GuLoader, also known as CloudEye, is a sophisticated malware downloader that has been active since late 2019. Its primary function is to download and install secondary malware, such as Remote Access Trojans (RATs) and information stealers, onto compromised systems. One…
What happens when cybersecurity knowledge walks out the door
In this Help Net Security interview, Andrew Northern, Principal Security Researcher at Censys, explains why mentorship matters and what organizations risk losing when senior staff disengage. He argues that institutional memory and judgment under pressure are difficult to rebuild once…
Chinese Hackers Target Singapore Telecoms in Edge Device Compromise Campaign
A massive, eleven-month campaign to root out sophisticated attackers from the nation’s critical infrastructure. The Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) revealed details of “Operation CYBER GUARDIAN,” a multi-agency effort to defend the…
Chinese Hackers Attacking Singapore’s Telecommunications Sector to Compromise Edge Devices
Singapore’s telecommunications sector has recently been the target of a highly sophisticated cyber espionage campaign orchestrated by the Advanced Persistent Threat (APT) group known as UNC3886. The details of this extensive intrusion were formally disclosed following Operation CYBER GUARDIAN, a…
Augustus – Open-source LLM Vulnerability Scanner With 210+ Attacks Across 28 LLM Providers
Augustus is a new open-source vulnerability scanner designed to secure Large Language Models (LLMs) against an evolving landscape of adversarial threats. Built by Praetorian, Augustus aims to bridge the gap between academic research tools and production-grade security testing, offering a…
AI-driven scams are eroding trust in calls, messages, and meetings
In this Help Net Security video, Miguel Fornés, Governance and Compliance Manager at Surfshark, discusses how AI is changing social engineering attacks. He describes how tasks that once took weeks, such as research and targeting, are now automated and cheap.…
Microsoft Acknowledges Exchange Online Spam Filter Mistakenly Blocks Valid Email
Microsoft is currently tackling a significant service degradation within Exchange Online that is disrupting business communications by incorrectly flagging legitimate emails as phishing attempts. The incident, tracked under the identifier EX1227432, began on February 5, 2026, and is causing valid messages…
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of…
Threat Actors Using Ivanti EPMM Flaws to Install Stealth Backdoors
A sophisticated new cyber campaign has been detected targeting Ivanti Endpoint Manager Mobile (EPMM) systems. Starting on February 4, 2026, threat actors began exploiting two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, to plant dormant backdoors. Unlike typical attacks that immediately steal…
DPRK IT Workers Impersonating Individuals Using Real LinkedIn Accounts to Apply for Remote Roles
The landscape of remote employment faces a persistent and evolving challenge as North Korean operatives refine their strategies to infiltrate global organizations. For years, these actors have sought remote information technology roles to generate revenue for the regime, often relying…
15,200 OpenClaw Control Panels with Full System Access Exposed to the Internet
A critical security failure in the rapidly adopting “agentic AI” ecosystem has left tens of thousands of personal and corporate AI assistants fully exposed to the public internet. New research released today by the SecurityScorecard STRIKE Threat Intelligence Team reveals…
Cybersecurity jobs available right now: February 10, 2026
Cloud Security Engineer KPMG | Israel | On-site – View job details As a Cloud Security Engineer, you will establish, secure, and support critical Azure cloud infrastructure, with a strong focus on sensitive and regulated environments. You will design and…
0-Click RCE Found in Claude Desktop Extensions, Putting 10,000+ Users at Risk
A critical “zero-click” vulnerability in Claude Desktop Extensions (DXT) that allows attackers to compromise a computer using nothing more than a Google Calendar event. The flaw, which has been assigned a maximum severity score of CVSS 10/10, affects more than 10,000…
DPRK IT Workers Use Stolen LinkedIn Identities to Secure Remote Employment
A new wave of identity fraud has hit the remote job market, with North Korean (DPRK) operatives adopting a sophisticated new tactic to bypass hiring screens. This development marks a significant shift in tradecraft. Previously, these operatives often relied on…
IT Security News Hourly Summary 2026-02-10 06h : 1 posts
1 posts were published in the last hour 4:13 : Toy Battles – 1,017 breached accounts
Toy Battles – 1,017 breached accounts
In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned.…
India makes Aadhaar more ubiquitous, but critics say security and privacy concerns remain
India’s Aadhaar is moving into wallets, hotels and policing through a new app. Critics say that amid the broader Aadhaar rollout, it’s unclear how data shared through the new app would prevent breaches or leaks. This article has been indexed…
Association Nationale des Premiers Secours – 5,600 breached accounts
In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum. The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS…
ISC Stormcast For Tuesday, February 10th, 2026 https://isc.sans.edu/podcastdetail/9802, (Tue, Feb 10th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, February 10th, 2026…
Why Traditional Cyber Risk Management Is No Longer Enough in 2026
As we settle into 2026, the cybersecurity industry is experiencing dramatic change. AI, AI agents, Quantum, and even traditional attack techniques are developing in ways that impact how we protect our organisations and even how we communicate with our customers.…
European Commission Hit by Mobile Management Data Breach
The European Commission is investigating a mobile device management breach that exposed staff data amid similar attacks across Europe. The post European Commission Hit by Mobile Management Data Breach appeared first on eSecurity Planet. This article has been indexed from…
Department of Know: GSA’s CMMC requirements, AWS intruder AI heist, Moltbook raises the stakes
Link to episode page This week’s Department of Know is hosted by Rich Stroffolino with guests Nick Ryan, former CISO, and Chris Ray, Field CTO, GigaOm Thanks to our show sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World…
Your OpenClaw Agent Doesn’t Sleep. Your Laptop Does. Move It to the Cloud.
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: Your OpenClaw Agent Doesn’t Sleep. Your Laptop Does. Move It to the…
IT Security News Hourly Summary 2026-02-10 00h : 4 posts
4 posts were published in the last hour 22:55 : IT Security News Daily Summary 2026-02-09 22:26 : Hackers Deliver Global Group Ransomware Offline via Phishing Emails 22:26 : 10K Claude Desktop Users Exposed by Zero-Click Vulnerability 22:26 : Someone’s…