Daily Security Briefing #154
- DjediTech
- Security , Newsletter
- February 3, 2026
Table of Contents
February 3, 2026 | Read Online
Phishing campaigns soar, macOS under attack, and more…
Executive Summary
February’s early days have seen a surge in cybersecurity threats across various sectors. Phishing attacks continue to evolve with sophisticated techniques being used to bypass filters. In the financial sector, DDoS attacks surged in 2025, doubling from 864 incidents in 2024 to 1,858. Meanwhile, macOS users are facing a sharp rise in infostealer attacks that exploit trusted platforms like WhatsApp and popular PDF utilities. Microsoft has also made headlines for giving the FBI BitLocker keys.
Top Articles
Experts on Experts – Season One Roundup
Rapid7’s video series, “Experts on Experts: Commanding Perspectives,” revisits the first season of expert conversations that started it all. The pilot video series highlighted topics like agentic AI, MDR ROI, cybercrime-as-a-service, and policy in practice. Rapid7
The Three Most Disruptive Cyber Trends Impacting the Financial Industry Today
The financial sector experienced an unprecedented rise in cyber incidents, with attacks more than doubling from 864 in 2024 to 1,858 in 2025. This reflects a dramatic shift in threat actor behavior.
Fake Dropbox Phishing Campaign Targets Users, Steals Login Credentials
A sophisticated phishing campaign targets users with a multi-stage approach to bypass email filtering and content-scanning systems. The attack exploits trusted platforms and layered redirection techniques.
Infostealer Attacks Hit macOS, Abusing Python and Trusted Platforms
A sharp rise in campaigns targeting macOS users involves exploiting trusted platforms like WhatsApp and popular PDF utilities. These attacks harvest credentials, browser data, cloud keys, and cryptocurrency wallets.
Microsoft is Giving the FBI BitLocker Keys
In response to court orders, Microsoft gives the FBI the ability to decrypt BitLocker about twenty times per year. Users can store keys on devices they own or recommend storing them on Microsoft servers for convenience.
How CISOs Can Eliminate Alert Fatigue and Focus on High-Risk Security Incidents With SOC Teams
The phenomenon of alert fatigue, a primary driver of burnout in SOCs, is explored. Strategies for eliminating this condition are discussed.
Foxit PDF Editor Vulnerability Allows Attackers to Execute Arbitrary JavaScript
Critical XSS vulnerabilities affecting Foxit PDF Editor Cloud and Foxit eSign have been patched. The vulnerabilities allowed attackers to execute arbitrary JavaScript in user browsers.
Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata
A critical vulnerability impacting Ask Gordon, an AI assistant built into Docker Desktop and the Docker CLI, has been addressed. The flaw could be exploited to execute code and exfiltrate sensitive data.
Wave of Citrix NetScaler scans use thousands of residential proxies
A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure used tens of thousands of residential proxies to discover login panels.
Step Finance says compromised execs’ devices led to $40M crypto theft
The company Step Finance announced that it lost $40 million worth of digital assets after hackers compromised the devices of its team’s executives.
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.