9Articles
4Categories
2026-02-06Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
6 FebChromium: CVE-2026-1862 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
6 FebZDI-26-070: Adobe ColdFusion CAR File Parsing Directory Traversal Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe ColdFusion. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2025-61808.ZERODAYINITIATIVE.COM
6 FebZDI-26-069: (0Day) Xmind Attachment Insufficient UI Warning Remote Code Execution VulnerabilityThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Xmind. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. …ZERODAYINITIATIVE.COM
⚠️ VULNERABILITY DISCLOSURE 1[−]
6 FebOpenClaw, MoltBot, Clawdbot - From Bad to WorseIn this episode of Cybersecurity Today, host Jim Love discusses the latest advancements in AI-driven cyber attacks and their implications for security infrastructure. The episode covers a variety of topics, including the vulnerabilities in OpenClaw Marketplace, a rapid AI-assiste…CYBERSECURITYTODAY.LIBSYN.COM
🔥 INCIDENT REPORTING 2[−]
6 FebSubstack - 663,121 breached accountsIn October 2025, the publishing platform Substack suffered a data breach that was subsequently circulated more widely in February 2026. The breach exposed 663k account holder records containing email addresses along with publicly visible profile information from Substack accounts…HAVEIBEENPWNED.COM
6 FebHow recruitment fraud turned cloud IAM into a $2 billion attack surfacesubmitted by codeinabox to security 9 points | 1 comments https://venturebeat.com/security/recruitment-fraud-cloud-iam-2-billion-attack-surface A developer gets a LinkedIn message from a recruiter. The role looks legitimate. The coding assessment requires installing a package. Th…PROGRAMMING.DEV
📡 INFOSEC NEWS 3[−]
6 FebU.S. Public Sector Under SiegeDiscover why Government and Education must prioritize Cyber Risk Management.TRENDMICRO.COM
6 FebHow to protect yourself from deepfake scammers and save your money | Kaspersky official blogHere’s how to spot deepfakes, protect yourself from identity theft, and avoid falling for neural network scams.KASPERSKY.COM
6 FebViral AI, Invisible Risks: What OpenClaw Reveals About Agentic AssistantsOpenClaw (aka Clawdbot or Moltbot) represents a new frontier in agentic AI: powerful, highly autonomous, and surprisingly easy to use. In this research, we examine how its capabilities compare to its predecessors’ and highlight the security risks inherent to the agentic AI paradi…TRENDMICRO.COM