Gate 15

Bitdefender Free Reverse Phone Lookup Tool Phone scams are surging. Learn how Bitdefender’s AI innovations and free Reverse Phone Lookup help you avoid fraud and stay protected.

Bitdefender released a new article on phone scams hitting consumers harder than ever. They’ve launched a free new service that helps anyone determine whether a number is associated with suspicious activity.

Read more below
www.bitdefender.com/en-us/blog/h...

#cybersecurity
@andyjabbour.bsky.social

OpenClaw AI Agent Vulnerabilities: Detection and Removal for Mac OpenClaw AI agent vulnerabilities include prompt injection and token theft (CVE-2026-25253). Read the latest Jamf Threat Labs analysis.

Today in the SUN we feature an article from Jamf on OpenClaw: the helpful AI that could quietly become your biggest insider threat.

Read more below:
www.jamf.com/blog/opencla...

#cybersecurity
@andyjabbour.bsky.social

Summary of SmarterTools Breach and SmarterMail CVEs

As promised, we wanted to provide additional information regarding the network breach we ex

Read more: https://portal.smartertools.com/community/a97747/summary-of-smartertools-breach-and-smartermail-cves.aspx

Romanian oil pipeline operator Conpet discloses cyberattack Conpet, Romania's national oil pipeline operator, has disclosed that a cyberattack disrupted its business systems and took down the company's website on Tuesday.

Today in the SUN we feature an article from @bleepingcomputer.com on the Romanian oil pipeline operator Conpet disclosing a cyberattack.

Read more below:
www.bleepingcomputer.com/news/securit...

#cybersecurity
@andyjabbour.bsky.social

The Shadow Campaigns: Uncovering Global Espionage In 2025 a threat group compromised government and critical infrastructure in 37 countries, with reconnaissance in 155.

Palo Alto Networks Unit 42 released an article, "The Shadow Campaigns: Uncovering Global Espionage," unveiling a new cyberespionage group that Unit 42 tracks as TGR-STA-1030.

Read more below:
unit42.paloaltonetworks.com/shadow-campa...

#cybersecurity
@andyjabbour.bsky.social

Five updates on the Trump admin’s cybersecurity agenda | Federal News Network From a new national cyber strategy to highly anticipated actions around AI security, here are five things worth watching on the cyber policy front.

Today in the SUN we feature an article from @federalnewsnetwork.com about five updates on the Trump admin’s cybersecurity agenda.

Read more below:
federalnewsnetwork.com/cybersecurit...

#cybersecurity
@andyjabbour.bsky.social

Zendesk spam wave returns, floods users with 'Activate account' emails A fresh wave of spam is hitting inboxes worldwide, with users reporting that they are once again being bombarded by automated emails generated through companies' unsecured Zendesk support systems. Som...

Despite #Zendesk suggesting safeguards and tightening up security last month, the massive spam wave has returned flooding inboxes with hundreds of bogus 'Activate account...' emails that bypass #spam filters

www.bleepingcomputer.com/news/securit...

The FCC released information detailing a number of best practices to reduce the risk of ransomware. While aimed at the Communications Sector, the ideas here are much more broadly applicable. Check it out below!

#cybersecurity
@andyjabbour.bsky.social
www.fcc.gov/document/psh...

Our latest edition of the Security Sprint is out now! In this episode, Dave and Andy discuss Kermit the Frog, Threat Management, Cyber Resilience and more! Our podcast is available right now, go check it out!

#cybersecurity
@andyjabbour.bsky.social
gate15.global/weekly-secur...

Executive Targeting Reaches Record Levels as Threats Expand Beyond CEOs A new Security Executive Council (SEC) analysis shows a sharp escalation in threats and attacks against senior corporate leaders in 2025, with targeting increasingly extending...

Today in the SUN we feature an article from Security Info Watch on threats and attacks against corporate executives surging to record levels in 2025.

Read more below:
www.securityinfowatch.com/security-exe...

#cybersecurity
@andyjabbour.bsky.social

Researchers Warn of New “Vect” RaaS Variant A new ransomware-as-a-service operation dubbed “Vect” features custom malware

Infosecurity Magazine released an article noting that security researchers have discovered a new RaaS group which has already victimized organizations in Brazil and South Africa.

Read more below:
www.infosecurity-magazine.com/news/researc...

#cybersecurity
@andyjabbour.bsky.social

Mass Data Exfiltration Campaigns Lose Their Edge in Q4 2025 Are we seeing the extinction of mass data exfiltration campaigns? The stats demonstrate these attacks are losing their efficacy.

Coveware released an article detailing why zero-day downstream mass data extortion campaigns are losing their bite.

Read more below:
www.coveware.com/blog/2026/2/...

#cybersecurity
@andyjabbour.bsky.social

Harassment, Scare Tactics, & Why Victims Should Never Pay ShinyHunters ShinyHunters uses fear and coercion to pressure victims into paying ransoms. This research explains why compliance only fuels further extortion.

Today in the SUN we feature an article from Unit 221B explaining why victims should never pay ShinyHunters.

Read more below:
blog.unit221b.com/dont-read-th...

#cybersecurity
@andyjabbour.bsky.social

KrebsOnSecurity released a new article, "Please Don’t Feed the Scattered Lapsus ShinyHunters," highlighting the dangers of engaging with this group.

Read more below:
krebsonsecurity.com/2026/02/plea...

#cybersecurity
@andyjabbour.bsky.social

Harassment, Scare Tactics, & Why Victims Should Never Pay ShinyHunters ShinyHunters uses fear and coercion to pressure victims into paying ransoms. This research explains why compliance only fuels further extortion.

New from @nixonnixoff.bsky.social: Never Pay ShinyHunters: 'We want to reassure corporate victims that there is an end to the madness.' 😵 We might be discussing this soon... cc @gate15.bsky.social @ecrime.ch @ransomwaresommelier.com blog.unit221b.com/dont-read-th... #cybersecurity #ransomware

The Convergence of Infostealers and Ransomware : From Credential Harvesting to Rapid Extortion Chains - CYFIRMA EXECUTIVE SUMMARY Ransomware activity accelerated sharply from late 2025 into early 2026, with a growing number of campaigns relying on...

Today in the SUN we feature an article from Cyfirma on the convergence of infostealers and ransomware.

Read more below:
www.cyfirma.com/research/the...

#cybersecurity
@andyjabbour.bsky.social

NationStates confirms data breach, shuts down game site NationStates, a multiplayer browser-based game, has confirmed a data breach after taking its website offline earlier this week to investigate a security incident.

A NationStates game player found a critical vulnerability but then crossed a line: he copied production data and app code.

Finding a flaw is enough. Demonstrate it safely, report it and stop there. Holding data isn't clever, ever.
www.bleepingcomputer.com/news/securit...

Critical Ivanti EPMM Vulnerabilities: CVE-2026-1281 & CVE-2026-1340 CISA has added two critical Ivanti EPMM vulnerabilities to the KEV catalog. Learn how CVE-2026-1281 and CVE-2026-1340 are exploited, how to detect attacks via Apache logs, and what to do now.

Today in the SUN we feature an article from Abstract on some critical Ivanti EPMM vulnerabilities: CVE-2026-1281 & CVE-2026-1340.

Read more below:
www.abstract.security/blog/critica...

#cybersecurity
@andyjabbour.bsky.social

Operation Winter SHIELD | Federal Bureau of Investigation Operation Winter SHIELD (Securing Homeland Infrastructure by Enhancing Layered Defense) distills the FBI’s 10 most impactful actions organizations can take to improve resilience against cyber intrusio...

The FBI announced Operation Winter SHIELD, distilling the FBI’s 10 most impactful actions organizations can take to improve resilience against cyber intrusions.

Read more below:
www.fbi.gov/investigate/...

#cybersecurity
@andyjabbour.bsky.social

Ransomware Threat Outlook 2025-2027 - Canadian Centre for Cyber Security Ransomware Threat Outlook 2025-2027

The Canadian Centre for Cyber Security released their ransomware threat outlook 2025-2027, intended to provide an update on ransomware’s impact on Canada and Canadian organizations.

Read more below:
www.cyber.gc.ca/en/guidance/...

#cybersecurity
@andyjabbour.bsky.social
@campuscodi.risky.biz

Ransomware playbook (ITSM.00.099) - Canadian Centre for Cyber Security The information provided in this publication is intended to inform organizations and help them reduce the risks of ransomware attacks, lessen the impact of these attacks, and take preventative actions...

The Canadian Centre for Cyber Security released their Ransomware Playbook, introducing measures to prevent ransomware attacks and protect your organization.

Read more below:
www.cyber.gc.ca/en/guidance/...

#cybersecurity
@andyjabbour.bsky.social
@campuscodi.risky.biz

Ransomware: How to prevent and recover (ITSAP.00.099) - Canadian Centre for Cyber Security This publication provides tips to help your organization prepare for and recover from ransomware attacks.

The Canadian Centre for Cyber Security released new guidance, "Ransomware: How to prevent and recover," providing tips to help your organization prepare for and recover from ransomware.

Read more below:
www.cyber.gc.ca/en/guidance/...

#cybersecurity
@andyjabbour.bsky.social
@campuscodi.risky.biz

The WaterISAC is excited to announce the release of a new product, “Keys & Locks: The Overlooked Security Risk – Fact Sheet.”

Read more below:
www.waterisac.org/tlpclear-wat...

#cybersecurity
@andyjabbour.bsky.social

2025 Threat Report: Exploitation Grows Across IT, IoT, and OT Forescout Research – Vedere Labs analyzes cybersecurity threats from 2025 in this annual global roundup report of attacks and threat actors.

Today in the SUN we feature an article from Forescout Technologies Inc. on their 2025 threat report, highlighting the growth of exploitation across IT, IoT, and OT.

Read more below:
www.forescout.com/blog/2025-th...

#cybersecurity
@andyjabbour.bsky.social

#TDR analysts deep dived into a widespread malicious JavaScript framework injected into 3,800+ WordPress sites to distribute #NetSupport RAT via the #ClickFix social engineering tactic.

blog.sekoia.io/meet-iclickf...

Ransomware crims forced to take off-RAMP as FBI seizes forum • The Register

Ransomware crims have just lost one of their best business platforms. US law enforcement has seized the notorious

Read more: https://www.theregister.com/2026/01/28/fbi_seizes_ramp_forum/

The Tribal-ISAC announced the appointment of Toni Pepper as its first Executive Director, effective February 1, 2026.

Read more below:
tribalisac.org/wp-content/u...

#cybersecurity
@andyjabbour.bsky.social

It’s incredible. It’s terrifying. It’s MoltBot. | 1Password MoltBot shows how powerful local AI agents can be. But if your agent stores in plain-text API keys, webhook tokens, transcripts, and long-term memory in known locations, an infostealer can grab the wh...

@1password.bsky.social released an article on MoltBot, the locally running, open-source AI agent that has rocked an AI community that, just weeks ago, was in love with its own hype.

Read more below:
1password.com/blog/its-mol...

#cybersecurity
@andyjabbour.bsky.social

RH-ISAC Unveils 2025 Year in Review - RH-ISAC VIENNA, VA (27 January 2026) —The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) today announced the release of its 2025 Year in

The @rhisac.org unveiled their 2025 Year in Review, highlighting record membership growth and the launch of vital fraud initiatives to help fortify cybersecurity.

Read more below:
rhisac.org/press-releas...

#cybersecurity
@andyjabbour.bsky.social
@campuscodi.risky.biz

Risky Bulletin: Cyberattack cripples cars across Russia In other news: Microsoft patches an Office zero-day; WhatsApp rolls out account lockdown feature; Chrome extensions steal ChatGPT auth tokens.

Today in the SUN we feature an article from Risky Business Media on a cyberattack crippling cars across Russia.

Read more below:
news.risky.biz/risky-bullet...

#cybersecurity
@andyjabbour.bsky.social