Cyber Security News Daily Recap

Cybersecurity News | Daily Recap [07 Feb 2026]

admin
Cybersecurity News | Daily Recap [07 Feb 2026]

Daily Recap, BridgePay confirms a ransomware attack that knocked core payment systems offline, causing a nationwide outage and forcing some merchants to accept cash while the FBI and agencies investigate. Attacks span academia and government, including Spain’s Ministry of Science data leaks linked to GordonFreeman and BabLock/Femwar02 that took La Sapienza offline, affecting about 112,500 students, plus AI-enabled threat discussions and privacy concerns around surveillance tools.
#BridgePay #BabLock

Ransomware & Public-sector Attacks

  • BridgePay confirms a ransomware attack knocked core payment systems offline causing a nationwide outage and forcing some merchants to accept cash-only while the FBI and other agencies investigate – BridgePay Ransomware
  • Cyberattacks disrupted academic and government services—an actor claiming an IDOR exploit leaked records from Spain‘s Ministry of Science (alias GordonFreeman), and La Sapienza University was taken offline in an attack linked to BabLock/Femwar02, impacting 112,500 students – Spain Ministry, La Sapienza

AI Threats & Surveillance

  • Researchers warn attackers are “living off the AI“—abusing agents, connectors, prompts and vector stores to exfiltrate data and execute actions—while a top-downloaded agent skill was discovered to be an infostealer that harvests agent memories and credentials (so‑called “Cognitive Context Theft”) – Living off AI, Infostealer Skill
  • The NYC MTA is piloting AI-powered gate cameras that record brief footage and send AI-generated physical descriptions of suspected fare evaders, raising privacy, bias and retention concerns around pervasive biometric surveillance – AI Cameras NYC

Toolkits & Malware

  • DKnife, an ELF Linux post-compromise toolkit attributed to a China-nexus actor, hijacks routers for deep packet inspection, DNS/update tampering and delivers backdoors such as ShadowPad and DarkNimbus to target edge devices – DKnife Toolkit
  • Attackers used a legacy EnCase kernel driver to disable 59 endpoint products after compromising SonicWall VPN credentials, underscoring how kernel-level EDR-killers and in-browser attacks evade traditional stacks – EnCase EDR-Killer, Browser Blindspots

Vulnerabilities & Advisories

  • CISA warns critical flaws in the Ilevia EVE X1 server allow remote exploitation of industrial systems and should be remediated – EVE X1 RCE
  • CISA warns a SmarterMail RCE flaw is being exploited in ransomware campaigns, urging immediate mitigation – SmarterMail RCE
  • Guides and tools explain how to use CISA‘s Known Exploited Vulnerabilities (KEV) catalog while critics flag that silent ransomware tag updates on the KEV (including flips on 59 CVEs) can leave defenders unaware—resources and alerts are available – CISA KEV Tool, KEV Silent Flags

Privacy & Data Breaches

  • Flickr reported a security incident tied to a vulnerable third-party email service that may have exposed member names, emails, usernames, IPs and activity data (passwords and payment data not affected) and warned of phishing risks – Flickr Incident
  • Kyle Svara pleaded guilty to hacking and stealing images from nearly 600 women’s Snapchat accounts via phishing and social engineering and now faces federal charges and upcoming sentencing – Snapchat Hacker

Roundups & Misc

  • SecurityWeek’s “In Other News” roundup highlights a record DDoS, the Epstein hacker story and disclosed ESET product vulnerabilities among other items – Other Roundup
  • The Cyber Express weekly roundup summarizes global incidents and policy shifts including AI-built Moltbook data exposures, a delayed Substack breach, and regulatory probes into Grok and OpenAI programs – Weekly Roundup

Messaging & Account Hijacks

  • Germany‘s domestic agencies warn of suspected state-sponsored phishing via messaging apps that abuse Signal/WhatsApp pairing features and QR/PIN tricks to perform full account takeovers of politicians, diplomats and journalists across Europe – Signal Hijacking

Policy & Governance

  • The European Commission’s preliminary probe finds TikTok used “addictive design” (infinite scroll, autoplay, personalized recommendations) without adequate risk assessment for minors and vulnerable adults and could levy fines up to 6% of global turnover unless changes are made – TikTok Fine
  • Analysts warn that end-of-support edge devices (firewalls, routers, VPN gateways) are a national security risk and point to BOD 26-02 requirements for inventory, decommissioning and lifecycle management across agencies – End-of-Support Risk

Cybersecurity News | Daily Recap – hendryadrian.com