ICYMI: 2026-02-03
Latest Headlines
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox
Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group
The Paramilitary ICE and CBP Units at the Center of Minnesota’s Killings
RapidFort Raises $42M to Automate Software Supply Chain Security
Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant
Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability
GlassWorm Infiltrated VSX Extensions with More than 22,000 Downloads to Attack Developers
Infostealer Campaigns Expand to macOS as Attackers Abuse Python and Trusted Platforms
Beware of Fake Dropbox Phishing Attack that Harvest Login Credentials
Hackers Exploiting React Native’s Metro Server in the Wild to Attack Developers
Foxit PDF Editor Vulnerabilities Let Attackers Execute Arbitrary JavaScript
Beware of New Compliance Emails Weaponizing Word/PDF Files to Steal Sensitive Data
PDFly Variant Uses Custom PyInstaller Modification, Forcing Analysts to Reverse-Engineer Decryption
French Authorities Raid X Office Following Cybercrime Allegations
Microsoft to Disable NTLM by Default as a Step Towards More Secure Authentication
Step Finance says compromised execs’ devices led to $40M crypto theft
Wave of Citrix NetScaler scans use thousands of residential proxies
CISA flags critical SolarWinds RCE flaw as exploited in attacks
Iron Mountain: Data breach mostly limited to marketing materials
AI Agent Identity Management: A New Security Control Plane for CISOs
UK privacy watchdog probes Grok over AI-generated sexual images
Hackers exploit critical React Native Metro bug to breach dev systems
French prosecutors raid X offices, summon Musk over Grok deepfakes
– MTZ