Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-04 02:00 PST
- Malicious Script Delivering More Maliciousness, (Wed, Feb 4th)
SANS ISC Diary (full) • 2026-02-04 01:34 • isc.sans.eduToday, I received an interesting email with a malicious attachment. When I had a look at the automatic scan results, it seemed to be a malicious script to create a Chrome Injector to steal data. Because InfoStealers are very common these days, it looked “legit†but there was something different. The .bat file looks to be a fork of the one found in many GitHub repositories[1].
- Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers
The Hacker News • 2026-02-03 23:42 • thehackernews.com
Microsoft has warned that information-stealing attacks are “rapidly expanding” beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted platforms for distribution at scale.
The tech giant’s Defender Security Research Team said it observed macOS-targeted infostealer campaigns using social engineering techniques such as ClickFix since
https://thehackernews.com/2026/02/microsoft-warns-python-infostealers.html - Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
The Hacker News • 2026-02-03 22:26 • thehackernews.com
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code (VS Code) extensions are published to the open-source repository to combat supply chain threats.
The move marks a shift from a reactive to a proactive approach to ensure that malicious extensions don’t end up getting published on the Open VSX Registry.
https://thehackernews.com/2026/02/eclipse-foundation-mandates-pre-publish.html - CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
The Hacker News • 2026-02-03 21:50 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks.
The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote
https://thehackernews.com/2026/02/cisa-adds-actively-exploited-solarwinds.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
