TECHZONE™
الذهاب إلى القناة على Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
إظهار المزيد596
المشتركون
+124 ساعات
+17 أيام
-830 أيام
أرشيف المشاركات
596
North Korea-Linked UNC1069 Uses AI Lures to Attack Cryptocurrency Organizations
https://thehackernews.com/2026/02/north-korea-linked-unc1069-uses-ai.html
The North Korea-linked threat actor known as UNC1069 has been observed targeting the cryptocurrency sector to steal sensitive data from Windows and macOS systems with the ultimate goal of facilitating financial theft.
"The intrusion relied on a social engineering scheme involving a compromised Telegram account, a fake Zoom meeting, a ClickFix infection vector, and reported usage of AI-generated
596
Taxing times: Top IRS scams to look out for in 2026
https://www.welivesecurity.com/en/scams/taxing-times-top-irs-scams-look-out-2026/
It’s time to file your tax return. And cybercriminals are lurking to make an already stressful period even more edgy.
596
DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies
https://thehackernews.com/2026/02/dprk-operatives-impersonate.html
The information technology (IT) workers associated with the Democratic People's Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they're impersonating, marking a new escalation of the fraudulent scheme.
"These profiles often have verified workplace emails and identity badges, which DPRK operatives hope will make their fraudulent
596
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
https://thehackernews.com/2026/02/reynolds-ransomware-embeds-byovd-driver.html
Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver (BYOVD) component for defense evasion purposes within the ransomware payload itself.
BYOVD refers to an adversarial technique that abuses legitimate but flawed driver software to escalate privileges and disable Endpoint Detection
596
From Ransomware to Residency: Inside the Rise of the Digital Parasite
https://thehackernews.com/2026/02/from-ransomware-to-residency-inside.html
Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them?
According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and mapped 15.5 million adversarial actions observed across 2025, attackers are no longer optimizing for
596
ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security
https://thehackernews.com/2026/02/zastai-raises-6m-pre-to-scale-zero.html
January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI's total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates in security tools and making every alert
596
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
https://thehackernews.com/2026/02/warlock-ransomware-breaches.html
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company's Chief Commercial Officer, Derek Curtis, said.
"Prior to the breach, we had approximately 30 servers/VMs
596
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
https://thehackernews.com/2026/02/dutch-authorities-confirm-ivanti-zero.html
The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country's parliament on Friday.
"On January 29, the National Cyber Security Center (
596
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
https://thehackernews.com/2026/02/fortinet-patches-critical-sqli-flaw.html
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems.
The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0.
"An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiClientEMS may
596
China-Linked UNC3886 Targets Singapore Telecom Sector in Cyber Espionage Campaign
https://thehackernews.com/2026/02/china-linked-unc3886-targets-singapore.html
The Cyber Security Agency (CSA) of Singapore on Monday revealed that the China-nexus cyber espionage group known as UNC3886 targeted its telecommunications sector.
"UNC3886 had launched a deliberate, targeted, and well-planned campaign against Singapore's telecommunications sector," CSA said. "All four of Singapore's major telecommunications operators ('telcos') – M1, SIMBA Telecom, Singtel, and
596
SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
https://thehackernews.com/2026/02/solarwinds-web-help-desk-exploited-for.html
Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization's network to other high-value assets.
That said, the Microsoft Defender Security Research Team said it's not clear whether the activity weaponized recently
596
⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More
https://thehackernews.com/2026/02/weekly-recap-ai-skill-malware-31tbps.html
Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths.
A clear pattern this week: attackers are abusing trust. Trusted updates, trusted marketplaces, trusted apps, even
596
How Top CISOs Solve Burnout and Speed up MTTR without Extra Hiring
https://thehackernews.com/2026/02/how-top-cisos-solve-burnout-and-speed.html
Why do SOC teams keep burning out and missing SLAs even after spending big on security tools? Routine triage piles up, senior specialists get dragged into basic validation, and MTTR climbs, while stealthy threats still find room to slip through. Top CISOs have realized the solution isn’t hiring more people or stacking yet another tool onto the workflow, but giving their teams faster, clearer
596
Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign
https://thehackernews.com/2026/02/bloody-wolf-targets-uzbekistan-russia.html
The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT.
Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks against manufacturing, finance, and IT
596
TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure
https://thehackernews.com/2026/02/teampcp-worm-exploits-cloud.html
Cybersecurity researchers have called attention to a "massive campaign" that has systematically targeted cloud native environments to set up malicious infrastructure for follow-on exploitation.
The activity, observed around December 25, 2025, and described as "worm-driven," leveraged exposed Docker APIs, Kubernetes clusters, Ray dashboards, and Redis servers, along with the recently disclosed
596
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
https://thehackernews.com/2026/02/beyondtrust-fixes-critical-pre-auth-rce.html
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.
"BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability," the company
596
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
https://thehackernews.com/2026/02/openclaw-integrates-virustotal-scanning.html
OpenClaw (formerly Moltbot and Clawdbot) has announced that it's partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem.
"All skills published to ClawHub are now scanned using VirusTotal's threat intelligence, including their new Code Insight capability,"
596
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html
Germany's Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging app.
"The focus is on high-ranking targets in
596
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
https://thehackernews.com/2026/02/claude-opus-46-finds-500-high-severity.html
Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF.
Claude Opus 4.6, which was launched Thursday, comes with improved coding skills, including code review and debugging capabilities, along with
596
AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
https://thehackernews.com/2026/02/aisurukimwolf-botnet-launches-record.html
The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds.
Cloudflare, which automatically detected and mitigated the activity, said it's part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the botnet in the fourth quarter of 2025. The
متاح الآن! بحث تيليغرام 2025 — أهم رؤى العام 
