Anthropic launches Claude Code Security – Cybersecurity stocks lose valueAnthropic's AI tool Claude Code Security analyzes code contextually rather than based on rules. The stock market reacts nervously, with share prices falling.
Numerous kernel vulnerabilities in Dell PowerProtect Data Manager closedDell's backup solution PowerProtect Data Manager is vulnerable to malware attacks, among other things. Security patches are available for download.
Adidas comments on possible data leak at external service providerThe cyber gang Lapsus$ claims in an underground forum to have copied data from Adidas from an external service provider.
Windows Editor: Details on Markdown security vulnerabilityThe patchday updates close a vulnerability in the Windows Editor that allowed the injection of malicious code. Details about the leak are now available.
BSI warning: Ivanti EPMM vulnerability is widely exploitedThe Federal Office for Information Security (BSI) and IT researchers warn of widespread attacks on Ivanti EPMM.
Google: AI systems blocked 1.75 million malicious apps in 2025Google had to remove significantly fewer malicious programs from the Play Store in 2025 – a success of intensified security measures and AI-powered controls.
Atlassian security updates: Bamboo and Confluence are vulnerableAttackers can, in the worst case, attack systems with Atlassian applications with malware.
Opinion: No hackbacks – but offensive cyber operationsJürgen Schmidt long spoke out against offensive cyber operations. Russia's sabotage attack on Poland's energy supply has changed his mind.
Scam: Fake "Gemini" chatbots sell fake "Google Coin"A new scam relies on customized AI chatbots. These urge victims to buy worthless cryptocurrencies.
The clock is ticking: NIS2 registration deadline at BSI expires on March 6, 2026TÜV SÜD warns that the registration deadline for NIS2-obligated companies at the BSI ends in two weeks. Around 29,000 German companies are affected.
France: Attackers accessed data from 1.2 million bank accountsIn France, attackers gained access to a national database and read out data from 1.2 million bank accounts.
Nvidia AI tools Megatron Bridge and NeMo Framework as entry point for attackersNvidia developers have closed code-vulnerability loopholes in Megatron Bridge and NeMo Framework, among others.
Mozilla definitively cuts Firefox support for Windows 7, 8, and 8.1Mozilla had planned to end support for Firefox on Windows 7, 8, and 8.1 in 2024. Extended support now ends in February.
Attacks on Chrome, Zimbra, ThreatSonar, and ActiveX module observedThe US cybersecurity agency warns of observed attacks on Chrome, Zimbra, ThreatSonar, and an ActiveX module.
Microsoft launches preview of Security Dashboard for AIMicrosoft has released the preview of the Security Dashboard for AI. It provides an overview of AI risks in the company.
Patch now! Attackers are targeting Dell RecoverPoint for Virtual MachinesImportant security updates have been released for Dell RecoverPoint for Virtual Machines and Avamar Server, among others. Attacks are already occurring.
Notepad++: Security update against code smuggling vulnerabilityNotepad++ improves security mechanisms and closes a new vulnerability that allows attackers to execute malicious code.
Microsoft: critical privilege escalation vulnerability in Windows Admin CenterIn Windows Admin Center, attackers can escalate their privileges. Microsoft classifies this as critical and advises admins to update.
NIS2 implementation: DENIC releases certain owner data of .de domainsThe DENIC domain query publicly displays the name, address, and contact details for corporate domains. This is due to the NIS2 directive.
Mexico: Robot Dog Brigade for the Football World CupIn view of the Football World Cup, Mexico is upgrading its security technology. The venue Monterrey presents robot dogs for the police.
Vulnerabilities in Cloud-Based Password ManagersIT researchers from ETH Zurich have investigated widely used password managers and found ways to view passwords.
Over 60 security vulnerabilities in AI assistant OpenClaw resolvedAttackers can inject and execute malicious code on systems within the context of OpenClaw, among other things. Security patches are available.
IT security authority CISA in emergency operationThe funding for DHS that expired over the weekend also affects the IT security authority CISA. It is now operating in emergency mode.
Popular Chrome extensions spy on usersIT researchers examined 32.000 Chrome extensions and caught 287, some of them popular apps, spying on users.
Anonymizing Linux: Emergency update Tails 7.4.2 closes kernel vulnerabilityThe kernel of older Tails versions contains security vulnerabilities. Version 7.4.2 of the anonymizing Linux distribution closes them.
Fake AI Extensions for Chrome Endanger 260.000 UsersIT researchers have traced numerous Chrome extensions back to a campaign that jeopardizes the information of 260.000 users.
Update now! Chrome update closes exploited vulnerabilityGoogle released an emergency update for the Chrome web browser over the weekend. It closes a vulnerability that is already being exploited.
Palantir vs. the "Republik": US analytics firm takes magazine to courtData analysis provider Palantir wants to obtain a counterstatement in court – and triggers a wave of solidarity for a small Swiss magazine.
IPFire introduces free domain blocklist DBLThe IPFire developers have released DBL, a categorized domain blocklist. It aims to block malware, phishing, and trackers.
Qnap NAS: Unauthorized file system access possibleSecurity patches for Qnap's NAS operating systems QTS and QuTS hero close several vulnerabilities.
Patch now! Attackers targeting BeyondTrust remote support solutionsAttackers are exploiting a critical vulnerability in BeyondTrust Remote Support and Privileged Remote Access. Security patches are available.
Posteo and Mailbox.org: Many authorities do not create encrypted requestsIn 2025, the email providers Mailbox.org and Posteo rejected numerous authority requests, mostly because the authority requests arrived unencrypted.
FortiSandbox and FortiOS: Attackers can bypass VPN authenticationAttackers can target Fortinet firewalls, among other things. Security updates are available for download.
Patch Day SAP CRM, S/4HANA: Attackers can damage databasesOn the February Patch Day, SAP is addressing several security issues in its software portfolio.
Dell closes countless security vulnerabilities in Avamar, iDRAC, and NetWorkerThe backup solutions Dell Avamar and NetWorker and the server remote management iDRAC are vulnerable.
Opinion: User control is also the wrong way for WindowsMicrosoft announces significantly stricter security measures for Windows – which are at least questionable to counterproductive, analyzes Moritz Förster.
Signed applications and consent prompts: How Windows is to become more secureMicrosoft announces two new security initiatives for Windows: Baseline Security Mode and User Transparency and Consent are intended to protect users better.
Patch day at Adobe: After Effects & Co. vulnerable to malware attacksSecurity patches close several vulnerabilities in Adobe applications. So far, there are no reports of attacks.
Microsoft Patch Day: Attackers exploit Windows and Word vulnerabilitiesImportant security updates have been released for Exchange Server, Hyper-V, Office, and Windows, among others. There are already attacks.
Attacks on BeyondTrust Remote Support and Privileged Remote Access possibleTwo remote support solutions from BeyondTrust are vulnerable. Security updates close a critical gap.