Top 5 Cybersecurity News Stories February 06, 2026

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top 5 cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models

Microsoft’s AI Security team has developed a lightweight scanner to detect backdoors in open-weight large language models, enhancing trust in AI systems. The tool identifies three key signals: a distinctive “double triangle” attention pattern on trigger prompts, leakage of poisoning data through memorization, and activation by “fuzzy” trigger variants.

Requiring no additional training or prior backdoor knowledge, it scans models at scale across GPT-style architectures. While effective for trigger-based backdoors, limitations include the need for model file access and focus on deterministic outputs. This advances practical backdoor detection amid rising AI tampering risks.
Read more on The Hacker News

2. Microsoft rolls out native Sysmon monitoring in Windows 11

Microsoft has begun rolling out native Sysmon functionality to Windows 11 systems in the Insider Beta and Dev channels, simplifying deployment for threat detection. Sysmon, previously a standalone Sysinternals tool, now appears as an optional Windows feature that logs system events like process creation, file changes, and clipboard activity to the Event Log.

Users must uninstall any existing Sysmon, enable the feature via Settings or DISM, and run “sysmon -i” to activate. Custom configurations remain supported for tailored monitoring. This integration eases management in large environments without manual installs.
Read more on BleepingComputer

3. EDR killer tool uses signed kernel driver from forensic software

Security researchers at Huntress identified a custom EDR killer abusing the revoked 2006 EnCase kernel driver (EnPortv.sys) to disable 59 EDR and antivirus tools. Deployed after a SonicWall VPN breach lacking MFA, the malware masquerades as a firmware updater, installs the driver as a persistent OEM service, and uses IOCTL calls to terminate processes, bypassing PPL protections.

It loops every second to kill restarted services. Despite the driver’s expired and revoked certificate, Windows accepts it due to pre-2015 signing exceptions. Recommendations include MFA, HVCI, and WDAC rules to block vulnerable drivers.
Read more on BleepingComputer

4. CISA warns of five-year-old GitLab flaw exploited in attacks

CISA has added a five-year-old GitLab server-side request forgery vulnerability (CVE-2021-39935) to its Known Exploited Vulnerabilities catalog, mandating federal agencies patch by February 24, 2026. Affecting GitLab CE/EE versions from 10.5 to early 14.x, the flaw allows unauthenticated external users to access the CI Lint API for SSRF attacks when user registration is restricted.

GitLab patched it in December 2021. With over 49,000 exposed instances online per Shodan, CISA urges all organizations to apply mitigations promptly to counter ongoing exploitation.
Read more on BleepingComputer

5. Panera Bread breach impacts 5.1 million accounts, not 14 million customers

ShinyHunters breached Panera Bread via vishing on a Microsoft Entra SSO code, stealing records for 5.1 million unique accounts (not 14 million customers as initially claimed), including names, emails, phones, addresses, and employee data.

After failed extortion, the 760 MB archive was leaked publicly. Have I Been Pwned confirmed the impact. Panera confirmed contact information exposure but has not notified affected users. This attack is part of ShinyHunters’ vishing campaign targeting SSO at over 100 organizations, including Match Group.
Read more on BleepingComputer

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!