Threat actors are actively leveraging compromised SonicWall SSLVPN credentials to breach networks and deploy a sophisticated “EDR killer” that can blind endpoint security solutions. In a campaign analyzed by Huntress in early February 2026, attackers utilized valid VPN accounts to…
Beware of Fake Traffic Ticket Portals that Harvest Your PII and Credit Card Data
A sophisticated phishing campaign targeting Canadian citizens has emerged, using fake traffic ticket payment portals to steal personal and financial information. The attackers employ SEO poisoning techniques to manipulate search engine results, ensuring their fraudulent websites appear legitimate when users…
Cisco Meeting Management Vulnerability Let Remote Attacker Upload Arbitrary Files
A high-severity security advisory has been issued for a critical vulnerability in Meeting Management software. This vulnerability allows authenticated remote attackers to upload harmful files and gain complete control over the affected system. The security flaw, identified as CVE-2026-20098, carries a…
AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+
Pindrop warns of 1210% increase in AI-powered fraud last year This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Enabled Voice and Virtual Meeting Fraud Surges 1000%+
Go 1.25.7 and Go 1.24.13 Released With Patches for Multiple Security Vulnerabilities
The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent potential code smuggling and authentication bypass scenarios. Overview of the Vulnerability…
Cisco, F5 Patch High-Severity Vulnerabilities
The security defects can lead to DoS conditions, arbitrary command execution, and privilege escalation. The post Cisco, F5 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cisco, F5 Patch High-Severity…
Weaponized Voicemail Hack Allows Remote Access to Systems, Experts Warn
A sophisticated social engineering campaign that weaponizes fake voicemail notifications to trick victims into installing remote access tools. The attack begins when victims receive communications directing them to compromised websites displaying convincing voicemail-themed landing pages. These pages use bank-related subdomains…
Microsoft launches LiteBox, a security-focused open-source library OS
Microsoft has released LiteBox, a project intended to function as a security-focused library OS that can serve as a secure kernel for protecting a guest kernel using virtualization hardware. LiteBox was developed in collaboration with the Linux Virtualization Based Security…
Microsoft brings project-focused AI agents into OneDrive
Teams often rely on shared document collections to track project history, decisions, and operational knowledge. To support this workflow, Microsoft introduced Agents in OneDrive, allowing users to create AI assistants built from selected files and folders. The feature allows users…
Broken Phishing URLs, (Thu, Feb 5th)
For a few days, many phishing emails that landed into my mailbox contain strange URLs. They are classic emails asking you to open a document, verify your pending emails, … This article has been indexed from SANS Internet Storm Center,…
Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
We analyze the recent Stan Ghouls campaign targeting organizations in Russia and Uzbekistan: Java-based loaders, the NetSupport RAT, and a potential interest in IoT. This article has been indexed from Securelist Read the original article: Stan Ghouls targeting Russia and…
Varonis acquires AllTrue.ai to enable safe, compliant AI at scale
Varonis is expanding its AI security capabilities through the acquisition of AllTrue.ai, which brings real-time visibility and security to AI systems, complementing Varonis’ understanding of enterprise data, identities, and access. Together, the combined platform helps organizations see and protect everything…
AiStrike introduces AI-powered MDR to reduce costs and alert fatigue
AiStrike announced the launch of AiStrike MDR, an AI-powered managed detection and response (MDR) service designed to replace human-intensive MDR with an AI-led, expert-guided operating model built for scale, speed, and measurable outcomes. Enterprises and government organizations use AiStrike to…
Ukraine tightens controls on Starlink terminals, VMware ESXi flaw now exploited, SolarWinds Web Help Desk bug under attack
Ukraine tightens controls on Starlink terminals VMware ESXi flaw now exploited SolarWinds Web Help Desk bug under attack Get the show notes here: https://cisoseries.com/cybersecurity-news-ukraine-tightens-controls-on-starlink-terminals-vmware-esxi-flaw-now-exploited-solarwinds-web-help-desk-bug-under-attack/ Huge thanks to our sponsor, Strike48 Strike48 is the Agentic Log Intelligence Platform that actually puts…
APT28 Hackers Exploit Microsoft Office Vulnerability to Target Government Agencies
Russian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the theft on secrets from maritime and…
OfferUp scammers are out in force: Here’s what you should know
The mobile marketplace app has a growing number of users, but not all of them are genuine. Watch out for these common scams. This article has been indexed from WeLiveSecurity Read the original article: OfferUp scammers are out in force:…
Three clues that your LLM may be poisoned with a sleeper-agent back door
It’s a threat straight out of sci-fi, and fiendishly hard to detect Sleeper agent-style backdoors in AI large language models pose a straight-out-of-sci-fi security threat.… This article has been indexed from The Register – Security Read the original article: Three…
IT Security News Hourly Summary 2026-02-05 09h : 5 posts
5 posts were published in the last hour 7:34 : Amaranth-Dragon Exploits WinRAR Vulnerability for Persistent Access to Victim Systems 7:34 : New 3 Step Malvertising Chain Abusing Facebook Paid Ads to Push Tech Support Scam Kit 7:34 : Threat…
Amaranth-Dragon Exploits WinRAR Vulnerability for Persistent Access to Victim Systems
A new cyber-espionage threat group dubbed Amaranth-Dragon. Active throughout 2025, this group has launched highly targeted attacks against government and law enforcement agencies across Southeast Asia. Evidence links Amaranth-Dragon to APT-41, a notorious Chinese state-sponsored hacking group, due to shared tools and…
New 3 Step Malvertising Chain Abusing Facebook Paid Ads to Push Tech Support Scam Kit
A sophisticated new cyber threat has emerged within the digital advertising ecosystem, specifically targeting users through the vast reach of Facebook’s paid advertising platform. Malicious actors are increasingly weaponizing social media ads to bypass traditional security filters and deliver harmful…
Threat Actors Hacking NGINX Servers to Redirect Web Traffic to Malicious Servers
A sophisticated campaign in which threat actors are stealthily compromising NGINX servers to redirect web traffic to malicious destinations. The attackers, previously linked to “React2Shell” exploits, are now targeting NGINX configurations, specifically those using the Baota (BT) management panel, widely…
New DesckVB RAT with Multi-stage Infection Chain and Plugin-Based Architecture
A sophisticated new threat has surfaced in the wild, identified as the DesckVB RAT version 2.9. This modular Remote Access Trojan, built on the .NET framework, has been observed in active malware campaigns throughout early 2026. Unlike simple backdoors, this…
APT28 Hackers Exploiting Microsoft Office Vulnerability to Compromise Government Agencies
Russian state-sponsored actors known as APT28 have initiated a sophisticated cyber espionage campaign targeting high-value government and military entities across Europe. The primary targets include maritime and transport organizations in nations such as Poland, Ukraine, and Turkey. The attackers are…
Threat Actors Exploiting NGINX Servers to Redirect Web Traffic to Malicious Sites
A new cyber campaign where attackers are hijacking web servers to redirect visitors to malicious websites . The campaign targets NGINX, a popular web server software, and specifically focuses on servers using the Baota (BT) management panel. The attackers, linked…