Chilean National Extradited to U.S. Over Stolen Credit Card Data Trafficking Scheme
A Chilean national, Alex Rodrigo Valenzuela Monje, was extradited to the United States and arraigned in Salt Lake City for operating a Telegram‑based carding marketplace that sold over 26,000 stolen credit‑card records between 2021 and 2023. The indictment alleges he distributed full card details—including numbers, expiration dates and CVVs—through channels named MacacoCC Collective and Novato Carding. The case highlights the FBI’s reliance on international partners to pursue cybercriminals who exploit encrypted messaging platforms. Valenzuela Monje has pleaded not guilty and faces charges of data trafficking and unlawful ID transfer.
Vietnam Announces National Cybersecurity Firewall Plan Under New Digital Governance Law
Vietnam’s Ministry of Public Security announced a national cybersecurity firewall plan, codified in the new Cybersecurity Law that takes effect on July 1, 2026. The law’s Article 10 explicitly directs authorities to study a national firewall, marking the first statutory...
National Cyber Security Bill and NIS2: Senior Management’s Compliance Guide
The EU’s NIS2 Directive now obligates senior management to approve, oversee, and assume responsibility for cybersecurity risk, a shift echoed by Ireland’s forthcoming National Cyber Security Bill. The draft legislation mirrors NIS2’s Article 20, imposing personal liability, temporary bans, and fines...
OpenClaw Vulnerability Exposes How an Open-Source AI Agent Can Be Hijacked
OpenClaw, an open‑source AI agent that quickly amassed over 100,000 GitHub stars, was found to contain a critical vulnerability that lets any website a developer visits hijack the local agent via an unauthenticated WebSocket connection. The flaw bypasses rate‑limiting and...
Samsung SDS Identifies Top Cybersecurity Threats of 2026 as AI Risks Escalate
Samsung SDS released its 2026 cybersecurity outlook, highlighting five priority threats: AI‑driven attacks, ransomware, cloud misconfigurations, phishing/account takeovers, and data security gaps. The report, based on 667 Korean security professionals, warns that generative AI and autonomous agents will intensify phishing,...
U.S. Sanctions Russian Broker Over Zero-Day Exploits Theft
The United States has sanctioned Russian cyber‑exploit broker Operation Zero, its director Sergey Zelenyuk, and a UAE‑based front company for stealing eight zero‑day vulnerabilities from a U.S. defense contractor. Australian insider Peter Williams allegedly sold the exploits for roughly $1.3 million...
AI Content Generation Systems Face Global Pressure Over Privacy and Deepfake Risks
Data protection authorities from 61 countries issued a joint warning that AI content generation systems, especially those creating realistic images and videos, pose serious privacy and deep‑fake risks. The statement cites recent incidents, such as Grok’s non‑consensual “nudified” images, and...
Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head
Israel’s National Cyber Directorate disclosed that roughly two petabytes—equivalent to 100 National Library of Israel archives—have been exfiltrated from citizens and institutions over recent years. The breach scale eclipses prior megabyte‑ and terabyte‑level incidents, marking an unprecedented data loss. Concurrently,...
Advantest Cyberattack Triggers Ransomware Investigation Across Internal Network
Advantest Corp., a Tokyo‑listed semiconductor test equipment maker, disclosed a cyberattack that surfaced on February 15, when unusual activity triggered its incident‑response protocols. Preliminary analysis suggests an unauthorized third party infiltrated parts of the internal network and deployed ransomware, prompting...
Mozilla Firefox Issues Emergency Patch for Heap Buffer Overflow in Firefox V147
Mozilla released an out‑of‑band update, Firefox v147.0.4, to fix a high‑severity heap buffer overflow in the libvpx video codec (CVE‑2026‑2447). The flaw, discovered by researcher jayjayjazz, could allow attackers to execute arbitrary code by delivering crafted VP8/VP9 video streams. Parallel patches...
DSS Files Charges Against El-Rufai Over Alleged NSA Phone Interception
The Department of State Services has filed a three‑count criminal charge against former Kaduna governor Nasir El‑Rufai for allegedly intercepting the telephone communications of National Security Adviser Nuhu Ribadu. Prosecutors say El‑Rufai admitted the illegal interception during a televised interview on 13 February 2026,...
The Cyber Express Weekly Roundup: Escalating Breaches, Regulatory Crackdowns, and Global Cybercrime Developments
The Cyber Express weekly roundup highlights a series of high‑profile cyber incidents across continents. The European Commission’s mobile device management system was breached but contained within nine hours, while Senegal’s national identity services were crippled by ransomware. In Australia, FIIG...
60,000 Records Exposed in Cyberattack on Uzbekistan Government
Uzbekistan’s Digital Technologies Ministry confirmed that a cyberattack on three government information systems in late January exposed roughly 60,000 individual data records, not the personal data of 15 million citizens as earlier rumors suggested. The breach, which lasted from January 27‑30, was...
8,000+ ChatGPT API Keys Left Publicly Accessible
Cyble Research and Intelligence Labs uncovered more than 8,000 publicly accessible ChatGPT API keys, including over 5,000 GitHub repositories and roughly 3,000 live production websites. The keys were hard‑coded in source code, configuration files, and client‑side JavaScript, making them instantly...
FIIG Securities Fined AU$2.5 Million Following Prolonged Cybersecurity Failures
Australian fixed‑income firm FIIG Securities was hit with a AU$2.5 million civil penalty after the Federal Court found it failed to protect client data for over four years. A 2023 ransomware attack exfiltrated roughly 385 GB of personal and financial information belonging...
ENISA Updates Its International Strategy to Strengthen EU’s Cybersecurity Cooperation
The European Union Agency for Cybersecurity (ENISA) has published an updated International Strategy aimed at reinforcing the EU’s cyber‑defence ecosystem through selective global cooperation. The revision aligns partnerships with the EU’s policy objectives, highlighting collaborations with Ukraine, the United States,...
Senegal Confirms Cyberattack on Agency Managing National ID and Biometric Data
Senegal’s Directorate of File Automation (DAF) confirmed a cyberattack that forced a shutdown of national ID card, passport and biometric services. Ransomware group The Green Blood Group claims to have exfiltrated 139 TB of citizen records and posted samples on the...
UAE Cyber Security Council Warns Stolen Logins Fuel Majority of Financial Cyberattacks
The UAE Cyber Security Council warned that roughly 60% of financial cyberattacks begin with stolen usernames and passwords. As digital banking expands, compromised credentials have become the primary gateway for fraud, identity theft, and unauthorized access to sensitive financial data....
Singapore Launches Largest-Ever Cyber Defense Operation After UNC3886 Targets All Major Telcos
Singapore launched its largest coordinated cyber‑defense effort, Operation Cyber Guardian, after the UNC3886 advanced threat actor targeted all four major telcos—M1, Singtel, StarHub and Simba. More than 100 cyber defenders from six government agencies worked with the operators to contain...
OpenAI Launches Trusted Access for Cyber to Expand AI-Driven Defense While Managing Risk
OpenAI announced Trusted Access for Cyber, a program that provides vetted defenders with controlled access to its most advanced cybersecurity model, GPT‑5.3‑Codex, via ChatGPT. The initiative pairs this privileged access with $10 million in API‑credit grants to support defensive research and...
Substack Discloses Breach Exposing Its User Details After Four-Month Delay
Substack announced that a security breach exposed subscriber email addresses, phone numbers and internal metadata after attackers accessed the data in October 2025. The intrusion went undetected until February 2026, giving threat actors a four‑month dwell time. The company confirmed...
US FDA Reissues Cybersecurity Guidance to Reflect QMSR Transition and ISO 13485 Alignment
The FDA reissued its final medical‑device cybersecurity guidance on February 4, updating references to reflect the new Quality System Management Regulation (QMSR) that took effect on February 2. The revision aligns the guidance with ISO 13485:2016, embedding the international standard into the U.S....
Mountain View Shuts Down Flock Safety ALPR Cameras After Year-Long Unrestricted Data Access
Mountain View police chief Mike Canfield ordered an immediate shutdown of the city’s Flock Safety automated license‑plate reader (ALPR) system after discovering that hundreds of unauthorized law‑enforcement agencies had been able to query the data for more than a year....
Lakelands Public Health Confirms Cyberattack, Says Sensitive Data Unaffected
On Jan 29, 2026, Lakelands Public Health confirmed a cyberattack that disrupted internal systems but left sensitive health records untouched. The agency activated its incident‑response plan, isolated affected assets, and hired a leading cybersecurity firm to investigate and restore services....
Foxit Releases Security Updates for PDF Editor Cloud XSS Vulnerabilities
Foxit Software released security updates on February 3 2026 that remediate two moderate‑severity cross‑site scripting (XSS) vulnerabilities (CVE‑2026‑1591, CVE‑2026‑1592) in Foxit PDF Editor Cloud, and a related XSS flaw (CVE‑2025‑66523) in Foxit eSign patched on January 15 2026. The flaws allowed crafted file attachment...
Lt Gen (Dr) Rajesh Pant to Lead Webinar on AI-Driven Cyber Threats — Register Free Now
Cyble and The Cyber Express are hosting a free Zoom webinar on Feb 24, 2026 titled “AI, Ransomware & Hacktivism: The Cyber Risk Shift Most Leaders Are Failing to See.” The session will be led by Lt Gen (Dr) Rajesh...
Berchem School Hit by Cyberattack as Hackers Target Parents With €50 Ransom Demand
A ransomware group breached the servers of secondary school Onze‑Lieve‑Vrouwinstituut Pulhof in Berchem, forcing a shutdown of internal systems. The school refused to pay the initial ransom and the attackers escalated by demanding €50 per child from parents, threatening to...
Britain and Japan Join Forces on Cybersecurity and Strategic Minerals
Britain and Japan announced a new cyber strategic partnership during Prime Minister Keir Starmer's Tokyo visit, following his stop in Beijing. The agreement pairs cybersecurity cooperation with joint efforts to secure critical mineral supply chains essential for advanced manufacturing and...
Ad Fraud Is Exploding — Dhiraj Gupta of mFilterIt Explains How Brands Can Respond
Ad fraud is escalating into a systemic threat that undermines the digital economy’s trust. In 2024 mobile ad fraud rose 21% and programmatic scams siphoned nearly $50 billion, while the ad‑fraud detection market is set to exceed $2 billion by 2034. Dhiraj...
Cyble Research Discovers ShadowHS, an In-Memory Linux Framework for Long-Term Access
Cyble Research & Intelligence Labs uncovered ShadowHS, a Linux post‑exploitation framework that operates entirely in memory. The tool leverages a weaponized version of hackshell with an AES‑256‑CBC encrypted loader, enabling fileless execution via /proc//fd/. ShadowHS provides an operator‑controlled environment for...
Bumble, Panera Bread, Match Group, and CrunchBase Hit by New Wave of Cyberattacks
A coordinated cyber‑attack wave hit Bumble, Panera Bread, Match Group and CrunchBase, with the hacker group ShinyHunters claiming responsibility. The intrusions stemmed from phishing and vishing tactics that compromised contractor or employee credentials, granting brief, limited access to internal networks....
AHA Releases New Guides to Strengthen Hospital Emergency and Cyber Preparedness
The American Hospital Association unveiled two new guides—Strategies for Medical Surge Management During Public Emergencies and Strategies for Cyber Preparedness in Health Care—to help hospitals navigate both public health crises and cyber threats. Both resources adopt the “four S’s” framework—staffing,...
US Charges 87 in Major ATM Jackpotting Scheme Linked to Tren De Aragua
A Nebraska federal grand jury has indicted a total of 87 defendants in a sprawling ATM jackpotting conspiracy tied to the Venezuelan gang Tren de Aragua. The scheme used a variant of the Ploutus malware to hack ATMs nationwide, stealing...
Hackers Exploit React2Shell Vulnerability to Deploy Miners and Botnets Worldwide
A critical insecure‑deserialization flaw in React Server Components, identified as CVE‑2025‑55182 or “React2Shell,” is being actively exploited worldwide. The vulnerability affects react‑server‑dom‑webpack, –parcel and –turbopack versions 19.0‑19.2, allowing attackers to execute arbitrary code and deploy a range of malware, including...
Major Cyberattack Cripples Russia’s Alarm and Vehicle Security Provider Delta
Russian security firm Delta suffered a large‑scale external cyberattack on Jan 26, crippling its alarm, home, and vehicle security platforms. The breach disabled online services, phone lines, and the mobile app, leaving thousands of customers unable to control alarms or unlock...
Canada Marks Data Privacy Week 2026 as Commissioner Pushes for Privacy by Design
Canada’s Privacy Commissioner Philippe Dufresne launched Data Privacy Week 2026 (Jan 26‑30) with a focus on privacy‑by‑design, urging organizations to embed data protection from the outset. He highlighted recent high‑profile breaches—including Aylo, 23andMe, TikTok, and an investigation into X’s Grok chatbot—to...
Data Privacy Week 2026: Why Secure Access Is the New Data Protection Perimeter
The CyberExpress article argues that the traditional network perimeter is no longer sufficient for data privacy, and that the true protection now lies at the moment of access. It highlights the rise of the “Identity‑Data Gap” and the shift toward...
ShinyHunters, CL0P Return with New Claimed Victims
ShinyHunters has resurfaced with an onion‑based data leak site, claiming breaches of SoundCloud, Betterment and Crunchbase tied to a new vishing campaign targeting SSO credentials at Okta, Microsoft and Google. The group warns that more victims will follow. In parallel,...
Manage My Health Data Breach Sparks Warnings Over Impersonation and Phishing Attempts
Manage My Health, a New Zealand digital health portal, confirmed a breach that accessed documents in its My Health Documents feature, affecting over 120,000 patients. While live clinical systems remained untouched, fraudsters are now impersonating the service to send phishing and...
One in Ten UK Businesses Fear They Would Not Survive a Major Cyberattack
A Vodafone Business survey of 1,000 UK senior leaders reveals that one in ten believe their company would not survive a major cyberattack. While 63% say the risk of attack has risen over the past year, only 45% have ensured...
How to Remove Saved Passwords From Google Chrome (And Why You Should)
Google Chrome’s built‑in password manager offers convenience but accumulates credentials across devices, creating a hidden security liability. The article details how to delete individual, multiple, or all saved passwords on desktop, Android, and iOS, and explains how Chrome sync propagates...
Threat Hunting in 2026: Why Proactive Defence Is the Only Way Forward
Threat hunting is shifting from reactive incident response to proactive, pattern‑based defense as attackers repeatedly exploit known vulnerabilities. Experts at Qualys argue that focusing on adversary telemetry—such as weaponization, ransomware links, and dark‑web chatter—enables teams to anticipate exploitation cycles. Automation...
APD Investigates Third-Party Cybersecurity Incident, Says No Evidence of Data Compromise
The Anchorage Police Department (APD) disclosed a cybersecurity incident on Jan 7, 2026 involving its third‑party data‑migration vendor, Whitebox Technologies. APD reported no evidence that its systems or data were compromised and immediately shut down affected servers while revoking vendor access....
Nicole Ozer Joins CPPA to Drive Privacy and Digital Security Initiatives
California Privacy Protection Agency appointed Nicole Ozer to its board, reinforcing the state’s privacy agenda. Ozer, former ACLU tech director and executive at UC Law San Francisco, brings extensive experience in privacy law, AI, and digital civil liberties. Her appointment...
What Is a DNS Attack? Understanding the Risks and Threats
The Domain Name System (DNS) remains a critical yet vulnerable internet backbone, with 88% of organizations reporting at least one DNS attack in 2023. Attacks such as hijacking, cache poisoning, and DDoS floods can redirect users, cause service outages, and...
Kyowon Group Confirms Cyberattack as Multiple Systems Go Offline
Kyowon Group disclosed a cyberattack that began on the morning of Jan 10, prompting the company to isolate affected systems and shut down parts of its internal network. The breach forced the main website and several affiliate sites offline, with service...
The Cyber Express Weekly Roundup: Schools, Hacktivists, and National Cyber Overhauls
The first week of 2026 saw a wave of cyber incidents spanning education, activism, corporate, and government sectors. Higham Lane School in England shut down after ransomware crippled systems for 1,500 students, while Australian insurer Prosura faced unauthorized access exposing...
CISA Warns of Attacks on PowerPoint and HPE Vulnerabilities
CISA has added two high‑severity flaws to its 2026 Known Exploited Vulnerabilities (KEV) catalog: CVE‑2025‑37164, a code‑injection bug in Hewlett Packard Enterprise OneView rated 10.0, and CVE‑2009‑0556, a 9.3‑severity remote‑code‑execution issue in legacy Microsoft PowerPoint 2000‑2004. Rapid7 published a proof‑of‑concept...
Trump Orders US Exit From Global Cyber and Hybrid Threat Coalitions
President Donald Trump signed a memorandum ordering the United States to withdraw immediately from three major cyber‑security coalitions: the European Centre of Excellence for Countering Hybrid Threats, the Global Forum on Cyber Expertise, and the Freedom Online Coalition. The exits...
Australian Insurer Prosura Confirms Cyber Incident, Takes Online Services Offline Amid Investigation
Australian insurer Prosura confirmed a cyber incident on Jan 3, 2026 after detecting unauthorized access to internal systems. The breach led the company to temporarily disable its self‑service portal, halting online policy purchases, claims and account management. Fraudulent phishing emails were sent...