Russian Hackers Target Polish Grid, Multiple Supply Chain Attacks, and Two Critical Zero-Days Under Active Exploitation

Publication Date: February 2, 2026

Summary

This edition covers a series of high-impact cybersecurity events for February 2nd, 2026. Key developments include a destructive but failed wiper attack on Poland's energy sector by the Russian-linked Sandworm group. The software supply chain remains a primary target, with attacks compromising both eScan antivirus update servers and the Open VSX marketplace. Concurrently, Microsoft and Fortinet are racing to patch critical, actively exploited zero-day vulnerabilities in Office and FortiGate firewalls, respectively. Other major stories include the rise of AI-assisted malware and phishing, a new stealthy RAT, and a significant data breach at an AI social network.

Today New Articles

Open VSX Marketplace Hit by Supply Chain Attack Spreading "GlassWorm" Malware

On January 30, 2026, the Open VSX Registry, a popular marketplace for Visual Studio Code extensions, fell victim to a supply chain attack. Threat actors compromised the account of a legitimate developer, 'oorzc', and published malicious updates to four of thei...

New "Pulsar RAT" Evades Detection with In-Memory Execution and LoTL Techniques

Security researchers have uncovered a new, stealthy Remote Access Trojan (RAT) targeting Windows systems, named 'Pulsar RAT'. This modular, .NET-based malware utilizes a multi-stage infection chain that heavily relies on in-memory execution and living-off-the-...

Warning: Malicious ChatGPT Chrome Extensions Steal Session Tokens to Hijack Accounts

Researchers have identified 16 malicious Google Chrome extensions that masquerade as helpful tools for OpenAI's ChatGPT. Once installed, these extensions inject malicious scripts into the ChatGPT web application. The scripts are designed to monitor outbound re...

AI Social Network "Moltbook" Breach Exposes 1.5M API Keys and 29k User Emails

A significant data breach at the AI-focused social network 'Moltbook' has exposed 1.5 million API keys, 29,000 user emails, and other sensitive data tables. The investigation, conducted by security firm Wiz, not only uncovered the data exposure but also reveal...

Article Updates

AI to Overtake Human Error as Top Cause of Breaches, Experian Predicts

Update:The Catalan Cybersecurity Agency's 'Cybersecurity Outlook Report for 2026' reveals 82.6% of malicious emails now leverage generative AI, validating earlier predictions about AI weaponization. This significantly increases the sophistication and success rate of...

Attacks on Industrial Environments Doubled in 2025, Report Warns

Update:A new Forescout Vedere Labs report, analyzing 900 million attacks in 2025, confirms a dramatic 84% increase in attacks leveraging OT-specific protocols like Modbus. Crucially, it highlights that 71% of exploited vulnerabilities are not listed in CISA's KEV cat...

Fortinet Scrambles to Fix Actively Exploited SSO Auth Bypass (CVE-2026-24858) Hijacking Devices

Update:Fortinet has confirmed that CVE-2026-24858 is a zero-day vulnerability, with active exploitation first observed on January 20, 2026. Attackers successfully compromised FortiGate firewalls, even those running the latest firmware at the time, by exploiting the F...

Microsoft Office Zero-Day Under Active Attack Bypasses Security Features

Update:Microsoft has confirmed that its internal threat intelligence teams were responsible for discovering the active exploitation of CVE-2026-21509, leading to the urgent out-of-band patch. Further details clarify the attack complexity as low with no privileges req...

New Iran-Linked 'RedKitten' Group Targets Human Rights NGOs with AI-Suspected Malware

Update:Further analysis of the RedKitten campaign identifies the C# implant as 'SloppyMIO'. Initial access is now confirmed via password-protected Excel spreadsheets, a technique used to bypass email gateway scanning. The malware employs advanced evasion tactics incl...