Switch View
© Sector News
10.02.2026
[Virtual Event] Shields Up: Key Technologies Reshaping Cybersecurity Defenses
News Preview
© Dark Reading 2026
© Sector News
10.02.2026
CVE-2025-55182
News Preview
Currently trending CVE - Hype Score: 36 - A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2026-1731
News Preview
Currently trending CVE - Hype Score: 12 - BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating ...
© CVE Monitor 2026
Worth to know
20.10.2025
Short Selling Radar
USA, Europe, Asia
Track Short Selling Activities worldwide
Knowing what matters
Short sale statistics, hedge fund activities and much more user-friendly information
© Sector News
10.02.2026
CVE-2024-12356
News Preview
Currently trending CVE - Hype Score: 12 - A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
© CVE Monitor 2026
Swarmalpha i/o · The Event Futures Prediction X
23.01.2026
© Sector News
10.02.2026
CVE-2025-1974
News Preview
Currently trending CVE - Hype Score: 14 - A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-43300
News Preview
Currently trending CVE - Hype Score: 1 - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-8088
News Preview
Currently trending CVE - Hype Score: 11 - A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-34164
News Preview
Currently trending CVE - Hype Score: 1 - A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially result in arbitrary code execution.
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-54068
News Preview
Currently trending CVE - Hype Score: 15 - Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This ...
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-68947
News Preview
Currently trending CVE - Hype Score: 24 - NSecsoft 'NSecKrnl' is a Windows driver that allows a local, authenticated attacker to terminate processes owned by other users, including SYSTEM and Protected Processes by issuing crafted IOCTL requests to the driver.
© CVE Monitor 2026
© Sector News
10.02.2026
CVE-2025-26399
News Preview
Currently trending CVE - Hype Score: 30 - SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. This vulnerability is a patch bypass of CVE-2024-28988, which ...
© CVE Monitor 2026
© Sector News
10.02.2026
Malicious 7-Zip site distributes installer laced with proxy tool
News Preview
A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user's computer into a residential proxy node. [...]
© BleepingComputer 2026
Advertisment
20.10.2025
© Sector News
10.02.2026
Microsoft releases Windows 10 KB5075912 extended security update
News Preview
Microsoft has released the Windows 10 KB5075912 extended security update to fix February 2026 Patch Tuesday vulnerabilities, including six zero-days, and continue rolling out replacements for expiring Secure Boot certificates. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
Microsoft February 2026 Patch Tuesday fixes 6 zero-days, 58 flaws
News Preview
Today is Microsoft's February 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
Windows 11 KB5077181 & KB5075941 cumulative updates released
News Preview
Microsoft has released Windows 11 KB5077181 and KB5075941 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies
News Preview
The information technology (IT) workers associated with the Democratic People's Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they're impersonating, marking a new escalation of the fraudulent scheme.
"These profiles often have verified workplace emails and identity badges, which DPRK opera...
© HackerNews 2026
© Sector News
10.02.2026
Volvo Group North America customer data exposed in Conduent hack
News Preview
Volvo Group North America disclosed that it suffered an indirect data breach stemming from the compromise of IT systems at American business services giant Conduent, of which Volvo is a customer. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
Microsoft rolls out new Secure Boot certificates before June expiration
News Preview
Microsoft has begun rolling out updated Secure Boot certificates through monthly Windows updates to replace the original 2011 certificates that will expire in late June 2026. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
CVE-2025-30208
News Preview
Currently trending CVE - Hype Score: 15 - Vite, a provider of frontend development tooling, has a vulnerability in versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10. `@fs` denies access to files outside of Vite serving allow list. Adding `?raw??` or `?import&raw??` to the URL bypasses this limitation and ...
© CVE Monitor 2026
© Sector News
10.02.2026
OT Attacks Get Scary With 'Living-off-the-Plant' Techniques
News Preview
Ironically, security by obscurity has helped prevent dangerous OT attacks in recent years. It won't be that way forever.
© Dark Reading 2026
© Sector News
10.02.2026
Microsoft 365 outage takes down admin center in North America
News Preview
Microsoft is investigating an outage that blocks some administrators with business or enterprise subscriptions from accessing the Microsoft 365 admin center. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
How to Automate AWS Incident Investigation with Tines and AI
News Preview
Cloud incidents drag on when analysts have to leave cases to hunt through AWS consoles and CLIs. Tines shows how automated agents pull AWS CLI data directly into cases, reducing MTTR and manual investigation work. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
News Preview
Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver (BYOVD) component for defense evasion purposes within the ransomware payload itself.
BYOVD refers to an adversarial technique that abuses legitimate but flawed driver software to esca...
© HackerNews 2026
© Sector News
10.02.2026
From Ransomware to Residency: Inside the Rise of the Digital Parasite
News Preview
Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them?
According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and mapped 15.5 million adversarial actions observed acro...
© HackerNews 2026
© Sector News
10.02.2026
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
News Preview
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems.
The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0.
"An improper neutralization of special elements used in an SQL Command ('SQL Injection...
© HackerNews 2026
© Sector News
10.02.2026
Microsoft announces new mobile-style Windows security controls
News Preview
Microsoft wants to introduce smartphone-style app permission prompts in Windows 11 to request user consent before apps can access sensitive resources such as files, cameras, and microphones. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
ZeroDayRAT malware grants full access to Android, iOS devices
News Preview
A new commercial mobile spyware platform dubbed ZeroDayRAT is being advertised to cybercriminals on Telegram as a tool that provides full remote control over compromised Android and iOS devices. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
CVE-2025-34165
News Preview
Currently trending CVE - Hype Score: 10 - A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a limited amount of memory.
© CVE Monitor 2026
© Sector News
10.02.2026
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
News Preview
January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI's total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates ...
© HackerNews 2026
© Sector News
10.02.2026
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
News Preview
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company's Chief Commercial Officer, Derek Curtis, said.
"Prior to the...
© HackerNews 2026
© Sector News
10.02.2026
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
News Preview
The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country's parliament on Friday.
"On J...
© HackerNews 2026
© Sector News
10.02.2026
Fugitive behind $73M 'pig butchering' scheme gets 20 years in prison
News Preview
A dual Chinese and St. Kitts and Nevis national was sentenced to 20 years in prison in absentia for his role in an international cryptocurrency investment scheme (also known as pig butchering or romance baiting) that defrauded victims of more than $73 million. [...]
© BleepingComputer 2026
© Sector News
10.02.2026
TransUnion's Real Networks Deal Focuses on Robocall Blocking
News Preview
The acquisition allows the credit reporting agency to add SMS spam and scam prevention to its robocall blocking capabilities.
© Dark Reading 2026
© Sector News
09.02.2026
Chinese cyberspies breach Singapore's four largest telcos
News Preview
The Chinese threat actor tracked as UNC3886 breached Singapore's four largest telecommunication service providers, Singtel, StarHub, M1, and Simba, at least once last year. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
Warlock Gang Breaches SmarterTools Via SmarterMail Bugs
News Preview
The ransomware group breached SmarterTools through a vulnerability in the company's own SmarterMail product.
© Dark Reading 2026
© Sector News
09.02.2026
TeamPCP Turns Cloud Infrastructure Into Crime Bots
News Preview
The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and interfaces.
© Dark Reading 2026
© Sector News
09.02.2026
Hackers exploit SolarWinds WHD flaws to deploy DFIR tool in attacks
News Preview
Hackers are now exploiting SolarWinds Web Help Desk (WHD) vulnerabilities to gain code execution rights on exposed systems and deploy legitimate tools, including the Velociraptor forensics tools, for persistence and remote control. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
Improving your response to vulnerability management
News Preview
How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
© National Cyber Security Centre 2026
© Sector News
09.02.2026
CVE-2025-59473
News Preview
Currently trending CVE - Hype Score: 7 - SQL Injection vulnerability in the Structure for Admin authenticated user
© CVE Monitor 2026
© Sector News
09.02.2026
'Reynolds' Bundles BYOVD With Ransomware Payload
News Preview
Researchers discovered a newly disclosed vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the defense-evasion technique.
© Dark Reading 2026
© Sector News
09.02.2026
Hackers breach SmarterTools network using flaw in its own software
News Preview
SmarterTools confirmed last week that the Warlock ransomware gang breached its network after compromising an email system, but did not impact business applications or account data. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
What Organizations Need to Change When Managing Printers
News Preview
Ask the Expert: Organizations need to close the ownership vacuum, establish durable security controls, and ensure printers are protected as rigorously as other endpoints.
© Dark Reading 2026
© Sector News
09.02.2026
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
News Preview
The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector.
"UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore's telecommunications sector," CSA said. "All four of Singapore's major telecommunications operat...
© HackerNews 2026
© Sector News
09.02.2026
CVE-2025-66959
News Preview
Currently trending CVE - Hype Score: 5 - An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder
© CVE Monitor 2026
© Sector News
09.02.2026
Password guessing without AI: How attackers build targeted wordlists
News Preview
Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password guesses and why complexity rules alone fall short. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
News Preview
Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization's network to other high-value assets.
That said, the Microsoft Defender Security Research Team said it's not clear wh...
© HackerNews 2026
© Sector News
09.02.2026
BeyondTrust warns of critical RCE flaw in remote support software
News Preview
BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
News Preview
Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths.
A clear pattern this week: attackers are abusing trust. Trusted updat...
© HackerNews 2026
© Sector News
09.02.2026
CVE-2025-66960
News Preview
Currently trending CVE - Hype Score: 5 - An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata
© CVE Monitor 2026
© Sector News
09.02.2026
CVE-2025-3052
News Preview
Currently trending CVE - Hype Score: 10 - An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting ...
© CVE Monitor 2026
© Sector News
09.02.2026
Men charged in FanDuel scheme fueled by thousands of stolen identities
News Preview
Two Connecticut men face federal charges for allegedly defrauding FanDuel and other online gambling sites of $3 million over several years using the stolen identities of approximately 3,000 victims. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
News Preview
Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through. Top CISOs have realized the solution isn’t hiring more people or stacking yet another tool onto the work...
© HackerNews 2026
© Sector News
09.02.2026
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
News Preview
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT.
Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing att...
© HackerNews 2026
© Sector News
09.02.2026
Microsoft: Exchange Online flags legitimate emails as phishing
News Preview
Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
European Commission discloses breach that exposed staff data
News Preview
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. [...]
© BleepingComputer 2026
© Sector News
09.02.2026
CVE-2025-15566
News Preview
Currently trending CVE - Hype Score: 1 - A security issue was discovered in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and ...
© CVE Monitor 2026
© Sector News
09.02.2026
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
News Preview
Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation.
The activity, observed around December 25, 2025, and described as "worm-driven," leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Red...
© HackerNews 2026
© Sector News
09.02.2026
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
News Preview
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.
"BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication rem...
© HackerNews 2026
© Sector News
08.02.2026
CVE-2025-11953
News Preview
Currently trending CVE - Hype Score: 1 - The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server ...
© CVE Monitor 2026
© Sector News
08.02.2026
CVE-2024-5242
News Preview
Currently trending CVE - Hype Score: 1 - TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this ...
© CVE Monitor 2026
