Latest Interesting Cybersecurity News of the Week Summarised – 02-02-2026

I go through about 25 cybersecurity news portals and blogs every week and pull out the most interesting stories. Then I turn them into this short, digestible summary, so you can stay up to date without trying to follow 25 different sources yourself. 😱

My aim is to create a summary that gives you the gist without needing to open up the source article. But if you do want to dig deeper, all the sources covering the event are linked below each story.

If you enjoy these, come back next Monday

scroll to the bottom to subscribe to the e-mail newsletter.

1. 175,000 Publicly Exposed Ollama AI Servers Create High-Severity LLM Abuse Risk

A joint SentinelOne SentinelLABS and Censys study found 175,000 Ollama AI instances 
open to the internet across 130 countries, many with tool-calling enabled and no 
authentication or monitoring. Nearly half support code execution and external API access, 
raising the stakes for LLMjacking, prompt injection, and unmetered resource abuse.

Key Details

• Over 48% of hosts advertise tool-calling, enabling code runs and API calls.
• China accounts for ~30% of exposed servers; top ten include the U.S., Germany, India.
• Researchers observed 7.23 million interactions over 293 days; 23,000 hosts drove 76% of traffic.
• Operation Bizarre Bazaar actors scan, validate, then resell unauthorized access at discounted rates.

Next Steps

• Inventory and segment all local AI deployments.
• Enforce authentication and network controls on edge-deployed LLM services.
• Deploy monitoring to flag unusual LLM tool-calling or outbound API traffic.

Read more at The Hacker News, SecurityWeek, Cybersecurity News

2. Malicious VS Code Extension “ClawdBot Agent” Deploys ScreenConnect RAT

A fake Visual Studio Code extension masquerading as the AI assistant Clawdbot/Moltbot automatically executes at IDE startup to install a pre-configured ScreenConnect client, giving attackers persistent remote access. 

Key Details

• Published Jan 27, 2026 as “ClawdBot Agent – AI Coding Assistant” under publisher “clawdbot” despite no official VS Code extension from Clawdbot/Moltbot.
• On launch, the extension fetched a config.json from clawdbot DOT getintwopc DOT site, ran Code.exe to deploy ConnectWise ScreenConnect.
• Attackers operated a custom ScreenConnect relay at meeting DOT bulletmailer DOT net:8041 for immediate remote access.
• Fallbacks include a Rust-based DWrite.dll sideloaded from Dropbox and alternate batch-script domains.

Next Steps

• Audit and uninstall any “ClawdBot” or “Moltbot” VS Code extensions.
• Remove unauthorized ScreenConnect clients and block meeting DOT bulletmailer DOT net.
• Rotate API keys for OpenAI, Anthropic, Google and other AI integrations.
• Enforce allowlist and review processes for VSCode Extensions

Read more at Cybersecurity News, The Hacker News

3. Mandiant Tracks Vishing Campaigns Exploiting MFA to Breach SaaS Platforms

Mandiant warns that the ShinyHunters extortion group and affiliates are calling employees 
with vishing pretexts to harvest SSO credentials and MFA codes via company-branded phishing 
sites in real time. 

Once inside Okta, Microsoft Entra, or Google SSO dashboards, attackers 
enroll their own MFA devices and pivot to SaaS apps—Salesforce, M365, SharePoint, Slack, and 
more—to conduct large-scale data exfiltration and extortion. 

Key Details

• Attackers use live-call vishing plus cloned login portals to steal SSO tokens and one-time MFA codes.
• Campaign spans multiple threat clusters targeting a growing roster of cloud SaaS apps.
• Primary goal is sensitive data exfiltration—internal communications, customer records—followed by extortion threats.
• Recent incidents include direct harassment of victim personnel to pressure payment or compliance.
• Attackers register deceptive domains like <company>sso.com and <company>internal.com.

Next Steps

• Implement phishing-resistant MFA (FIDO2 security keys or passkeys).
• Enforce live video identity verification for helpdesk resets.
• Enable detailed logging of identity events, OAuth authorizations, and MFA device changes.
• Alert on new MFA device enrollments and deleted MFA notification emails.

Read more at The Hacker News, Google Cloud Blog, Google Cloud Blog, BleepingComputer, BleepingComputer

4. Russian-Linked Actors Deployed Wiper Malware Against 30+ Polish Energy Sites

On December 29, 2025, coordinated destructive cyber attacks struck over 30 wind and solar farms, a combined heat and power (CHP) plant, and a manufacturing firm in Poland, deploying custom wiper malware to damage controllers and delete system files. 

CERT Polska attributes the campaign to the FSB-backed Static Tundra cluster, while OT-security firm Dragos links a parallel strike on distributed energy resources to Russia-aligned ELECTRUM, highlighting conflicting attributions.

The adversaries exploited exposed FortiGate devices and static credentials to move laterally, underscoring risks in perimeter security and OT-IT segmentation.

Key Details

• The attacks disrupted communication with the distribution operator but did not halt electricity or heat production.
• Adversaries used Tor, compromised VPS, and lacked two-factor authentication on FortiGate SSL-VPN.
• Adversary used exposed network devices and unpatched vulnerabilities for initial access.

Next Steps

• Audit FortiGate SSL-VPN configs and enforce multi-factor authentication
• Segment OT networks from corporate IT and monitor firmware integrity

Read more at The Hacker News, CERT Polska, The Hacker News (Dragos Electrum), The Hacker News, Dragos Intelligence Brief, SecurityWeek

5. Attackers Abuse Hugging Face to Deploy Android RAT

The campaign starts with users being shown convincing but fraudulent security warnings, suggesting their phones are infected and require immediate action. These messages pressure people into installing a bogus antivirus-style app called TrustBastion, which at first seems legitimate.
Bitdefender researchers identified that when users click to update the TrustBastion, the app connects to a server that redirects them to a Hugging Face repository hosting the actual malicious Android application. Attackers regenerate new versions of the malware approximately every fifteen minutes through server-side polymorphism, making detection even more difficult.

Key Details

• Two-stage delivery: TrustBastion dropper redirects to a Hugging Face dataset for the final APK
• Over 6,000 commits in a 29-day Hugging Face repo, with new payload variants every 15 minutes
• Malware requests Accessibility, screen recording, overlay permissions for real-time spying
• Operation rebranded to “Premium Club” after the initial repository was taken down

Next Steps

• Educate users against installing apps from non-official sources
• Educate users about the dangers of different mobile application permissions like Accessibility.

Read more at Cybersecurity News, SecurityWeek, BleepingComputer

6. Persistent Exploitation of WinRAR Path-Traversal Flaw Hits SMBs and Critical Sectors

A serious WinRAR flaw patched in July 2025 is still being actively used in attacks, largely because many systems remain unpatched. The vulnerability (CVE-2025-8088) allows malicious RAR files to exploit a path-traversal weakness — meaning WinRAR can be tricked into extracting files into dangerous locations on a Windows machine, not just the folder the user selected.
In practice, attackers use this to drop malware into places like the Windows Startup folder, where it will run automatically the next time the user logs in.

Key Details

• CVE-2025-8088 (CVSS 8.4/8.8) allows crafted RAR archives to write and execute arbitrary code via path traversal.
• Active campaigns by Russia-aligned APTs (Sandworm, Gamaredon, Turla), China-linked actors, and global financially motivated groups.

Next Steps

• Identify and update all WinRAR installations to version 7.13 or later.

Read more at Dark Reading, The Hacker News, SecurityWeek, CyberScoop

7. Critical n8n Sandbox Escape Vulnerabilities Enable Host-Level RCE, Risking Enterprise Automation

Researchers have identified two new flaws in the n8n low-code AI workflow platform that let authenticated users bypass JavaScript and Python sandboxes to execute arbitrary code on the host. 

Because n8n holds credentials and orchestrates integrations for CRM, cloud, databases, LLMs and other critical platforms, unpatched instances expose organizations to full platform takeover and lateral movement. 

Key Details

• CVE-2026-1470 exploits a deprecated “with” statement in n8n’s JS expression engine to escape its AST-based sandbox.
• CVE-2026-0863 abuses the Python Code node in “Internal” execution mode, allowing subprocess escape to host.
• All versions before 1.123.17/2.4.5/2.5.1 (JS) and 1.123.14/2.3.5/2.4.2 (Python) are vulnerable.
• n8n serves some 3,000 enterprises and 230,000 active users, with over 100 million Docker pulls.

Next Steps

• Patched: Upgrade to n8n 1.123.17, 2.4.5 or 2.5.1 and 1.123.14, 2.3.5 or 2.4.2.
• Separate LLM API keys from other system credentials.
• Enforce review procedures for n8n node installations. 
• Enforce review procedures for n8n workflow template executions. 

Read more at JFrog, Dark Reading, The Hacker News, SecurityWeek, CSO Online

Subscribe

Subscribe to receive this weekly cybersecurity news summary to your inbox every Monday.