News•Feb 4, 2026
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
Chinese‑linked hacking group Mustang Panda launched a covert espionage campaign in late 2025, distributing counterfeit US diplomatic briefings to government officials across Asia and Eastern Europe. The malicious PDFs triggered infection simply by being opened, deploying the PlugX DOPLUGS downloader via DLL search‑order hijacking and PowerShell scripts. Researchers at Dream identified the operation in January 2026, noting its reliance on social engineering rather than zero‑day exploits. The campaign aimed at quiet data collection on officials involved in elections and international coordination.
By HackRead
News•Feb 4, 2026
BOXX Unveils Complete Cyber and Tech E&O Coverage
BOXX Insurance launched Tech E&O by BOXX, a comprehensive errors‑and‑omissions policy tailored for technology firms ranging from startups to enterprises. The product combines traditional E&O with integrated cyber coverage, 24/7 incident response, and a risk‑management platform. It introduces novel protections...
By Fintech Global
News•Feb 4, 2026
TP-Link Vulnerabilities Let Hackers Take Full Control of Devices
TP‑Link disclosed nine critical authenticated command‑injection flaws in its Archer BE230 v1.2 router firmware, each assigned a separate CVE and scoring 8.5‑8.6 on the CVSS v4.0 scale. The vulnerabilities affect web, VPN, cloud, and configuration modules, allowing attackers with high‑privilege access to...
By GBHackers On Security
News•Feb 4, 2026
AI Drives Doubling of Phishing Attacks in a Year
Cofense reports that phishing attacks doubled in 2025, with security filters catching one malicious email every 19 seconds, up from one every 42 seconds in 2024. The surge is driven by AI, which threat actors now use as a core...
By Infosecurity Magazine
News•Feb 4, 2026
ID.me Appoints Former State Executive and Government Modernization Leader Mitch Melis as Field CTO, Public Sector
ID.me announced the appointment of Mitch Melis as Field Chief Technology Officer for the public sector. Melis will act as a trusted advisor to government agencies, helping them scale digital identity solutions while meeting compliance and fraud‑prevention requirements. He brings...
By MarTech Series
News•Feb 4, 2026
Why Moltbook Changes the Enterprise Security Conversation
Moltbook is a social platform where AI agents register, read, and post content autonomously, creating a hidden communication channel that bypasses traditional human‑centric security controls. Enterprises can deploy agents that interact with Moltbook long after an initial prompt, exposing data...
By Security Boulevard
News•Feb 4, 2026
Essential Practices for Keeping Business Technology Fully Secure
Businesses face escalating cyber threats, making comprehensive technology security essential. The article outlines a layered strategy that starts with regular risk assessments to pinpoint vulnerabilities and allocate defenses. It emphasizes strong password policies, multi‑factor authentication, and automated software patching as...
By TechBullion
News•Feb 4, 2026
MomentProof Deploys Patented Digital Asset Protection
MomentProof, Inc. has deployed its patented MomentProof Enterprise platform for AXA, enabling cryptographically sealed, AI‑resilient digital assets in the insurer's claims process. The technology certifies images, video, audio and metadata at capture, providing deterministic authenticity verification. AXA reports eliminated probabilistic...
By HackRead
News•Feb 4, 2026
Why Operational Threat Intelligence Needs AI Agents Now, Not Later
Operational threat intelligence is being overwhelmed by noise and slow manual processes, prompting a shift toward AI agents. Gartner highlights that most organizations lack end‑to‑end AI integration across the intelligence lifecycle, with only 43% reporting tangible benefits. AI agents can...
By AI-TechPark
News•Feb 4, 2026
Microsoft Rolls Out Native Sysmon Monitoring in Windows 11
Microsoft has begun rolling out native Sysmon functionality to Windows 11 Insider builds in the Beta and Dev channels. The built‑in service mirrors the popular Sysinternals Sysmon tool, logging process, file and clipboard events to the Windows Event Log. It remains...
By BleepingComputer
News•Feb 4, 2026
Former Nuance Communications Employee Facing More Charges in 2023 Geisinger Data Breach Case
Former Nuance Communications employee Max Vance has been hit with two additional false‑statement counts after a superseding indictment revealed he lied to FBI agents about downloading protected health information. The indictment follows his original charge of unlawfully accessing data belonging...
By DataBreaches.net
News•Feb 4, 2026
Banks Are Not Prepared for the Industrialization of Crypto Theft
Drainer‑as‑a‑Service (DaaS) platforms are industrializing crypto theft, letting low‑skill actors launch high‑value heists at scale. Traditional bank compliance, reliant on static blacklists, cannot keep pace with the real‑time, multi‑domain attacks these services enable. The author urges banks to shift from...
By American Banker Technology
News•Feb 4, 2026
Noah Taps Sumsub for Reusable KYC
Financial infrastructure firm Noah has teamed up with identity‑verification specialist Sumsub to embed a reusable KYC framework across its platform. The integration enables users verified by any of Sumsub’s 4,000+ partner institutions to onboard on Noah‑powered wallets, exchanges and payment...
By Finextra
News•Feb 4, 2026
DMARC Alerts in Slack
EasyDMARC now pushes DMARC and email‑authentication alerts straight into Slack, turning a traditionally passive control into an active operational signal. The integration delivers high‑signal events—such as DNS record changes, authentication‑failure spikes, and policy shifts—complete with domain, severity and rationale, while...
By Security Boulevard
News•Feb 4, 2026
SECNAP CloudJacket MXDR Integrates SOC, SIEM, and NDR
SECNAP Network Security launched CloudJacket MXDR, a managed extended detection and response platform that unifies SOC, SIEM, and NDR functions under a single pane of glass. Built on the patented CloudJacket foundation, the solution adds multi‑tenant capabilities, AI‑augmented analyst workflows,...
By Help Net Security
News•Feb 4, 2026
Interlock Ransomware Exploits Zero-Day in Gaming Anti-Cheat Driver to Disable EDR, AV
Interlock ransomware has added a zero‑day exploit in a gaming anti‑cheat driver (CVE‑2025‑61155) to its arsenal, deploying a signed kernel driver called UpdateCheckerX64.sys. The new BYOVD tool, dubbed Hotta Killer, creates a demand‑start service and uses DeviceIoControl to terminate security...
By GBHackers On Security
News•Feb 4, 2026
AI Bots Are Now a Signifigant Source of Web Traffic
The latest TollBit report, backed by Akamai data, shows AI‑driven scraping bots now account for a sizable share of web traffic, with one out of every 50 visits to monitored sites originating from such bots. AI bots are increasingly ignoring...
By WIRED AI
News•Feb 4, 2026
Supply Chain Attack Exploits Notepad++ Update Mechanism to Push Targeted Malware
A sophisticated supply‑chain attack hijacked Notepad++'s update mechanism after a hosting‑provider breach, remaining active from June 2025 to December 2025. Attackers rotated command‑and‑control servers and deployed three distinct infection chains that delivered Cobalt Strike beacons and a custom Chrysalis backdoor. The...
By GBHackers On Security
News•Feb 4, 2026
Zero Trust in Practice: A Deep Technical Dive Into Going Fully Passwordless in Hybrid Enterprise Environments
Eliminating passwords in hybrid Active Directory and Microsoft Entra ID environments requires a complete redesign of identity architecture, not a simple switch. Success hinges on three prerequisites—cloud Kerberos trust, device registration, and Conditional Access policies—forming a prerequisite triangle. Organizations must...
By CSO Online
News•Feb 4, 2026
The First 90 Seconds: How Early Decisions Shape Incident Response Investigations
Eric Zimmerman of the SANS Institute argues that incident response failures stem more from early‑stage decisions than from tool gaps. He defines the "first 90 seconds" as a repeatable decision window that recurs each time a new system enters scope,...
By The Hacker News
News•Feb 4, 2026
Snyk Unveils the AI Security Fabric
Snyk introduced the AI Security Fabric, a continuous‑defense layer that spans the entire software development lifecycle. The Fabric unifies visibility, prevention, and governance across three vectors: AI‑accelerated DevSecOps, AI‑driven development, and AI‑native software. New data shows that each deployed AI...
By AI-TechPark
News•Feb 4, 2026
OfferUp Scammers Are Out in Force: Here’s What You Should Know
OfferUp, the 15‑year‑old U.S. marketplace that processes more than 30 million transactions each year, is grappling with a surge of fraud schemes. Scammers routinely steer buyers and sellers toward off‑platform payment methods such as Zelle, Venmo, gift‑card codes, or cash‑app transfers,...
By WeLiveSecurity
News•Feb 4, 2026
How Generative AI Is Transforming Fraud Detection in Digital Banking
Generative AI has become central to digital‑banking fraud defenses as AI‑powered scams now account for over half of global fraud incidents. Traditional rule‑based systems struggle with adaptive threats, prompting banks to adopt deep generative models that analyze transaction graphs and...
By Finextra
News•Feb 4, 2026
Avast Brings Deepfake Scam Detection to Windows PCs and Mobile Devices
Avast announced the global rollout of its Scam Guardian and Scam Guardian Pro apps for Android and iOS, and introduced Deepfake Guard for Windows PCs. The new AI‑driven feature scans video audio in real time to detect malicious deepfake content, supporting...
By Help Net Security
News•Feb 4, 2026
Hackers Exfiltrate NTDS.dit File, Gain Full Control of Active Directory Environments
Threat actors are increasingly targeting the NTDS.dit database, the core repository of Active Directory credentials and configuration, to gain unrestricted domain access. By creating Volume Shadow Copies and leveraging native tools such as ntdsutil, SecretsDump, and Mimikatz, attackers can extract...
By GBHackers On Security
News•Feb 4, 2026
Darwinium Tackles the Agentic AI Fraud Era With Strategic GTM Acceleration
Darwinium announced an accelerated go‑to‑market push in North America, appointing Michael Rodriguez as Global Head of GTM and adding senior hires Donnie Gates and Melissa Griffin. The new team will help fintechs, banks and eCommerce merchants combat “agentic AI” fraud...
By AI-TechPark
News•Feb 4, 2026
Horizon3.ai Strengthens Global Partner Team for Faster Growth
Horizon3.ai announced a major expansion of its global partner leadership, appointing Tim Mackie as Global Vice President of Worldwide Channels and highlighting Marc Inderhees on CRN’s 2026 Channel Chiefs list. The moves are designed to accelerate MSP‑ and partner‑led growth...
By AI-TechPark
News•Feb 4, 2026
OutSystems Achieves FedRAMP Authorization
OutSystems announced it has earned Federal Risk and Authorization Management Program (FedRAMP) authorization, allowing its low‑code development platform to be used by U.S. federal agencies. The certification, achieved in partnership with cloud provider Knox, confirms that the platform meets stringent...
By AI-TechPark
News•Feb 4, 2026
Rebrand Cybersecurity From “Dr. No” To “Let’s Go”
The article urges a cultural shift in cybersecurity, moving from a restrictive "Dr. No" stance to an enabling "Let's Go" approach. It highlights Cross Domain Solutions (CDS) as a hidden but critical technology that securely transfers and accesses data across...
By Security Boulevard
News•Feb 4, 2026
Mountain View Shuts Down Flock Safety ALPR Cameras After Year-Long Unrestricted Data Access
Mountain View police chief Mike Canfield ordered an immediate shutdown of the city’s Flock Safety automated license‑plate reader (ALPR) system after discovering that hundreds of unauthorized law‑enforcement agencies had been able to query the data for more than a year....
By The Cyber Express
News•Feb 4, 2026
Building a Zero-Trust Framework for Cloud Banking
Financial institutions are moving beyond perimeter‑based defenses by adopting zero‑trust frameworks that continuously validate identities, devices, and services across multi‑cloud environments. The approach combines identity‑first security, micro‑segmentation, and AI‑driven risk analytics to meet stringent regulations such as PCI DSS, DORA, GDPR,...
By Security Boulevard
News•Feb 4, 2026
Detectify Internal Scanning Finds and Fixes Vulnerabilities Behind the Firewall
Detectify introduced Internal Scanning, a tool that extends its external‑facing crawling and fuzzing engine into private networks, enabling security teams to locate and fix vulnerabilities behind the firewall with the same speed as external tests. The solution deploys via a...
By Help Net Security
News•Feb 4, 2026
CYGNVS Launches AI Model for Cyber Readiness and Response
CYGNVS unveiled a purpose-built AI model for cyber readiness and incident response, trained on more than 20,000 real-world cyber incidents and outages. The model leverages proprietary data from Marsh, the leading cyber insurance broker, without exposing any client‑specific information. By...
By AI-TechPark
News•Feb 4, 2026
Lakelands Public Health Confirms Cyberattack, Says Sensitive Data Unaffected
On Jan 29, 2026, Lakelands Public Health confirmed a cyberattack that disrupted internal systems but left sensitive health records untouched. The agency activated its incident‑response plan, isolated affected assets, and hired a leading cybersecurity firm to investigate and restore services....
By The Cyber Express
News•Feb 4, 2026
Fasoo Advances Personal Data Protection with AI-Powered Detection and Encryption
Fasoo unveiled an AI‑driven personal data protection suite combining Fasoo Data Radar and Fasoo AI‑R Privacy. The solution moves beyond keyword scans, using context‑aware models to detect PII across unstructured formats with fewer false positives. Detected data is automatically encrypted,...
By MarTech Series
News•Feb 4, 2026
Jennifer Duman of Skyhawk Security Named a 2026 CRN® Channel Chief
Skyhawk Security announced that Channel Director Jennifer Duman has been named a 2026 CRN® Channel Chief. Duman, who joined Skyhawk in 2025, has transformed the company’s channel‑first go‑to‑market model by automating onboarding and opportunity management. Under her guidance, Skyhawk’s partner...
By AI-TechPark
News•Feb 4, 2026
Mitiga Reports Exceptional Growth as Enterprises Embrace Real-Time Cloud Detection and Response
Mitiga, the zero‑impact cloud detection and response leader, announced a 234% year‑over‑year sales surge in 2025 and rapid expansion following its Series B round led by SYN Ventures. The company doubled its workforce, launched a 25‑member CISO advisory board, and...
By AiThority
News•Feb 4, 2026
Tencent Cloud EdgeOne Launches Free AI Crawler Control: Empowering Developers to Reclaim Content Sovereignty
Tencent Cloud EdgeOne has rolled out its Basic Bot Management suite to all users, including those on the free tier, introducing AI Crawler Control and a CAPTCHA Page. The AI Crawler Control leverages continuous User‑Agent recognition to detect and act...
By MarTech Series
News•Feb 4, 2026
Privilege Disruption: The Key Choke Point for Cyber Deterrence
The article argues that privilege disruption is the critical choke point for effective cyber deterrence under the new 2026 White House Cyber Strategy. By denying and containing privileged access early, defenders shift the attacker’s risk‑benefit calculus, preventing initial footholds from...
By Security Magazine (Cybersecurity)
News•Feb 4, 2026
E-Commerce Fraud Set to More Than Double to $131 Billion by 2030
Juniper Research projects global e‑commerce fraud to surge from $56 billion in 2025 to $131 billion by 2030, a 133 % increase. The spike is largely driven by "friendly fraud," which now accounts for the majority of chargeback disputes. Existing merchant defenses are...
By PaySpace Magazine
News•Feb 4, 2026
Foxit Releases Security Updates for PDF Editor Cloud XSS Vulnerabilities
Foxit Software released security updates on February 3 2026 that remediate two moderate‑severity cross‑site scripting (XSS) vulnerabilities (CVE‑2026‑1591, CVE‑2026‑1592) in Foxit PDF Editor Cloud, and a related XSS flaw (CVE‑2025‑66523) in Foxit eSign patched on January 15 2026. The flaws allowed crafted file attachment...
By The Cyber Express
News•Feb 4, 2026
Global Threat Map: Open-Source Real-Time Situational Awareness Platform
Global Threat Map is an open‑source platform that aggregates multiple public threat‑intelligence feeds into a live, animated world map showing malware, phishing, botnet and other malicious activity. The project publishes its data‑collection code on GitHub, offering full transparency of sources...
By Help Net Security
News•Feb 4, 2026
How Secure by Design Helps Developers Build Secure Software
The Center for Internet Security and SAFECode have published "Secure by Design: A Guide to Assessing Software Security Practices," a risk‑based manual that integrates security into every stage of the software development lifecycle. The guide aligns the NIST Secure Software...
By Help Net Security
News•Feb 4, 2026
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
One Identity announced the appointment of Gihan Munasinghe as Chief Technology Officer. Munasinghe brings more than 15 years of experience leading global engineering organizations and modernising legacy platforms. He will steer the engineering team, accelerate the company’s SaaS delivery model...
By HackRead
News•Feb 4, 2026
Why Incident Response Breaks Down when It Matters Most
In a Help Net Security video, Jon David, Managing Director at NR Labs, explains why incident response often collapses during active breaches. He highlights that hesitation, poor escalation, and weak communication let attackers outpace defenders. The discussion emphasizes that trust,...
By Help Net Security
News•Feb 4, 2026
BGEANX and Scam: How Impersonation Confuses Crypto Users
Impersonators are hijacking the BGEANX brand to create fake platforms and phishing campaigns, misleading crypto users who mistake these copies for the legitimate service. The fraudulent sites copy visual elements, request private keys, and use urgency to exploit market emotions....
By TechBullion
News•Feb 4, 2026
Why Network Detection and Response Is the Missing Link in Financial Services Security
Financial services firms boast mature security stacks, yet breaches persist because attackers exploit blind spots in network visibility. Traditional defenses—firewalls, endpoint tools, and SIEMs—focus on perimeter and device events, missing lateral movement and encrypted traffic anomalies. Network Detection and Response...
By TechBullion
News•Feb 4, 2026
Auto Finance Fraud Is Costing Dealers up to $20,000 per Incident
Auto dealers are facing a growing fraud problem that can cost up to $20,000 per incident, according to Experian research. The most common schemes involve income and employment misrepresentation, followed closely by synthetic and third‑party identity fraud. Fraud often surfaces...
By Help Net Security
News•Feb 4, 2026
Stablecoin ‘Dust’ Txs on Ethereum Triple Post-Fusaka: Coin Metrics
Coin Metrics reports that stablecoin dusting attacks now make up 11% of Ethereum transactions and 26% of active addresses, a sharp rise after the December Fusaka upgrade lowered gas costs. Daily transaction volume has surpassed 2 million, peaking near 2.9 million in...
By Cointelegraph
News•Feb 4, 2026
AU10TIX, Microsoft Partnership Reduces Reduces Fake Account Openings By 90%
AU10TIX and Microsoft unveiled OneVet, a joint solution that blends Azure Verifiable Credentials with AU10TIX’s AI‑driven identity intelligence. The platform automates partner account validation, delivering a 90% drop in fake account openings and cutting impersonation attempts. By issuing reusable, cryptographically...
By Crowdfund Insider