Canadian IT retailer Canada Computers has suffered a security breach

Customers who used the guest checkout option on its website had their personal and card data collected

The malicious code was live between December 29 to January 22

https://www.canadacomputers.com/en/content/9/press-room

Meta is now using a Rust component to safely process media files shared on WhatsApp

https://engineering.fb.com/2026/01/27/security/rust-at-scale-security-whatsapp/

I deleted the previous post. The Paris Prosecution Office left the platform on its own. They didn't get banned.

finally some sanity? https://blog.cryptographyengineering.com/2026/02/02/whatsapp-encryption-a-lawsuit-and-a-lot-of-noise/

A fun one about the Notepad++ incident is, although my toots about it auto deleted (I have my toots set to auto delete unless I bookmark them), it was first revealed on the Fediverse in followers only mode a few months ago - I had a thread running for it back then.

When in follower only mode, the C2 infrastructure was still up so I was still able to track it - they only burnt it down when I wrote the blog. So follow me to see nation state espionage get live tooted, I guess.

RE: https://mastodon.social/@campuscodi/116006284031729445

More on this campaign from Zscaler: https://www.zscaler.com/blogs/security-research/apt28-leverages-cve-2026-21509-operation-neusploit

Other targets also include Romania and Slovakia

There's a bug in the ESXi version of the Nitrogen ransomware that permanently destroys files... so don't pay the ransom

https://www.coveware.com/blog/2026/2/2/nitrogen-ransomware-esxi-malware-has-a-bug

RE: https://techhub.social/@Techmeme/116006154903233333

FAFO

Interesting report here from GreyNoise on how CISA silently updated 59 KEV entries last year, flipping their "knownRansomwareCampaignUse" tag, meaning the bugs were being abused for ransomware attacks

https://www.greynoise.io/blog/unmasking-cisas-hidden-kev-ransomware-updates

Dear f***ing lord!

Nearly one every three Meta ads showed in the EU and UK over 23 days pointed to online scams

This should be the easiest layup for govt agencies in the history of enforcements

https://www.gendigital.com/blog/insights/research/scam-ad-machine-meta

Cyber groups survive takedowns even from Russian authorities.

The NyashTeam is alive and well after Russia's national domain registrar seized 110 domains last year.

https://www.f6.ru/blog/nyashteam-legion/

Kaspersky has a list of individuals targeted in the Notepad++ incident

https://securelist.com/notepad-supply-chain-attack/118708/

Russian security firm F6 (which splintered from Group-IB) has published its yearly threat report

The company says it tracks 27 APTs targeting Russian and the CIS space. It also reported a six-time increase in Android trojans.

https://www.f6.ru/cybercrime-trends-annual-report-2025-2026/

Russian GRU-linked cyber-espionage group APT28 is now using an Office zero-day disclosed last week for spear-phishing campaigns targeting Ukrainian targets, per a new Ukraine CERT report

https://cert.gov.ua/article/6287250

Notepad++ have today confirmed their auto process was compromised by Chinese nation state threat actors, in a supply chain hack: https://notepad-plus-plus.org/news/hijacked-incident-info-update/

This backs up my blog from late last year, with #GAYINT threat actor mapping to Funky Stamen.

The infrastructure and update mechanisms have since been tightened. For what it’s worth - entry was to telcos and financial services with interests aligned to China. Notepad++ dev did a great job treating issue seriously.

RE: https://techhub.social/@Techmeme/116000856858815600

One way to make sure xAI is too big to fail before the AI bubble bursts - put it inside SpaceX, which is critical to US national security and interests.

From @campuscodi at @riskybiz:

Fidesz disinformation network: A Facebook troll farm pushing pro-Orban disinformation has ties to a local non-profit organization with ties to the Fidesz political party. Hungarian journalists claim more than 100 employees of the Digital Democracy Development Agency manage Facebook accounts that promote the party and attack the opposition online. The agency allegedly buys Facebook groups and accounts and then floods discussions with their comments. Hungary is set to hold parliamentary elections in April.

https://translate.kagi.com/444.hu/2026/01/30/megtalaltuk-a-trollfarmot-ahonnan-alprofilok-szazaval-ontjak-a-fideszes-kommenteket-a-facebookon?kt_quality=standard

https://news.risky.biz/risky-bulletin-stopice-blames-hack-on-a-cbp-agent-here-in-socal/

NEW: A few weeks ago, @PogoWasRight and I ran a survey asking security researchers and journalists about the legal and criminal threats they have received for doing their jobs.

Over 100 people responded, and we now have our results.

One of our key findings is that while legal threats and criminal threats are common, most researchers & journalists stood their ground and did not give in to threats.

More: https://this.weekinsecurity.com/new-survey-reveals-how-security-researchers-and-journalists-experience-legal-and-criminal-threats/

Results: https://databreaches.net/2026/02/02/under-pressure-exploring-the-effect-of-legal-and-criminal-threats-on-security-researchers-and-journalists/

PDF: https://databreaches.net/wp-content/uploads/security-researcher-journalist-threats-survey-2026.pdf

-StopICE blames hack on "CBP agent here in SoCal"
-Microsoft will disable NTLM in the next Windows version
-Poland bans Chinese cars from military bases
-Ivanti patches two zero-days
-Cyberattack disrupted Russian oil company
-Chat & Ask AI leaks chatbot messages
-Nobel Committee investigates hack
-Data leak at the Ttareungyi bike-sharing service
-Comcast agrees to $117.5m settlement over 2023 breach
-US investigates WhatsApp

Podcast: https://risky.biz/RBNEWS520/
Newsletter: https://news.risky.biz/risky-bulletin-stopice-blames-hack-on-a-cbp-agent-here-in-socal/