News•Feb 5, 2026
Substack Discloses Breach Exposing Its User Details After Four-Month Delay
Substack announced that a security breach exposed subscriber email addresses, phone numbers and internal metadata after attackers accessed the data in October 2025. The intrusion went undetected until February 2026, giving threat actors a four‑month dwell time. The company confirmed that credit‑card numbers, passwords and other financial details were not compromised. Substack says the vulnerability has been patched and is investigating the incident further.
By The Cyber Express
News•Feb 5, 2026
Space Force May Be Done with R-GPS, but Congress Isn’t
The Space Force ended funding for the Resilient GPS (R‑GPS) program in FY2026, opting to focus on the GPS III F modernization path, while Congress added $15 million in the 2026 spending bill to keep R‑GPS development alive. R‑GPS sought to use commercial,...
By SpaceNews
News•Feb 5, 2026
The Buyer’s Guide to AI Usage Control
Enterprises are grappling with an explosion of AI tools embedded in SaaS, browsers, and shadow applications, yet most security programs still rely on legacy, perimeter‑focused controls. The new Buyer’s Guide for AI Usage Control highlights that AI risk resides in...
By The Hacker News
News•Feb 5, 2026
Asset Intelligence as Context Engineering for Cybersecurity Operations
The article introduces Asset Intelligence as a disciplined approach to context engineering for cybersecurity operations. It argues that fragmented security data—ranging from patch status to identity records—creates contradictory views that hinder both human analysts and AI agents. By aggregating, correlating,...
By Security Boulevard
News•Feb 5, 2026
Data Breach at Fintech Firm Betterment Exposes 1.4 Million Accounts
Fintech platform Betterment disclosed a data breach affecting roughly 1.435 million accounts, exposing email addresses, names, birth dates, physical addresses, phone numbers, and employment details. Threat actors also launched a social‑engineering campaign, sending fraudulent cryptocurrency reward emails to compromised contacts....
By BleepingComputer
News•Feb 5, 2026
The Silent Security Gap in Enterprise AI Adoption
Enterprises are rapidly integrating generative AI into core workflows, but security models have not kept pace. Sensitive data now flows through AI inference requests—prompts containing source code, contracts, PII, and strategic logic—yet these streams sit outside traditional visibility and control...
By CSO Online
News•Feb 5, 2026
Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries
Palo Alto Networks identified a state‑sponsored cyber‑espionage group, TGR‑STA‑1030, conducting a "Shadow Campaign" that has breached at least 70 organizations in 37 countries, including government ministries, law‑enforcement agencies, and telecom operators. The group, likely linked to China, leverages sophisticated phishing...
By SecurityWeek
News•Feb 5, 2026
The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments
Enterprise security leaders confront a convergence of U.S. state privacy laws, the EU's DORA and AI Act, and exploding AI data demands, all of which amplify permission sprawl. With 91% of offboarded employees still retaining file access, the attack surface...
By Security Boulevard
News•Feb 5, 2026
EU Fintechs Face New AML Duties as APP Scams Surge
APP (Authorized Push Payment) scams have become Europe’s most damaging payment fraud, now surpassing card fraud in total losses. In 2024 the average fraudulent credit‑transfer exceeded €2,000 and credit‑transfer fraud accounted for €2.5 bn, about 60 % of all payment‑fraud losses in...
By Fintech Global
News•Feb 5, 2026
Axle and Experian Partner to Boost Auto Fraud Detection
Axle, an insurance‑data API provider, has teamed up with Experian to embed real‑time automotive insurance verification into Experian’s Fraud Protect platform. The integration lets dealerships and lenders instantly confirm active coverage while running identity and income checks, adding a new...
By Fintech Global
News•Feb 5, 2026
Zendesk Spam Wave Returns, Floods Users with 'Activate Account' Emails
A fresh wave of spam is exploiting unsecured Zendesk support portals, flooding users worldwide with fake “Activate account” emails. Attackers submit tickets through open Zendesk forms, triggering automatic confirmation messages to large address lists. The campaign mirrors a January incident,...
By BleepingComputer
News•Feb 5, 2026
AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+
Pindrop’s 2025 report reveals a 1,210% surge in AI‑enabled voice and virtual‑meeting fraud, dwarfing the 195% rise in traditional scams. Synthetic voice bots and deepfake executives are now bypassing contact‑center IVRs and infiltrating remote interviews, financial transactions, and other trust‑based...
By Infosecurity Magazine
News•Feb 5, 2026
Healthcare Cybersecurity Is in Crisis — These Proven Controls Could Be the Cure
The U.S. healthcare sector experienced twice as many cyber breaches in 2025 as in 2024, with average insured losses exceeding $2 million per incident. Resilience’s analysis of claims data identified five high‑ROI controls that materially reduce risk, including anti‑fraud training, breach‑and‑attack...
By Security Magazine (Cybersecurity)
News•Feb 5, 2026
Cisco, F5 Patch High-Severity Vulnerabilities
Cisco and F5 released emergency patches this week addressing multiple high‑severity flaws across their flagship products. Cisco fixed two critical bugs—CVE‑2026‑20119, a remote, unauthenticated DoS in TelePresence CE and RoomOS, and CVE‑2026‑20098, an authenticated file‑upload that grants root command execution...
By SecurityWeek
News•Feb 5, 2026
Microsoft Launches LiteBox, a Security-Focused Open-Source Library OS
Microsoft unveiled LiteBox, an open‑source library operating system designed to act as a secure kernel layer for protecting guest kernels through hardware virtualization. Developed alongside the Linux Virtualization Based Security (LVBS) project, LiteBox runs security‑critical code in a hardened, isolated...
By Help Net Security
News•Feb 5, 2026
US FDA Reissues Cybersecurity Guidance to Reflect QMSR Transition and ISO 13485 Alignment
The FDA reissued its final medical‑device cybersecurity guidance on February 4, updating references to reflect the new Quality System Management Regulation (QMSR) that took effect on February 2. The revision aligns the guidance with ISO 13485:2016, embedding the international standard into the U.S....
By The Cyber Express
News•Feb 5, 2026
AiStrike Introduces AI-Powered MDR to Reduce Costs and Alert Fatigue
AiStrike has launched AiStrike MDR, an AI‑powered managed detection and response service that replaces traditional human‑intensive SOCs with an AI‑led, expert‑guided model. The platform unifies threat intelligence, detection, investigation and response across cloud, endpoint and identity data, delivering automated triage...
By Help Net Security
News•Feb 5, 2026
Software Supply Chain Risks Join the OWASP Top 10 List, Access Control Still on Top
The 2025 OWASP Top 10 introduces software supply chain failures and mishandling of exceptional conditions as new entries, while broken access control retains the top spot after 20 years. Security misconfiguration rises to second place, and AI‑generated code is highlighted in the...
By CSO Online
News•Feb 5, 2026
Smart Glasses Are Back, Privacy Issues Included
After the failure of Google Glass, smart glasses are re‑emerging, led by the Ray‑Ban Meta collaboration that blends fashion with AI‑enabled camera and microphone. Harvard students showed the device’s video can be fed into facial‑recognition systems to identify strangers, while...
By Help Net Security
News•Feb 5, 2026
Cyberhaven Introduces Unified AI and Data Security Platform
Cyberhaven launched a unified AI‑driven Data Security Posture Management platform that integrates DSPM, DLP, insider risk management and AI security across endpoints, SaaS, cloud and on‑prem environments. The solution leverages comprehensive data lineage and agentic AI to provide continuous visibility,...
By Database Trends & Applications (DBTA)
News•Feb 5, 2026
Cybersecurity Planning Keeps Moving Toward Whole-of-Society Models
National governments are reshaping cybersecurity into whole‑of‑society frameworks that link risk management, workforce development, technology standards, and cross‑sector coordination. Centralized authorities act as hubs for incident response, intelligence sharing, and international cooperation, while private operators remain pivotal for critical infrastructure...
By Help Net Security
News•Feb 5, 2026
Measuring AI Use Becomes a Business Requirement
A Larridin survey reveals a 16‑point visibility gap between executives and directors on AI usage, highlighting pervasive shadow AI and fragmented governance. Large enterprises run an average of 23 AI tools, yet only 38 percent maintain a comprehensive inventory, leaving many...
By Help Net Security
News•Feb 5, 2026
Tribunal Partially Overturns Ruling on Bunnings Privacy Breach
The Administrative Review Tribunal (ART) partially overturned the Australian Information Commissioner’s finding that Bunnings breached privacy law with its facial‑recognition trial. While the tribunal accepted Bunnings’ reasonable belief that the technology was necessary to combat retail crime, it cleared the...
By Inside Retail Australia
News•Feb 5, 2026
Two Ivy League Universities Had Donor Information Breaches. Will Donors Be Notified?
Harvard University disclosed a November phishing attack that exposed alumni, donor and limited staff data, while the University of Pennsylvania confirmed a ShinyHunters intrusion that accessed Salesforce, SAP and other systems, compromising roughly 1.2 million students, alumni and donors. Both breaches...
By DataBreaches.net
News•Feb 4, 2026
Tenable Pops After Blowout Earnings and Bullish 2026 Outlook
Tenable Holdings posted a strong fiscal fourth‑quarter, reporting adjusted earnings of $0.48 per share and revenue of $260.5 million, both surpassing analyst expectations. Year‑over‑year revenue grew 11% to $999.4 million, while calculated billings rose 8% to $327.8 million. The company added 502 new...
By SiliconANGLE
News•Feb 4, 2026
Threat Actors Hijack Web Traffic After Exploiting React2Shell Vulnerability: Report
Researchers at Datadog Security Labs report that threat actors are exploiting the React2Shell vulnerability (CVE‑2025‑55182) in React Server Components to compromise NGINX servers managed via Boato Panel, hijacking web traffic and redirecting users to malicious sites. The attacks target a...
By CSO Online
News•Feb 4, 2026
IT Gives, Security Takes Away, and Configuration Drift Is the Hidden Cost
Configuration drift—incremental, often unnoticed changes to security settings—has become a major hidden threat for enterprises. Modern, hyper‑configurable security platforms and frequent temporary exceptions cause the drift to accelerate, eroding a company’s security posture over time. High‑profile breaches such as Colonial...
By Security Boulevard
News•Feb 4, 2026
Insider Threat Cited in $22M Iowa Bank Fraud Case
Prosecutors allege that an Iowa bank employee colluded with Curtis Weston to create 66 fraudulent loans worth $22 million, exploiting customer information from a previous employer. The scheme used 26 stolen identities and cycled funds through multiple banks and an online...
By American Banker Technology
News•Feb 4, 2026
Critical N8n Flaws Disclosed Along with Public Exploits
Multiple critical flaws identified as CVE‑2026‑25049 let any authenticated n8n user execute arbitrary code on the host server. The vulnerabilities stem from weak sandboxing of user‑written JavaScript and bypass the prior CVE‑2025‑68613 fix. Versions prior to 2.5.2 and 1.123.17 are...
By BleepingComputer
News•Feb 4, 2026
AT&T Turns to Autonomous AI Agents to Slash Fraud and Customer Wait Times
AT&T is rolling out autonomous AI agents to combat spam and fraud calls while streamlining internal processes. The network‑integrated digital receptionist, ActiveArmor, engages unknown callers in real time, disconnecting suspicious interactions or taking messages. Internally, the company’s partnership with Microsoft...
By PYMNTS
News•Feb 4, 2026
Ingress-Nginx Vulnerability Enables Code Execution in Kubernetes
A critical vulnerability (CVE‑2026‑24512) in ingress‑nginx allows authenticated attackers to inject arbitrary Nginx directives via the rules.http.paths.path field, leading to code execution and secret disclosure in Kubernetes clusters. The flaw affects all ingress‑nginx releases before v1.13.7 and v1.14.3. Exploitation requires...
By eSecurity Planet
News•Feb 4, 2026
Reclaiming Privacy: The 8th Street’s Mission to Safeguard Spaces
The 8th Street, founded by former cybersecurity experts, is launching its flagship Hidden Camera Detector to combat the surge of covert surveillance in homes, offices, and hotels. The compact device combines RF and GPS detection to locate hidden cameras with...
By Retail Insider Canada
News•Feb 4, 2026
What Is Malvertising and Protecting Yourself From Ad-Based Attacks Online
Malvertising—a form of malicious advertising—saw a 42% month‑over‑month surge in the first half of 2023, underscoring its rapid adoption by cybercriminals. A recent case involved Lowe’s employees being duped by spoofed Google ads that mimicked the MyLowesLife portal, leading to...
By Retail Insider Canada
News•Feb 4, 2026
Don’t Panic: 0apt’s Listings and Data Leaks Are Fakes — Researchers
Researchers at DataBreach.com have uncovered that the new ransomware‑style group 0apt is not delivering real stolen data. The site lists high‑profile companies, but each download streams infinite random bits generated by /dev/random, producing only white noise. The tactic creates the...
By DataBreaches.net
News•Feb 4, 2026
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google released a Chrome update that patches two high‑severity vulnerabilities, CVE‑2026‑1862 and CVE‑2026‑1861, affecting the V8 engine and libvpx video decoder. The V8 type‑confusion flaw can enable arbitrary code execution, while the libvpx heap overflow may cause crashes or be...
By eSecurity Planet
News•Feb 4, 2026
CISA: VMware ESXi Flaw Now Exploited in Ransomware Attacks
CISA confirmed that ransomware gangs are exploiting a high‑severity VMware ESXi sandbox‑escape flaw, CVE‑2025‑22225, which Broadcom patched in March 2025 alongside two related vulnerabilities. The vulnerability enables an arbitrary kernel write, allowing attackers with privileged VMX process access to break...
By BleepingComputer
News•Feb 4, 2026
'A Bet for the Future of Cybersecurity' – Nord Security Hits 400 Patents as Race for Solutions Against Next-Gen Threats...
Nord Security announced it now holds over 400 patents worldwide, a four‑fold increase since 2023, underscoring a rapid escalation in its R&D efforts. The bulk of the filings target VPN protocols, advanced identity management, machine‑learning threat detection, and quantum‑resistant cryptography....
By TechRadar
News•Feb 4, 2026
ACFW Firewall Test Prologue – Still Failing at the Basics
The forthcoming Advanced Cloud Firewall (ACFW) test reveals that a significant number of cloud firewall vendors are unable to block basic application‑layer attacks such as SQL injection, command injection, SSRF and API abuse, with detection rates often below 20%. While...
By Security Boulevard
News•Feb 4, 2026
Global SystemBC Botnet Found Active Across 10,000 Infected Systems
Silent Push has identified more than 10,000 active SystemBC infections across data‑centre and government servers in the US, Europe and Asia. The multi‑platform proxy malware turns compromised hosts into SOCKS5 relays, a technique frequently observed before ransomware campaigns. A previously unknown...
By Infosecurity Magazine
News•Feb 4, 2026
Significant Ransomware & Firewall Misconfiguration Breach
Marquis, a fintech provider, suffered a ransomware breach traced to misconfigured legacy SonicWall firewalls and exposed backup files. The attackers leveraged publicly accessible configuration data to map the network and deploy ransomware without triggering traditional alerts. The incident highlights how...
By Security Boulevard
News•Feb 4, 2026
When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit
APT28, a Russia‑linked threat group, is exploiting a newly disclosed Microsoft Office zero‑day through crafted Office and RTF documents delivered via phishing emails. The vulnerability enables unauthorized code execution without macros, allowing lightweight loaders to establish command‑and‑control while evading traditional...
By Security Boulevard
News•Feb 4, 2026
Google Ads Adds a Second Set of Eyes for High-Risk Account Changes
Google Ads has introduced multi‑party approval, a security layer that obliges a second administrator to sign off on high‑risk actions such as adding or removing users and changing roles. When an admin initiates such a change, an in‑product request is...
By Search Engine Land
News•Feb 4, 2026
CISA Warns of Five-Year-Old GitLab Flaw Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered all federal agencies to patch the five‑year‑old GitLab SSRF vulnerability (CVE‑2021‑39935) after confirming it is being actively exploited. The flaw, fixed by GitLab in December 2021, allows unauthenticated users to access...
By BleepingComputer
News•Feb 4, 2026
ConnectSecure Introduces Linux Patching Capability to Simplify Cross-Distro Updates
ConnectSecure unveiled a cross‑platform Linux patching capability that consolidates updates for Red Hat, Ubuntu, Debian, and CentOS into a single console. The tool automates kernel and OS patch identification and deployment, cutting manual effort by up to 80 %. It also introduces...
By Help Net Security
News•Feb 4, 2026
The Double-Edged Sword of Non-Human Identities
Flare’s 2025 analysis uncovered more than 10,000 Docker Hub images exposing API keys, cloud tokens, and AI model credentials. The leaks illustrate how non‑human identities—tokens, service accounts, and workload identities—are embedded in containers and can persist for years, as seen...
By BleepingComputer
News•Feb 4, 2026
New Technical Markers Reveal Expanding ShadowSyndicate Cybercriminal Infrastructure
Group‑IB uncovered new technical markers that expand the ShadowSyndicate cybercrime infrastructure, adding two fresh SSH fingerprints and revealing server‑transfer tactics that link dozens of servers to a single operator. The cluster consistently reuses OpenSSH keys and hosts on the same...
By Infosecurity Magazine
News•Feb 4, 2026
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
Chinese‑linked hacking group Mustang Panda launched a covert espionage campaign in late 2025, distributing counterfeit US diplomatic briefings to government officials across Asia and Eastern Europe. The malicious PDFs triggered infection simply by being opened, deploying the PlugX DOPLUGS downloader...
By HackRead
News•Feb 4, 2026
BOXX Unveils Complete Cyber and Tech E&O Coverage
BOXX Insurance launched Tech E&O by BOXX, a comprehensive errors‑and‑omissions policy tailored for technology firms ranging from startups to enterprises. The product combines traditional E&O with integrated cyber coverage, 24/7 incident response, and a risk‑management platform. It introduces novel protections...
By Fintech Global
News•Feb 4, 2026
TP-Link Vulnerabilities Let Hackers Take Full Control of Devices
TP‑Link disclosed nine critical authenticated command‑injection flaws in its Archer BE230 v1.2 router firmware, each assigned a separate CVE and scoring 8.5‑8.6 on the CVSS v4.0 scale. The vulnerabilities affect web, VPN, cloud, and configuration modules, allowing attackers with high‑privilege access to...
By GBHackers On Security
News•Feb 4, 2026
AI Drives Doubling of Phishing Attacks in a Year
Cofense reports that phishing attacks doubled in 2025, with security filters catching one malicious email every 19 seconds, up from one every 42 seconds in 2024. The surge is driven by AI, which threat actors now use as a core...
By Infosecurity Magazine