Top AI Tools for Red Teaming in 2026
Red teaming has undergone a radical evolution. Modern organizations can no longer rely solely on human creativity or…
Hack Read
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
A new spy campaign by Mustang Panda uses fake US diplomatic briefings to target government officials. Discover how this silent surveillance operation works.
MomentProof Deploys Patented Digital Asset Protection
Washington, DC, 4th February 2026, CyberNewsWire
Exposed AWS Credentials Lead to AI-Assisted Cloud Breach in 8 Minutes
Researchers recently tracked a high-speed cloud attack where an intruder gained
full admin access in just eight minutes. Discover how AI automation and a simple
storage error led to a major security breach.
Phishing Campaigns Abuse Trusted Cloud Platforms, Raising New Risks for Enterprises
ANY.RUN experts report a surge in phishing campaigns abusing trusted cloud and CDN platforms to bypass security controls and target enterprise users.
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
Alisa Viejo, United States, 4th February 2026, CyberNewsWire
Op Neusploit: Russian APT28 Uses Microsoft Office Flaw in Malware Attacks
A new campaign by the Russian-linked group APT28, called Op Neusploit, exploits a Microsoft Office flaw to steal emails for remote control of devices in Ukraine, Slovakia, and Romania.
Meet Moltbook, the Social Platform Where AI Agents Talk and Humans Watch
Moltbook is a new social platform where AI agents post and interact while humans observe, raising questions about autonomy, security, and agent behavior.
Everest Ransomware Claims 90GB Data Theft Involving Legacy Polycom Systems
Everest ransomware claims a breach involving legacy Polycom systems later acquired by HP Inc., alleging the theft of 90GB of internal data.
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials.
Notepad++ Updates Delivered Malware After Hosting Provider Breach
A months-long breach allowed Chinese State-sponsored hackers to hijack Notepad++ updates in 2025, exposing users to malware via a compromised hosting provider.
Ivanti Issues Urgent Fix for Critical Zero-Day Flaws Under Active Attack
Ivanti has disclosed two critical remote code execution (RCE) flaws (CVE-2026-1281 & CVE-2026-1340) in its EPMM software.
Spotify and Major Music Labels Sue Anna’s Archive for $13 Trillion
Spotify and the Big Three labels have filed a record-breaking $13 trillion lawsuit against Anna’s Archive over a massive music data scrape. Find out what this means for the future of digital music.
Windows Malware Uses Pulsar RAT for Live Chats While Stealing Data
We usually think of computer viruses as silent, invisible programs running in the background, but a worrying discovery shows that modern hackers are getting much more personal.
US Seizes $400 Million Linked to Helix Dark Web Crypto Mixer
US authorities take control of over $400 million in crypto, cash, and property tied to Helix, a major darknet bitcoin mixing service used by drug markets.
Former Google Engineer Convicted of Stealing AI Secrets for China
A 38 year old was convicted on seven counts of economic espionage and seven counts of theft of trade secrets following an 11 day trial.
Arsink Spyware Posing as WhatsApp, YouTube, Instagram, TikTok Hits 143 Countries
Another day, another Android malware campaign targeting unsuspecting users worldwide by masquerading as popular apps.
Common Cloud Migration Security Mistakes (and How to Avoid Them)
Common cloud migration security mistakes explained, from weak access controls to misconfigurations, plus practical steps organisations can take to avoid risk.
Op Bizarre Bazaar: New LLMjacking Campaign Targets Unprotected Models
Pillar Security Research has discovered Operation Bizarre Bazaar, a massive cyberattack campaign led by a hacker known as Hecker. Between December 2025 and January 2026, over 35,000 sessions were recorded targeting AI systems to steal compute power and resell access via silver.inc.
This startup aims to solve crypto’s broken key management problem
Crypto security firm Sodot launches Exchange API Vault to stop API key theft, securing billions in assets while supporting low latency, high frequency trading.
