===================== = End-of-Day report = =====================

Timeframe: Donnerstag 05-02-2026 18:00 − Freitag 06-02-2026 18:00 Handler: Guenes Holler Co-Handler: Alexander Riepl

===================== = News = =====================

∗∗∗ No Pain, No Gain - How Impunity Perpetuates Failure ∗∗∗ --------------------------------------------- It’s time to treat cybersecurity incidents and data breaches like preventable disasters, not the inevitable cost of doing business. --------------------------------------------- https://bytesandborscht.com/no-pain-no-gain-how-impunity-perpetuates-failure...

∗∗∗ Ransomware gang uses ISPsystem VMs for stealthy payload delivery ∗∗∗ --------------------------------------------- Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimate virtual infrastructure management provider. --------------------------------------------- https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-ispsyste...

∗∗∗ Spains Ministry of Science shuts down systems after breach claims ∗∗∗ --------------------------------------------- Spain's Ministry of Science (Ministerio de Ciencia) announced a partial shutdown of its IT systems, affecting several citizen- and company-facing services. --------------------------------------------- https://www.bleepingcomputer.com/news/security/spains-ministry-of-science-sh...

∗∗∗ CISA orders federal agencies to replace end-of-life edge devices ∗∗∗ --------------------------------------------- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring federal agencies to identify and remove network edge devices that no longer receive security updates from manufacturers. --------------------------------------------- https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-...

∗∗∗ Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware ∗∗∗ --------------------------------------------- Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. --------------------------------------------- https://thehackernews.com/2026/02/compromised-dydx-npm-and-pypi-packages.htm...

∗∗∗ Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries ∗∗∗ --------------------------------------------- Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF. --------------------------------------------- https://thehackernews.com/2026/02/claude-opus-46-finds-500-high-severity.htm...

∗∗∗ Datenleck bei Substack: Datensatz mit knapp 700.000 Einträgen im Netz ∗∗∗ --------------------------------------------- Cyberkriminelle haben Daten bei Substack abgezogen. Der Datensatz umfasst rund 700.000 Einträge und ist im Netz verfügbar. --------------------------------------------- https://heise.de/-11167482

∗∗∗ Angriff per Signal: BfV und BSI warnen Politiker, Militärs und Diplomaten ∗∗∗ --------------------------------------------- Ein vergangene Woche bekannt gewordener Angriff auf Nutzer des Messengers Signal zielt auf Bundestagsabgeordnete und andere wichtige Personen ab. --------------------------------------------- https://heise.de/-11168254

===================== = Vulnerabilities = =====================

∗∗∗ Security updates for Friday ∗∗∗ --------------------------------------------- Security updates have been issued by AlmaLinux (freerdp, kernel, python3, and python3.12-wheel), Debian (alsa-lib, chromium, openjdk-25, phpunit, tomcat10, tomcat11, and tomcat9), Fedora (openqa, pgadmin4, phpunit10, phpunit11, phpunit12, phpunit8, phpunit9, and yarnpkg), Mageia (python-django), SUSE (alloy, cups, dpdk, expat, glib2, java-1_8_0-ibm, java-1_8_0-openj9, java-25-openjdk, kernel, libpainter0, libsoup, libxml2, openssl-3, python-filelock, python-wheel, python312-Django6, thunderbird, traefik2, udisks2, wireshark, and xen), and Ubuntu (glib2.0, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, python3.14, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4, and tracker-miners). --------------------------------------------- https://lwn.net/Articles/1057506/

∗∗∗ TeamViewer: Lücke erlaubt Zugriffe ohne vorherige Bestätigung ∗∗∗ --------------------------------------------- In TeamViewer wurde eine Sicherheitslücke entdeckt, die angemeldeten Angreifern Zugriffe auf Ressourcen erlaubt, bevor diese Berechtigung lokal bestätigt wurde. Aktualisierte Software-Pakete stehen bereit, um die Schwachstelle zu beheben. IT-Verantwortliche, die TeamViewer einsetzen, sollten zügig updaten. --------------------------------------------- https://www.heise.de/news/TeamViewer-Luecke-erlaubt-Zugriffe-ohne-vorherige-...

∗∗∗ Sicherheitsupdates F5 BIG-IP: Angreifer können Datenverkehr lahmlegen ∗∗∗ --------------------------------------------- Setzen Angreifer erfolgreich an Sicherheitslücken in BIG-IP-Appliances wie Advanced WAF/ASM oder APM an, können sie Abstürze auslösen oder eigentlich geschützte Daten einsehen. Dagegen stehen abgesicherte Versionen zum Download bereit. Bislang gibt es keine Berichte zu Attacken. --------------------------------------------- https://heise.de/-11167422

∗∗∗ DSA-6122-1 chromium - security update ∗∗∗ --------------------------------------------- https://lists.debian.org/debian-security-announce/2026/msg00031.html

∗∗∗ TP-Link Systems Inc. VIGI Series IP Camera ∗∗∗ --------------------------------------------- https://www.cisa.gov/news-events/ics-advisories/icsa-26-036-01