Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-05 07:00 PST
- ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
The Hacker News • 2026-02-05 04:57 • thehackernews.com
This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next.
Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the point. Entry is becoming less
https://thehackernews.com/2026/02/threatsday-bulletin-codespaces-rce.html - Newsletter platform Substack notifies users of data breach
BleepingComputer • 2026-02-05 04:54 • www.bleepingcomputer.com
Newsletter platform Substack is notifying users of a data breach after attackers stole their email addresses and phone numbers in October 2025. […]
https://www.bleepingcomputer.com/news/security/newsletter-platform-substack-notifies-users-of-data-breach/ - Backdoor in Notepad++
Schneier on Security • 2026-02-05 04:00 • www.schneier.comHackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users.
Notepad++ said that officials with the unnamed provider hosting the update infrastructure consulted with incident responders and found that it remained compromised until September 2. Even then, the attackers maintained credentials to the internal services until December 2, a capability that allowed them to continue redirecting …
https://www.schneier.com/blog/archives/2026/02/backdoor-in-notepad.html - The Buyer’s Guide to AI Usage Control
The Hacker News • 2026-02-05 03:30 • thehackernews.com
Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening
https://thehackernews.com/2026/02/the-buyers-guide-to-ai-usage-control.html - Data breach at fintech firm Betterment exposes 1.4 million accounts
BleepingComputer • 2026-02-05 03:16 • www.bleepingcomputer.com
Hackers stole email addresses and other personal information from 1.4 million accounts after breaching the systems of automated investment platform Betterment in January. […]
https://www.bleepingcomputer.com/news/security/data-breach-at-fintech-firm-betterment-exposes-14-million-accounts/ - Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
The Hacker News • 2026-02-05 02:25 • thehackernews.com
The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of the month.
“The threat actor stopped maintaining its C2 servers on January 8 for the first time since we
https://thehackernews.com/2026/02/infy-hackers-resume-operations-with-new.html - Zendesk spam wave returns, floods users with 'Activate account' emails
BleepingComputer • 2026-02-05 02:22 • www.bleepingcomputer.com
A fresh wave of spam is hitting inboxes worldwide, with users reporting that they are once again being bombarded by automated emails generated through companies’ unsecured Zendesk support systems. Some recipients say they are receiving hundreds of messages with strange or alarming subject lines. such as ‘Activate account…’ […]
https://www.bleepingcomputer.com/news/security/zendesk-spam-wave-returns-floods-users-with-activate-account-emails/ - Stan Ghouls targeting Russia and Uzbekistan with NetSupport RAT
Securelist • 2026-02-05 01:00 • securelist.com
We analyze the recent Stan Ghouls campaign targeting organizations in Russia and Uzbekistan: Java-based loaders, the NetSupport RAT, and a potential interest in IoT.
https://securelist.com/stan-ghouls-in-uzbekistan/118738/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
