Latest Cybersecurity News and Articles

---

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog appeared first on SecurityWeek.

---

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation. The activity, observed around December 25, 2025, and described as "worm-driven," leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed

---

European Commission Investigating Cyberattack

The signs of a cyberattack were identified on systems EU's main executive body uses for mobile device management. The post European Commission Investigating Cyberattack appeared first on SecurityWeek.

---

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution. "BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability," the company

---

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem. "All skills published to ClawHub are now scanned using VirusTotal's threat intelligence, including their new Code Insight capability,"

---

Organizations Urged to Replace Discontinued Edge Devices

Edge devices that are no longer supported have been targeted in attacks by state-sponsored hackers, the US says. The post Organizations Urged to Replace Discontinued Edge Devices appeared first on SecurityWeek.

---

German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists

Germany's Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging app. "The focus is on high-ranking targets in

---

Epstein File Data Security Update: Raw Code Found in Emails

Reports suggest raw email data was found in select Epstein files. 

---

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

Cybersecurity researchers have taken the wraps off a gateway-monitoring and adversary-in-the-middle (AitM) framework dubbed DKnife that's operated by China-nexus threat actors since at least 2019. The framework comprises seven Linux-based implants that are designed to perform deep packet inspection, manipulate traffic, and deliver malware via routers and edge devices. Its primary targets seem to

---

A Victorian schoolteacher was applying for ‘heaps of rentals’ online – then someone accessed his bank account

Michael suspects personal information he submitted to rent application platforms was leaked online. And analysis shows millions of documents may also be at riskGet our breaking news email, free app or daily news podcastMichael* has spent the past two months trying to get his digital identity back.The 47-year-old Victorian schoolteacher was in the process of moving to a new town and applying for rental properties online. Around this time – and unbeknown to him – his mobile phone number was transferred to someone else. Continue reading...

---

Higinio Ochoa, Hacktivist Turned White Hat, On The Cybercrime Magazine Podcast

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Feb. 6, 2026 –Listen to the podcast On Jun. 25, 2012, 31-year-old Higinio O. Ochoa, III of Dallas, Texas, the self-proclaimed associate of computer hacker groups known as “Anonymous” and “CabinCr3w” pleaded guilty, The post Higinio Ochoa, Hacktivist Turned White Hat, On The Cybercrime Magazine Podcast appeared first on Cybercrime Magazine.

---

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch (FCEB) agencies to strengthen asset lifecycle management for edge network devices and remove those that no longer receive security updates from original equipment manufacturers (OEMs) over the next 12 to 18 months. The agency said the move is to drive down technical debt and minimize

---

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42. In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155

---

Flickr Security Incident Tied to Third-Party Email System

Potential breach at Flickr exposes usernames, email addresses, IP addresses, and activity data. The post Flickr Security Incident Tied to Third-Party Email System appeared first on SecurityWeek.

---

How Samsung Knox Helps Stop Your Network Security Breach

As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically

---

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the two packages are listed below - @dydxprotocol/v4-client-js (npm) - 3.4.1, 1.22.1, 1.15.2, 1.0.31&

---

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. Claude Opus 4.6, which was launched Thursday, comes with improved coding skills, including code review and debugging capabilities, along with

---

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds. Cloudflare, which automatically detected and mitigated the activity, said it's part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the botnet in the fourth quarter of 2025. The

---

How to Protect Organizations During the Winter Olympics, According to CISOs

CISOs analyze Winter Olympic threats such as phishing, fraud and more. 

---

CISO FAQ: Should I Stay Or Should I Go?

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Feb. 5, 2026 –Read the full story in CSO Lack of access to executives and the board is a red flag and a top reason why chief information security officers decide to leave The post CISO FAQ: Should I Stay Or Should I Go? appeared first on Cybercrime Magazine.