🚨 A WhatsApp bug lets malicious media files spread through group chats
「 The bug affects WhatsApp on Android and involves zero‑click media downloads in group chats. You can be attacked simply by being added to a group and having a malicious file sent to you 」
🚨 A WhatsApp bug lets malicious media files spread through group chats
「 The bug affects WhatsApp on Android and involves zero‑click media downloads in group chats. You can be attacked simply by being added to a group and having a malicious file sent to you 」
🚨 From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password
「 agent gateways that act like OpenClaw are powerful because they have real access to your files, your tools, your browser, your terminals, and often a long-term “memory” file that captures how you think and what you’re building. That combination is exactly what modern infostealers are designed to exploit 」
https://1password.com/blog/from-magic-to-malware-how-openclaws-agent-skills-become-an-attack-surface
And it's out!
Zack Whittaker and I have released our report on the pilot survey we conducted to increase awareness about threats security researchers and journalists who report on cybersecurity and cybercrime experience.
We are grateful to all those who responded to the survey and shared a bit of their experiences. Based on what we found in a pilot survey with a non-random sample, I really think we need to do a bigger study that can also do a deeper dive into some questions.
You can read the report in html or download the .pdf version:
pdf: https://databreaches.net/wp-content/uploads/security-researcher-journalist-threats-survey-2026.pdf
In conjunction with the release of the report, I've also added a new "Threats" category to DataBreaches.net.
You can also read some overview comments from Zack at
https://this.weekinsecurity.com/new-survey-reveals-how-security-researchers-and-journalists-experience-legal-and-criminal-threats/
My post explaining how this all started is at https://databreaches.net/2026/02/02/threats-results-of-a-pilot-survey-on-threats-and-a-new-category-on-databreaches-net/
#cybersecurity #securityresearch #legalthreats #threats #criminals #databreach #vulernabilities #malware #lawsuit #survey
@zackwhittaker @campuscodi @amvinfe @jgreig @dangoodin @GossiTheDog @lawrenceabrams @euroinfosec
And it's out!
Zack Whittaker and I have released our report on the pilot survey we conducted to increase awareness about threats security researchers and journalists who report on cybersecurity and cybercrime experience.
We are grateful to all those who responded to the survey and shared a bit of their experiences. Based on what we found in a pilot survey with a non-random sample, I really think we need to do a bigger study that can also do a deeper dive into some questions.
You can read the report in html or download the .pdf version:
pdf: https://databreaches.net/wp-content/uploads/security-researcher-journalist-threats-survey-2026.pdf
In conjunction with the release of the report, I've also added a new "Threats" category to DataBreaches.net.
You can also read some overview comments from Zack at
https://this.weekinsecurity.com/new-survey-reveals-how-security-researchers-and-journalists-experience-legal-and-criminal-threats/
My post explaining how this all started is at https://databreaches.net/2026/02/02/threats-results-of-a-pilot-survey-on-threats-and-a-new-category-on-databreaches-net/
#cybersecurity #securityresearch #legalthreats #threats #criminals #databreach #vulernabilities #malware #lawsuit #survey
@zackwhittaker @campuscodi @amvinfe @jgreig @dangoodin @GossiTheDog @lawrenceabrams @euroinfosec
Panera Bread, Canada Computers, Stellantis, Match, Hinge, OKcupid, Krispy Kreme, Bumble and one Kiwi's desire to get some teeth are all part of this week's breaches!
#News #TechNews #Cybersecurity #DataBreach #Ransomware #Malware #Risk
Panera Bread, Canada Computers, Stellantis, Match, Hinge, OKcupid, Krispy Kreme, Bumble and one Kiwi's desire to get some teeth are all part of this week's breaches!
#News #TechNews #Cybersecurity #DataBreach #Ransomware #Malware #Risk
One of my local volunteer projects is the library's website which I'm updating this morning as Cosmo waits for second breakfast.
Happily using #FreeSoftware: ghostwriter for markdown conversion to html. Then I'll use Kate to edit a couple html files then upload with Filezilla. #GNU #Linux @linuxmint and the Cinnamon DE. All running on a 2018 #Thinkpad bought for $250 on Ebay.
No need for new/expensive hardware from #apple.
No #malware from #Microsoft or #google
#UpCycle #FOSS #Tech
☣️ Threat Actors Expand Abuse of Microsoft Visual Studio Code
「 Jamf Threat Labs identified additional abuse of Visual Studio Code tasks.json configuration files. This included the introduction of dictionary files containing heavily obfuscated JavaScript, which is executed when a victim opens a malicious repository in Visual Studio Code 」
Happy to bring my Software Deobfuscation Techniques training back to @recon - June 15–18, 2026 in Montreal!
Learn systematic approaches to defeating modern obfuscation found in DRM/anti-tamper & APT malware.
https://recon.cx/2026/en/trainingSoftwareDeobfuscationTechniques.html
Happy to bring my Software Deobfuscation Techniques training back to @recon - June 15–18, 2026 in Montreal!
Learn systematic approaches to defeating modern obfuscation found in DRM/anti-tamper & APT malware.
https://recon.cx/2026/en/trainingSoftwareDeobfuscationTechniques.html
"Microsoft said it receives around 20 requests for BitLocker keys a year and will provide them to governments in response to valid court orders"
This should not have been technically possible in the first place... But that's Microsoft, you know...
@Xeniax OFC #CensorBoot never was about #Security and #Microsoft having #Govware - #Backdoors in their #CryptoAPI is nothing new.
If this doesn't disqualify Windows & Microsoft in general then those who made that decision should be fired.
The only secure #encryption is #FLOSS with #SelfCustody of all the keys…
Government-Mandated Software a Looming Threat to #Freedom
An increasing number of governments around the world are requiring that #smartphones come with specific software pre-installed. The notion of government-mandated software, whether it is a separate app or a routine part of the operating system, represents a grave threat to our #privacy.
#malware #security #surveillance #firstamendment #fourthamendment #monitor
https://www.aclu.org/news/privacy-technology/government-mandated-software
Government-Mandated Software a Looming Threat to #Freedom
An increasing number of governments around the world are requiring that #smartphones come with specific software pre-installed. The notion of government-mandated software, whether it is a separate app or a routine part of the operating system, represents a grave threat to our #privacy.
#malware #security #surveillance #firstamendment #fourthamendment #monitor
https://www.aclu.org/news/privacy-technology/government-mandated-software
149 Million Usernames and Passwords Exposed by Unsecured Database
This “dream wish list for criminals” includes millions of Gmail, Facebook, banking logins, and more. The researcher who discovered it suspects they were collected using infostealing malware.
Donnerstag: Staatstrojaner vor Verfassungsgericht, Satelliten-Internet Terawave
Staatliche Malware vor Gericht + Blue Origins Satelliten-Internet + Threads mit mehr Nutzern und Werbung + Datenschutz-Kritik an Charité-Datenbank + #heiseshow
#ChatGPT #Datenschutz #DigitalHealth #Digitalisierung #hoDaily #Internet #Journal #KünstlicheIntelligenz #Malware #MetaPlatforms #Netzausbau #Satellit #Threads #Überwachung #Werbebranche #news
Donnerstag: Staatstrojaner vor Verfassungsgericht, Satelliten-Internet Terawave
Staatliche Malware vor Gericht + Blue Origins Satelliten-Internet + Threads mit mehr Nutzern und Werbung + Datenschutz-Kritik an Charité-Datenbank + #heiseshow
#ChatGPT #Datenschutz #DigitalHealth #Digitalisierung #hoDaily #Internet #Journal #KünstlicheIntelligenz #Malware #MetaPlatforms #Netzausbau #Satellit #Threads #Überwachung #Werbebranche #news
New, from me: The Kimwolf Botnet is Lurking in Corporate, Govt. Networks
A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf’s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations, and new research reveals Kimwolf is surprisingly prevalent in government and corporate networks.
https://krebsonsecurity.com/2026/01/kimwolf-botnet-lurking-in-corporate-govt-networks/
