lemmydev2 Bot

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks. [...]

Around November 2025 I stumbled into a tarpit for rude web scrapers: https://maurycyz.com/projects/trap_bots/ ...

The Dutch phone giant Odido is the latest phone and internet company to be hacked in recent months, as governments and financially motivated hackers continue to steal highly confidential information about phone customers.

One developer is struggling with the social implications of a drive-by AI character attack.

The Japanese sex toy maker said a hacker broke into an employee's inbox and stole customer names, email addresses, and correspondence, including order details and customer service inquiries.

Espionage groups from China, Russia and other nations burned at least two dozen zero-days in edge devices in attempts to infiltrate defense contractors' networks.

Emails published by the Justice Department revealed cybersecurity veteran Vincenzo Iozzo emailed, and arranged to meet, Jeffrey Epstein multiple times between 2014 and 2018.

It's thought that the reserve soldier may have made $150K betting via Polymarket on missile strikes against Iran. ...

Private equity firms have spent years treating cybersecurity as an IT hygiene issue inside portfolio companies. That approach is getting harder to sustain as ransomware, data theft, and regulatory pressure interfere with value creation during the hold period. Has cybersecurity risk had any financial impact on your portfolio ...

Flaw abused 'in an extremely sophisticated attack against specific targeted individuals' Apple patched a zero-day vulnerability affecting every iOS version since 1.0, used in what the company calls an "extremely sophisticated attack" against targeted individuals.…

404 Media has obtained a cache of internal police emails showing at least two agencies have bought access to GeoSpy, an AI tool that analyzes architecture, soil, and other features to near instantly geolocate photos.

Apple has released security updates to fix a zero-day vulnerability that was exploited in an "extremely sophisticated attack" targeting specific individuals. [...]

[This is a Guest Diary by Johnathan Husch, an ISC intern as part of the SANS.edu BACS program]

Security teams in large enterprises already spend significant time tracking vulnerabilities across software supply chains, third-party libraries, and internal codebases. Java environments add another layer of exposure because so many mission-critical systems still run on the JVM. A 2026 Azul survey of more than 2,000 Java ...

Lorenzo Franceschi-Bicchierai / TechCrunch: ...

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).…

Microsoft security researchers discovered a growing trend of AI memory poisoning attacks used for promotional purposes, referred to as AI Recommendation Poisoning. The MITRE ATLAS knowledge base classifies this behavior as AML.T0080: Memory Poisoning. The activity focuses on shaping future recommendations by inserting prompts ...

Attackers using social engineering to exploit business processes, rather than tunnelling in via tech Exclusive  When fraudsters go after people's paychecks, "every employee on earth becomes a target," according to Binary Defense security sleuth John Dwyer.…

FBI Director Kash Patel said yesterday that investigators recovered footage from Savannah Guthrie's mother's doorbell camera using "residual data located in backend systems." This claim has many home security camera users asking an uncomfortable question: Is your data really gone when you hit delete? When Nancy Guthrie went ...

The more you share online, the more you open yourself to social engineering If you've seen the viral AI work pic trend where people are asking ChatGPT to "create a caricature of me and my job based on everything you know about me" and sharing it to social, you might think it's harmless. You'd be wrong.…

Cambodian police have reportedly dismantled another scam operation, this time operating from the Xinli Casino in southern Cambodia. ...

The Netherlands Police have arrested a a 21-year-old man from Dordrecht, suspected of selling access to the JokerOTP phishing automation tool that can intercept one-time passwords (OTP) for hijacking accounts. [...]

A Conduent breach exposed data of nearly 17,000 Volvo Group North America employees as the total impact rises to 25 million people. A data breach at business services provider Conduent has impacted at least 25 million people, far more than initially reported. Volvo Group North America confirmed that the security breach exposed ...

The tool presents users with a 3D model they can then manipulate to, the creator says, bypass Discord's age verification system.

Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says They know where you've been and they're going to share it. A security researcher has identified 287 Chrome extensions that allegedly exfiltrate browsing history data for an estimated 37.4 million installations.…

Why Modern Threat Modeling Must Account for State Control of InfrastructureCISOs for decades viewed governments as partners. That assumption is weakening. Today, state control over infrastructure needs be part of threat modeling and business continuity planning for global security leaders - and it's time for CISOs to reassess ...

Campaign combines stolen Telegram accounts, fake Zoom calls and ClickFix attacks to deploy infostealer malware

Operation Cyber Guardian was Singapore’s largest and longest running anti-cyber threat law enforcement operation

Stephen Foley / Financial Times: ...

DDoS hit blog that tried to uncover Archive.today founder's identity in 2023.

Security Service Says China-Linked Actor Compromised Vulnerable Network DevicesNorway's security service confirmed it was targeted by the China-linked Salt Typhoon campaign, marking one of Europe’s clearest public acknowledgements that the cyberespionage operation extended beyond U.S. telecom and federal networks into allied ...

eBPF programs cannot protect themselves from kernel-level manipulation ...

AI has infiltrated the operating room. It’s going about as well as you’d expect.

Shadow Aeza International Directed Traffic to Malicious AdtechA financially motivated threat actor hacked dozens of domain name system resolvers, connecting them to the infrastructure of a Russian bulletproof hosting service sanctioned by the U.S. Department of Treasury for its criminal links, researchers found.

Nancy Guthrie, the mother of Today host Savannah Guthrie, was kidnapped on February 1 and her family now face paying a $6M BTC ransom. ...

Staff data belonging to the regulator and judiciary's governing body accessed The Dutch Data Protection Authority (AP) says it was one of the many organizations popped when attackers raced to exploit recent Ivanti vulnerabilities as zero-days.…

Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password guesses and why complexity rules alone fall short. [...]

A security researcher found an exposed database belonging to the Chat & Ask AI app, once again traced back to a Firebase misconfiguration.

More than half-a-million people who bought access to phone surveillance and social media snooping apps had their email address and partial payment card numbers published online.

Security devs forced to hide Boolean logic from overeager optimizer FOSDEM 2026  The creators of security software have encountered an unlikely foe in their attempts to protect us: modern compilers.…

Hackers are using Signal QR codes and fake support scams to spy on military and political leaders, German security agencies warn.

The European Commission’s mobile device management platform was hacked but the incident was swiftly contained and no compromise of mobile devices was detected, EU’s executive branch announced on Friday. The intrusion was detected on January 30, 2026, by CERT-EU, the cybersecurity team protecting all European Union ...

Follows incident last month with a Chinese search engine robot.

Comments

Scammers are abusing free Google Firebase developer accounts to send phishing and scam emails. These emails impersonate popular bands and use common lures used to steal sensitive data.

A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a widespread outage affecting multiple services. The incident began on Friday and quickly escalated into a nationwide disruption across BridgePay's platform. [...]

Comments

A new state-aligned cyberespionage threat group tracked as TGR-STA-1030/UNC6619, has conducted a global-scale operation dubbed the "Shadow Campaigns," where it targeted government infrastructure in 155 countries. [...]