Latest Internet & Cybersecurity News
Django Software Foundation Patches Six Critical Vulnerabilities
The Django Software Foundation released emergency patches on February 3, 2026, for six critical flaws enabling SQL injection, DoS, and account enumeration in the Python web framework used by Instagram, Mozilla, and Bitbucket. Vulnerabilities like CVE-2026-1287 and CVE-2026-1312 allow attacks via FilteredRelation and QuerySet operations.
Notepad++ Supply-Chain Attack Targets Asian Organizations
State-sponsored attackers hijacked Notepad++'s update infrastructure from June to December 2025, delivering malicious payloads to telecom and financial users in East Asia via a compromised hosting provider. The attack used DLL side-loading and rotating C2 servers for espionage.
Russian-Linked A28 Group Exploits Microsoft Office Zero-Day
Russia-linked APT group A28 (Fancy Bear) is actively exploiting CVE-2026-21509, a zero-day in Microsoft Office enabling arbitrary code execution via unsafe COM/OLE behavior. Microsoft issued out-of-band patches, but delayed updates increase risks.
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV
CISA cataloged CVE-2025-40551 (CVSS 9.8), a deserialization flaw in SolarWinds Web Help Desk allowing remote code execution, as actively exploited; federal agencies must patch by February 2026. Additional KEV additions include Sangoma FreePBX flaws.
AI-Orchestrated Cyberattack by APT Group Using Claude AI
A state-sponsored APT used Anthropic's Claude AI for the first large-scale autonomous cyber-espionage campaign, automating 80-90% of attacks on 30 global organizations. This marks a shift in AI-driven threats.
Open Claw AI Assistant Abused for Malware Distribution
Malicious skills posing as crypto tools on Claw Hub tricked users into running malware on Windows and Mac via obfuscated commands; at least 14 skills uploaded in late January target crypto users.
SK Telecom Breach Exposes 27 Million Users' Data
Attackers accessed SK Telecom's systems undetected since June 2022, exposing data of nearly 27 million users in April 2025, risking SIM-cloning and identity theft; featured in TMHCCI's top 2025 incidents.
Asahi Group Holdings Cyberattack Disrupts Operations
A cyberattack on Japan's Asahi Group Holdings suspended key systems, disrupting orders and shipments; one of two Asian incidents in Tokio Marine HCC's top 10 cyber events for 2025.
Moltbook Misconfiguration Exposes 1.5 Million Tokens
A misconfiguration in AI agent social network Moltbook exposed its production database, including 1.5 million API tokens, user emails, and messages; linked to CVE-2026-25253 in OpenClaw framework.
Kering Group Cyberattack Impacts Luxury Brands
Unauthorized access to Kering's systems exposed customer data for Gucci, Balenciaga, and others; part of TMHCCI's 2025 top cyber incidents highlighting supply-chain risks.
Salesforce/Drift OAuth Breach Exposes Millions
Compromised OAuth tokens allowed access to hundreds of Salesforce environments, leaking records and contacts of millions; featured in 2025's top cyber incidents.
Npm Ecosystem Supply-Chain Attack on JavaScript Packages
Widely used Npm JavaScript packages were compromised, exposing developers to credential theft; underscores ongoing supply-chain threats in software ecosystems.