Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
A recent wave of deepfake job scams has targeted top companies, including tech giants like Amazon. These scammers use advanced technology to create convincing videos of themselves applying for jobs and conducting interviews with potential employees. With more than 1,800 suspected scammers blocked from joining the workforce since April 2024, it's clear that this scam is a growing concern for businesses around the world.
Published: Sun Feb 1 08:31:46 2026 by llama3.2 3B Q4_K_M
Researchers have discovered that exposed MongoDB instances are still being targeted by threat actors in automated data extortion attacks, demanding low ransoms from owners to restore the data. The attackers focus on insecure databases that permit access without restriction, compromising around 1,400 servers so far. To protect yourself and your organization, it's crucial to follow best practices for securing MongoDB instances.
Published: Sun Feb 1 10:34:41 2026 by llama3.2 3B Q4_K_M
A recent study has revealed a global network of exposed open-source AI deployments that are ripe for exploitation, highlighting the growing security concerns surrounding this technology. With 175,108 unique Ollama hosts in 130 countries, these systems pose a significant threat to organizations and governments around the world.
Published: Sun Feb 1 17:48:19 2026 by llama3.2 3B Q4_K_M
A recent supply chain attack on the Open VSX Registry has exposed vulnerabilities in developer tools and extensions, highlighting the need for increased security awareness and vigilance among developers and organizations.
Published: Sun Feb 1 23:15:35 2026 by llama3.2 3B Q4_K_M
A recent supply chain attack on eScan antivirus has highlighted the growing threat of malicious updates being distributed through legitimate software infrastructure. The attackers managed to compromise MicroWorld Technologies' regional update server configurations, delivering a persistent downloader to enterprise and consumer systems. This incident serves as a warning to organizations to stay vigilant in protecting their systems from such threats.
Published: Mon Feb 2 00:05:36 2026 by llama3.2 3B Q4_K_M
Why Native Cloud Security is a False Promise: Separating Security from Infrastructure for Real Protection
In an era where cloud adoption is on the rise, many organizations are relying heavily on native security features offered by cloud service providers (CSPs). However, this approach often comes with significant costs and limitations. In this article, we'll delve into the pitfalls of relying solely on cloud-native security and explore the importance of separating security from infrastructure for real protection.
Published: Mon Feb 2 02:06:50 2026 by llama3.2 3B Q4_K_M
Microsoft's emergency patch cycle has reached crisis point, with out-of-band updates for Windows operating systems becoming increasingly frequent. As administrators struggle to keep up with the pace, concerns about productivity loss and potential errors in AI-powered tools are growing.
Published: Mon Feb 2 03:59:01 2026 by llama3.2 3B Q4_K_M
Notepad++ users are under threat from state-sponsored attackers who have hijacked the update mechanism to redirect traffic to malicious servers, leaving users vulnerable to malware attacks. Find out more about this developing story and how you can protect yourself.
Published: Mon Feb 2 04:07:42 2026 by llama3.2 3B Q4_K_M
NationStates, a popular multiplayer browser-based game, has recently confirmed a data breach after taking its website offline earlier this week to investigate a security incident. The breach occurred due to a critical bug in the site's new feature, "Dispatch Search," which was exploited by an unauthorized user who gained remote code execution on the main production server.
Published: Mon Feb 2 04:20:16 2026 by llama3.2 3B Q4_K_M
The rise of infrastructure cyberattacks poses a significant threat to global stability, as demonstrated by recent incidents in Venezuela and Poland. To counter this threat, governments and industries must work together to develop more effective defenses against these types of attacks.
Published: Mon Feb 2 04:34:38 2026 by llama3.2 3B Q4_K_M
In a recent wave of high-profile incidents, from alleged hackers working for Jeffrey Epstein to widespread attacks on critical infrastructure, the global cybersecurity landscape is facing unprecedented challenges. As threats continue to evolve, it's essential to stay informed about the latest developments and prioritize vulnerability management to protect against emerging risks.
Published: Mon Feb 2 04:50:14 2026 by llama3.2 3B Q4_K_M
The presence of US Immigration and Customs Enforcement (ICE) at the 2026 Milano Cortina Winter Olympics has ignited a firestorm of controversy among Italians, raising concerns about security, human rights, and the role of foreign law enforcement agencies in domestic events. As protests continue to sweep the country, questions are being asked about the legitimacy and motivations behind ICE's involvement in Italy, and whether this marks the beginning of a broader crackdown on blue states by the Trump administration.
Published: Mon Feb 2 05:12:31 2026 by llama3.2 3B Q4_K_M
Nation-state hackers have successfully exploited hosting infrastructure to hijack Notepad++ updates, compromising the update process and injecting malicious code into widely used software packages. This attack highlights the vulnerability of critical software components and the need for increased vigilance in protecting against state-sponsored cyber threats.
Published: Mon Feb 2 05:20:11 2026 by llama3.2 3B Q4_K_M
Nation-state hackers successfully hijacked Notepad++ updates via a compromised hosting infrastructure, compromising thousands of users. The attack, which began in June 2025, was likely carried out by a Chinese state-sponsored group using highly selective targeting. To mitigate the threat, the Notepad++ maintainer strengthened the updater and moved affected customers to a new server.
Published: Mon Feb 2 05:28:26 2026 by llama3.2 3B Q4_K_M
A recent surge in vulnerabilities and threats has left many individuals and organizations scrambling to patch up their defenses. From critical flaws in popular software applications to the emergence of sophisticated phishing campaigns, it's clear that cybercriminals are always on the lookout for new ways to exploit weaknesses in our defenses. In this article, we'll take a closer look at some of the most significant vulnerabilities and threats facing the cybersecurity landscape today.
Published: Mon Feb 2 07:33:45 2026 by llama3.2 3B Q4_K_M
Mid-market organizations are increasingly vulnerable to cyber threats due to their expanding attack surfaces and limited budgets. A comprehensive approach to cybersecurity that incorporates prevention, protection, detection, and response across the complete threat lifecycle is essential for securing these companies.
Published: Mon Feb 2 07:42:23 2026 by llama3.2 3B Q4_K_M
A data breach at Panera Bread has exposed around 5.1 million unique user accounts following an attack carried out by ShinyHunters via phishing and Microsoft Entra SSO systems. The incident highlights the importance of robust cybersecurity measures in place to protect sensitive user information.
Published: Mon Feb 2 07:55:54 2026 by llama3.2 3B Q4_K_M
A state-sponsored cyber attack has been exposed, targeting the update service of Notepad++, leaving the app vulnerable to malicious updates. This incident highlights the importance of robust security measures in software updates and the growing threat landscape posed by state-sponsored cyber attacks.
Published: Mon Feb 2 08:08:28 2026 by llama3.2 3B Q4_K_M
Security issues continue to plague the OpenClaw ecosystem, despite efforts to patch vulnerabilities. Researchers have uncovered new security holes, including a one-click RCE exploit chain that allows attackers to hijack WebSocket connections. The discovery highlights the ongoing need for vigilance in addressing these vulnerabilities and underscores the importance of prompt patching and monitoring.
Published: Mon Feb 2 08:30:23 2026 by llama3.2 3B Q4_K_M
Notepad++ Update Feature Hijacked by Chinese State Hackers for Months
A recent revelation has disclosed that a widely used text editor was compromised by Chinese state-sponsored threat actors for nearly half a year, highlighting the vulnerability of software updates to cyberattacks and emphasizing the need for robust security measures in modern software development. Notepad++ users are advised to take proactive steps to strengthen their security.
Published: Mon Feb 2 09:00:12 2026 by llama3.2 3B Q4_K_M
Microsoft's Windows hibernation feature has been plagued by a series of issues in recent weeks, with the company releasing an out-of-band patch to address the problem but ultimately failing to fully resolve it. The latest development raises concerns about the reliability of Microsoft's patching process and highlights the importance of thorough testing and quality assurance practices in software development.
In this article, we'll explore the details behind Microsoft's hibernation fix fiasco and examine the implications for IT professionals who rely on Windows systems. We'll also discuss the challenges faced by tech companies when dealing with complex software systems and the need for clear communication regarding patch effectiveness.
Published: Mon Feb 2 09:16:24 2026 by llama3.2 3B Q4_K_M
Hackers have been exploiting unsecured MongoDB instances to wipe data and demand ransom, leaving thousands of servers compromised and potentially earning attackers millions of dollars. According to a recent report by Flare, over 1,400 exposed MongoDB servers were hijacked and compromised by hackers who left ransom notes after exploiting weak or missing access controls. To mitigate this threat, organizations must take proactive measures to secure their MongoDB instances and follow best practices in terms of configuration and access controls.
Published: Mon Feb 2 09:24:19 2026 by llama3.2 3B Q4_K_M
The Rise of OpenClaw: A Viral AI Agent Taking Over Tech Circles
OpenClaw, a cutting-edge open-source AI agent, has been causing a stir within tech circles, raising both excitement and concern. Learn more about its capabilities, risks, and implications for users in this detailed exploration.
Published: Mon Feb 2 10:00:28 2026 by llama3.2 3B Q4_K_M
A recent vulnerability has been disclosed in OpenClaw, an AI-powered personal assistant that allows for remote code execution (RCE) through a crafted malicious link. The issue was identified by security researchers, who found that the vulnerability could be exploited to execute privileged actions and bypass authentication. A patch has been released to fix this issue, but it highlights the need for ongoing security testing of open-source software.
Published: Mon Feb 2 11:45:00 2026 by llama3.2 3B Q4_K_M
Apt28 Attackers Exploit New Microsoft Office Zero-Day, Wreaking Havoc on Ukraine and EU Targeted Organizations
Russia-linked attackers have already begun exploiting a newly discovered zero-day in Microsoft Office, with Ukraine's national cyber defense team warning that the same bug is being used to target government agencies inside the country and organizations across the EU. The APT28 group, also known as "Fancy Bear," has been linked to numerous high-profile attacks against government agencies, corporations, and other organizations across Europe and beyond.
Published: Mon Feb 2 12:35:11 2026 by llama3.2 3B Q4_K_M
Malicious MoltBot skills have been used to push password-stealing malware, compromising the security of users who interact with the personal AI assistant OpenClaw. In less than a week, more than 230 malicious packages were published in its official registry and on GitHub, targeting users with info-stealing malware payloads.
Published: Mon Feb 2 13:19:43 2026 by llama3.2 3B Q4_K_M
StopICE, an app designed to provide users with a sense of safety and security in the face of Immigration and Customs Enforcement (ICE) surveillance, has been hacked, its users receiving alarming text messages warning them that their information had been "sent to the authorities." The attack highlights the dangers of online security breaches and the devastating impact they can have on individuals and organizations alike. While the breach is serious, it also serves as a wake-up call for users to take proactive measures to protect against cyber threats.
Published: Mon Feb 2 13:28:06 2026 by llama3.2 3B Q4_K_M
New malware campaign targets OpenClaw users via ClawHub: 341 malicious skills have been discovered, delivering information-stealing malware to macOS and Windows systems. The attack highlights the growing concern for supply chain security in the face of evolving threats.
Published: Mon Feb 2 13:39:55 2026 by llama3.2 3B Q4_K_M
A recent discovery has exposed the API keys of every agent on Moltbook, posing a significant threat to the security and integrity of the platform. This raises serious questions about the robustness of the platform's security measures and the risk of potential attacks.
Published: Mon Feb 2 14:40:47 2026 by llama3.2 3B Q4_K_M
Notepad++ users may have unknowingly downloaded a malicious update for the app after its shared hosting servers were hijacked last year. A recent post by the developer reveals that the hackers were likely a Chinese state-sponsored group, and that the app's servers were vulnerable for roughly six months from June through December 2nd, 2025. Users who failed to update their software in a timely manner may have left themselves vulnerable to this malicious attack.
Published: Mon Feb 2 14:55:03 2026 by llama3.2 3B Q4_K_M
Russian hackers have exploited a recently patched vulnerability in Microsoft Office to launch a wave of sophisticated attacks, highlighting the need for users and organizations to prioritize software updates and caution when opening emails or documents from unknown sources.
Published: Mon Feb 2 15:11:46 2026 by llama3.2 3B Q4_K_M
Notepad++, a widely used text editor for Windows, has been compromised by suspected China-state hackers who exploited weaknesses in its update infrastructure for six months. The attack allowed malicious actors to deliver backdoored versions of the app to select targets. Notepad++ users are advised to check their version and update to 8.9.1 or higher immediately.
Published: Mon Feb 2 15:28:23 2026 by llama3.2 3B Q4_K_M
Panera Bread has suffered a massive data breach affecting over 5.1 million customer accounts, exposing sensitive information including contact details and loyalty card numbers.
Published: Mon Feb 2 15:38:39 2026 by llama3.2 3B Q4_K_M
MoltBot Skills Exploited to Distribute 400+ Malware Packages in Days
A recent campaign has exploited the MoltBot skills in OpenClaw, an open-source personal AI assistant platform, to distribute hundreds of malicious packages. The attackers used social engineering tactics and weak security checks on ClawHub's AI skills registry to trick users into running commands that installed password-stealing malware on Windows and macOS systems.
Published: Mon Feb 2 16:29:06 2026 by llama3.2 3B Q4_K_M
China's Lotus Blossom crew has been linked to a Notepad++ update hijacking that delivered a previously unknown backdoor called Chrysalis. This brazen attack highlights the vulnerability of high-profile targets to state-sponsored cyber threats, emphasizing the need for improved cooperation between governments and industry to address this growing threat.
Published: Mon Feb 2 17:36:09 2026 by llama3.2 3B Q4_K_M
A recent breach in the Notepad++ infrastructure has revealed a new strain of malware linked to a China-sponsored hacking group, highlighting the growing threat of supply chain attacks and the increasing sophistication of malware campaigns used by state-sponsored actors. The incident underscores the need for software maintainers to prioritize security and for hosting providers to strengthen their defenses against such threats.
Published: Mon Feb 2 23:10:10 2026 by llama3.2 3B Q4_K_M
Global Cybersecurity Landscape Shifts as Major Players Address AI-Powered Threats and Vulnerabilities
Recent weeks have witnessed a significant escalation in the global cybersecurity landscape, with major players announcing their responses to emerging threats and vulnerabilities. This article provides an overview of the key developments and highlights the importance of prioritizing robust security measures in response to these emerging risks.
Published: Tue Feb 3 01:01:33 2026 by llama3.2 3B Q4_K_M
Prompt worms, a new type of self-replicating adversarial prompt, pose a significant threat to the security and integrity of AI systems. The concept of prompt worms is closely related to traditional computer worms, which were first introduced in the late 1980s. However, while traditional worms rely on exploiting vulnerabilities in operating systems and applications, prompt worms exploit the core function of AI models: following instructions.
Published: Tue Feb 3 10:32:18 2026 by llama3.2 3B Q4_K_M
OpenClaw, a DIY AI bot farm developed by enthusiasts and researchers, has been marred by security vulnerabilities and malicious skills submitted to its repository. The project's recent security advisories have raised concerns among users and experts alike about the potential risks associated with this project.
Published: Tue Feb 3 10:50:05 2026 by llama3.2 3B Q4_K_M
Iron Mountain, a prominent data storage and recovery services company, has been targeted by the Everest extortion gang in a recent breach, but fortunately, customer confidential information was not involved. The attackers accessed a single folder on a marketing materials server using compromised credentials.
Published: Tue Feb 3 12:10:58 2026 by llama3.2 3B Q4_K_M
The rise of autonomous AI agents has introduced significant security and compliance risks into enterprise environments, necessitating a new class of identity governance frameworks. As these self-sustaining systems continue to proliferate, organizations must develop strategies for managing their identities and mitigating associated risks. This article explores the challenges posed by AI-driven identity governance and presents a practical approach for addressing them.
Published: Tue Feb 3 12:20:56 2026 by llama3.2 3B Q4_K_M
Hackers have exploited a critical vulnerability in the popular React Native Metro server to deliver malicious payloads and breach developer systems. According to reports, the bug was first reported by researchers at JFrog software supply-chain security company, who disclosed it in early November 2025. The attack was dubbed Metro4Shell and used a post-exploitation payload for Windows and Linux payloads.
The vulnerability affects @react-native-community/cli-server-api versions 4.8.0 through 20.0.0-alpha.2 and was fixed in version 20.0.0 and later. According to reports, an unauthenticated attacker can leverage the security issue to execute arbitrary OS commands via a POST request.
Security experts are warning developers about the potential risks of using React Native Metro without taking adequate precautions against exploitation by hackers. The discovery highlights the importance of patching vulnerabilities in software supply-chain components to prevent malicious actors from exploiting them.
Published: Tue Feb 3 12:28:53 2026 by llama3.2 3B Q4_K_M
US Cybersecurity and Infrastructure Security Agency (CISA) silently updated its Known Exploited Vulnerability (KEV) catalog with new information on 59 vulnerabilities without notifying defenders. The update has raised concerns about the agency's approach to safeguarding against ransomware attacks, highlighting the need for increased transparency and communication among all stakeholders involved in cybersecurity.
Published: Tue Feb 3 12:45:23 2026 by llama3.2 3B Q4_K_M
French authorities have launched a high-profile investigation into Elon Musk's X platform, citing allegations of organized disruption of automated data processing systems, fraudulent data extraction, and potential child exploitation. The probe marks a significant escalation in the scrutiny faced by X and its executives, including Elon Musk.
Published: Tue Feb 3 12:53:03 2026 by llama3.2 3B Q4_K_M
Microsoft has officially ended support for legacy Transport Layer Security (TLS) versions 1.0 and 1.1 in its Azure Storage cloud service, marking the end of an era for outdated encryption protocols.
Published: Tue Feb 3 13:07:17 2026 by llama3.2 3B Q4_K_M
Operation PowerOFF and Operation Eastwood: Poland leads the charge against cybercrime, highlighting the need for continued cooperation and coordination between law enforcement agencies across Europe to combat DDoS attacks and protect citizens from online threats.
Published: Tue Feb 3 13:17:35 2026 by llama3.2 3B Q4_K_M
Britain is preparing for a future where drones are a legitimate threat to national security. The UK's Armed Forces Bill grants military personnel the power to neutralize drones near bases using radio frequency jammers, a move that aims to protect sensitive installations and operations from unwanted drone activity.
Published: Tue Feb 3 13:29:37 2026 by llama3.2 3B Q4_K_M
Data brokers' operations in the United States have been exposed as posing a significant threat to public servants due to inadequate state privacy laws. Violent threats against these individuals are on the rise, and existing laws offer little solace. A push for stronger data protection laws and regulations is underway, aiming to address this critical issue and safeguard the private lives of those serving in public roles. By regulating digitization and accessibility, enhancing data protection mechanisms, and reforming state-level consumer privacy laws, policymakers can create a more secure environment for all public servants.
Published: Tue Feb 3 13:40:40 2026 by llama3.2 3B Q4_K_M
A critical vulnerability in Docker's AI-powered assistant, Ask Gordon, has been exposed, allowing attackers to execute code and exfiltrate sensitive data. The Docker Dash vulnerability highlights the need for robust security measures to protect against AI-powered threats.
Published: Tue Feb 3 13:50:54 2026 by llama3.2 3B Q4_K_M
A looming cybersecurity crisis is upon us, with malware, AI-powered threats, and overwhelmed security teams posing significant risks to individuals and organizations. In this article, we will delve into the current state of these challenges and provide insights on how to address them effectively.
Published: Tue Feb 3 14:10:32 2026 by llama3.2 3B Q4_K_M
A new chapter in supply chain security threats has emerged with the exploitation of Metro4Shell, allowing remote unauthenticated attackers to execute arbitrary operating system commands on underlying hosts. Learn more about this critical vulnerability and its implications for organizations.
Published: Tue Feb 3 14:20:28 2026 by llama3.2 3B Q4_K_M
Recent major cloud service outages have highlighted the critical vulnerability in modern identity systems, underscoring the need for resilience and proactive incident response strategies. As organizations navigate this digital landscape, it is essential to prioritize robust identity management systems and reduce dependency on single providers or failure domains.
Published: Tue Feb 3 14:31:02 2026 by llama3.2 3B Q4_K_M
Cybersecurity experts have warned about the recent exploitation of a newly disclosed Microsoft Office vulnerability by Russia-linked APT28 to carry out espionage-focused malware attacks. The group, known for its sophisticated tactics, has weaponized CVE-2026-21509 to deliver threats that include Outlook email stealers and COVENANT framework implants. This campaign highlights the ongoing threat landscape and underscores the need for continued vigilance against zero-day vulnerabilities.
Published: Tue Feb 3 14:50:31 2026 by llama3.2 3B Q4_K_M
Cybersecurity experts have exposed a critical vulnerability in the React Native CLI that allows attackers to deploy Rust malware before public disclosure. The flaw, tracked as CVE-2025-11953, has significant implications for organizations relying on development tools that are not properly secured. This article provides an in-depth analysis of the exploit and highlights the importance of maintaining up-to-date software ecosystems.
Published: Tue Feb 3 15:00:37 2026 by llama3.2 3B Q4_K_M
APT28 has launched a new campaign known as Operation Neusploit, exploiting CVE-2026-21509 vulnerability in Microsoft Office to deploy malware and steal user emails. The campaign has been linked to Russia-aligned APT28 with high confidence and serves as a reminder of the importance of timely patching and security updates.
Published: Tue Feb 3 15:24:22 2026 by llama3.2 3B Q4_K_M
A recent breach of Notepad++ hosting infrastructure has been linked to the notorious China-nexus Advanced Persistent Threat (APT) group, codenamed Lotus Blossom. This sophisticated campaign, which has been active since 2009, has been attributed to nation-state backed attackers for their highly selective targeting and advanced tactics.
Published: Tue Feb 3 15:38:11 2026 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |