05.02.2026

CSO Online 04.02.2026 22:00
Threat actors exploiting the React2Shell vulnerability in components of React servers are using their access to compromise web domains and divert web traffic for malicious purposes.
That’s the conclusion of researchers at Datadog Security Labs, who said in a blog Wednesday that the primary targets are sites running the NGINX open-source web server managed with Boato Panel. These include Asian organizations with top level domains ending in .in, .id, .pe, .bd, .edu, .gov, and .th, as well as Chinese hosting infrastructure.

CSO Online 04.02.2026 12:19
Russia-linked attackers are reportedly using a new Microsoft vulnerability as part of a coordinated espionage and malware campaign, Operation Neusploit.
The campaign was spotted in January 2026 by Security researchers at ZScaler ThreatLabz, three days after Microsoft issued an urgent patch for the flaw.

Heise Security 04.02.2026 10:25
Angreifer können IBMs Anwendungsserver WebSphere Application Server Liberty und die Netzwerkmonitoringlösung Tivoli Netcool/OMNIbus attackieren.

Golem 04.02.2026 10:12
Die dem russischen Militär zugeordnete Hackergruppe APT28 hat es auf Nutzer von Microsoft Office abgesehen und schleust durch eine Lücke Malware ein. (Cyberwar, Malware)

Heise Security 04.02.2026 07:46
Die CISA warnt vor jüngst beobachteten Angriffen auf Sicherheitslücken in Solarwinds Web Help Desk, FreePBX und Gitlab.

The Hacker News 04.02.2026 05:50
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks.
The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for remote