69/69 Wednesday, February 4, 2026 Security researchers have identified a large number of malicious add-on packages, or “Skills,” targeting OpenClaw-an open-source personal AI assistant formerly known as Moltbot and ClawdBot. These threats were discovered on the official registry (ClawHub) and GitHub between January 27 and February 1. More than 230 harmful Skills were found impersonating […]
68/69 Wednesday, February 4, 2026 Have I Been Pwned (HIBP) has confirmed that the Panera Bread data breach affected approximately 5.1 million user accounts, a figure significantly lower than the 14 million accounts previously claimed by the cybercriminal group ShinyHunters. The group alleged that it had gained access to Panera Bread’s systems and stolen a […]
67/69 Wednesday, February 4, 2026 Ukraine’s CERT-UA has identified a new cyberattack campaign carried out by the APT28 hacking group, also known as Fancy Bear, which is linked to Russia. The attackers targeted government agencies and organizations across Europe by distributing phishing emails containing malicious Microsoft Word attachments. These documents referenced “EU COREPER consultations in […]
66/69 Tuesday, February 3, 2026 Researchers from cybersecurity firm Flare have released a report on attacks targeting publicly exposed MongoDB databases, where threat actors scan for misconfigured servers that allow unauthenticated access. The investigation identified more than 208,500 MongoDB servers accessible from the internet, with approximately 3,100 instances lacking any form of protection. Nearly half […]
65/69 Tuesday, February 3, 2026 A security vulnerability has been identified in Mitsubishi Electric Iconics Suite, a widely used Supervisory Control and Data Acquisition (SCADA) software platform deployed across industrial sectors such as energy, automotive, and manufacturing. The vulnerability, tracked as CVE-2025-0921, is rated medium severity (CVSS 6.5) and can be exploited to trigger a […]
64/69 Tuesday, February 3, 2026 The threat of deepfake-based job applications is rapidly becoming a critical issue in the cybersecurity landscape. Jason Rebholz, CEO of an AI security startup, revealed that he was nearly deceived by a sophisticated scam believed to be linked to North Korean IT operatives. Despite being a seasoned security professional with […]
63/69 Monday, February 2, 2026 Mandiant has observed an increase in activity from financially motivated cybercriminal groups using tactics similar to those of ShinyHunters. These actors rely on vishing (voice phishing) attacks, calling victims while impersonating IT support staff and convincing employees to visit fake websites to “update” their MFA settings. As a result, attackers […]
62/69 Monday, February 2, 2026 SmarterTools has released security updates to address two vulnerabilities in its SmarterMail email software, one of which is a critical flaw, tracked as CVE-2026-24423, with a CVSS score of 9.3. This vulnerability could allow attackers to execute malicious code on affected systems. The issue stems from the ConnectToHub API method […]
61/69 Monday, February 2, 2026 A large-scale phishing campaign is currently spreading worldwide, targeting users of cloud storage services. Cybercriminals send fraudulent notification emails claiming that monthly payments have failed or that storage space is full, creating panic by warning that photos and important files will be deleted or access will be suspended within a […]
60/69 Friday, January 30, 2026 Researchers at Proofpoint have observed increased activity from TA584, an Initial Access Broker (IAB) group that significantly expanded its operations in late 2025. The group reportedly tripled its campaign volume, broadening its targeting beyond North America and the United Kingdom to include Germany, other European countries, and Australia. TA584 has […]
