🖋️ Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence GenAI features. "It provides a single place to block current and future generative AI features in Firefox," Ajit Varma, head of Firefox, said. "You can also review and manage individual AI features if you choose to use them. This.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A Chinalinked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad. The attack enabled the statesponsored hacking group to deliver a previously undocumented backdoor codenamed Chrysalis to users of the opensource editor, according to new findings from Rapid7. The development comes shortly.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install thirdparty skills. It's an extension to the OpenClaw project, a selfhosted artificial intelligence AI assistant.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
A highseverity security flaw has been disclosed in OpenClaw formerly referred to as Clawdbot and Moltbot that could allow remote code execution RCE through a crafted malicious link. The issue, which is tracked as CVE202625253 CVSS score 8.8, has been addressed in version 2026.1.29 released on January 30, 2026. It has been described as a token exfiltration vulnerability that leads to.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Microsoft has announced a threephase approach to phase out New Technology LAN Manager NTLM as part of its efforts to shift Windows environments toward stronger, Kerberosbased options. The development comes more than two years after the tech giant revealed its plans to deprecate the legacy technology, citing its susceptibility to weaknesses that could facilitate relay attacks and allow bad.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ ⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a single update, exploit, or mistake changes how we think about risk and protection. Every incident shows how defenders adapt and how fast attackers try to stay ahead. This weeks recap brings you the.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Securing the Mid-Market Across the Complete Threat Lifecycle 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
For midmarket organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done. The challenge is that many security tools add complexity and cost that most midmarket businesses.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Multistage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
New Password-Stealing Phishing Campaign Targets Dropbox Credentials
Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF
❤1
📔 Vibe-Coded Moltbook Exposes User Data, API Keys and More 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Wiz Security claims Moltbook misconfiguration allowed full read and write access.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 NSA Publishes New Zero Trust Implementation Guidelines 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
NSA released new guidelines to help organizations achieve targetlevel Zero Trust maturity.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Notepad++ Update Hijacking Linked to Hosting Provider Compromise 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A supply chain attack on Notepad update process was linked to compromised hosting infrastructure.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Russialinked hacking group Fancy Bear is exploiting a brandnew vulnerability in Microsoft Office, CERTUA says.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says
🦅 Desperate Perth Renters Targeted by Rising Australian Housing Scam 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
For many residents in Perth, finding a rental has become a highstakes challenge. As demand for housing surges, a troubling trend has just been revealed. An Australian housing scam preying on renters who are willing to stretch every dollar to secure a roof over their heads. These rent scams, often orchestrated by individuals posing as private landlords on online platforms like Facebook Marketplace, have left victims financially and emotionally drained. The scheme typically begins with a seemingly genuine rental listing. Scammers steal photos from legitimate properties and post them online, offering rent well below the market rate. In Perth, median rental prices are at historic highs, with houses averaging 700 per week and units 670. Scammers exploit this stress by pitching exclusive...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Perth Renters Warned About Australian Housing Scam
The Australian housing scam is hitting Perth hard. Government advises on spotting fake landlords, avoid scams, and protect your rent in Australia.
📔 Cybercrime Unit of Paris Prosecutors Raid Elon Musk’s X Offices in France 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Elon Musk and Xs former CEO were summoned for voluntary interviews in Paris on April 20, 2026.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
Paris Prosecutors Raid Elon Musk’s X Offices in France
Elon Musk and X’s former CEO were summoned for voluntary interviews in Paris on April 20, 2026
❤1
🦅 The Week in Vulnerabilities: Open-Sources Fixes Urged by Cyble 🦅
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble Vulnerability Intelligence researchers tracked 1,147 vulnerabilities in the last week, and more than 128 of the disclosed vulnerabilities already have a publicly available ProofofConcept PoC, significantly increasing the likelihood of realworld attacks. A total of 108 vulnerabilities were rated as critical under the CVSS v3.1 scoring system, while 54 received a critical severity rating based on the newer CVSS v4.0 scoring system. Below are some of the IT vulnerabilities flagged by Cyble threat intelligence researchers for prioritization by security teams in recent reports to clients. The Weeks Top IT Vulnerabilities Cybles network of honeypot sensors detected attack attempts on CVE202568613, a critical remote code execution flaw in the n8n opensource workflow automat...📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
Cyble
Top IT Vulnerabilities This Week | Cyble Threat Intelligence
Cyble tracked 1,147 vulnerabilities this week, including 128 with PoCs. Critical flaws demand immediate attention from security teams.
📔 Researchers Warn of New “Vect” RaaS Variant 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
A new ransomwareasaservice operation dubbed Vect features custom malware.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ [Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Most security teams today are buried under tools. Too many dashboards. Too much noise. Not enough real progress. Every vendor promises complete coverage or AIpowered automation, but inside most SOCs, teams are still overwhelmed, stretched thin, and unsure which tools are truly pulling their weight. The result? Bloated stacks, missed signals, and mounting pressure to do more with less. This.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package 🖋️
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "reactnativecommunitycli" npm package. Cybersecurity company VulnCheck said it first observed exploitation of CVE202511953 aka Metro4Shell on December 21, 2025. With a CVSS score of 9.8, the vulnerability allows remote unauthenticated attackers to execute arbitrary.📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
UK Data Protection Watchdog has serious concerns over data privacy on Elon Musks social platform.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
Infosecurity Magazine
DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon
DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon
📔 SQL Injection Flaw Affects 40,000 WordPress Sites 📔
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin.📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
❤1