Development activity on the Linux kernel continues into early 2026 with the stable release of version 6.19. Kernel maintainers have completed the pre-release cycle and merged the final set of changes into the mainline tree. The release follows the ongoing…
BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)
BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day (CVE-2024-12356) that…
BridgePay Confirms Ransomware Attack, No Card Data Compromised
The services of Florida-based payments platform BridgePay are offline due to a ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: BridgePay Confirms Ransomware Attack, No Card Data Compromised
Hackers Abuse ClawHub Skills to Evade VirusTotal via Social Engineering
A new evolution in ClawHub skill-based attacks that effectively sidesteps recent security measures. Rather than embedding base64-encoded payloads directly in SKILL.md files, threat actors have now shifted to a simpler approach: hosting malware on convincing lookalike websites and using skills…
Iran’s Digital Surveillance Machine Is Almost Complete
After more than 15 years of draconian measures, culminating in an ongoing internet shutdown, the Iranian regime seems to be staggering toward its digital surveillance endgame. This article has been indexed from Security Latest Read the original article: Iran’s Digital…
January 2026 Cyber Attacks Statistics
After the cyber attacks timelines (part I and part II), it’s time to publish the statistics for January 2026 where I collected and analyzed 178 events. In January 2026, Cyber Crime continued to lead the Motivations chart with 76%, ahead…
APT Hackers Target Edge Devices by Abusing Trusted Services to Deploy Malware
Advanced Persistent Threat actors are shifting their focus toward network edge devices, exploiting critical vulnerabilities in firewalls, routers, and VPN appliances to establish long-term access within target environments. These attacks mark a dangerous evolution in cyber warfare, where adversaries bypass…
Hackers Exploiting ClawHub Skills to Bypass VirusTotal Detections via Social Engineering
Threat actors have significantly evolved their attack strategies recently observed within the ClawHub ecosystem, moving away from easily detectable methods to more subtle techniques. Rather than embedding malicious payloads directly into files, they now host these dangers on convincing external…
European Commission Contains Cyber-Attack Targeting Staff Mobile Data
The European Commission has confirmed the detection and containment of a security incident affecting the central infrastructure that manages staff mobile devices. The breach, identified on January 30 through internal telemetry, resulted in unauthorized access to a limited subset of…
ScarCruft Abuses Legitimate Cloud Services for C2 and OLE-based Chain to Drop Malware
ScarCruft, a prolific North Korean-backed advanced persistent threat (APT) group, has significantly refined its cyberespionage capabilities in a newly identified campaign distributing the ROKRAT malware. This recent activity marks a strategic deviation from their traditional reliance on LNK-based attack chains,…
Fake 7-Zip downloads are turning home PCs into proxy nodes
A convincing lookalike of the popular 7-Zip archiver site has been silently turning victims’ machines into residential proxy nodes. This article has been indexed from Malwarebytes Read the original article: Fake 7-Zip downloads are turning home PCs into proxy nodes
TikTok under EU pressure to change its addictive algorithm
The European Commission has issued preliminary findings that say TikTok breaches the Digital Services Act due to its addictive design. The Commission opened a formal investigation into TikTok in February 2024. The probe examined whether the platform meets its obligations…
OpenAI updates Europe privacy policy, adding new data categories
OpenAI has updated its Europe-facing privacy policy following the November 2024 EU revision, clarifying scope, expanding coverage, and detailing user controls. The updated document is longer, with dedicated sections for data controls and practical resources. It explains key controls and…
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT. Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan…
China-Linked DKnife Spyware Hijacking Internet Routers Since 2019
Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More…
APT Hackers Abuse Trusted Edge Services to Stealthily Deploy Malware
APT activity across APAC is rising rapidly as geopolitical tensions continue to grow, and defenders are seeing more advanced tradecraft aimed at long-term access. Taiwan stood out as the most targeted environment, with 173 tracked attacks far higher than any…
New RecoverIt Tool Abuses Windows Service Failure Recovery to Execute Malicious Payloads
A new offensive security tool named “RecoverIt” has been released, offering red teamers a stealthy method for lateral movement and persistence by abusing the Windows Service recovery mechanism. The tool circumvents traditional detection methods that focus on monitoring service creation…
European Commission probes intrusion into staff mobile management backend
Officials explore issue affecting infrastructure after CERT-EU detected suspicious activity Brussels is digging into a cyber break-in that targeted the European Commission’s mobile device management systems, potentially giving intruders a peek inside the official phones carried by EU staff.… This…
IT Security News Hourly Summary 2026-02-09 12h : 7 posts
7 posts were published in the last hour 10:32 : Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors 10:32 : Heimdal Claims Industry First with IASME-Aligned Cyber Essentials PEDM Mapping 10:32 : Critical FortiClientEMS Vulnerability Let…
Vortex Werewolf Targets Organizations With Tor-Enabled RDP, SMB, SFTP, and SSH Backdoors
A threat cluster tracked as “Vortex Werewolf” (also known as SkyCloak) has been observed targeting Russian government and defense organizations. The attack begins not with a typical malicious attachment, but with a highly credible phishing link. Vortex Werewolf distributes URLs…
Heimdal Claims Industry First with IASME-Aligned Cyber Essentials PEDM Mapping
London, UK, February 9, 2026 – Heimdal today announced it is the first vendor to publish an IASME Cyber Essentials aligned control mapping for Privilege Elevation and Delegation Management (PEDM), helping organisations evidence least privilege and stronger control over administrative access. Privileged access…
Critical FortiClientEMS Vulnerability Let Attackers Execute Malicious Code Remotely
Fortinet has issued a critical security advisory warning administrators to immediately patch instances of FortiClientEMS, its central management solution for endpoint protection. The vulnerability, tracked as CVE-2026-21643, carries a CVSSv3 score of 9.1 and could allow unauthenticated, remote attackers to…
New RecoverIt Tool Exploits Windows Service Failure Recovery Functions to Execute Payload
A new open-source offensive security tool named “RecoverIt” has been released, offering Red Teamers and penetration testers a novel method for establishing persistence and executing lateral movement on compromised Windows systems. The tool, developed by security researcher TwoSevenOneT, weaponizes the…
Vortex Werewolf Attacking Organizations to Gain Tor-Enabled Remote Access Over the RDP, SMB, SFTP, and SSH Protocols
A new cyber espionage cluster has recently emerged, focusing its aggressive targeting on Russian government and defense organizations. Active since at least December 2025, the group, designated as Vortex Werewolf, employs a combination of social engineering and legitimate software utilities…