Tag: attack
-
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
Germany’s Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging app.”The focus is on high-ranking…
-
Payments platform BridgePay confirms ransomware attack behind outage
A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a widespread outage affecting multiple services. The incident began on Friday and quickly escalated into a nationwide disruption across BridgePay’s platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/payments-platform-bridgepay-confirms-ransomware-attack-behind-outage/
-
Payments platform BridgePay confirms ransomware attack behind outage
A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a widespread outage affecting multiple services. The incident began on Friday and quickly escalated into a nationwide disruption across BridgePay’s platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/payments-platform-bridgepay-confirms-ransomware-attack-behind-outage/
-
Docker AI Bug Lets Image Metadata Trigger Attacks
AI Assistant Executes Hidden Commands Embedded in Docker Image Labels. A vulnerability in Docker’s Ask Gordon AI assistant allows attackers to execute malicious commands by hiding them in the container application development platform’s image metadata, said security researchers. Dubbed DockerDash, the vulnerability exploits a failure across Docker’s AI execution chain. First seen on govinfosecurity.com Jump…
-
Six more vulnerabilities found in n8n automation platform
CVE-2026-21893, a command injection hole in the community edition of n8n. An unauthenticated user with administration permission could execute arbitrary system commands on the n8n host.”The risk is amplified by the trust typically placed in community extensions,” Upwinds said in its commentary, “making this a high-impact attack path that directly bridges application-level functionality with host-level…
-
Germany warns of Signal account hijacking targeting senior figures
Germany’s domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/germany-warns-of-signal-account-hijacking-targeting-senior-figures/
-
Russia Hacked the Polish Electricity Grid. Now What?
Stymied Attack Leaves Poland No Good Options in Responding to Provocation. Poland’s online defenses stopped a Russian cyberattack against the energy grid, but now the Warsaw government is in a bind about how to respond to a digital assault that was a lot more than a crime, but a sliver less than an act of…
-
Attackers Used AI to Breach an AWS Environment in 8 Minutes
Threat actors using LLMs needed only eight minutes to move from initial access to full admin privileges in an attack on a company’s AWS cloud environment in the latest example of cybercriminals expanding their use of AI in their operations, Sysdig researchers said. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/attackers-used-ai-to-breach-an-aws-environment-in-8-minutes/
-
CISA warns of SmarterMail RCE flaw used in ransomware attacks
Tags: attack, cisa, cve, cybersecurity, flaw, infrastructure, ransomware, rce, remote-code-executionThe Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-smartermail-rce-flaw-used-in-ransomware-attacks/
-
ISMG Editors: Notepad++ Supply Chain Attack Raises Alarm
Also: Healthcare Cyber Risks Collide, Varonis Deal Signals AI Security Shift. In this week’s panel, four ISMG editors unpacked the Notepad++ supply-chain compromise, the growing web of cyber risks facing healthcare, and what Varonis’s acquisition of AllTrue.ai tells us about where artificial intelligence security is headed. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ismg-editors-notepad-supply-chain-attack-raises-alarm-a-30695
-
Shai-hulud: The Hidden Cost of Supply Chain Attacks
Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/shai-hulud-hidden-cost-supply-chain-attacks
-
Ransomware attacks against education sector slow worldwide
The U.S. saw the highest number of education-related ransomware attacks in 2025 at 130, despite a 9% decline year over year. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-attacks-against-education-sector-slow-worldwide/811588/
-
Record-breaking 31.4 Tbps DDoS attack hits in November 2025, stopped by Cloudflare
AISURU/Kimwolf botnet hit a record 31.4 Tbps DDoS attack lasting 35 seconds in Nov 2025, which Cloudflare automatically detected and blocked. The AISURU/Kimwolf botnet was linked to a record-breaking DDoS attack that peaked at 31.4 Tbps and lasted just 35 seconds. Cloudflare said the November 2025 incident was part of a surge in hyper-volumetric HTTP…
-
EDR, Email, and SASE Miss This Entire Class of Browser Attacks
Many modern attacks happen entirely inside the browser, leaving little evidence for traditional security tools. Keep Aware shows why EDR, email, and SASE miss browser-only attacks and how visibility changes prevention. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/edr-email-and-sase-miss-this-entire-class-of-browser-attacks/
-
State-backed phishing attacks targeting military officials and journalists on Signal
German security authorities are warning that a likely state-backed hacking group is engaged in attempts at phishing senior political figures, military officials, diplomats, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/06/state-linked-phishing-europe-journalists-signal/
-
Transparent Tribe Hacker Group Targets India’s Startup Ecosystem in Cyber Attack
A worrying shift in the tactics of >>Transparent Tribe,<< a notorious threat group also known as APT36. Historically focused on Indian government, defense, and educational sectors, the group has now expanded its scope to target India's growing startup ecosystem. This new campaign uses sophisticated lures themed around real startup founders to infect victims with the…
-
Bulletproof Hosting Providers Exploit Legitimate ISPs to Power Cybercrime Servers
A surprising link between legitimate IT software and major cybercriminal operations. While investigating attacks by the >>WantToCry<< ransomware gang, analysts noticed that the attackers were using virtual machines (VMs) with identical, computer names (hostnames) like WIN-J9D866ESIJ2 and WIN-LIVFRVQFMKO. These names were not random. They were automatically generated by ISPsystem, a completely legitimate company that makes software for managing web…
-
The Cyber Express Weekly Roundup: Global Cybersecurity Incidents and Policy Shifts
Tags: ai, attack, cyber, cybersecurity, data, government, incident, infrastructure, intelligence, technologyAs the first week of February 2026 concludes, The Cyber Express weekly roundup examines the developments shaping today’s global cybersecurity landscape. Over the past several days, governments, technology companies, and digital platforms have confronted a wave of cyber incidents ranging from disruptive attacks on public infrastructure to large-scale data exposures and intensifying regulatory scrutiny of artificial intelligence systems. First…
-
FvncBot Targets Android Users, Exploiting Accessibility Services for Attacks
A previously undocumented Android banking trojan dubbed >>FvncBot.<< First observed in late 2025, this sophisticated malware disguises itself as a security application from mBank, a major Polish financial institution. Unlike many recent threats that recycle code from leaked sources like Ermac or Hook, FvncBot appears to be a completely new creation, demonstrating that threat actors…
-
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution.The compromised versions of the two packages are listed below -@dydxprotocol/v4-client-js (npm) – 3.4.1, 1.22.1, 1.15.2, 1.0.31& First…
-
The Other Offense and Defense
Alan discovers how the Super Bowl acts as a live-fire exercise in cybersecurity, requiring seamless coordination to manage massive attack surfaces and ensure integrity and trust in real time. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-other-offense-and-defense/
-
APT27 Launches Stealthy Attacks on Corporate Networks, Evades Detection
A new, highly sophisticated cyberattack campaign that reveals how attackers are bypassing modern defenses to infiltrate corporate networks. The investigation points to a stealthy, multi-stage intrusion likely orchestrated by the threat group known as APT-Q-27, or >>GoldenEyeDog<<. The attack began with a common, everyday task: a customer support agent clicking a link in a support…
-
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in recent ransomware campaigns. This addition mandates that Federal Civilian Executive Branch (FCEB) agencies remediate the…
-
CISA Advisory Highlights Exploited SmarterTools Vulnerability in Recent Ransomware Attacks
Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, ransomware, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponized in the wild, with security researchers confirming its use in recent ransomware campaigns. This addition mandates that Federal Civilian Executive Branch (FCEB) agencies remediate the…
-
Why Good Cyber Defense Rarely Stops Attackers
Global Cyber Alliance: as AI Fuels Cybercrime, Outcomes Keep Getting Worse. Security teams report stronger controls and broader collaboration each year. Yet cybercrime outcomes continue to worsen. Brian Cute of the Global Cyber Alliance says artificial intelligence-based attacks are tipping the scales against cyber defenders. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/good-cyber-defense-rarely-stops-attackers-a-30692
-
Breach Roundup: Italy Thwarts Russian Olympic Hacks
Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine. This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia’s APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace. First seen…
-
Microsoft Overhauls Security Leadership as AI Expands Enterprise Attack Surface
Microsoft brings back Hayete Gallot to lead Security while Charlie Bell moves to an engineering quality mandate, both reporting to CEO Satya Nadella. The post Microsoft Overhauls Security Leadership as AI Expands Enterprise Attack Surface appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-gallot-security-bell-engineering-quality/