π’ Former Google engineer convicted of economic espionage after stealing thousands of secret AI, supercomputing documents π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Linwei Ding told Chinese investors he could build a worldclass supercomputer.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Former Google engineer convicted of economic espionage after stealing thousands of secret AI, supercomputing documents
Linwei Ding told Chinese investors he could build a world-class supercomputer
ποΈ China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a new campaign attributed to a Chinalinked threat actor known as UAT8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services IIS servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale of the campaign is currently.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker ID pnpchphmplpdimbllknjoiopmfphellj, which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ CISAβs interim chief uploaded sensitive documents to a public version of ChatGPT β security experts explain why you should never do that π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The incident at CISA raises yet more concerns about the rise of shadow AI and data protection risks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISAβs interim chief uploaded sensitive documents to a public version of ChatGPT β security experts explain why you should neverβ¦
The incident at CISA raises yet more concerns about the rise of βshadow AIβ and data protection risks
β€1
π’ CISAβs interim chief uploaded sensitive documents to a public version of ChatGPT β security experts explain why you should never do that π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The incident at CISA raises yet more concerns about the rise of shadow AI and data protection risks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISAβs interim chief uploaded sensitive documents to a public version of ChatGPT β security experts explain why you should neverβ¦
The incident at CISA raises yet more concerns about the rise of βshadow AIβ and data protection risks
π’ CISAβs interim chief uploaded sensitive documents to a public version of ChatGPT β security experts explain why you should never do that π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The incident at CISA raises yet more concerns about the rise of shadow AI and data protection risks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
CISAβs interim chief uploaded sensitive documents to a public version of ChatGPT β security experts explain why you should neverβ¦
The incident at CISA raises yet more concerns about the rise of βshadow AIβ and data protection risks
π NSA Publishes New Zero Trust Implementation Guidelines π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
NSA released new guidelines to help organizations achieve targetlevel Zero Trust maturity.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Notepad++ Update Hijacking Linked to Hosting Provider Compromise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A supply chain attack on Notepad update process was linked to compromised hosting infrastructure.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ποΈ Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chinalinked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad. The attack enabled the statesponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to users of the opensource editor, according to new findings from Rapid7. The development comes shortly.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chinalinked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad. The attack enabled the statesponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to users of the opensource editor, according to new findings from Rapid7. The development comes shortly.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ Hugging Face Repositories Abused in New Android Malware Campaign π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Attackers exploited Hugging Faces trusted infrastructure to spread an Android RAT, using fake security apps and thousands of malware variants. The post Hugging Face Repositories Abused in New Android Malware Campaign appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Hugging Face Repositories Abused in New Android Malware Campaign
Attackers exploited Hugging Faceβs trusted infrastructure to spread an Android RAT, using fake security apps and thousands of malware variants.
π’ Phantom firms: The rise of fraudulent cybersecurity vendors π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Channel partners need systematic vendor vetting to combat rising phantom firm scams.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ChannelPro
Phantom firms: The rise of fraudulent cybersecurity vendors
Channel partners need systematic vendor vetting to combat rising phantom firm scams
π’ What security teams need to know about the NSA's new zero trust guidelines π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The new guidelines aim to move an organization from discovery to targetlevel implementation of zero trust practices.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
What security teams need to know about the NSA's new zero trust guidelines
The new guidelines aim to move an organization from discovery to target-level implementation of zero trust practices
π’ Notepad++ hackers remained undetected and pushed malicious updates for six months β hereβs whoβs responsible, how they did it, and how to check if youβve been affected π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Hackers remained undetected for months and distributed malicious updates to Notepad users after breaching the text editor software here's how to check if you've been affected.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Notepad++ hackers remained undetected and pushed malicious updates for six months β hereβs whoβs responsible, how they did it,β¦
Notepad++ users should ensure theyβre running the latest version of the open source software
ποΈ When Cloud Outages Ripple Across the Internet ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Recent major cloud service outages have been hard to miss. Highprofile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites and services that many other systems depend on. The resulting ripple effects have halted applications and workflows that many organizations rely on every day. For consumers, these outages are.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Russialinked statesponsored threat actor known as APT28 aka UAC0001 has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and Romania, three.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence GenAI features. "It provides a single place to block current and future generative AI features in Firefox," Ajit Varma, head of Firefox, said. "You can also review and manage individual AI features if you choose to use them. This.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chinalinked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad. The attack enabled the statesponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to users of the opensource editor, according to new findings from Rapid7. The development comes shortly.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install thirdparty skills. It's an extension to the OpenClaw project, a selfhosted artificial intelligence AI assistant.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A highseverity security flaw has been disclosed in OpenClaw formerly referred to as Clawdbot and Moltbot that could allow remote code execution RCE through a crafted malicious link. The issue, which is tracked as CVE202625253 CVSS score 8.8, has been addressed in version 2026.1.29 released on January 30, 2026. It has been described as a token exfiltration vulnerability that leads to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft has announced a threephase approach to phase out New Technology LAN Manager NTLM as part of its efforts to shift Windows environments toward stronger, Kerberosbased options. The development comes more than two years after the tech giant revealed its plans to deprecate the legacy technology, citing its susceptibility to weaknesses that could facilitate relay attacks and allow bad.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity