2026
The Other Offense and Defense
The Super Bowl is portrayed as a live‑fire cybersecurity exercise where a temporary mega‑enterprise of stadium, broadcast, betting and IoT systems is assembled in days. This massive, multi‑vendor environment expands the attack surface dramatically, forcing security teams to adopt zero‑trust,...
By Security Boulevard
News•Feb 6, 2026
OpenAI Launches Trusted Access for Cyber to Expand AI-Driven Defense While Managing Risk
OpenAI announced Trusted Access for Cyber, a program that provides vetted defenders with controlled access to its most advanced cybersecurity model, GPT‑5.3‑Codex, via ChatGPT. The initiative pairs this privileged access with $10 million in API‑credit grants to support defensive research and...
By The Cyber Express
News•Feb 6, 2026
Cryptocurrencies Are Rife with Scams and Money Laundering
The cryptocurrency ecosystem is increasingly plagued by scams and money‑laundering schemes, with criminal thefts reaching $3.4 billion in 2025 and individual losses topping $713 million. Blockchain analytics firms report divergent estimates of illicit flows – Chainalysis cites $82 billion in laundering, while TRM Labs...
By The Finanser
News•Feb 6, 2026
Mobile Privacy Audits Are Getting Harder
Mobile privacy audits face verification gaps as apps hide data flows behind permissions and encrypted traffic. The new mopri framework combines static analysis of APKs with dynamic, user‑driven execution to capture real‑world network activity on Android devices. It offers modular...
By Help Net Security
News•Feb 6, 2026
CentOS 9 Security Flaw Enables Privilege Escalation – PoC Released
A critical use‑after‑free vulnerability has been discovered in the `sch_cake` packet scheduler of the CentOS 9 Linux kernel. The flaw lets a local user trigger memory corruption and execute arbitrary code with root privileges, as demonstrated by a publicly released proof‑of‑concept....
By GBHackers On Security
News•Feb 6, 2026
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Researchers identified two medium‑severity flaws—a publicly accessible email API endpoint and verbose error handling that discloses OAuth tokens—that can be combined to launch authenticated phishing campaigns inside Microsoft 365 tenants. By exploiting the open relay, attackers send messages that appear to...
By GBHackers On Security
News•Feb 6, 2026
The Hidden Cost of Putting Off Security Decisions
Hanah Darley, Chief AI Officer at Geordie AI, warns that postponing security decisions creates a hidden "visibility debt" that compounds over time. Each quarter without adequate insight allows shadow IT, legacy systems, and unmanaged assets to proliferate, leading to larger...
By Help Net Security
News•Feb 6, 2026
Spam Campaign Distributes Fake PDFs, Deploys Remote Monitoring Tools for Ongoing Access
A spam campaign is distributing PDFs that appear to be Adobe Acrobat updates, but the attachment redirects users to a spoofed download page that installs legitimate Remote Monitoring and Management (RMM) tools such as TrustConnect and Datto RMM. By leveraging signed...
By GBHackers On Security
News•Feb 5, 2026
Cybersecurity Earnings Season Kicks Off with Beats From Fortinet, NetScout and Qualys
The cybersecurity earnings season opened with Fortinet, NetScout and Qualys all beating analyst expectations. Fortinet posted Q4 adjusted EPS of $0.81 on $1.91 billion revenue, up 15% YoY, while NetScout delivered EPS of $1.00 despite flat revenue, and Qualys reported EPS...
By SiliconANGLE
News•Feb 5, 2026
Spain's Ministry of Science Shuts Down Systems After Breach Claims
Spain's Ministry of Science, Innovation and Universities announced a partial shutdown of its electronic services after a technical incident that appears to be a cyberattack. A hacker using the alias “GordonFreeman” claimed to have exploited an IDOR flaw to gain...
By BleepingComputer
News•Feb 5, 2026
From Backup to ResOps: How Commvault Is Reframing Cyber Resilience
Commvault is repositioning from traditional backup to a ResOps model that unifies data protection, identity resilience, and cyber recovery across hybrid and multicloud environments. The launch of its Cloud Unity platform introduces AI‑driven synthetic recovery, allowing clean, point‑in‑time restores without...
By SiliconANGLE
News•Feb 5, 2026
Ransomware Gang Uses ISPsystem VMs for Stealthy Payload Delivery
Ransomware operators are exploiting ISPsystem’s VMmanager by deploying default Windows virtual machines that reuse identical hostnames and system identifiers. Sophos discovered the same hostnames across VMs used by multiple ransomware groups, including LockBit, Conti, BlackCat/ALPHV and Ursnif, as well as...
By BleepingComputer
News•Feb 5, 2026
Quantum Computing Digest — Q1 2018
The first quarter of 2018 saw quantum computing move from laboratory experiments to strategic initiatives. Google announced a 72‑qubit Bristlecone processor aimed at quantum supremacy, while Intel introduced a 49‑qubit silicon‑spin Tangle Lake chip and Alibaba made an 11‑qubit system...
By The Qubit Report
News•Feb 5, 2026
Mastercard and UAE Team to Counter Cyberthreats
Mastercard has entered a strategic cybersecurity partnership with the United Arab Emirates Cyber Security Council to develop forward‑looking policies and publish a joint report on the nation’s threat landscape. The report warns that malicious actors are increasingly targeting critical sectors...
By PYMNTS
News•Feb 5, 2026
ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are
The Department of Homeland Security rolled out the Mobile Fortify app in spring 2025 to let ICE and CBP agents scan faces and generate candidate matches, but the technology cannot positively verify identities. Records show the tool has been used over...
By WIRED (Security)
News•Feb 5, 2026
Bolt Picks Socure to Secure ID Verification Platform
Bolt, the checkout and payments platform, announced a partnership with identity‑verification specialist Socure. By embedding Socure’s RiskOS and its global Identity Graph into Bolt ID, the service gains predictive risk signals and compliance decisioning. The integration is designed to boost...
By PYMNTS
News•Feb 5, 2026
CISA Orders Agencies to Patch and Replace End-of-Life Devices, Citing Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) issued a binding operational directive requiring federal agencies to inventory, replace, and continuously monitor end‑of‑support (EOS) edge devices after detecting active exploitation by advanced threat actors, some linked to nation‑states. Agencies have three...
By FCW (GovExec Technology)
News•Feb 5, 2026
OIG Audit of Hospital’s Cybersecurity Finds Vulnerabilities in Common Web Applications
The U.S. Department of Health and Human Services Office of the Inspector General audited a large southeastern hospital and identified security gaps in four internet‑accessible web applications. The hospital, a 300‑bed facility that relies on the HITRUST Common Security Framework...
By DataBreaches.net
News•Feb 5, 2026
Berlin Hospitals Threatened by Spate of Attacks
Berlin’s Hospital Association has warned of a surge in unexplained incidents targeting hospitals, ranging from drone incursions and cyberattacks to forced entries and arson. Intelligence agencies have classified at least some of these events as potential security threats, prompting heightened...
By DataBreaches.net
News•Feb 5, 2026
Microsoft to Shut Down Exchange Online EWS in April 2027
Microsoft announced that the Exchange Web Services (EWS) API for Exchange Online will be blocked on October 1, 2026 and fully retired on April 1, 2027. Administrators can create an allow‑list by August 2026 to bypass the October block, after which Microsoft will pre‑populate allow...
By BleepingComputer
News•Feb 5, 2026
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
The AISURU/Kimwolf botnet launched a record‑setting DDoS attack in November 2025, peaking at 31.4 Tbps and lasting just 35 seconds. Cloudflare, which automatically mitigated the traffic, said the attack is part of a surge in hyper‑volumetric HTTP assaults, with average sizes...
By The Hacker News
News•Feb 5, 2026
Italian University La Sapienza Goes Offline After Cyberattack
Rome’s La Sapienza, Europe’s largest university, suffered a cyberattack that forced a complete shutdown of its IT network. Authorities and the university’s technical task force identified the incident as a ransomware operation attributed to the pro‑Russian group Femwar02, using the...
By BleepingComputer
News•Feb 5, 2026
Irish SMEs Turn to Practical Cyber Solutions as AI-Driven Threats Rise, Vodafone Tells SFA Event
At the Small Firms Association’s SFA Connect event, Vodafone Ireland highlighted that 94% of Irish SMEs feel unprepared for AI‑driven cyber attacks, yet adoption of basic safeguards remains low. Only 21% of SMEs use multifactor authentication and more than half...
By Irish Tech News
News•Feb 5, 2026
Trust by Design: Updating Your Digital Workplace Charter for the Age of AI Assistants
AI adoption is outpacing employee trust, driving widespread use of unsanctioned "Shadow AI" tools. This behavior creates institutional amnesia, where valuable insights disappear from corporate knowledge bases. The article argues that a one‑page digital‑workplace charter—updated with AI‑specific purpose, vision, and...
By TechRadar
News•Feb 5, 2026
Data Breach at Govtech Giant Conduent Balloons, Affecting Millions More Americans
A ransomware attack in January 2025 crippled Conduent’s systems and has now been linked to at least 15.4 million affected Texans and 10.5 million Oregonians, far exceeding the company’s earlier estimate of four million victims. The breach exposed names, Social Security numbers, medical...
By TechCrunch (Cybersecurity)
News•Feb 5, 2026
Domestic Surveillance Fears Loom over Congress Debate to Renew Spying Power
Congress is debating the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act, which allows warrantless collection of foreign communications but often sweeps up U.S. persons. Recent Trump-era domestic surveillance orders and expanded data‑provider definitions have heightened Democratic concerns...
By FCW (GovExec Technology)
News•Feb 5, 2026
Romanian Oil Pipeline Operator Conpet Discloses Cyberattack
Romanian pipeline operator Conpet disclosed a ransomware attack that crippled its corporate IT systems and took its public website offline, while its core transport operations remained unaffected. The Qilin gang claimed responsibility, alleging the theft of nearly 1 TB of internal...
By BleepingComputer
News•Feb 5, 2026
When Cloud Logs Fall Short, the Network Tells the Truth
Cloud migrations create fragmented logs that leave blind spots, making real‑time visibility essential for security. Network telemetry provides a consistent, provider‑agnostic signal that overcomes log inconsistencies across multi‑cloud environments. By integrating traffic mirroring, flow logs, and TLS/DNS metadata, organizations can...
By BleepingComputer
News•Feb 5, 2026
FireCompass Launches AI Agents for Autonomous Web and API Penetration Testing With Freemium Access
FireCompass introduced Explorer, a credit‑based freemium platform that delivers AI‑powered autonomous penetration testing for web applications, APIs, and external infrastructure. The service lets security teams launch self‑serve tests within minutes and receive evidence‑backed exploit paths rather than generic alerts. By...
By AiThority
News•Feb 5, 2026
Operant AI Debuts Agent Protector to Secure Autonomous AI Agents at Scale
Operant AI announced Agent Protector, a real‑time security platform for autonomous AI agents. The solution delivers shadow‑agent discovery, zero‑trust enforcement, inline threat detection, and secure enclaves to protect both managed and unmanaged agents across cloud, SaaS, and development environments. It...
By SiliconANGLE
News•Feb 5, 2026
Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign
Security researcher Sygnia uncovered a coordinated network of more than 150 cloned law‑firm websites used in an AI‑powered fraud scheme. The domains are spread across multiple registrars, each with its own SSL certificate and often hidden behind Cloudflare to evade...
By SecurityWeek
News•Feb 5, 2026
Intruder Warns of Data Risks in Moltbot AI Assistant
Intruder released research exposing critical security gaps in Moltbot, an open‑source, self‑hosted AI assistant. The study shows that default deployments often lack firewalls, credential validation, and sandboxing, leaving cloud instances exposed. Attackers are exploiting misconfigurations to harvest API keys, conduct...
By AI-TechPark
News•Feb 5, 2026
Cohesity Deepens Google Cloud Integration
Cohesity has integrated Google Cloud Threat Intelligence directly into the Cohesity Data Cloud UI and added Google Private Scanning for secure, privacy‑preserving malware detonation. The enhancement gives customers real‑time visibility into indicators of compromise and streamlines threat analysis without leaving...
By Blocks & Files
News•Feb 5, 2026
VS Code Configs Expose GitHub Codespaces to Attacks
Orca Security discovered that GitHub Codespaces automatically executes VS Code configuration files in the *.vscode* folder when a repository or pull request is opened. Malicious JSON files such as settings.json or devcontainer.json can inject bash commands, leading to remote code execution...
By SecurityWeek
News•Feb 5, 2026
Smartphones Now Involved in Nearly Every Police Investigation
A new Cellebrite report shows digital evidence, especially from smartphones, now underpins almost every police investigation. Ninety‑five percent of law‑enforcement practitioners consider it essential, and 97% identify smartphones as the top source, up from 73% in 2024. Consequently, 62% of...
By Infosecurity Magazine
News•Feb 5, 2026
Torq Hires Virgin Atlantic CISO to Lead Agentic AI Shift
Torq, an agentic security operations platform, announced the hiring of former Virgin Atlantic CISO John White as Field CISO. White, who led a multi‑year transformation of Virgin Atlantic’s cyber defenses using Torq’s AI SOC platform, joins the company after its...
By AI-TechPark
News•Feb 5, 2026
Sanctioned Bulletproof Host Linked to Hijacking of Old Home Routers
Researchers at Infoblox uncovered a global DNS hijacking campaign that compromised outdated home routers in more than 30 countries. Attackers altered router DNS settings, redirecting traffic through servers owned by Aeza International, a U.S.-sanctioned Russian bulletproof hosting provider. The rerouted...
By HackRead