A sophisticated tech support scam campaign has emerged, exploiting malicious advertisements on Bing search results to redirect victims to fraudulent websites hosted on Microsoft’s Azure Blob Storage platform. The attack, first detected on February 2, 2026, affected users across 48…
Unpatched SolarWinds WHD instances under active attack
Internet‑exposed and vulnerable SolarWinds Web Help Desk (WHD) instances are under attack by threat actors looking to gain an initial foothold into target organizations’ networks, Microsoft and Huntress researchers have warned. Once inside, the attackers are deploying legitimate remote access…
NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure
NCSC call firms to ‘act now’ following disruptive malware attacks targeting Polish energy providers This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Issues Warning Over “Severe” Cyber-Attacks Targeting Critical National Infrastructure
BeyondTrust Patches Critical RCE Vulnerability
Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication. The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: BeyondTrust Patches…
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version…
VoidLink Linux C2 Uses LLM-Generated Malware with Kernel-Level Stealth
VoidLink represents a concerning evolution in malware development: a sophisticated Linux command-and-control framework that shows clear signs of being built with AI assistance. This Linux malware operates as a modular implant designed for long-term access to compromised systems. It doesn’t discriminate between…
Nearly 17,000 Volvo staff dinged in supplier breach
HR outsourcer Conduent confirms intruders accessed benefits-related records tied to US personnel Nearly 17,000 Volvo employees had their personal data exposed after cybercriminals breached Conduent, an outsourcing giant that handles workforce benefits and back-office services.… This article has been indexed…
Threat Actor Claims Leak of Cybercrime-Focused AI Platform WormGPT Database
A threat actor operating under the alias Sythe has claimed responsibility for leaking the complete WormGPT database, a notorious cybercrime-focused artificial intelligence platform that has been sold on dark web forums since 2023. Hackmanac observed that the alleged breach reportedly…
30-Year-Old Libpng Vulnerability Exposes Millions of Systems to Code Execution Attacks
A critical vulnerability has been uncovered in libpng, the official PNG reference library used by practically every operating system and web browser in existence. The flaw, assigned CVE-2026-25646, is a heap buffer overflow in the png_set_quantize() function that allows attackers…
Axios Vulnerability Let Attackers Triggers DoS Condition and Crash Node.js Servers
A high-severity security flaw has been discovered in Axios, one of the most popular HTTP client libraries used in the JavaScript ecosystem. The vulnerability, tracked as CVE-2026-25639, allows remote attackers to trigger a Denial-of-Service (DoS) condition, effectively crashing Node.js servers with a…
Fancy Bear Hackers Exploiting Microsoft Zero-Day Vulnerability to Deploy Backdoors and Email Stealers
The Russia-linked cyber espionage group known as Fancy Bear has launched Operation Neusploit. The group is also known as APT28. This marks a significant escalation, leveraging a zero-day vulnerability, CVE-2026-21509, in Microsoft RTF files. By exploiting this flaw, attackers execute…
Crypto Scanner – New Tool to Find Quantum-Vulnerable Cryptography in your Codebase
As the timeline for powerful quantum computing accelerates, a new open-source tool has emerged to help developers secure their data against future threats. Crypto Scanner, developed by Quantum Shield Labs, is a command-line interface (CLI) utility designed to hunt down…
IT Security News Hourly Summary 2026-02-10 12h : 9 posts
9 posts were published in the last hour 10:32 : Japan’s KDDI Uncovers $1.5bn In Fictional Transactions 10:32 : Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data 10:32 : Singapore: Rootkits, Zero-Day Used in Chinese Attack on…
Japan’s KDDI Uncovers $1.5bn In Fictional Transactions
KDDI delays disclosure of quarterly financial results after finding ¥246bn in fictional transactions and ¥33bn in fraudulent payments This article has been indexed from Silicon UK Read the original article: Japan’s KDDI Uncovers $1.5bn In Fictional Transactions
Dutch agencies hit by Ivanti EPMM exploit exposing employee contact data
Dutch agencies confirmed attacks exploiting Ivanti EPMM flaws that exposed employee contact data at the data protection authority and courts. Dutch authorities said cyberattacks hit the Dutch Data Protection Authority and the Council for the Judiciary after hackers exploited newly…
Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms
China-linked UNC3886 targeted all four major telecom providers, but did not disrupt services or access customer information. The post Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms appeared first on SecurityWeek. This article has been indexed from…
Crypto Exchange Accidentally Gives Away $40bn
South Korean cryptocurrency exchange Bithumb erroneously sends more than $40bn in cryptocurrency to customers as part of promotion This article has been indexed from Silicon UK Read the original article: Crypto Exchange Accidentally Gives Away $40bn
Attackers Weaponize Windows Shortcut Files to Deploy Global Group Ransomware
A high-volume phishing campaign leveraging the Phorpiex botnet has been distributing GLOBAL GROUP ransomware through weaponized Windows shortcut files. The attack begins with an email attachment named Document.doc.lnk. Windows’ default behavior of hiding known file extensions makes this shortcut appear…
Windows Error Reporting Flaw Allows Attackers to Elevate Privileges
A newly documented Windows vulnerability, CVE-2026-20817, impacts the Windows Error Reporting Service (WER) and enables local privilege escalation. The issue matters because WER runs as NT AUTHORITY\SYSTEM, so any mistake in its permission checks can become a direct path to…
British Army splashes $86M on AI gear to speed up the battlefield kill chain
Troops fitted with new comms kit as part of Project ASGARD British soldiers are to get an array of AI-ready kit that should mean they don’t have to wait to see the “whites of their eyes” before pulling the trigger.……
DuckDuckGo enables AI voice chat without saving voice data
DuckDuckGo has added voice chat to Duck.ai, allowing users to speak to an AI assistant while keeping audio private, unrecorded, and excluded from AI training. Voice chat is available in the DuckDuckGo browser and most third-party browsers, with support for…
European Governments Breached in Zero-Day Attacks Targeting Ivanti
The European Commission and government agencies in Finland and the Netherlands have suffered potentially related breaches This article has been indexed from www.infosecurity-magazine.com Read the original article: European Governments Breached in Zero-Day Attacks Targeting Ivanti
EU Orders TikTok To Make Changes
European Commission says TikTok must change ‘addictive design’, including altering algorithm, removing infinite scroll, or face fines This article has been indexed from Silicon UK Read the original article: EU Orders TikTok To Make Changes
Axios Vulnerability Allows Attackers to Trigger DoS and Crash Node.js Servers
A serious security flaw has been discovered in Axios, one of the most popular HTTP client libraries for Node.js, allowing attackers to crash servers and trigger denial-of-service (DoS) attacks. The vulnerability, tracked as CVE-2026-25639, affects all versions up to and…