Geek-Guy.com

Category: Network Security

Auto Added by WPeMatico

Product showcase: PCAPdroid analyzes Android app network activity

PCAPdroid is a free, open-source Android app that allows inspection of network traffic. Installation is straightforward and does not require creating an account. To begin capturing traffic, a VPN request must be accepted, which allows the app to monitor network activity. Once permission is granted, tapping the play button starts PCAPdroid, which then runs in…

Security teams are paying for sprawl in more ways than one

Most enterprises run security programs across sprawling environments that include mobile devices, SaaS applications, cloud infrastructure, and telecom networks. Spend control in these areas often sits outside the security organization, even when the operational consequences land directly on security teams. Tangoe’s 2026 Trends & Savings Recommendations Report connects these cost domains to recurring governance failures…

February 2026 Patch Tuesday: Six new and actively exploited Microsoft vulnerabilities addressed

Microsoft highlighted six new and actively exploited vulnerabilities among the 60 fixes issued in today’s February Patch Tuesday releases. However, Tyler Reguly, associate director of security R&D at Fortra, says there’s good news: The issues are easy to resolve with regular Microsoft patches for Windows and Office, and none require any post patch configuration steps.…

Telstra’s Spectrum Warning: The Real Cost of Policy Trade-Offs

When Telstra talks about “cost trade-offs,” it’s not idle commentary. It’s a signal to regulators, policymakers – and consumers. The telco’s latest comments around spectrum licence obligations, administered by the Australian Communications and Media Authority (ACMA), have reignited a familiar debate: how do you balance public interest requirements with the commercial realities of building and…

Telstra’s Spectrum Warning: The Real Cost of Policy Trade-Offs

When Telstra talks about “cost trade-offs,” it’s not idle commentary. It’s a signal to regulators, policymakers – and consumers. The telco’s latest comments around spectrum licence obligations, administered by the Australian Communications and Media Authority (ACMA), have reignited a familiar debate: how do you balance public interest requirements with the commercial realities of building and…

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six “zero-day” vulnerabilities that attackers are already exploiting in the wild. Zero-day #1 this month is CVE-2026-21510, a security feature bypass vulnerability in Windows Shell wherein a single click on a…

Global Group ransomware gang running new campaign using Windows shortcut files

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were wrong. According to researchers at Forcepoint, a new high-volume phishing campaign spreading the Global Group ransomware has been detected that hopes to sucker employees…

FortiOS Authentication Bypass Exposes VPN and SSO Deployments

Fortinet has disclosed an authentication bypass vulnerability in FortiOS.  Under certain configurations, the flaw could allow attackers to bypass LDAP-based authentication controls and gain unauthorized access to protected enterprise networks. The vulnerability “… may allow an unauthenticated attacker to bypass LDAP authentication of Agentless VPN or FSSO policy, under specific LDAP server configuration,” said Fortinet…

FortiSandbox XSS Vulnerability Allows Remote Command Execution

Fortinet has disclosed a vulnerability in its FortiSandbox platform that could allow unauthenticated attackers to execute arbitrary commands.  The issue involves a cross-site scripting (XSS) flaw in the FortiSandbox web interface that may lead to elevated access if exploited. The vulnerability “… may allow an unauthenticated attacker to execute commands via crafted requests,” said Fortinet…

Picus Red Report 2026 Shows Attackers Favor Stealth Over Disruption

Cyber attackers are quietly changing how they operate — and the latest Picus Red Report shows that disruption is no longer the goal.  Rather than encrypting systems or triggering immediate disruption, Picus Security found that adversaries are prioritizing stealth, persistence, and long-term access within enterprise environments.  “The 2026 Red Report confirms that the era of…

Reco Raises $30M Series B to Address AI SaaS Security Risks

Reco, a New York-based security vendor focused on AI-driven SaaS environments, has raised $30 million in Series B funding, bringing its total capital raised to $85 million.  The round was led by Zeev Ventures and included participation from existing investors Insight Partners, boldstart ventures, and Angular Ventures, along with new strategic backers Workday Ventures, TIAA…

Stop comparing safety and cybersecurity, they have very little in common

Nearly a year ago, we hosted Dug Song, the legendary founder of Duo Security, on Inside the Network. During that conversation, Dug shared a powerful analogy that has stuck with me. He explained that in aviation, a plane crashes the same way only once, or maybe twice. Whenever it happens, we get to the bottom…

CVE-2026-21643: Critical FortiClient EMS Vulnerability Enables Unauthenticated Remote Code Execution

Shortly after our recent coverage of high-impact FortiOS SSO zero-day exploitation (CVE-2026-24858), defenders are facing another urgent patching priority in the Fortinet ecosystem. On February 6, Fortinet released a fix for a critical SQL injection flaw that can be triggered remotely and doesn’t require authentication, potentially leading to unauthorized code or command execution.  Although there…

Bing Ads Abused to Deliver Azure-Hosted Tech Support Scams

A recently identified scam campaign is using Bing search advertisements and Microsoft Azure infrastructure to redirect users to fraudulent tech support pages, demonstrating how legitimate platforms can be misused for social engineering activity.  “The tech support scam campaign had a significant initial impact, affecting users across 48 different organizations in the U.S. within a short…

Singapore telcos breached in China-linked cyber espionage campaign

Singapore’s four major telecommunications companies were hit by a coordinated cyber espionage campaign last year, the country’s Cyber Security Agency (CSA) has revealed. An advanced persistent threat group known as UNC3886 has probed deep into the networks of M1, SIMBA Telecom, Singtel, and StarHub, spurring Singapore’s security agencies to mount a large cyber defence operation.…

Top Business Card Makers of 2026 for Quick, Professional Results Without Design Experience

In this post, I will talk about the top business card makers of 2026 for quick, professional results without design experience. Business cards remain a practical touchpoint in professional settings, even as networking shifts increasingly online. For many individuals and small organizations, the challenge is not deciding whether to create a card, but finding a…

Portnox expands ZTNA with passwordless access for RDP, SSH, and enterprise consoles

Portnox has unveiled a major expansion of its zero trust network access (ZTNA) solution, extending credential-free access beyond web and on-premises applications to include enterprise console-based applications. Organizations can eliminate passwords and credentials from administrative access via Remote Desktop Protocol (RDP), Secure Shell (SSH), Virtual Network Computing (VNC), and Teletype Network (Telnet). This removes the…

JumpCloud Launches Venture Arm, Releases New AI Research

JumpCloud has launched a new venture capital arm and released research showing AI adoption is improving IT productivity while security, identity, and governance gaps continue to widen. The company this week introduced JumpCloud Ventures, an investment program focused on early-stage identity, security, AI, and IT productivity startups, alongside its Q1 2026 IT Trends Report. The…

Palo Alto Networks Revamps NextWave Partner Program

Palo Alto Networks is rolling out a redesigned NextWave Partner Program that reflects how AI and platform-driven security are reshaping partner economics, according to the company. The update moves incentives beyond pure sales volume toward platform adoption, service delivery, and AI-enabled security outcomes, as Palo Alto Networks seeks to align partner growth with enterprise demand…

NetBrain R12.3 Brings Agentic AI to Network Operations

NetBrain Technologies has released version 12.3 of its network operations platform, adding agentic AI capabilities designed to autonomously investigate network issues, recommend fixes, and guide engineers through remediation across hybrid and cloud environments. NetBrain Technologies touts manual workload reduction and time savings for engineers The Burlington, Mass.-based vendor positions the release as a step toward…

How to Build Threat Hunting that Defends Your Organization Against Real Attacks

Threat hunting is widely recognized as one of the most important capabilities of a mature SOC. It uncovers stealthy attackers early, reduces dwell time, and prevents security incidents from impacting the business. Yet, in practice, many organizations find that their threat hunting efforts don’t consistently deliver these outcomes.  Let’s take a look at how high-performing security teams make threat hunting more repeatable, measurable, and effective.  Why Threat Hunting Programs Often Fail Before They Start …

New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras

GUEST RESEARCH:  Modern capabilities, such as cloud-powered management, analytics, and detection, have introduced a new architectural era to IP-based video surveillance, which remains a prominent safety feature across enterprises, manufacturing facilities, military installations, and even apartments and small businesses. What was once a world of on-premesis network video recorders (NVRs), local storage arrays, and LAN-based…

New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras

GUEST RESEARCH:  Modern capabilities, such as cloud-powered management, analytics, and detection, have introduced a new architectural era to IP-based video surveillance, which remains a prominent safety feature across enterprises, manufacturing facilities, military installations, and even apartments and small businesses. What was once a world of on-premesis network video recorders (NVRs), local storage arrays, and LAN-based…

Unpatched SolarWinds WHD instances under active attack

Internet‑exposed and vulnerable SolarWinds Web Help Desk (WHD) instances are under attack by threat actors looking to gain an initial foothold into target organizations’ networks, Microsoft and Huntress researchers have warned. Once inside, the attackers are deploying legitimate remote access and digital forensics and incident response tools, using living-off-the-land techniques, setting up a reverse SSH…

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Forcepoint X-Labs researchers have identified a large Phorpiex botnet-aided phishing campaign that uses weaponized Windows shortcut files to deploy Global Group ransomware across victim systems. The campaign, observed in late 2024 and continuing into 2026, leverages a common email lure, with the subject “Your Document”, to trick recipients into opening a malicious LNK attachment. “By…

Senegal shuts National ID office after ransomware attack

Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned…

SecureW2 Debuts Global Channel Program

Passwordless security leader SecureW2 is launching its new global partner program. Stephen Newhauser tapped to lead new program and drive partner revenue growth The Nexus partner program is designed to drive growth, open new revenue streams, and offer high rewards through a performance-based tiering framework aligned to partner engagement and deal involvement. The program will…

Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server

SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company’s Chief Commercial Officer, Derek Curtis, said. “Prior to the breach, we…

China-linked APT UNC3886 targets Singapore telcos

China-linked group UNC3886 targeted Singapore ’s telecom sector in a cyber espionage campaign, Singapore’s Cyber Security Agency revealed. Cyber Security Agency of Singapore (CSA) and the Infocomm Media Development Authority (IMDA) ran Operation CYBER GUARDIAN to protect the telecom sector. Since July 2025, investigations showed China-linked UNC3886 launched a targeted campaign against all four major…

How to Prioritize Vulnerability Remediation (Without Losing Your Mind)

Let’s say you run a vulnerability scan and it finds 100 issues across your environment. Ten are labeled critical Fifteen are high Twenty are medium The rest are low or informational The report helpfully tells you to fix everything immediately. This is where reality kicks in. Most organizations cannot patch every vulnerability the moment it…

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

European Commission Hit by Mobile Management Data Breach

European Union officials are investigating a cybersecurity incident after attackers breached systems used to manage staff mobile devices, potentially exposing limited personal data.  The European Commission said it detected a cyberattack on its central mobile device management infrastructure and moved quickly to contain it.  “The EU commission did well to clean systems swiftly and ensure…

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A newly disclosed flaw in Anthropic’s Claude Desktop Extensions shows how a routine productivity feature can enable zero-click system compromise.  LayerX researchers found that a single malicious Google Calendar event can trigger remote code execution on Claude Desktop systems, enabling silent takeover at scale.  “If exploited by a bad actor, even a benign prompt (“take…

Critical Fortinet FortiClientEMS flaw allows remote code execution

Fortinet warns of a critical FortiClientEMS vulnerability that lets remote attackers run malicious code without logging in. Fortinet issued an urgent advisory to address a critical FortiClientEMS vulnerability, tracked as CVE-2026-21643 (CVSS score of 9.1). The vulnerability is an improper neutralization of special elements used in an SQL Command (‘SQL Injection’) issue in FortiClientEMS. An…

Critical Fortinet FortiClientEMS flaw allows remote code execution

Fortinet warns of a critical FortiClientEMS vulnerability that lets remote attackers run malicious code without logging in. Fortinet issued an urgent advisory to address a critical FortiClientEMS vulnerability, tracked as CVE-2026-21643 (CVSS score of 9.1). The vulnerability is an improper neutralization of special elements used in an SQL Command (‘SQL Injection’) issue in FortiClientEMS. An…

Critical Fortinet FortiClientEMS flaw allows remote code execution

Fortinet warns of a critical FortiClientEMS vulnerability that lets remote attackers run malicious code without logging in. Fortinet issued an urgent advisory to address a critical FortiClientEMS vulnerability, tracked as CVE-2026-21643 (CVSS score of 9.1). The vulnerability is an improper neutralization of special elements used in an SQL Command (‘SQL Injection’) issue in FortiClientEMS. An…

Critical Fortinet FortiClientEMS flaw allows remote code execution

Fortinet warns of a critical FortiClientEMS vulnerability that lets remote attackers run malicious code without logging in. Fortinet issued an urgent advisory to address a critical FortiClientEMS vulnerability, tracked as CVE-2026-21643 (CVSS score of 9.1). The vulnerability is an improper neutralization of special elements used in an SQL Command (‘SQL Injection’) issue in FortiClientEMS. An…

PharmaCare Streamlines ANZ Operations and Strengthens Compliance with Manhattan Associates

Manhattan Associates (NASDAQ: MANH), the global leader in supply chain commerce with unmatched AI capabilities, today announced that PharmaCare, one of Australia’s largest health and wellness companies, has transformed its ANZ distribution network with Manhattan SCALE. The implementation has streamlined receiving workflows by 25%, delivering a 20% increase in daily pick rates, along with automating key TGA-licensed…

PharmaCare Streamlines ANZ Operations and Strengthens Compliance with Manhattan Associates

Manhattan Associates (NASDAQ: MANH), the global leader in supply chain commerce with unmatched AI capabilities, today announced that PharmaCare, one of Australia’s largest health and wellness companies, has transformed its ANZ distribution network with Manhattan SCALE. The implementation has streamlined receiving workflows by 25%, delivering a 20% increase in daily pick rates, along with automating key TGA-licensed…

Apple gets ready to bite at the mid-range

While competitors face increasing component coats and shrinking demand, Apple’s spring 2026 collection seemingly strikes a far more optimistic note. Apple is broadening its market, while others contract, and right now appears focused on delivering faster, better products at mid-range prices. The company is on the cusp of introducing new Macs, tablets, and smartphones aimed…

Apple gets ready to bite at the mid-range

While competitors face increasing component coats and shrinking demand, Apple’s spring 2026 collection seemingly strikes a far more optimistic note. Apple is broadening its market, while others contract, and right now appears focused on delivering faster, better products at mid-range prices. The company is on the cusp of introducing new Macs, tablets, and smartphones aimed…

Ransomware group breached SmarterTools via flaw in its SmarterMail deployment

SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer, said that the breach happened on January 29, 2026. “Prior to the breach, we had approximately…

Ransomware group breached SmarterTools via flaw in its SmarterMail deployment

SmarterTools, the company behind the popular Microsoft Exchange alternative SmarterMail, has been breached by a ransomware-wielding group that leveraged a recently fixed vulnerability in that solution. How did the SmarterTools breach happen? Derek Curtis, the firm’s Chief Operating Officer, said that the breach happened on January 29, 2026. “Prior to the breach, we had approximately…

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization’s network to other high-value assets. That said, the Microsoft Defender Security Research Team said it’s not clear whether the activity weaponized recently

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

BridgePay Ransomware Causes Widespread Payment Outages

A ransomware attack on BridgePay Network Solutions on Feb. 6, 2026, caused payment processing disruptions across the U.S., affecting merchants, local governments, and service providers. The outage temporarily forced some businesses to rely on cash-only transactions while payment services were unavailable. “No card data was compromised and any file that may have been accessed was…

Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities

Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries.  It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…

Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities

Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries.  It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…

Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities

Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries.  It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…

Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities

Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries.  It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…

Claude Opus 4.6 Exposes Hundreds of Open-Source Vulnerabilities

Artificial intelligence firm Anthropic says its newest large language model, Claude Opus 4.6, has identified more than 500 previously unknown high-severity vulnerabilities across widely used open-source libraries.  It “… reads and reasons about code the way a human researcher would — looking at past fixes to find similar bugs that weren’t addressed, spotting patterns that…

OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace

OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace.  The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…

OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace

OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace.  The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…

OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace

OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace.  The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…

OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace

OpenClaw has moved to strengthen security across its fast-growing agent ecosystem by integrating VirusTotal into its ClawHub skill marketplace.  The change follows reports that hundreds of malicious skills were circulating undetected. We “… upload full skill bundles for Code Insight analysis, giving the AI a complete picture of the skill’s behavior rather than just matching…

BeyondTrust Vulnerability Allows Pre-Auth Remote Code Execution

A vulnerability in BeyondTrust remote access products allows unauthenticated attackers to execute arbitrary operating system commands, potentially granting full control over affected systems.  The flaw impacts BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) and carries a CVSS score of 9.9.  “Successful exploitation requires no authentication or user interaction and may lead to system…

BeyondTrust Vulnerability Allows Pre-Auth Remote Code Execution

A vulnerability in BeyondTrust remote access products allows unauthenticated attackers to execute arbitrary operating system commands, potentially granting full control over affected systems.  The flaw impacts BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) and carries a CVSS score of 9.9.  “Successful exploitation requires no authentication or user interaction and may lead to system…

How R8dius’ Shauna McAllister Brings Indigenous Lens to Tech

Shauna McAllister, a sales leader at Canadian services firm R8dius, is helping reshape how technology companies think about Indigenous representation, data sovereignty, and responsible AI as demand for infrastructure and services accelerates across Canada. We spoke with McAllister about her experiences in technology and what she hopes the future looks like for communities and companies…

Apptio: Rising IT Spend Meets Growing ROI Uncertainty

Global IT budgets are climbing again in 2026, but confidence in the returns on those investments is lagging, according to new research from Apptio, an IBM company. The 2026 Technology Investment Management report shows IT budgets will climb once again In Apptio’s 2026 Technology Investment Management Report, nearly three-quarters (74%) of surveyed organizations said they…

Apptio: Rising IT Spend Meets Growing ROI Uncertainty

Global IT budgets are climbing again in 2026, but confidence in the returns on those investments is lagging, according to new research from Apptio, an IBM company. The 2026 Technology Investment Management report shows IT budgets will climb once again In Apptio’s 2026 Technology Investment Management Report, nearly three-quarters (74%) of surveyed organizations said they…

How R8dius’ Shauna McAllister Brings Indigenous Lens to Tech

Shauna McAllister, a sales leader at Canadian services firm R8dius, is helping reshape how technology companies think about Indigenous representation, data sovereignty, and responsible AI as demand for infrastructure and services accelerates across Canada. We spoke with McAllister about her experiences in technology and what she hopes the future looks like for communities and companies…

The Myth of “Known APIs”: Why Inventory-First Security Models Are Already Obsolete

You probably think the security mantra “you can’t protect what you don’t know about” is an inarguable truth. But you would be wrong. It doesn’t hold water in today’s threat landscape. Of course, it sounds reasonable. Before you secure APIs, you must first discover, inventory, and document them exhaustively. The problem is that this way…

The Myth of “Known APIs”: Why Inventory-First Security Models Are Already Obsolete

You probably think the security mantra “you can’t protect what you don’t know about” is an inarguable truth. But you would be wrong. It doesn’t hold water in today’s threat landscape. Of course, it sounds reasonable. Before you secure APIs, you must first discover, inventory, and document them exhaustively. The problem is that this way…

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an active attack abusing SolarWinds Web Help Desk flaws. Attackers exploited unpatched versions to run code remotely, then quickly installed Zoho ManageEngine tools for persistent remote access and Cloudflare…

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an active attack abusing SolarWinds Web Help Desk flaws. Attackers exploited unpatched versions to run code remotely, then quickly installed Zoho ManageEngine tools for persistent remote access and Cloudflare…

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an active attack abusing SolarWinds Web Help Desk flaws. Attackers exploited unpatched versions to run code remotely, then quickly installed Zoho ManageEngine tools for persistent remote access and Cloudflare…

Attackers abuse SolarWinds Web Help Desk to install Zoho agents and Velociraptor

Huntress confirmed active SolarWinds Web Help Desk exploits, where attackers installed Zoho tools for persistence, and used Velociraptor for control. On February 7, 2026, Huntress investigated an active attack abusing SolarWinds Web Help Desk flaws. Attackers exploited unpatched versions to run code remotely, then quickly installed Zoho ManageEngine tools for persistent remote access and Cloudflare…

OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

OpenClaw, the viral open-source AI agent that security firms warn is “insecure by default,” has integrated VirusTotal’s malware scanning into its ClawHub skills marketplace following weeks in which security researchers documented malicious extensions and widespread unauthorized deployments in enterprises. The integration automatically scans all published skills before making them available for download, according to the…

OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

OpenClaw, the viral open-source AI agent that security firms warn is “insecure by default,” has integrated VirusTotal’s malware scanning into its ClawHub skills marketplace following weeks in which security researchers documented malicious extensions and widespread unauthorized deployments in enterprises. The integration automatically scans all published skills before making them available for download, according to the…

DKnife targets network gateways in long running AitM campaign

A previously undocumented China-linked adversary-in-the-middle (AitM) framework known as “DKnife” has been identified operating at network gateways, where it intercepts and manipulates in-transit traffic. According to Cisco Talos’ findings, the framework has been active since at least 2019 and remains operational as of early 2026. Rather than targeting endpoints directly, DKnife is deployed at the…

DKnife targets network gateways in long running AitM campaign

A previously undocumented China-linked adversary-in-the-middle (AitM) framework known as “DKnife” has been identified operating at network gateways, where it intercepts and manipulates in-transit traffic. According to Cisco Talos’ findings, the framework has been active since at least 2019 and remains operational as of early 2026. Rather than targeting endpoints directly, DKnife is deployed at the…

AI security’s ‘Great Wall’ problem

The Great Wall of China was built to slow northern raiders and prevent steppe armies from riding straight into the empire’s heart. Yet in 1644, its most impregnable fortress fell without a siege. At Shanhai Pass, where the wall meets the Bohai Sea, General Wu Sangui commanded the eastern gate. Behind him: a rebel army…

AI security’s ‘Great Wall’ problem

The Great Wall of China was built to slow northern raiders and prevent steppe armies from riding straight into the empire’s heart. Yet in 1644, its most impregnable fortress fell without a siege. At Shanhai Pass, where the wall meets the Bohai Sea, General Wu Sangui commanded the eastern gate. Behind him: a rebel army…

Never settle: How CISOs can go beyond compliance standards to better protect their organizations

The start of a new year means a fresh start for everyone, including cybersecurity teams. With budgets and plans now finalized, it’s time for CISOs and their teams to execute their strategies. But that doesn’t mean that innovation stops when the plan is finalized. In 2026, CISOs should focus on going beyond cybersecurity compliance standards…

Never settle: How CISOs can go beyond compliance standards to better protect their organizations

The start of a new year means a fresh start for everyone, including cybersecurity teams. With budgets and plans now finalized, it’s time for CISOs and their teams to execute their strategies. But that doesn’t mean that innovation stops when the plan is finalized. In 2026, CISOs should focus on going beyond cybersecurity compliance standards…

Schrödinger’s cat and the enterprise security paradox

Most security leaders quietly live with a paradox they rarely name out loud. Until you truly look inside the box of your environment, your organization is both secure and compromised. The dashboards might be green and the audit reports reassuring, but the uncomfortable reality is that you do not know your actual state until you…