AI-Driven Scams Are Eroding Trust in Calls, Messages, and Meetings
AI agents are now automating the research and targeting phases of social engineering, turning weeks‑long preparations into minutes. This automation lowers both the skill threshold and cost for launching phishing and scam campaigns. Deepfake audio and video are being used in real‑time calls and meetings, allowing fraudsters to impersonate executives and extract millions. Experts urge new verification procedures and provenance tools to restore trust in digital communications.
Cybersecurity Jobs Available Right Now: February 10, 2026
February 2026’s cybersecurity job roundup lists 26 open positions across 12 countries, ranging from cloud security engineers to senior threat‑intelligence analysts. The roles cover cloud, AI, OT, and zero‑trust specializations, with many offering hybrid or fully remote work. Employers span consulting...
Coupang Obstructed Korean Probe Into Data Breach, Ministry Says
Coupang, South Korea’s largest e‑commerce platform, obstructed a government investigation into a massive data breach by deleting access logs and other evidence. The Ministry of Science and ICT reports that a former staff engineer exfiltrated 25.6 terabytes of personal information, affecting...
Ethereum Foundation Teams up with SEAL to Combat Wallet Drainers
The Ethereum Foundation is sponsoring a security engineer to work with the nonprofit Security Alliance (SEAL) on its new “Trillion Dollar Security” initiative, aimed at tracking and neutralizing crypto drainers targeting Ethereum users. The partnership includes a public dashboard that...
![[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt8a0a23d922e8040c/698a52efc397d867074bbec6/DRVE_Event_2060319.png?width=1280&auto=webp&quality=80&disable=upscale)
[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses
The virtual event "Shields Up" spotlights emerging technologies reshaping cybersecurity defenses, featuring a slate of on‑demand webinars that explore AI‑driven attack surfaces, ransomware supply‑chain risks, and AI‑powered threat hunting. Complementary white papers dive into admin‑rights removal, least‑privilege strategies, and real‑world...
Tesla Exec Raj Jegannathan Leaves Automaker After 13 Years
Tesla Vice President Raj Jegannathan announced his departure after a 13‑year tenure, most recently overseeing IT, AI infrastructure, business applications, and information security. He previously led North American sales following the dismissal of Troy Jones, a period marked by declining...
OT Attacks Get Scary With 'Living-Off-the-Plant' Techniques
Operational technology (OT) cyberattacks have so far been limited by attackers' lack of deep process knowledge, but experts warn that a shift toward "living‑off‑the‑plant" techniques could enable more damaging exploits. Recent ransomware spillovers into OT and incidents like the Norway...
Navigating FedRAMP 20x and the Continuous Compliance Imperative
FedRAMP 20x seeks to modernize federal cloud compliance by replacing static checklists with continuous validation through Key Security Indicators (KSIs). The initiative promises faster, more flexible authorization for SaaS providers, but progress is hampered by funding cuts, staff shortages, and...
Google and Entrust Team to Combat Identity Fraud
Identity verification firm Entrust has announced a strategic partnership with Google Cloud to launch an AI‑powered solution that tackles rising identity fraud. The joint offering combines Entrust’s verification platform and fraud intelligence with Google’s Gemini AI models, threat intelligence, and...
Georgia Woman Sentenced for $1.5 Million Bank Fraud Scheme
A Georgia woman, Dechanta Benning, was sentenced to 70 months in federal prison for a mail‑theft‑related check fraud scheme. Prosecutors allege the scheme stole between $550,000 and $1.5 million by intercepting business checks, altering payees, and using mobile‑deposit technology. Benning opened...
Ripple Expands Institutional Custody Stack with Staking and Security Integrations
Ripple announced new integrations with Securosys and Figment, bolstering its institutional custody platform with hardware security modules and staking capabilities. The upgrades let banks and custodians manage cryptographic keys on‑premises or in the cloud while offering staking on Ethereum, Solana...
The Rise of Secure Digital Payments in a Cashless Economy
Secure digital payment solutions are gaining traction as businesses and consumers prioritize fraud protection and operational efficiency. Innovations such as dynamic credentials, limited‑use authorizations, and virtual cards address data‑breach risks while simplifying expense oversight. These tools enable real‑time transaction monitoring,...
What AI Builders Can Learn From Fraud Models that Run in 300 Milliseconds
Mastercard’s Decision Intelligence Pro (DI Pro) uses a sub‑300 ms recurrent neural network to assign risk scores to each payment transaction in real time. The platform treats fraud detection as an "inverse recommender" problem, comparing current merchant behavior to historical patterns. By...
Utah Advances Policy-First Digital Identity Framework Centered On Individual Control
Utah is drafting comprehensive State‑Endorsed Digital Identity (SEDI) legislation that puts individuals in control of their cryptographic keys while the government acts only as an endorser. The policy relies on open standards, supports both long‑lived and short‑term credentials, and preserves...
What Organizations Need to Change When Managing Printers
Jim LaRoe, CEO of Symphion, warns that most enterprises only manage printers for uptime and cost, leaving them unprotected despite comprising 20‑30% of endpoints. He highlights an ownership vacuum, missing budget lines, and reliance on default configurations as core leadership...
Leidos Partners with RegScale to Bolster Federal Cybersecurity
Leidos announced the integration of its UpHold Armor platform with RegScale’s Continuous Controls Monitoring solution to strengthen cybersecurity across the Department of Defense and other federal agencies. The joint offering will initially roll out to the U.S. Air Force, automating risk...
Storage News Ticker – 9 February 2026
The storage‑focused news ticker highlighted a wave of AI‑centric and security‑driven product launches, from Aerospike’s default Dynamic Data Masking to Cloudera’s on‑prem AI inference and Trino‑powered warehouse. Databricks secured a $5 billion equity round, reporting $5.4 billion ARR with strong AI revenue,...
Hacktivist Scrapes over 500,000 Stalkerware Customers’ Payment Records
A hacktivist identified as “wikkid” scraped more than 536,000 payment records from the stalkerware vendor Struktura, also operating as Ersten Group. The leaked dataset reveals customer email addresses, the specific surveillance app purchased, payment amounts, card type and last four...
Flaw in Anthropic Claude Extensions Can Lead to RCE in Google Calendar: LayerX
LayerX researchers disclosed a zero‑click remote code execution flaw in Anthropic's Claude Desktop Extensions (DXT) that leverages Google Calendar events to trigger arbitrary code on the host system. The unsandboxed extensions, which operate with full system privileges, affect more than...
VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code
Ontinue’s February 9 report details VoidLink, a Linux‑based command‑and‑control framework that can infiltrate enterprise and multi‑cloud environments. The implant adapts to AWS, Azure, GCP, Alibaba and Tencent clouds, harvesting credentials, escaping containers and employing kernel‑level stealth via eBPF or loadable modules....
Aerospike 8.1.1 Introduces New Native Dynamic Data Masking for PII Protection and Regulatory Compliance
Aerospike released version 8.1.1, introducing native Dynamic Data Masking (DDM) for its high‑performance NoSQL database. The feature lets administrators define masking rules that hide personally identifiable information at the database layer, automatically applying to all users and machines except those...
Password Guessing without AI: How Attackers Build Targeted Wordlists
Password attacks increasingly rely on targeted wordlists harvested from an organization’s public‑facing content rather than generic dictionaries or AI models. Tools like the open‑source CeWL crawler extract company‑specific terminology, which attackers mutate with common patterns to generate plausible passwords that...
Maryland National Guard Participates in Crossed Swords 25 with Estonian Partners
The Maryland National Guard joined NATO’s Crossed Swords 25 cyber‑defense exercise with Estonian partners at the CCDCOE in Tallinn, Oct. 27‑Nov. 7, 2025. The drill hosted 240 participants from roughly 45 countries and focused on strategic command, AI‑assisted tactical operations, multi‑domain integration, public‑private coordination,...
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace
OpenClaw has integrated VirusTotal scanning into its ClawHub marketplace to curb malicious AI skills. The workflow hashes each skill, checks VirusTotal signatures, and submits unknown bundles to Code Insight for deeper analysis, flagging or blocking threats. This move follows security...
DataBee Launches DataBee RiskFlow™
DataBee, a Comcast company, unveiled DataBee RiskFlow™, an agentic AI layer that lets security and IT teams ask natural‑language questions about vulnerability, login risk, and compliance evidence. The tool interprets queries, pulls the relevant data from DataBee’s security fabric, and...
Outtake Raises $40 Million to Bolster Digital Trust Against AI-Driven Threats
Outtake, a cybersecurity startup, announced a $40 million Series B round to accelerate its unified digital‑trust platform amid a surge in AI‑driven phishing and impersonation attacks. The round, led by ICONIQ and featuring investors such as Satya Nadella and Nikesh Arora, brings total capital...
Cybersecurity M&A Roundup: 34 Deals Announced in January 2026
January 2026 saw 34 cybersecurity M&A announcements, underscoring rapid consolidation in the sector. CrowdStrike led the pack, agreeing to acquire SGNL for $740 million and Seraphic Security for about $420 million, bolstering its identity and browser‑runtime defenses. Other notable deals include Delinea’s...
Men Charged in FanDuel Scheme Fueled by Thousands of Stolen Identities
Two Connecticut men, Amitoj Kapoor and Siddharth Lillaney, were indicted on 45 federal counts for a multi‑year scheme that used roughly 3,000 stolen identities to open fraudulent accounts on FanDuel, DraftKings, BetMGM and other online gambling platforms. They purchased personal...
BeyondTrust Fixes Easy-to-Exploit Pre-Auth RCE Vulnerability in Remote Access Tools (CVE-2026-1731)
BeyondTrust has patched a critical pre‑authentication remote code execution flaw (CVE‑2026‑1731) affecting its Remote Support and Privileged Remote Access products. The vulnerability lets unauthenticated attackers run OS commands on vulnerable on‑premise deployments. SaaS customers received the fix on February 2 2026, while...
Show HN: Minimal NIST/OWASP-Compliant Auth Implementation for Cloudflare Workers
A new open‑source repository provides a minimal, standards‑driven authentication stack for Cloudflare Workers, featuring PBKDF2‑SHA384 password hashing, a dual‑token JWT scheme, and strict TypeScript typing. The implementation follows NIST SP 800‑63B, NIST SP 800‑132, OWASP ASVS, and RFC 8725, and includes over 250...
Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering
Hackers have revamped ClawHub skill attacks by removing embedded malware and instead using clean SKILL.md files that lure users to counterfeit OpenClawCLI download sites. The malicious payload is hosted on look‑alike domains and fetched via an obfuscated bash command, allowing...
OpenAI Updates Europe Privacy Policy, Adding New Data Categories
OpenAI has refreshed its Europe‑facing privacy policy to align with the November 2024 EU revisions. The new document expands coverage to include files, images, audio, video, and contact data, while adding clearer sections on user controls such as opting out of...
Baobab Insurance Extends Cyber Cover with SCOR Capacity Boost
Baobab Insurance, a German cyber‑focused MGA, has broadened its underwriting capacity through an expanded partnership with global reinsurer SCOR. The SCOR syndicate at Lloyd’s now backs Baobab’s binder for companies with up to €1 billion in annual revenue across Germany and...
Iran’s Digital Surveillance Machine Is Almost Complete
Iran’s government imposed a near‑total internet shutdown on Jan 8, temporarily crippling even its domestic National Information Network (NIN). Researchers observed that the abrupt blackout deviated from the regime’s refined playbook, suggesting panic or technical failure. The NIN, controlled largely by...
Never Settle: How CISOs Can Go Beyond Compliance Standards to Better Protect Their Organizations
CISOs are urged to move past traditional compliance checklists and adopt a risk‑first strategy that anticipates emerging threats such as AI‑driven attacks, third‑party vulnerabilities, and future quantum risks. While standards like HIPAA, SOC 2, and ISO 27001 provide a useful baseline, they...
Steam Game People Playground Hit by Malware via the Steam Workshop
People Playground’s Steam Workshop was compromised in early February 2026 when a malicious mod called “FPS++” acted as a worm, deleting user data and spamming workshop items. The malware erased configurations, maps, and stats while preserving playtime, leaving achievements unrecoverable....
Why One-Size-Fits-All Mobile Compliance No Longer Works
Regulators are intensifying enforcement of off‑channel mobile communications, forcing firms to capture, supervise, and retain messages. Traditional compliance programs rely on blanket device lockdowns, which push employees toward unapproved consumer apps and increase risk. Theta Lake and other vendors advocate...
Microsoft: Exchange Online Flags Legitimate Emails as Phishing
Microsoft is investigating a fault in Exchange Online that began on February 5, causing legitimate emails to be flagged as phishing and quarantined. The problem stems from a newly deployed URL rule that incorrectly labels benign links as malicious. The issue...
StackHawk Launches Alliances Program to Help AppSec Teams Navigate the AI Era
StackHawk unveiled the StackHawk Alliances & Resellers Program (SHARP) to empower channel partners in delivering AI‑ready application security. A recent survey shows 87% of firms use AI coding assistants, making rapid, secure development the top 2026 challenge. SHARP promises 30%+...
Wallet Tied to Infini Exploiter Resurfaces to Buy Ether Dip for $13M
An address linked to the $50 million Infini exploit resurfaced after a year of inactivity, purchasing $13.3 million worth of Ether as the price fell to $2,109. The newly acquired ETH was promptly transferred to the Tornado Cash mixing service, obscuring the...
APT Hackers Abuse Trusted Edge Services to Stealthily Deploy Malware
APT groups, largely China‑linked, are shifting attacks from protected endpoints to edge infrastructure such as firewalls, routers and IoT devices. Taiwan emerged as the most targeted APAC region, logging 173 incidents and serving as a testing ground for new tools....
Social Media Platforms Earn Billions From Scam Ads
European social media platforms earned nearly £3.8bn ($5.2bn) from scam ads in 2025, driven by almost one trillion impressions across eleven markets. Scam‑related posts represented about 10% of the 993bn ad views, inflating platform revenue while undermining user trust. Juniper...
Schrödinger’s Cat and the Enterprise Security Paradox
Security leaders often operate under a paradox: dashboards show compliance while unseen breaches may exist. The article likens this to Schrödinger’s cat, arguing that without direct observation, an organization is simultaneously secure and compromised. It distinguishes the “paper company” of...
European Commission Discloses Breach that Exposed Staff Data
The European Commission disclosed a cyber‑attack on its mobile‑device‑management platform on 30 January, where attackers accessed staff names and phone numbers but did not compromise the devices themselves. The breach was contained within nine hours after detection and traced to two...
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
Vortex Werewolf, also known as SkyCloak, is a threat cluster that has been delivering Tor‑enabled remote‑access backdoors to Russian government and defense organizations through sophisticated Telegram‑themed phishing campaigns. Victims are lured to counterfeit Telegram login pages that harvest phone numbers,...
From Penetration to Inclusion: How CRC Credit Bureau Is Re-Engineering Nigeria’s Credit Ecosystem
Nigeria’s credit penetration has topped 40%, signaling a rapid shift toward broader financial inclusion. CRC Credit Bureau, the country’s largest licensed bureau, has built the most comprehensive credit data ecosystem by pulling information from banks, fintechs, utilities, telcos, and digital...
Visa Says Cybersecurity Decides Who Wins Digital Commerce
Visa’s cyber‑solutions leader Jeremiah Dewey argues that cybersecurity is no longer a defensive checkbox but a core business function that fuels growth in digital commerce. He cites a 126% surge in ransomware attacks and $5 million average breach costs to illustrate...
.png)
Port’s View as Feature Lets Org Admins See the Product Through Any User’s Permissions to Reproduce Issues, Validate RBAC, and...
Port introduced a highly requested “View as” feature that lets organization administrators instantly experience the platform with any user’s effective permissions. The tool enables rapid reproduction of permission errors, validation of RBAC changes, and secure troubleshooting without needing screenshots or...
UAE Cyber Security Council Warns Stolen Logins Fuel Majority of Financial Cyberattacks
The UAE Cyber Security Council warned that roughly 60% of financial cyberattacks begin with stolen usernames and passwords. As digital banking expands, compromised credentials have become the primary gateway for fraud, identity theft, and unauthorized access to sensitive financial data....
NIS2: Supply Chains as a Risk Factor
The EU’s NIS2 directive expands cybersecurity obligations beyond a company’s own network to include every external partner in the supply chain. It mandates that firms systematically identify, assess, and continuously monitor risks from service providers, cloud vendors, and subcontractors. The...
