📰 Cyber Feed Aggregator

📰 News

• Volvo Group North America customer data exposed in Conduent hack
  BleepingComputer — Tue, 10 Feb 2026 12:04:18 -0500

  Volvo Group North America disclosed that it suffered an indirect data breach stemming from the compromise of IT systems at American business services giant Conduent, of which Volvo is a customer. [...]

• Microsoft rolls out new Secure Boot certificates before June expiration
  BleepingComputer — Tue, 10 Feb 2026 12:00:00 -0500

  Microsoft has begun rolling out updated Secure Boot certificates through monthly Windows updates to replace the original 2011 certificates that will expire in late June 2026. [...]

• FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication
  Latest Newsroom — Tue, 10 Feb 2026 16:40:00 +0000

  FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication Read more Published Date: Feb 10, 2026 (31 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-22153

• Ivanti verhelpt authentication bypass kwetsbaarheid in Endpoint Manager
  Latest Newsroom — Tue, 10 Feb 2026 16:11:07 +0000

  Ivanti verhelpt authentication bypass kwetsbaarheid in Endpoint Manager Read more Published Date: Feb 10, 2026 (1 hour ago) Vulnerabilities has been mentioned in this article. CVE-2026-1603

• Ivanti Endpoint Manager Vulnerability Lets Remote Attacker Leak Arbitrary Data
  Latest Newsroom — Tue, 10 Feb 2026 16:09:47 +0000

  Ivanti Endpoint Manager Vulnerability Lets Remote Attacker Leak Arbitrary Data Read more Published Date: Feb 10, 2026 (1 hour, 1 minute ago) Vulnerabilities has been mentioned in this article. CVE-2026-1603 CVE-2026-1602

• Microsoft 365 outage takes down admin center in North America
  BleepingComputer — Tue, 10 Feb 2026 10:45:15 -0500

  Microsoft is investigating an outage that blocks some administrators with business or enterprise subscriptions from accessing the Microsoft 365 admin center. [...]

• SAP Security Patch Day – Critical SAP CRM and SAP S/4HANA Code Injection Vulnerabilities Fixed
  Latest Newsroom — Tue, 10 Feb 2026 15:27:58 +0000

  SAP Security Patch Day – Critical SAP CRM and SAP S/4HANA Code Injection Vulnerabilities Fixed Read more Published Date: Feb 10, 2026 (1 hour, 43 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2026-24328 CVE-2026-24327 CVE-2026-24326 CVE-2026-24325 CVE-2026-24324 CVE-2026-24323 CVE-2026-24322...

• ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload
  Latest Newsroom — Tue, 10 Feb 2026 15:23:08 +0000

  ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload Read more Published Date: Feb 10, 2026 (1 hour, 48 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-55182

• How to Automate AWS Incident Investigation with Tines and AI
  BleepingComputer — Tue, 10 Feb 2026 10:01:11 -0500

  Cloud incidents drag on when analysts have to leave cases to hunt through AWS consoles and CLIs. Tines shows how automated agents pull AWS CLI data directly into cases, reducing MTTR and manual investigation work. [...]

• Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
  The Hacker News — Tue, 10 Feb 2026 20:06:00 +0530

  Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver (BYOVD) component for defense evasion purposes within the ransomware payload itself. BYOVD refers to an adversarial technique that abuses legitimate...

• From Ransomware to Residency: Inside the Rise of the Digital Parasite
  The Hacker News — Tue, 10 Feb 2026 19:29:00 +0530

  Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them? According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and mapped 15.5 million...

• Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
  The Hacker News — Tue, 10 Feb 2026 19:00:00 +0530

  Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0. "An improper neutralization of special elements used...

• Microsoft announces new mobile-style Windows security controls
  BleepingComputer — Tue, 10 Feb 2026 08:16:32 -0500

  Microsoft wants to introduce smartphone-style app permission prompts in Windows 11 to request user consent before apps can access sensitive resources such as files, cameras, and microphones. [...]

• ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
  The Hacker News — Tue, 10 Feb 2026 17:10:00 +0530

  January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI's total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the...

• Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
  The Hacker News — Tue, 10 Feb 2026 15:54:00 +0530

  SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company's Chief Commercial Officer,...

• Inside the Operations of Inception Framework: A Decade of Stealth, Espionage, and Global Targeting
  Brandefense — Tue, 10 Feb 2026 07:36:49 +0000

  Inception Framework is a long-running Russian-speaking cyberespionage group focused on government, diplomatic, and defense targets using stealthy spearphishing and cloud-based intrusion techniques. The post Inside the Operations of Inception Framework: A Decade of Stealth, Espionage, and Global Targeting appeared...

• APT27
  Brandefense — Sat, 31 Jan 2026 11:06:00 +0000

  APT27 is a long-running China-aligned cyber espionage group targeting governments, defense contractors, and critical infrastructure through stealthy, high-impact operations. The post APT27 appeared first on Brandefense.

• APT3 (BORON): A Pioneering China-Aligned Cyber Espionage Group
  Brandefense — Fri, 30 Jan 2026 09:35:02 +0000

  APT3 (BORON) is one of the earliest China-aligned APT groups, known for exploit-driven espionage campaigns targeting defense, advanced manufacturing, and government sectors. The post APT3 (BORON): A Pioneering China-Aligned Cyber Espionage Group appeared first on Brandefense.

• FIN11 (DEV-0950 / Lace Tempest / TA505 / TEMP.Warlock / UNC902): A 1000-Word Intelligence
  Brandefense — Thu, 29 Jan 2026 09:24:56 +0000

  FIN11 is a globally active, financially motivated cybercrime group known for large-scale phishing campaigns, malware distribution, and ransomware ecosystem enablement. The post FIN11 (DEV-0950 / Lace Tempest / TA505 / TEMP.Warlock / UNC902): A 1000-Word Intelligence appeared first on Brandefense.

• From Shadow IT to Shadow AI: Clawdbot (Moltbot/Openclaw) and the Rise of Unmanaged Agent Gateways
  Brandefense — Wed, 28 Jan 2026 09:09:39 +0000

  Shadow AI is emerging as the next evolution of Shadow IT. This analysis reveals how misconfigured Clawdbot agent gateways expose LLM keys, corporate data, and integration tokens—creating a silent but critical attack surface. The post From Shadow IT to Shadow AI: Clawdbot (Moltbot/Openclaw) and the Rise of Unmanaged...

• User Scanner: Scan a username across multiple social, developer, gaming and creator platforms to see if it’s available
  OSINT - Dark Web Informer — Thu, 11 Dec 2025 20:06:04 GMT

  User Scanner: Scan a username across multiple social, developer, gaming and creator platforms to see if it’s available

• GitHub: Threat Actor Usernames Scrape
  OSINT - Dark Web Informer — Thu, 11 Dec 2025 19:14:53 GMT

  GitHub: Threat Actor Usernames Scrape

• WebSift: An Open-Source OSINT Tool for Web-Based Threat Hunting
  OSINT - Dark Web Informer — Wed, 03 Dec 2025 13:47:00 GMT

  WebSift: An Open-Source OSINT Tool for Web-Based Threat Hunting

• Scilla: Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
  OSINT - Dark Web Informer — Tue, 05 Aug 2025 17:19:27 GMT

  Scilla: Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

• OSGINT: OSINT tool to find informations about a github user (email2username, username2email, creation date ...)
  OSINT - Dark Web Informer — Sat, 02 Aug 2025 20:17:14 GMT

  OSGINT: OSINT tool to find informations about a github user (email2username, username2email, creation date ...)