👉 What’s trending in cybersecurity today?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Zendesk Spam Wave Floods User Emails

A widespread surge of automated spam is bypassing filters by exploiting unsecured Zendesk support systems to flood inboxes globally. These messages appear as legitimate account activation or support notifications, leaving many users receiving hundreds of unwanted emails in a short period.

2. CISA Adds Solarwinds RCE To KEV

The Cybersecurity and Infrastructure Security Agency has officially added a critical SolarWinds Web Help Desk flaw to its list of known exploited vulnerabilities due to active attacks. This specific security hole allows unauthenticated attackers to execute remote commands by exploiting a weakness in how the system handles untrusted data.

3. Docker Fixes Critical Ask Gordon AI Flaw

Cybersecurity experts recently uncovered a critical vulnerability in Docker’s Ask Gordon AI assistant that allowed attackers to run unauthorized code or steal data via malicious image metadata. Docker has since resolved the issue, known as DockerDash, with the release of version 4.50.0 to prevent these automated injection attacks.

For more alerts click here!

Subscribe

💥 Cyber Incidents

4. Data Breach At Betterment Exposes Accounts

A security breach at the automated investment platform Betterment in January resulted in the theft of personal data from over 1.4 million accounts. Although the company suggests customer accounts themselves were not compromised, hackers managed to exfiltrate email addresses, names, and physical locations to launch fraudulent cryptocurrency scams.

5. Mexican Government Faces Leak Allegations

A hacktivist collective known as Chronus Group claims to have leaked 2.3 terabytes of data belonging to 36 million Mexican citizens. While the leak involves a massive portion of the population, government officials maintain the data originates from older breaches and contains no new sensitive information.

6. Cyberattack At Trocaire College Exposes Data

Trocaire College is facing three class-action lawsuits following a cyberattack that exposed the personal data of over 23,000 individuals, including Social Security numbers. Although the breach was detected in March 2025, the college did not begin notifying affected students and staff until January 2026, leading to allegations of gross negligence regarding security and transparency.

For more incidents click here!

Get Help

📢 Cyber News

7. Senators Introduce Bill Targeting Scam Ads

Senators Ruben Gallego and Bernie Moreno have introduced the Safeguarding Consumers from Advertising Misconduct Act to force online platforms to actively prevent fraudulent advertisements from reaching their users. This bipartisan legislation follows reports that major tech companies are generating billions in revenue from deceptive ads while consumers suffer significant financial losses.

8. Man Faces More Charges In Geisinger Breach

A California man originally charged in the 2023 Geisinger Health System data breach now faces additional counts of making false statements to federal investigators. Max Vance is accused of lying to FBI agents about downloading unauthorized patient data onto his personal devices following his termination from a Microsoft subsidiary.

9. Hackers Recruit Insiders To Bypass Security

Threat actors are increasingly bypassing technical defenses by recruiting disgruntled employees through social media and email with promises of financial gain. This strategy exploits economic anxieties like layoffs and AI displacement, making insider cooperation a primary security vulnerability for modern enterprises.

For more news click here!

Click Here

📈Cyber Stocks

On Thursday, 5 February 2026, cybersecurity stocks showed mixed intraday trading with slight rotation within security subsectors. Investors balanced persistent enterprise demand for protection tools against broader tech volatility, while leadership in identity, cloud protection, and platform security remained focal points.

• Fortinet Inc was at 81.12 dollars and modestly higher, with steady demand for network security and converged firewall solutions.

• Check Point Software Technologies traded near 176.49 dollars and was up, supported by persistent interest in defensive threat prevention platforms.

• SentinelOne Inc was around 13.62 dollars and modestly higher, as smaller AI-driven endpoint security stocks attracted selective buying.

• Rapid7 Inc was near 11.04 dollars and climbed, indicating some resilience in vulnerability management and SIEM exposure.

• CyberArk Software Ltd stood around 407.02 dollars and was essentially flat, with privileged access management demand a structural support.

💡 Cyber Tip

📨 Zendesk Spam Wave Floods User Emails

Attackers are abusing unsecured Zendesk support forms to trigger massive waves of automated emails. The messages look like legitimate account activations or support tickets and bypass spam filters because they originate from trusted Zendesk infrastructure, leaving users overwhelmed with hundreds of emails in a short time.

🛠️ What You Should Do

• Do not click links in unexpected account or support emails

• Check directly with the service provider if an alert seems suspicious

• Use email rules or temporary filters to manage inbox flooding

• Report abuse to the affected company and mark messages as spam

• Watch for important security alerts that could be buried in the noise

⚠️ Why This Matters

Email flooding can be used to hide real security warnings or fraud alerts. By exploiting trusted platforms, attackers turn legitimate systems into spam cannons, increasing the risk of missed breaches or financial loss.

Visit BookClub

📚 Cyber Book

Tactical Wireless Security by Daniel W. Dieterle

Get Book

That concludes today’s briefing. You can check the top headlines here!

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium