News•Feb 2, 2026
Crypto Crime Is Getting Violent: ‘Wrench Attacks’ Jumped 75% in 2026
Crypto‑related “wrench attacks” surged 75 % in 2026, reaching 72 confirmed incidents worldwide, while physical assaults tied to cryptocurrency theft rose 250 %. Europe now accounts for over 40 % of these violent crimes, with France leading at 19 reported cases—more than double the United States. Organized‑crime groups are targeting known holders through home invasions, kidnappings, and honey‑pot romance scams. Insurers like Lloyd’s of London have begun offering coverage for such attacks, signaling a shift in risk management.
By CoinDesk
News•Feb 2, 2026
Malwarebytes in ChatGPT Delivers AI-Powered Protection Against Scams
Malwarebytes has launched Malwarebytes in ChatGPT, embedding its threat‑intelligence engine into OpenAI’s chatbot to let users instantly assess scams, phishing links, and suspicious domains. The service draws on a continuously updated database that protects millions of devices, offering point‑by‑point analysis...
By Help Net Security
News•Feb 2, 2026
Panera Bread Breach Impacts 5.1 Million Accounts, Not 14 Million Customers
A recent data breach at Panera Bread compromised roughly 5.1 million unique user accounts, far fewer than the 14 million records initially reported. The breach was carried out by the ShinyHunters extortion gang, which accessed Panera's systems through a Microsoft Entra single...
By BleepingComputer
News•Feb 2, 2026
Blockchain Security Firm CertiK Remains Focused on Enhancing Web3 Infrastructure
CertiK, a blockchain security leader valued at over $2 billion, is positioning itself as the trust backbone for the rapidly maturing Web3 ecosystem. Highlighted at the 2026 World Economic Forum, the firm is adopting public‑company practices to boost accountability and durability....
By Crowdfund Insider
News•Feb 2, 2026
2025 - The Year of Quantum
Quantum computing is moving from theoretical research to commercial opportunity, with startups already delivering products in cybersecurity, networking, middleware, and sensing. Andy Leaver of Notion Capital argues that waiting for fault‑tolerant, cryptography‑breaking machines is unnecessary; viable markets exist today. He...
By Notion Capital
News•Feb 2, 2026
Commvault Pitches Geo Shield for Sovereign Data Protection
Commvault has launched Geo Shield, a sovereign‑data protection suite that lets enterprises dictate where data resides, who controls access, and who holds encryption keys. The offering spans four deployment models—from local hyperscaler SaaS to private sovereign clouds—supporting both BYOK and HYOK...
By Blocks & Files
News•Feb 2, 2026
Iconics SCADA Vulnerability Can Render Systems Unbootable
A newly disclosed flaw (CVE‑2025‑0921) in Iconics Suite’s Pager Agent lets a non‑admin attacker manipulate file‑system permissions to overwrite critical Windows driver files. By redirecting log output via symbolic links, the exploit can corrupt the cng.sys driver, causing the system...
By eSecurity Planet
News•Feb 2, 2026
Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links
A Chrome extension called Amazon Ads Blocker, marketed as an ad‑hider, was found to silently replace creator affiliate tags on Amazon product links with its own identifier (10xprofit‑20). Socket researchers discovered the extension injects the tag on page load and...
By eSecurity Planet
News•Feb 2, 2026
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russian‑linked group Fancy Bear leveraged the high‑severity CVE‑2026‑21509 Office flaw days after Microsoft disclosed it, targeting Ukrainian ministries and EU bodies. The malicious Word document triggered a WebDAV call that installed a DLL via COM hijacking, ultimately launching the Covenant...
By Infosecurity Magazine
News•Feb 2, 2026
Span Cyber Security Arena 2026: Only 10 Days Left to Secure Early Bird Tickets
Span Cyber Security Arena 2026 will be held May 20‑22 in Poreč, Croatia, at the five‑star Pical Resort. The event features three days of conference sessions plus two pre‑conference masterclasses on May 18‑19 for engineers, architects, and consultants. Keynote speakers include...
By Help Net Security
News•Feb 2, 2026
This Stealthy Windows RAT Holds Live Conversations with Its Operators
Point Wild researchers uncovered a new Windows campaign deploying the Pulsar RAT, a .NET‑based remote access trojan that lives entirely in memory. The infection chain starts with a per‑user Registry Run key that launches a PowerShell loader, which decodes Donut‑generated...
By CSO Online
News•Feb 2, 2026
Shift Left Is Dead for Cloud PAM
In this episode, Cole Horsman, Field CTO at Sonrai Security, recounts his three‑year journey trying to apply shift‑left and just‑in‑time (JIT) models to cloud identity, ultimately concluding that both approaches failed because they target the wrong layer. He explains how...
By Security Boulevard
News•Feb 2, 2026
Threats: Results of a Pilot Survey on Threats, and a New Category on DataBreaches.net
A pilot survey of 112 security researchers and journalists was conducted from December 20 2025 to January 18 2026 to gauge legal and criminal threats they face. The study reveals that many respondents encounter litigation warnings, criminal investigations, and intimidation from cyber‑criminals. Findings are...
By DataBreaches.net
News•Feb 2, 2026
Securing the Mid-Market Across the Complete Threat Lifecycle
Mid‑market firms face tight budgets and lean security teams, making traditional, siloed tools costly and inefficient. The article advocates a full‑lifecycle approach—prevention, protection, detection, and response—delivered through integrated platforms such as Bitdefender GravityZone. By unifying endpoint, cloud, identity, and network...
By The Hacker News
News•Feb 2, 2026
Microsoft Fixes Bug Causing Password Sign-In Option to Disappear
Microsoft has resolved a lock‑screen bug that hid the password sign‑in icon after Windows 11 updates released since August 2025. The issue primarily affected users with multiple authentication methods and was linked to the KB5064081 preview update and subsequent 24H2/25H2 builds. Microsoft...
By BleepingComputer
News•Feb 2, 2026
Is Data Center Colocation Secure? What CIOs and CISOs Need to Know
Colocation is emerging as a pragmatic alternative to building private data centers, offering enterprises robust physical safeguards while offloading power and cooling overhead. Providers secure the facility with layered access controls, surveillance, and environmental protections, but customers retain responsibility for...
By Security Boulevard
News•Feb 2, 2026
Britain and Japan Join Forces on Cybersecurity and Strategic Minerals
Britain and Japan announced a new cyber strategic partnership during Prime Minister Keir Starmer's Tokyo visit, following his stop in Beijing. The agreement pairs cybersecurity cooperation with joint efforts to secure critical mineral supply chains essential for advanced manufacturing and...
By The Cyber Express
News•Feb 2, 2026
NationStates Confirms Data Breach, Shuts Down Game Site
NationStates, a browser‑based government simulation game, confirmed a data breach after a player exploited a critical Remote Code Execution flaw in its new Dispatch Search feature. The attacker accessed production servers, copying email addresses, MD5‑hashed passwords, IP logs, and possibly...
By BleepingComputer
News•Feb 2, 2026
A Slippery Slope: Beware of Winter Olympics Scams and Other Cyberthreats
Cybercriminals are gearing up for the Milano‑Cortina 2026 Winter Olympics, exploiting the event’s global visibility with a surge of phishing, fake ticket sites, malicious streaming platforms, and counterfeit apps. Past Games have seen state‑aligned actors deploy wiper malware and hacktivists...
By WeLiveSecurity
News•Feb 2, 2026
BreachForums Breach Exposes Names of 324K Cybercriminals, Upends the Threat Intel Game
The episode examines the recent breach of the BreachForums marketplace, which exposed the real identities, emails, IPs, and registration data of roughly 324,000 cyber‑criminals. Experts from Keeper Security, ColorTokens, and Fenix24 explain how the leak provides a rare intelligence goldmine,...
By Security Boulevard
News•Feb 2, 2026
Flaw in Broadcom Wi-Fi Chipsets Illuminates Importance of Wireless Dependability and Business Continuity
The episode examines a critical vulnerability in Broadcom Wi‑Fi chipsets that lets an attacker disrupt 5 GHz networks with a single unauthenticated frame, forcing a router reboot and potentially enabling evil‑twin phishing attacks. Experts from Black Duck, BeyondTrust, Qualys, and Cequence...
By Security Boulevard
News•Feb 2, 2026
ACTFORE Secures Patent for Template Identification and Matching Technology
ACTFORE announced the USPTO has granted its second patent for a Template Identification and Matching technology that fingerprints documents at the pixel level. The solution converts each page into image‑based signatures, enabling detection of structural similarities across massive, unstructured breach...
By AI-TechPark
News•Feb 2, 2026
StrongestLayer: Top ‘Trusted’ Platforms Are Key Attack Surfaces
In this episode Adrian Bridgwater discusses StrongestLayer’s new threat‑intelligence report, which analyzed 2,042 advanced email attacks that slipped past Microsoft Defender E3/E5 and leading secure email gateways. The findings reveal a shift toward attackers exploiting trusted platforms such as DocuSign,...
By Security Boulevard
News•Feb 2, 2026
When Responsible Disclosure Becomes Unpaid Labor
Responsible disclosure is increasingly failing as organizations delay acknowledgment, dispute severity, and provide little compensation, turning ethical research into unpaid labor. The recent React2Shell (CVE-2025-55182) case shows coordinated response can work, yet exploitation still spread quickly. In contrast, unbacked open‑source...
By CSO Online
News•Feb 2, 2026
Open-Source AI Pentesting Tools Are Getting Uncomfortably Good
Open‑source AI pentesting tools are reaching production‑grade performance, with BugTrace‑AI, Shannon, and the Cybersecurity AI Framework (CAI) each demonstrating distinct strengths in a lab test. BugTrace‑AI acts as a low‑noise reconnaissance assistant, flagging likely flaws without launching exploits. Shannon takes...
By Help Net Security
News•Feb 2, 2026
Where NSA Zero Trust Guidance Aligns with Enterprise Reality
The NSA released Phase One and Phase Two of its Zero Trust Implementation Guidelines, outlining 36 and 41 activities respectively to achieve 30 and 34 distinct capabilities. The guidance builds on earlier Primer and Discovery Phase documents and aligns with...
By Help Net Security
News•Feb 2, 2026
Pompelmi: Open-Source Secure File Upload Scanning for Node.js
Pompelmi is an open‑source toolkit that adds inline malware scanning to Node.js file‑upload handlers. It inspects files in memory, applying configurable policies on extensions, size, MIME types, and archive contents before any data reaches storage. The library offers pluggable scanning...
By Help Net Security
News•Feb 2, 2026
Crypto Stolen Hit $370M in January, Quadrupling Year on Year: CertiK
Crypto theft surged to $370.3 million in January 2026, a near‑four‑fold rise from a year earlier, according to security firm CertiK. A single phishing scam accounted for $284 million of the loss, while phishing overall stole $311.3 million. The month’s biggest individual hacks...
By Cointelegraph
News•Feb 2, 2026
What Boards Need to Hear About Cyber Risk, and What They Don’t
Entrust CIO Rishi Kaushal explains how security leaders should brief corporate boards on cyber risk, linking cryptography, certificates, and authentication to tangible business outcomes such as revenue loss, outages, fraud, and regulatory exposure. He demystifies the digital‑trust layer, arguing that...
By Help Net Security
News•Feb 2, 2026
Online Safety and Fraud Prevention: Protecting Yourself in the Digital Finance Era
Digital finance’s rapid expansion has amplified convenience while exposing users to sophisticated online scams. Fraudsters now deploy phishing, fake investment sites, and cloned e‑commerce stores that closely resemble legitimate brands. Verifying a website before any financial transaction—checking domain age, security...
By TechBullion
News•Feb 2, 2026
Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
Researchers uncovered a supply‑chain breach of the Open VSX Registry where a legitimate developer’s credentials were hijacked to publish malicious updates of four popular extensions. The poisoned versions, released on Jan 30 2026, embedded the GlassWorm loader and were downloaded over 22,000...
By The Hacker News
News•Feb 2, 2026
AI Is Flooding IAM Systems with New Identities
The Cloud Security Alliance reports that AI‑generated identities are being treated like traditional non‑human accounts, exposing them to the same IAM weaknesses such as credential sprawl and unclear ownership. AI systems create and retire identities at unprecedented speed, overwhelming legacy...
By Help Net Security
News•Feb 2, 2026
Tech Dependencies Undermine UK National Security
The UK’s push to curb illegal deep‑fake content on X exposed a broader vulnerability: dependence on US‑based platforms for national‑security enforcement. Recent clashes with Elon Musk and a fine against Cloudflare illustrate how American firms can resist or complicate European...
By RUSI
News•Feb 1, 2026
Crypto Protocol CrossCurve Under Attack, $3M Reportedly Exploited
CrossCurve, a cross‑chain bridge protocol, confirmed a security breach that resulted in roughly $3 million being stolen across several blockchain networks. The exploit targeted a smart‑contract vulnerability that allowed attackers to spoof cross‑chain messages and unlock tokens without proper validation. CrossCurve...
By Cointelegraph
News•Feb 1, 2026
Can Agentic AI Handle Complex Cloud-Native Security Tasks
The article explains that non‑human identities (NHIs)—machine credentials such as passwords, tokens and keys—are critical for securing cloud‑native environments. It argues that comprehensive NHI management platforms provide visibility, automated secret rotation, and threat detection across the identity lifecycle, delivering cost...
By Security Boulevard
News•Feb 1, 2026
How Powerful Is AI in Managing Non-Human Identities
Non‑human identities (machine identities) now account for roughly 68% of IT security incidents, making their management a top priority for organizations undergoing digital transformation. A lifecycle‑focused NHI management platform offers discovery, classification, monitoring, and remediation, surpassing point solutions like secret...
By Security Boulevard
News•Feb 1, 2026
What New Technologies Are Boosting Agentic AI Capabilities
Non‑Human Identities (NHIs), also called machine identities, are becoming essential for securing cloud‑based environments as organizations scale. Effective NHI management couples encrypted secrets with granular permissions, providing a passport‑visa model for automated services. Integrating Agentic AI enables autonomous secret rotation,...
By Security Boulevard
News•Feb 1, 2026
Are Cloud Secrets Safe with Automatic Rotation Systems
Enterprises are increasingly relying on automated rotation systems to protect cloud secrets tied to Non‑Human Identities (NHIs). By continuously updating credentials, these solutions shrink the window of exposure for machine‑identity attacks, a threat that 68% of organizations have already faced....
By Security Boulevard
News•Feb 1, 2026
Shock Report Claims Android Apps Have Leaked over 730TB of User Data and Google Secrets - Here Are some of...
A recent security study uncovered that Android AI applications have collectively leaked nearly 730 terabytes of user data, alongside hard‑coded secrets that expose cloud infrastructure and payment systems. The research examined dozens of popular AI‑driven apps on Google Play, finding API...
By TechRadar
News•Feb 1, 2026
NDSS 2025 – Alba: The Dawn Of Scalable Bridges For Blockchains
Researchers at TU Wien and Princeton introduced Alba, a Pay2Chain bridge that leverages off‑chain payment channels to trigger conditional payments on target blockchains. Unlike traditional light‑client or zk‑based bridges, Alba avoids costly on‑chain inclusion proofs, cutting communication overhead and on‑chain...
By Security Boulevard
News•Feb 1, 2026
Netbird a German Tailscale Alternative (P2P WireGuard-Based Overlay Network)
NetBird is a German open‑source zero‑trust networking platform that uses WireGuard to create a peer‑to‑peer overlay, positioning itself as a Tailscale‑style alternative to legacy VPNs. It delivers instant deployment, SSO/MFA integration, dynamic posture checks, and centralized policy management across Linux,...
By Hacker News
News•Feb 1, 2026
Global Trustnet Strengthens Client Intake and Review Framework to Support Secure Platform Operations
Global Trustnet announced enhancements to its client intake and internal case review frameworks, emphasizing security, verification discipline, and structured governance. The new standardized onboarding workflow aims to improve data accuracy, traceability, and consistency as digital‑asset trading volumes rise. Parallel upgrades...
By TechBullion
News•Feb 1, 2026
Ondas’ American Robotics Optimus Drone Approved for Rapid Federal Procurement via DCMA Blue UAS Cleared List
Ondas Inc.’s Optimus drone, built by American Robotics, has earned Blue List status from the Defense Contract Management Agency, placing it on the Department of War’s approved UAS directory. The designation confirms compliance with stringent cybersecurity, supply‑chain and operational standards,...
By sUAS News
News•Jan 31, 2026
Blockchain Penetration Testing: Definition, Process, and Tools
Blockchain penetration testing simulates real‑world attacks on decentralized ledgers to expose flaws in smart contracts, consensus mechanisms, nodes, and wallets before they can be exploited. Recent incidents such as the $2.17 billion crypto thefts in 2025 and the 17‑hour Solana outage...
By Security Boulevard
News•Jan 31, 2026
AI-Powered Penetration Testing: Definition, Tools and Process
AI‑powered penetration testing combines machine‑learning models, autonomous agents, and traditional security tools to simulate real‑world attacks faster and more comprehensively than manual testing. Recent research shows AI agents achieved 82 % precision and outperformed nine out of ten human testers in...
By Security Boulevard
News•Jan 31, 2026
IoT Penetration Testing: Definition, Process, Tools, and Benefits
IoT penetration testing evaluates the entire IoT ecosystem—from hardware and firmware to cloud services—by simulating multi‑stage attacks. The practice uncovered critical flaws in high‑profile incidents, such as Southern Water’s water‑monitoring hack and an NHS Trust breach, both caused by outdated...
By Security Boulevard
News•Jan 31, 2026
RINA Accountants & Advisors Is Creating $400K Settlement Fund to Settle Lawsuit over 2022 Data Breach
RINA Accountants & Advisors, a U.S. accounting firm, has agreed to establish a $400,000 settlement fund to resolve a class‑action lawsuit stemming from a 2022 data breach. The breach exposed client‑sensitive information, prompting legal action from affected parties. The settlement...
By DataBreaches.net
News•Jan 31, 2026
Show HN: Minimal – Open-Source Community Driven Hardened Container Images
The Minimal project publishes a suite of open‑source, production‑ready container images built daily with Chainguard’s apko and Wolfi packages. By including only essential components, the images achieve near‑zero CVEs and are typically patched within 24‑48 hours of disclosure. Each image is...
By Hacker News
News•Jan 31, 2026
Comcast Agrees to $117.5 Million Settlement to Resolve Lawsuits over 2023 Citrix Bleed Data Breach
Comcast has reached a $117.5 million settlement to resolve 24 class‑action lawsuits stemming from the 2023 Citrix Bleed data breach, which potentially exposed personal information of more than 30 million current and former customers. A federal judge in the Eastern District...
By DataBreaches.net
News•Jan 31, 2026
StopICE Hacked: Names And Locations of Over 100k Users Were Sent to the FBI, ICE and HSI
The anti‑ICE activist platform StopICE suffered a massive data breach, exposing personal details of over 100,000 registered users. Hackers accessed names, login credentials, phone numbers and precise GPS locations, then transmitted the information to the FBI, ICE and Homeland Security...
By DataBreaches.net