Switch View
© Sector News
08.02.2026
CVE-2026-24423
News Preview
Currently trending CVE - Hype Score: 1 - SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API method. The attacker could point the SmarterMail to the malicious HTTP server, which serves the malicious OS command. This command will be ...
© CVE Monitor 2026
© Sector News
08.02.2026
New tool blocks imposter attacks disguised as safe commands
News Preview
A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution. [...]
© BleepingComputer 2026
© Sector News
08.02.2026
CVE-2025-6978
News Preview
Currently trending CVE - Hype Score: 1 - Diagnostics command injection vulnerability
© CVE Monitor 2026
Worth to know
20.10.2025
Short Selling Radar
USA, Europe, Asia
Track Short Selling Activities worldwide
Knowing what matters
Short sale statistics, hedge fund activities and much more user-friendly information
© Sector News
08.02.2026
CVE-2025-40551
News Preview
Currently trending CVE - Hype Score: 1 - SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
© CVE Monitor 2026
Swarmalpha i/o · The Event Futures Prediction X
23.01.2026
© Sector News
08.02.2026
CVE-2025-20393
News Preview
Currently trending CVE - Hype Score: 8 - A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.
This ...
© CVE Monitor 2026
© Sector News
08.02.2026
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
News Preview
OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem.
"All skills published to ClawHub are now scanned using VirusTotal's threat intelligence, inclu...
© HackerNews 2026
© Sector News
07.02.2026
CVE-2025-22225
News Preview
Currently trending CVE - Hype Score: 1 - VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
© CVE Monitor 2026
© Sector News
07.02.2026
State actor targets 155 countries in 'Shadow Campaigns' espionage op
News Preview
A new state-aligned cyberespionage threat group tracked as TGR-STA-1030/UNC6619, has conducted a global-scale operation dubbed the "Shadow Campaigns," where it targeted government infrastructure in 155 countries. [...]
© BleepingComputer 2026
© Sector News
07.02.2026
CVE-2025-68613
News Preview
Currently trending CVE - Hype Score: 1 - n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulnerability in their workflow expression evaluation system. Under certain conditions, expressions ...
© CVE Monitor 2026
© Sector News
07.02.2026
CVE-2025-68121
News Preview
Currently trending CVE - Hype Score: 1 - During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and ...
© CVE Monitor 2026
© Sector News
07.02.2026
CVE-2026-25049
News Preview
Currently trending CVE - Hype Score: 1 - n8n is an open source workflow automation platform. Prior to versions 1.123.17 and 2.5.2, an authenticated user with permission to create or modify workflows could abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running ...
© CVE Monitor 2026
© Sector News
07.02.2026
CVE-2025-61732
News Preview
Currently trending CVE - Hype Score: 1 - A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
© CVE Monitor 2026
Advertisment
20.10.2025
© Sector News
07.02.2026
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
News Preview
Germany's Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging ap...
© HackerNews 2026
© Sector News
07.02.2026
Payments platform BridgePay confirms ransomware attack behind outage
News Preview
A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a widespread outage affecting multiple services. The incident began on Friday and quickly escalated into a nationwide disruption across BridgePay's platform. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
CVE-2025-46285
News Preview
Currently trending CVE - Hype Score: 17 - An integer overflow was addressed by adopting 64-bit timestamps. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2, tvOS 26.2. An app may be able to gain root ...
© CVE Monitor 2026
© Sector News
06.02.2026
Germany warns of Signal account hijacking targeting senior figures
News Preview
Germany's domestic intelligence agency is warning of suspected state-sponsored threat actors targeting high-ranking individuals in phishing attacks via messaging apps like Signal. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
DKnife Linux toolkit hijacks router traffic to spy, deliver malware
News Preview
A newly discovered toolkit called DKnife has been used since 2019 to hijack traffic at the edge-device level and deliver malware in espionage campaigns. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
CISA warns of SmarterMail RCE flaw used in ransomware attacks
News Preview
The Cybersecurity & Infrastructure Security Agency (CISA) in the U.S. has issued a warning about CVE-2026-24423, an unauthenticated remote code execution (RCE) flaw in SmarterMail that is used in ransomware attacks. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
'Encrypt It Already' Campaign Pushes Big Tech to Prioritize E2E Encryption
News Preview
The Electronic Frontier Foundation is urging major technology companies to follow through on their promises to implement end-to-end encryption (E2E) by default across their services, as privacy concerns mount amid increased AI use.
© Dark Reading 2026
© Sector News
06.02.2026
Shai-hulud: The Hidden Costs of Supply Chain Attacks
News Preview
Recent supply chain attacks involving self-propagating worms have spread far, but the damage and long-term impact is hard to quantify.
© Dark Reading 2026
© Sector News
06.02.2026
OpenClaw's Gregarious Insecurities Make Safe Usage Difficult
News Preview
Malicious "skills" and persnickety configuration settings are just some of the issues that security researchers have found when installing — and removing — the OpenClaw AI assistant.
© Dark Reading 2026
© Sector News
06.02.2026
EDR, Email, and SASE Miss This Entire Class of Browser Attacks
News Preview
Many modern attacks happen entirely inside the browser, leaving little evidence for traditional security tools. Keep Aware shows why EDR, email, and SASE miss browser-only attacks and how visibility changes prevention. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
News Preview
Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that's operated by China-nexus threat actors since at least 2019.
The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via route...
© HackerNews 2026
© Sector News
06.02.2026
EU says TikTok faces large fine over "addictive design"
News Preview
The European Commission said today that TikTok is facing a fine because its addictive features, including infinite scroll, autoplay, push notifications, and personalized recommendation systems, are breaching the EU's Digital Services Act (DSA). [...]
© BleepingComputer 2026
© Sector News
06.02.2026
CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
News Preview
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB) agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers (OEMs) over the next 12 to 18 months.
The agency said the move...
© HackerNews 2026
© Sector News
06.02.2026
Man pleads guilty to hacking nearly 600 women’s Snapchat accounts
News Preview
An Illinois man pleaded guilty to hacking nearly 600 women's Snapchat accounts to steal nude photos that he kept, sold, or traded online, including accounts he compromised at the request of a former university track coach who was later convicted of sextortion. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
CVE-2025-29824
News Preview
Currently trending CVE - Hype Score: 10 - Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
© CVE Monitor 2026
© Sector News
06.02.2026
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
News Preview
A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.
In addition, the hacking crew has been observed conducting active reconnaissance against go...
© HackerNews 2026
© Sector News
06.02.2026
How Samsung Knox Helps Stop Your Network Security Breach
News Preview
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security me...
© HackerNews 2026
© Sector News
06.02.2026
Flickr discloses potential data breach exposing users' names, emails
News Preview
Photo-sharing platform Flickr is notifying users of a potential data breach after a vulnerability at a third-party email service provider exposed their real names, email addresses, IP addresses, and account activity. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
CISA orders federal agencies to replace end-of-life edge devices
News Preview
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring federal agencies to identify and remove network edge devices that no longer receive security updates from manufacturers. [...]
© BleepingComputer 2026
© Sector News
06.02.2026
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
News Preview
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution.
The compromised versions of the two packages are listed below -
@dydxprotocol/v4-cli...
© HackerNews 2026
© Sector News
06.02.2026
Eradicating trivial vulnerabilities, at scale
News Preview
A new NCSC research paper aims to reduce the presence of ‘unforgivable’ vulnerabilities.
© National Cyber Security Centre 2026
© Sector News
06.02.2026
Thanking the vulnerability research community with NCSC Challenge Coins
News Preview
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
© National Cyber Security Centre 2026
© Sector News
06.02.2026
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
News Preview
Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF.
Claude Opus 4.6, which was launched Thursday, comes with improved coding skills, including cod...
© HackerNews 2026
© Sector News
05.02.2026
EnCase Driver Weaponized as EDR Killers Persist
News Preview
The forensic tool's driver was signed with a digital certificate that expired years ago, but major security gaps allowed Windows to load it.
© Dark Reading 2026
© Sector News
05.02.2026
Agentic AI Site 'Moltbook' Is Riddled With Security Risks
News Preview
Someone used AI to build an entire Web platform, which then did something predictable and preventable: It exposed all its data through a publicly accessible API.
© Dark Reading 2026
© Sector News
05.02.2026
Spain's Ministry of Science shuts down systems after breach claims
News Preview
Spain's Ministry of Science (Ministerio de Ciencia) announced a partial shutdown of its IT systems, affecting several citizen- and company-facing services. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
Ransomware gang uses ISPsystem VMs for stealthy payload delivery
News Preview
Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimate virtual infrastructure management provider. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful
News Preview
A disconnect exists between an organization's cybersecurity needs and lists like CISA's KEV Catalog. KEV Collider combines data from multiple open source vulnerability frameworks to help security teams quickly assess which are important, based on their priorities.
© Dark Reading 2026
© Sector News
05.02.2026
Microsoft to shut down Exchange Online EWS in April 2027
News Preview
Microsoft announced today that the Exchange Web Services (EWS) API for Exchange Online will be shut down in April 2027, after nearly 20 years. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
News Preview
The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds.
Cloudflare, which automatically detected and mitigated the activity, said it's part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the...
© HackerNews 2026
© Sector News
05.02.2026
Italian university La Sapienza goes offline after cyberattack
News Preview
Rome's "La Sapienza" university has been targeted by a cyberattack that impacted its IT systems and caused widespread operational disruptions at the educational institute. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
Romanian oil pipeline operator Conpet discloses cyberattack
News Preview
Conpet, Romania's national oil pipeline operator, has disclosed that a cyberattack disrupted its business systems and took down the company's website on Tuesday. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
When cloud logs fall short, the network tells the truth
News Preview
Cloud logs can be inconsistent or incomplete, creating blind spots as environments scale and change. Corelight shows how network-level telemetry provides reliable visibility when cloud logs fall short. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
Cyber Success Trifecta: Education, Certifications & Experience
News Preview
Col. Georgeo Xavier Pulikkathara, CISO at iMerit, discusses the importance of fundamentals, continuous learning, and human ingenuity in the face of AI-driven cybersecurity evolution.
© Dark Reading 2026
© Sector News
05.02.2026
ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
News Preview
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next.
Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the poi...
© HackerNews 2026
© Sector News
05.02.2026
Newsletter platform Substack notifies users of data breach
News Preview
Newsletter platform Substack is notifying users of a data breach after attackers stole their email addresses and phone numbers in October 2025. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
The Buyer’s Guide to AI Usage Control
News Preview
Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions a...
© HackerNews 2026
© Sector News
05.02.2026
Data breach at fintech firm Betterment exposes 1.4 million accounts
News Preview
Hackers stole email addresses and other personal information from 1.4 million accounts after breaching the systems of automated investment platform Betterment in January. [...]
© BleepingComputer 2026
© Sector News
05.02.2026
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
News Preview
The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of January 2026.
"The threat actor stopped maintaining its C2 ...
© HackerNews 2026
© Sector News
05.02.2026
Zendesk spam wave returns, floods users with 'Activate account' emails
News Preview
A fresh wave of spam is hitting inboxes worldwide, with users reporting that they are once again being bombarded by automated emails generated through companies' unsecured Zendesk support systems. Some recipients say they are receiving hundreds of messages with strange or alarming subject lines. such as 'Activate account...' [...]
© BleepingComputer 2026
© Sector News
05.02.2026
Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis
News Preview
Iranian threat actors have been stealing credentials from people of interest across the Middle East, using spear-phishing and social engineering.
© Dark Reading 2026
© Sector News
05.02.2026
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
News Preview
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands.
The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613...
© HackerNews 2026
© Sector News
05.02.2026
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
News Preview
Cybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker's infrastructure.
Datadog Security Labs said it observed threat actors associated with the recent React2Shell (CVE-2025-55182, CVSS sc...
© HackerNews 2026
© Sector News
05.02.2026
Hackers compromise NGINX servers to redirect user traffic
News Preview
A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's backend infrastructure. [...]
© BleepingComputer 2026
© Sector News
04.02.2026
Ransomware Gang Goes Full 'Godfather' With Cartel
News Preview
DragonForce is taking cues from organized crime, emphasizing cooperation and coordination among ransomware gangs.
© Dark Reading 2026
© Sector News
04.02.2026
CISA Makes Unpublicized Ransomware Updates to KEV Catalog
News Preview
A third of the "flipped" CVEs affected network edge devices, leading one researcher to conclude, "Ransomware operators are building playbooks around your perimeter."
© Dark Reading 2026
© Sector News
04.02.2026
Critical n8n flaws disclosed along with public exploits
News Preview
Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server. [...]
© BleepingComputer 2026
© Sector News
04.02.2026
Attackers Use Windows Screensavers to Drop Malware, RMM Tools
News Preview
By tapping the unusual .scr file type, attackers leverage "executables that don't always receive executable-level controls," one researcher noted.
© Dark Reading 2026
