News•Feb 3, 2026
Xeris Revolutionizes AI Agentic Cybersecurity With Patent Pending Super AI Agent Technology
Xeris unveiled a patent‑pending Super AI Agent platform designed to secure autonomous AI agents, multi‑cloud pipelines (MCP) and self‑evolving AI systems in enterprises. The technology acts as an autonomous supervisory AI that continuously observes, understands, and enforces policies on other AI agents in real time, replacing static rule‑based defenses. By providing deterministic control in inherently non‑deterministic environments, Xeris aims to close the visibility gap created by the rapid adoption of agentic AI. The solution promises low‑latency, scalable protection across the entire AI ecosystem.
By AiThority
News•Feb 3, 2026
Download: Tines Voice of Security 2026 Report
Tines has released its Voice of Security 2026 report, based on a survey of more than 1,800 security leaders and practitioners worldwide. The study reveals that while AI adoption is accelerating across security teams, manual work, rising workloads and burnout remain...
By Help Net Security
News•Feb 3, 2026
Spanish Red Cross Launches Privacy-First Blockchain Aid Platform
The Spanish Red Cross has launched RedChain, a blockchain‑based platform that issues ERC‑20 aid credits on Ethereum and tracks donations in real time. Beneficiary personal data remains off‑chain, while cryptographic hashes on the public ledger provide verifiable proof of disbursement....
By Cointelegraph
News•Feb 3, 2026
Critical React Native Vulnerability Exploited in the Wild
A critical‑severity flaw (CVE‑2025‑11953, CVSS 9.8) in the React Native Community CLI’s Metro bundler has been actively exploited since late December. The vulnerability allows unauthenticated remote OS command execution via simple POST requests to development servers that bind to external interfaces....
By SecurityWeek
News•Feb 3, 2026
Researchers Warn of New “Vect” RaaS Variant
Researchers have identified a new ransomware‑as‑a‑service (RaaS) group called Vect, which has already hit organizations in Brazil and South Africa. The group markets a custom‑built C++ ransomware that uses ChaCha20‑Poly1305 encryption, claiming speeds 2.5 times faster than AES‑256‑GCM. Vect advertises...
By Infosecurity Magazine
News•Feb 3, 2026
Hackers Exploit Critical React Native Metro Bug to Breach Dev Systems
Hackers are exploiting the critical CVE‑2025‑11953 flaw in the React Native Metro bundler to gain unauthenticated command execution on development machines. The vulnerability resides in the /open‑url HTTP endpoint, which accepts unsanitized POST data and can run arbitrary OS commands...
By BleepingComputer
News•Feb 3, 2026
ShareVault Achieves ISO 42001 Certification, Setting a New Global Standard for Responsible AI in Virtual Data Rooms
ShareVault announced it has earned ISO/IEC 42001:2023 certification, the first international standard for responsible AI management systems. The certification covers all AI‑powered capabilities in its virtual data room platform, including OCR, AI redaction, document chat, and automated translation, and validates...
By AiThority
News•Feb 3, 2026
India’s Supreme Court to WhatsApp: ‘You Cannot Play with the Right to Privacy’
India’s Supreme Court delivered a stern rebuke to Meta, warning it cannot compromise Indian users’ right to privacy. The court questioned how WhatsApp, with over 500 million Indian users, obtains meaningful consent for data‑sharing and monetization of metadata. A ₹2.13 billion penalty...
By TechCrunch Apps
News•Feb 3, 2026
Everest Ransomware Claims 90GB Data Theft Involving Legacy Polycom Systems
The Everest ransomware group alleges it stole roughly 90 GB of data from legacy Polycom engineering environments, which were acquired by HP in 2022 and now operate under the HP Poly brand. Screenshots released by the gang show file directories, source‑code trees...
By HackRead
News•Feb 3, 2026
Sandisk Brings SPRandom to Open Source for Large SSD Testing
SanDisk unveiled SPRandom, an open‑source preconditioning utility for large‑capacity enterprise SSDs. The tool, contributed to the fio benchmark suite, can shrink the time required to bring a 128 TB drive to steady state from over 144 hours to roughly six hours—a reduction...
By Help Net Security
News•Feb 3, 2026
RapidFort Raises $42M to Push Continuous Remediation for Software Supply Chain Security
RapidFort Inc. announced a $42 million Series A round to accelerate its continuous remediation platform for software supply chain security. The funding, led by Blue Cloud Ventures and Forgepoint Capital, will expand go‑to‑market efforts, enhance automated container hardening, and deepen adoption in...
By SiliconANGLE
News•Feb 3, 2026
Kasada Raises US$20M in Funding
Kasada, a New York cybersecurity startup, raised $20 million in a funding round led by EQT and backed by existing investors including Ten Eleven Ventures and Main Sequence Ventures. The capital will fund product scaling, cloud infrastructure expansion, and entry into...
By FinSMEs
News•Feb 3, 2026
How Data Brokers Can Fuel Violence Against Public Servants
A new Public Service Alliance report finds that state consumer‑privacy statutes fail to shield public employees from data‑broker exploitation, creating a "data‑to‑violence pipeline." The analysis of 19 laws shows no right for officials to compel redaction of personal details from...
By WIRED (Security)
News•Feb 3, 2026
When Cloud Outages Ripple Across the Internet
Recent high‑profile outages at AWS, Azure and Cloudflare have shown that cloud failures ripple far beyond compute, crippling the identity layer that underpins authentication and authorization. When shared services such as DNS, load balancers or managed databases go down, even...
By The Hacker News
News•Feb 3, 2026
Jan Recap: New AWS Privileged Permissions and Services
In January 2026 AWS introduced a suite of privileged permissions focused on networking, traffic control, and collaboration services. New actions for Network Firewall, Route 53 Global Resolver, EC2 VPC encryption controls, and Clean Rooms enable administrators to modify routing, firewall rules, and cross‑account...
By Security Boulevard
News•Feb 3, 2026
Self-Healing AI for Security as Code: A Deep Dive Into Autonomy and Reliability
Self‑healing AI is reshaping cybersecurity by automatically detecting and fixing vulnerabilities within DevSecOps pipelines. Microsoft’s large‑scale deployments illustrate how autonomous, AI‑powered “immune systems” can protect millions of users in real time. The article stresses that pure automation risks over‑reliance, so...
By Security Boulevard
News•Feb 3, 2026
Chollima APT Hackers Weaponize LNK Files to Deploy Sophisticated Malware
In March 2025, North Korean‑linked APT37 (Ricochet Chollima) launched “Operation: ToyBox Story,” a spear‑phishing campaign targeting activists focused on North Korean affairs. The emails delivered Dropbox links to ZIP archives containing malicious LNK shortcut files that execute hidden PowerShell commands, creating...
By GBHackers On Security
News•Feb 3, 2026
SimSpace Unveils Major Upgrades to Its AI-Empowered Cyber Range Platform
SimSpace launched an Early Access Program for its upgraded AI‑empowered cyber range platform, aiming to close the training‑testing gap for cybersecurity teams. The new platform combines AI‑assisted self‑service range design, a visual workbench, comprehensive security benchmarking, and API‑first integration capabilities....
By AI-TechPark
News•Feb 3, 2026
Lt Gen (Dr) Rajesh Pant to Lead Webinar on AI-Driven Cyber Threats — Register Free Now
Cyble and The Cyber Express are hosting a free Zoom webinar on Feb 24, 2026 titled “AI, Ransomware & Hacktivism: The Cyber Risk Shift Most Leaders Are Failing to See.” The session will be led by Lt Gen (Dr) Rajesh...
By The Cyber Express
News•Feb 3, 2026
Shai-Hulud & Co.: The Software Supply Chain as Achilles’ Heel
Supply‑chain attacks have evolved from passive typosquatting to active worms, exemplified by the Shai‑Hulud malware. Shai‑Hulud steals developer credentials, republishes infected npm packages, and can trigger a dead‑man switch that erases evidence. The worm’s ability to move across languages and...
By CSO Online
News•Feb 3, 2026
Malicious Google Play App With 50K+ Downloads Spreads Anatsa Banking Trojan
A malicious Android app posing as a document reader amassed over 50,000 downloads on Google Play before being removed. The app functioned as a dropper for the Anatsa banking trojan, which can harvest credentials and execute unauthorized transactions. ThreatLabz identified...
By GBHackers On Security
News•Feb 3, 2026
Berchem School Hit by Cyberattack as Hackers Target Parents With €50 Ransom Demand
A ransomware group breached the servers of secondary school Onze‑Lieve‑Vrouwinstituut Pulhof in Berchem, forcing a shutdown of internal systems. The school refused to pay the initial ransom and the attackers escalated by demanding €50 per child from parents, threatening to...
By The Cyber Express
News•Feb 3, 2026
Q&A with Ashley Burkle, Director of Business Development at Identiv
In a February 2026 interview, Ashley Burkle, Director of Business Development at Identiv, outlined the company’s push to embed secure digital identities into consumer packaging through NFC, BLE and UHF RFID technologies. Identiv’s solutions turn everyday products into connected data sources,...
By The Retail Bulletin
News•Feb 3, 2026
Why Identity Threat Detection & Response Matters in 2026?
Identity Threat Detection & Response (ITDR) has become a core security pillar in 2026 as enterprises shift to cloud, remote work, and SaaS ecosystems, making compromised credentials the primary breach vector. Traditional defenses miss malicious activity that occurs after successful...
By Security Boulevard
News•Feb 3, 2026
Leveraging ISACA for Your CMMC Career
The Cybersecurity Maturity Model Certification (CMMC) is becoming the mandatory standard for Department of Defense contractors to demonstrate protection of Federal Contract Information and Controlled Unclassified Information. CMMC 2.0 streamlines requirements into three levels, with Level 1 covering basic cyber hygiene,...
By Security Magazine (Cybersecurity)
News•Feb 3, 2026
Notepad++ Attack Breakdown Reveals Sophisticated Malware and Actionable IoCs
The Chinese APT group Lotus Blossom has been linked to a sophisticated supply‑chain attack on the Notepad++ distribution platform. Attackers delivered a custom backdoor dubbed Chrysalis via a malicious NSIS‑based update.exe that sideloaded a forged Bitdefender Submission Wizard DLL into...
By GBHackers On Security
News•Feb 2, 2026
What Verified Breach Data Changes About Exposure Monitoring
Exposure monitoring relies on unverified breach feeds, leading to duplicate, fabricated, and stale alerts. Without validation, teams waste time triaging false positives and lose confidence in their programs. Verified breach data, as offered by Constella, provides source confirmation, de‑duplication, timestamps...
By Security Boulevard
News•Feb 2, 2026
NDSS 2025 – VeriBin: Adaptive Verification Of Patches At The Binary Level
VeriBin is a novel system that automatically verifies whether a binary‑level patch is safe to apply by checking functional equivalence between the original and patched executables. It leverages symbolic execution to isolate patch‑introduced changes and validates them against properties that...
By Security Boulevard
News•Feb 2, 2026
The Cost of Poor Cloud Resilience Is Often Paid in Ransom, Rubrik Warns
Rubrik warned that inadequate cloud resilience is turning ransomware attacks into costly ransom payments. The company showcased a tabletop exercise, “Zero Hour Horizon Retail,” which simulated a breach that escalated because backups were compromised and identity misconfigurations granted attackers full...
By SiliconANGLE
News•Feb 2, 2026
NjRAT Runs MassLogger
The long‑standing njRAT remote‑access trojan was observed delivering the credential‑stealing malware MassLogger via its C2 traffic. Using NetworkMiner Professional, analysts decoded PCAP data, extracting screenshots, command parameters and gzip‑compressed executables. The “CloudServices.exe” payload, identified as MassLogger, exfiltrates credentials by emailing...
By Security Boulevard
News•Feb 2, 2026
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi‑stage phishing campaign is targeting business users by sending clean‑looking procurement emails that contain PDFs with hidden clickable buttons. The PDFs exploit AcroForms and FlateDecode to redirect victims to a second file hosted on legitimate Vercel Blob storage, bypassing...
By HackRead
News•Feb 2, 2026
Top Cybersecurity Companies
Cybersecurity vendors are shifting from point products to AI‑driven unified platforms that combine SIEM, XDR, SOAR and threat intelligence. Companies like Seceon illustrate this trend by offering a fully integrated, machine‑learning‑based solution that scales across cloud, on‑prem and MSSP environments....
By Security Boulevard
News•Feb 2, 2026
Notepad++ Says Chinese Government Hackers Hijacked Its Software Updates for Months
The Notepad++ developer confirmed that state‑linked Chinese hackers hijacked the editor’s update mechanism from June to December 2025, delivering malicious payloads to a limited set of users. The attackers exploited a vulnerability on a shared‑hosting server to redirect update requests...
By TechCrunch (Cybersecurity)
News•Feb 2, 2026
Mozilla Announces Switch to Disable All Firefox AI Features
Mozilla announced that Firefox 148, releasing on February 24, will include a global “Block AI enhancements” toggle, letting users disable all generative AI features or manage them individually. The AI controls panel covers five specific tools—browser translations, PDF alt‑text generation, AI‑enhanced tab...
By BleepingComputer
News•Feb 2, 2026
How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization
Between Jan 8‑13 2026 a global sports organization faced a coordinated ticket‑scalping attack that generated over 16 million malicious requests from 3.9 million unique IPs. DataDome’s Galileo Threat Research team identified the threat in real time and deployed AI‑driven detection that blocked every request...
By Security Boulevard
News•Feb 2, 2026
Microsoft: January Update Shutdown Bug Affects More Windows PCs
Microsoft confirmed that a shutdown bug introduced by the January 15 cumulative update affects Windows 11 23H2 devices with System Guard Secure Launch and extends to Windows 10 22H2, Enterprise LTSC 2021 and 2019 when Virtual Secure Mode (VSM) is enabled. Emergency...
By BleepingComputer
News•Feb 2, 2026
Outtake Closes $40M Series B Led by ICONIQ to Build the Unified Platform for Digital Trust in the AI Era
Outtake announced a $40 million Series B round led by ICONIQ, with participation from CRV, S32 and a slate of high‑profile tech executives. The funding will accelerate its unified digital‑trust platform that protects enterprises from AI‑driven impersonation and identity abuse. Outtake reported...
By The AI Insider
News•Feb 2, 2026
CTM360 Report Warns of Global Surge in Fake High-Yield Investment Scams
CTM360’s new report reveals a sharp global rise in fraudulent high‑yield investment programs, or HYIPs, promising unrealistic returns such as 40 % in 72 hours. Over 4,200 scam sites were cataloged in the past year, with December 2025 alone seeing 485 incidents—about 15...
By BleepingComputer
News•Feb 2, 2026
Ransomware Attack Compromised 377,000 People’s Social Security and Driver’s License Numbers From Texas Gas Station and Convenience Store Chain
A ransomware group infiltrated Gulshan Management Services, the operator of about 150 Handi Plus and Handi Stop gas stations across Texas, exposing personal data of 377,082 individuals. The attackers accessed the network through a phishing email and remained undetected for several days,...
By DataBreaches.net
News•Feb 2, 2026
Crypto Crime Is Getting Violent: ‘Wrench Attacks’ Jumped 75% in 2026
Crypto‑related “wrench attacks” surged 75 % in 2026, reaching 72 confirmed incidents worldwide, while physical assaults tied to cryptocurrency theft rose 250 %. Europe now accounts for over 40 % of these violent crimes, with France leading at 19 reported cases—more than double...
By CoinDesk
News•Feb 2, 2026
Malwarebytes in ChatGPT Delivers AI-Powered Protection Against Scams
Malwarebytes has launched Malwarebytes in ChatGPT, embedding its threat‑intelligence engine into OpenAI’s chatbot to let users instantly assess scams, phishing links, and suspicious domains. The service draws on a continuously updated database that protects millions of devices, offering point‑by‑point analysis...
By Help Net Security
News•Feb 2, 2026
Panera Bread Breach Impacts 5.1 Million Accounts, Not 14 Million Customers
A recent data breach at Panera Bread compromised roughly 5.1 million unique user accounts, far fewer than the 14 million records initially reported. The breach was carried out by the ShinyHunters extortion gang, which accessed Panera's systems through a Microsoft Entra single...
By BleepingComputer
News•Feb 2, 2026
Blockchain Security Firm CertiK Remains Focused on Enhancing Web3 Infrastructure
CertiK, a blockchain security leader valued at over $2 billion, is positioning itself as the trust backbone for the rapidly maturing Web3 ecosystem. Highlighted at the 2026 World Economic Forum, the firm is adopting public‑company practices to boost accountability and durability....
By Crowdfund Insider
News•Feb 2, 2026
2025 - The Year of Quantum
Quantum computing is moving from theoretical research to commercial opportunity, with startups already delivering products in cybersecurity, networking, middleware, and sensing. Andy Leaver of Notion Capital argues that waiting for fault‑tolerant, cryptography‑breaking machines is unnecessary; viable markets exist today. He...
By Notion Capital
News•Feb 2, 2026
Commvault Pitches Geo Shield for Sovereign Data Protection
Commvault has launched Geo Shield, a sovereign‑data protection suite that lets enterprises dictate where data resides, who controls access, and who holds encryption keys. The offering spans four deployment models—from local hyperscaler SaaS to private sovereign clouds—supporting both BYOK and HYOK...
By Blocks & Files
News•Feb 2, 2026
Iconics SCADA Vulnerability Can Render Systems Unbootable
A newly disclosed flaw (CVE‑2025‑0921) in Iconics Suite’s Pager Agent lets a non‑admin attacker manipulate file‑system permissions to overwrite critical Windows driver files. By redirecting log output via symbolic links, the exploit can corrupt the cng.sys driver, causing the system...
By eSecurity Planet
News•Feb 2, 2026
Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links
A Chrome extension called Amazon Ads Blocker, marketed as an ad‑hider, was found to silently replace creator affiliate tags on Amazon product links with its own identifier (10xprofit‑20). Socket researchers discovered the extension injects the tag on page load and...
By eSecurity Planet
News•Feb 2, 2026
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russian‑linked group Fancy Bear leveraged the high‑severity CVE‑2026‑21509 Office flaw days after Microsoft disclosed it, targeting Ukrainian ministries and EU bodies. The malicious Word document triggered a WebDAV call that installed a DLL via COM hijacking, ultimately launching the Covenant...
By Infosecurity Magazine
News•Feb 2, 2026
Span Cyber Security Arena 2026: Only 10 Days Left to Secure Early Bird Tickets
Span Cyber Security Arena 2026 will be held May 20‑22 in Poreč, Croatia, at the five‑star Pical Resort. The event features three days of conference sessions plus two pre‑conference masterclasses on May 18‑19 for engineers, architects, and consultants. Keynote speakers include...
By Help Net Security
News•Feb 2, 2026
This Stealthy Windows RAT Holds Live Conversations with Its Operators
Point Wild researchers uncovered a new Windows campaign deploying the Pulsar RAT, a .NET‑based remote access trojan that lives entirely in memory. The infection chain starts with a per‑user Registry Run key that launches a PowerShell loader, which decodes Donut‑generated...
By CSO Online