Latest Internet & Cybersecurity News

đź“…February 1, 2026 at 1:00 PM
Major cybersecurity incidents include eScan supply chain attack, Microsoft Office zero-day patch, Google proxy network disruption, ex-Google engineer AI theft conviction, and rising AI-enhanced threats.
1

eScan Antivirus Update Server Compromised in Supply Chain Attack

Attackers compromised MicroWorld Technologies' eScan update infrastructure, delivering persistent downloaders to endpoints and disabling the antivirus. This affected enterprise and consumer users by tampering with registry, files, and updates.Source 1Source 3 Morphisec researchers reported the incident on Thursday.Source 1

2

Microsoft Patches Exploited Office Zero-Day Vulnerability

Microsoft released an emergency patch for an actively exploited zero-day in Office, urging immediate updates. The flaw was used in the wild, highlighting patching urgency.Source 1Source 4 This is part of last week's key fixes.Source 1

3

Google Disrupts Massive Ipidea Residential Proxy Network

Google took down Ipidea, a proxy network of user devices used by over 550 threat groups for cyberattacks. Actions included legal takedowns of control domains.Source 1Source 2 Residential proxies masked traffic as household connections.Source 1

4

Ex-Google Engineer Convicted of Stealing AI Trade Secrets

Linwei Ding was found guilty on 14 counts of economic espionage and theft for stealing over 2,000 pages of Google's AI secrets from 2022-2023. He uploaded data to his personal account.Source 1Source 2 A federal jury in California delivered the verdict.Source 1

5

EU Launches Investigation into X's Grok AI Risks

The European Commission opened a DSA probe into X over Grok AI risks, including illegal content like manipulated explicit images and potential child abuse material. Regulators cite unmitigated harms to EU users.Source 1

6

First Attributed LLMjacking Campaign: Operation Bizarre Bazaar

Honeypot detected LLMjacking marketplace reselling access to 30+ LLM providers without authorization, hosted on Dutch bulletproof infra. Monetized via Discord, Telegram, crypto, PayPal.Source 2 Includes MCP reconnaissance campaign.Source 2

7

SonicWall Breach Enables Ransomware on 74 US Banks

A SonicWall breach allowed Marquis ransomware to attack 74 US banks; victims pursue legal recourse. Highlights supply chain vulnerabilities in security vendors.Source 2

8

Sandworm/Electrum Targets Polish Power Grid at 30 Sites

Hackers, including Sandworm/Electrum, attacked communication systems at 30 Polish power sites, raising critical infrastructure concerns. Involved malware and vulnerabilities.Source 3Source 4

9

Fortinet Patches Critical FortiCloud SSO Flaws

Fortinet fixed CVE-2025-59718 and CVE-2025-59719 in FortiCloud SSO, enabling authentication bypass. CISA issued alerts; update promptly.Source 2Source 5 Vulnerabilities are critical severity.Source 3

10

US Government Forfeits $400M from Helix Darknet Crypto Mixer

DOJ seized over $400M in assets from Helix, which mixed crypto to obscure sources for illicit funds. Part of disrupting darknet operations.Source 2

11

TrueSightKiller: EDR-Killer Driver Abuses with Signed Variants

Over 2,500 unique variants with valid signatures bypass Microsoft's blocklist since June 2024. Used by ransomware, APTs like Silver Fox; 97% AV evasion.Source 2 Weekly new samples detected.Source 2

12

Nike Data Breach Exposes 1.4TB of Design and Supply Chain Data

World Leaks ransomware claims 1.4TB theft from Nike, including design files, audits, contracts. Impacts Asia manufacturing; occurred January 2025.Source 9

Back to News