New Starlink verification system Ukraine has launched a new authentication system for Starlink satellite internet terminals used by the public and the military after verifying that Russia state sponsored hackers have started using the technology to attack drones. The government…
Student Founders Establish Backed Program to Help Peers Build Startups
Two students affiliated with Stanford University have raised $2 million to expand an accelerator program designed for entrepreneurs who are still in college or who have recently graduated. The initiative, called Breakthrough Ventures, focuses on helping early-stage founders move…
More than 135,000 OpenClaw instances exposed to internet in latest vibe-coded disaster
By default, the bot listens on all network interfaces, and many users never change it It’s a day with a name ending in Y, so you know what that means: Another OpenClaw cybersecurity disaster.… This article has been indexed from…
Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk
The funding was raised over Series A and seed funding rounds for its supply chain security solution. The post Lema AI Emerges From Stealth With $24 Million to Tackle Third-Party Risk appeared first on SecurityWeek. This article has been indexed…
AI Revolution Reshapes CISO Spending for 2026: Security Leaders Prioritize Defense Automation
The cybersecurity landscape is undergoing a fundamental shift as chief information security officers (CISOs) shift their 2026 budgets to artificial intelligence (AI) and realign traditional defense strategies. Nearly 80% of senior security executives are prioritizing AI-driven solutions to counter increasingly…
CISA Warns of Actively Exploited SmarterMail Flaw Used in Ransomware Attacks
CISA includes a fresh SmarterMail weakness in its KEV list – this marks the third such addition linked to the messaging system within fourteen days. Identified as CVE-2026-24423, the security gap faces real-world abuse during ransom operations. Evidence points…
New Zero-Click Flaw in Claude Desktop Extensions, Anthropic Declines Fix
Security researchers from LayerX identified a new flaw in 50 Claude Desktop Extensions that could lead to unauthorized remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: New Zero-Click Flaw in Claude Desktop Extensions, Anthropic…
IT Security News Hourly Summary 2026-02-09 18h : 3 posts
3 posts were published in the last hour 16:34 : Hacktivist scrapes over 500,000 stalkerware customers’ payment records 16:18 : Flaw in Anthropic Claude Extensions Can Lead to RCE in Google Calendar: LayerX 16:18 : Two Connecticut Men Charged In…
Hacktivist scrapes over 500,000 stalkerware customers’ payment records
More than half-a-million people who bought access to phone surveillance and social media snooping apps had their email address and partial payment card numbers published online. This article has been indexed from Security News | TechCrunch Read the original article:…
Flaw in Anthropic Claude Extensions Can Lead to RCE in Google Calendar: LayerX
LayerX researchers say that a security in Anthropic’s Claude Desktop Extensions can be exploited to allow threat actors to place a RCE vulnerability into Google Calendar, the latest report to highlight the risks that come with giving AI models with…
Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme
Two Connecticut men face federal charges for a $3m scheme targeting online gambling platforms This article has been indexed from www.infosecurity-magazine.com Read the original article: Two Connecticut Men Charged In Alleged $3m Gambling Fraud Scheme
Shortlist: Most Inspiring Women in Cyber Awards 2026
We’re pleased to announce the shortlist for this year’s Most Inspiring Women in Cyber Awards! This year’s awards are sponsored by BT, Fidelity International, Plexal and Bridewell. The awards are supported by WiCyS UK&I, WiTCH and Seidea and hosted by…
Claude Desktop Extensions 0-Click RCE Vulnerability Exposes 10,000+ Users to Remote Attacks
A new critical vulnerability discovered by security research firm LayerX has exposed a fundamental architectural flaw in how Large Language Models (LLMs) handle trust boundaries. The zero-click remote code execution (RCE) flaw in Claude Desktop Extensions (DXT) allows attackers to…
Discord to Age-Restrict User Access to Key Features Starting Next Month
Discord announced it will begin globally rolling out “teen-by-default” safety controls and an expanded “age assurance” system in early March, introducing clearer boundaries around age-restricted experiences while leaving most everyday use unchanged. The company says the goal is to make…
AI chat app leak exposes 300 million messages tied to 25 million users
A security researcher found an exposed database belonging to the Chat & Ask AI app, once again traced back to a Firebase misconfiguration. This article has been indexed from Malwarebytes Read the original article: AI chat app leak exposes 300…
Ransomware group breached SmarterTools via flaw in its SmarterMail deployment
SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer, said…
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization’s network to other high-value assets. That said, the…
VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code
VoidLink, a Linux-based C2 framework, facilitates credential theft, data exfiltration across clouds This article has been indexed from www.infosecurity-magazine.com Read the original article: VoidLink Malware Exhibits Multi-Cloud Capabilities and AI Code
Cyber Briefing: 2026.02.09
Spear-phishing and cloud worms spread RATs and botnets, critical RCEs patched, ransomware hits payments, breaches surface, and cybercrime arrests follow. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.02.09
UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering
Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069,…
Flickr’s 35M Users Affected by Third-Party Data Exposure
Flickr disclosed a data exposure tied to a third-party email provider, highlighting how external service vulnerabilities can put millions of users at risk. The post Flickr’s 35M Users Affected by Third-Party Data Exposure appeared first on TechRepublic. This article has…
BridgePay Ransomware Causes Widespread Payment Outages
A ransomware attack on BridgePay caused widespread U.S. payment outages, forcing some organizations to go cash-only. The post BridgePay Ransomware Causes Widespread Payment Outages appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Dutch data watchdog snitches on itself after getting caught in Ivanti zero-day attacks
Staff data belonging to the regulator and judiciary’s governing body accessed The Dutch Data Protection Authority (AP) says it was one of the many organizations popped when attackers raced to exploit recent Ivanti vulnerabilities as zero-days.… This article has been…
Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter
As only data exfiltration for extortion no longer delivers ROI, ransomware gangs may increasingly encrypting data for additional leverage. The post Ransomware Groups May Pivot Back to Encryption as Data Theft Tactics Falter appeared first on SecurityWeek. This article has…