End-of-Day report
Timeframe: Donnerstag 05-02-2026 18:00 - Freitag 06-02-2026 18:00
Handler: Guenes Holler
Co-Handler: Alexander Riepl
News
No Pain, No Gain - How Impunity Perpetuates Failure
It-s time to treat cybersecurity incidents and data breaches like preventable disasters, not the inevitable cost of doing business.
https://bytesandborscht.com/no-pain-no-gain-how-impunity-perpetuates-failure/
Ransomware gang uses ISPsystem VMs for stealthy payload delivery
Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ISPsystem, a legitimate virtual infrastructure management provider.
https://www.bleepingcomputer.com/news/security/ransomware-gang-uses-ispsystem-vms-for-stealthy-payload-delivery/
Spains Ministry of Science shuts down systems after breach claims
Spain's Ministry of Science (Ministerio de Ciencia) announced a partial shutdown of its IT systems, affecting several citizen- and company-facing services.
https://www.bleepingcomputer.com/news/security/spains-ministry-of-science-shuts-down-systems-after-breach-claims/
CISA orders federal agencies to replace end-of-life edge devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new binding operational directive requiring federal agencies to identify and remove network edge devices that no longer receive security updates from manufacturers.
https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-replace-end-of-life-edge-devices/
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index (PyPI) repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution.
https://thehackernews.com/2026/02/compromised-dydx-npm-and-pypi-packages.html
Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries
Artificial intelligence (AI) company Anthropic revealed that its latest large language model (LLM), Claude Opus 4.6, has found more than 500 previously unknown high-severity security flaws in open-source libraries, including Ghostscript, OpenSC, and CGIF.
https://thehackernews.com/2026/02/claude-opus-46-finds-500-high-severity.html
Datenleck bei Substack: Datensatz mit knapp 700.000 Einträgen im Netz
Cyberkriminelle haben Daten bei Substack abgezogen. Der Datensatz umfasst rund 700.000 Einträge und ist im Netz verfügbar.
https://heise.de/-11167482
Angriff per Signal: BfV und BSI warnen Politiker, Militärs und Diplomaten
Ein vergangene Woche bekannt gewordener Angriff auf Nutzer des Messengers Signal zielt auf Bundestagsabgeordnete und andere wichtige Personen ab.
https://heise.de/-11168254
Vulnerabilities
Security updates for Friday
Security updates have been issued by AlmaLinux (freerdp, kernel, python3, and python3.12-wheel), Debian (alsa-lib, chromium, openjdk-25, phpunit, tomcat10, tomcat11, and tomcat9), Fedora (openqa, pgadmin4, phpunit10, phpunit11, phpunit12, phpunit8, phpunit9, and yarnpkg), Mageia (python-django), SUSE (alloy, cups, dpdk, expat, glib2, java-1_8_0-ibm, java-1_8_0-openj9, java-25-openjdk, kernel, libpainter0, libsoup, libxml2, openssl-3, python-filelock, python-wheel, python312-Django6, thunderbird, traefik2, udisks2, wireshark, and xen), and Ubuntu (glib2.0, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, python3.14, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4, and tracker-miners).
https://lwn.net/Articles/1057506/
TeamViewer: Lücke erlaubt Zugriffe ohne vorherige Bestätigung
In TeamViewer wurde eine Sicherheitslücke entdeckt, die angemeldeten Angreifern Zugriffe auf Ressourcen erlaubt, bevor diese Berechtigung lokal bestätigt wurde. Aktualisierte Software-Pakete stehen bereit, um die Schwachstelle zu beheben. IT-Verantwortliche, die TeamViewer einsetzen, sollten zügig updaten.
https://www.heise.de/news/TeamViewer-Luecke-erlaubt-Zugriffe-ohne-vorherige-Bestaetigung-11167398.html
Sicherheitsupdates F5 BIG-IP: Angreifer können Datenverkehr lahmlegen
Setzen Angreifer erfolgreich an Sicherheitslücken in BIG-IP-Appliances wie Advanced WAF/ASM oder APM an, können sie Abstürze auslösen oder eigentlich geschützte Daten einsehen. Dagegen stehen abgesicherte Versionen zum Download bereit. Bislang gibt es keine Berichte zu Attacken.
https://heise.de/-11167422
DSA-6122-1 chromium - security update
https://lists.debian.org/debian-security-announce/2026/msg00031.html
TP-Link Systems Inc. VIGI Series IP Camera
https://www.cisa.gov/news-events/ics-advisories/icsa-26-036-01