CYBERCRIME In Other News: Record DDoS, Epstein’s Hacker, ESET Product Vulnerabilities Other noteworthy stories that might have slipped under the radar: AT&T and Verizon response to Salt Typhoon, AI agents solve security challenges, man arrested in Poland for DDos Attacks. By SecurityWeek News | February 6, 2026 (7:00 AM ET) Flipboard Reddit Whatsapp Email SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and industry reports. Here are this week’s stories: Former Google engineer convicted over theft of AI trade secrets A federal jury in San Francisco convicted former Google software engineer Linwei Ding, also known as Leon Ding, on seven counts of economic espionage and seven counts of theft of trade secrets. The conviction relates to Ding’s theft of confidential information containing Google’s AI trade secrets for China’s benefit. ADVERTISEMENT. SCROLL TO CONTINUE READING. ESET patches high-severity vulnerabilities ESET has announced patches for two high-severity local privilege escalation vulnerabilities affecting Windows products. One of the flaws, CVE-2025-13176, affects ESET Inspect Connector. The second issue, CVE-2025-13818, impacts the ESET Management Agent. The security firm has found no evidence of in-the-wild exploitation. Record-setting DDoS attack hits 31.4 Tbps Cloudflare’s Q4 2025 DDoS threat report details a massive network-layer attack that peaked at 31.4 Tbps and lasted 35 seconds, marking the largest ever recorded. This incident formed part of a broader surge, with total DDoS attacks rising 121% over the year to 47.1 million. Network-layer threats made up 78% of Q4 incidents, while hyper-volumetric attacks grew 40% from the prior quarter. Jeffrey Epstein’s personal hacker A confidential informant told the FBI in 2017 that Jeffrey Epstein had a personal hacker, according to a redacted document released by the Department of Justice. The informant described the hacker as an Italian citizen who specialized in discovering vulnerabilities in iOS, BlackBerry devices, and Firefox, and who developed and sold zero-day exploits and offensive cyber tools. Some in the cybersecurity community have speculated about the hacker’s identity based on the publicly available details in the document, though the name remains redacted and the FBI has not independently verified the claims. AI agents solve web security challenges in evaluation Researchers from Wiz and Irregular tested leading AI models (Claude Sonnet 4.5, GPT-5, and Gemini 2.5 Pro) on 10 lab-based web security challenges modeled after real-world vulnerabilities. The agents successfully completed 9 out of 10 challenges when given clear, directed objectives, often at low cost, but performance declined in broader, less guided scenarios where agents struggled with prioritization and scope management. AI-assisted attack gains AWS admin privileges in under 10 minutes Sysdig’s Threat Research Team recently observed a cloud intrusion where a threat actor used stolen credentials from public AWS S3 buckets to gain initial access to an AWS environment. The attacker, assisted by LLMs for tasks like reconnaissance, code generation, and decision-making, escalated privileges and achieved administrative access in about 8 minutes. The attacker compromised multiple AWS resources, created backdoor accounts, abused Bedrock models, and attempted to launch GPU instances before access was terminated. Canada Computers data breach Canada Computers & Electronics reported becoming aware of unauthorized access to its retail website system on January 22, 2026. The data breach affected customers who checked out as guests between December 29, 2025, and January 22, 2026, potentially exposing personal information including credit card details. In-store purchases and logged-in member accounts remained unaffected. Senator urges hearing with AT&T and Verizon CEOs over Salt Typhoon breach response On February 3, 2026, Senator Maria Cantwell (D-WA), ranking member of the Senate Commerce, Science, and Transportation Committee, sent a letter to Chairman Ted Cruz requesting a public oversight hearing with the CEOs of AT&T and Verizon. She cited months of unsuccessful efforts to obtain key documentation, including network security assessments from Mandiant, on the companies’ remediation of the Chinese Salt Typhoon attacks. Forescout report highlights surge in OT protocol attacks Forescout released its 2025 Threat Roundup, analyzing over 900 million global cyberattacks observed last year. Key trends include an 84% increase in attacks using OT protocols, greater distribution of attacks across more countries, rising exploitation of cloud services, vulnerable web applications, and emerging AI platforms. The report notes escalated targeting of critical sectors such as healthcare, manufacturing, government, energy, and financial services. Polish police arrest 20-year-old for DDoS attacks Law enforcement in Poland detained a 20-year-old man suspected of launching DDoS attacks that targeted numerous websites worldwide. The suspect faces six criminal charges. During the arrest at his apartment, officers seized computer equipment used to host and distribute the attack tools. The man admitted to most of the allegations before being released on bail. 1.4 million records compromised in Betterment data breach The recent data breach at automated investment platform Betterment resulted in the exposure of approximately 1.4 million unique email addresses along with names and geographic locations for affected accounts. A subset of records also included dates of birth, phone numbers, physical addresses, device information, employers, and job titles. The breach, which did not involve access to customer accounts or login credentials, has been added to Have I Been Pwned. Related: In Other News: Paid for Being Jailed, Google’s $68M Settlement, CISA Chief’s ChatGPT Leak Related: In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice WRITTEN BY SecurityWeek News More from SecurityWeek News In Other News: Paid for Being Jailed, Google’s $68M Settlement, CISA Chief’s ChatGPT Leak In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice Webinar Today: Rethinking Email Security for Mid-Sized Organizations In Other News: FortiSIEM Flaw Exploited, Sean Plankey Renominated, Russia’s Polish Grid Attack In Other News: 8,000 Ransomware Attacks, China Hacked US Gov Emails, IDHS Breach Impacts 700k In Other News: Docker AI Attack, Google Sues Chinese Cybercriminals, Coupang Hacked by Employee In Other News: PromptPwnd Attack, macOS Bounty Complaints, Chinese Hackers Trained in Cisco Academy Virtual Event Today: Cyber AI & Automation Summit Day 2 Latest News Organizations Urged to Replace Discontinued Edge Devices Flickr Security Incident Tied to Third-Party Email System Living off the AI: The Next Evolution of Attacker Tradecraft Airrived Emerges From Stealth With $6.1 Million in Funding ‘DKnife’ Implant Used by Chinese Threat Actor for Adversary-in-the-Middle Attacks 5 Bills to Boost Energy Sector Cyber Defenses Clear House Panel Critical SmarterMail Vulnerability Exploited in Ransomware Attacks Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog TRENDING Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Identity Under Attack: Why Every Business Must Respond Now February 11, 2026 Attendees will walk away with guidance for how to build robust identity defenses, unify them under a consistent security model, and ensure business operations move quickly without compromise. Register Virtual Event: Ransomware Resilience & Recovery 2026 Summit February 25, 2026 SecurityWeek’s 2026 Ransomware Summit will discuss a roadmap for defending the enterprise, from mitigating root causes to mastering recovery, giving security teams the critical insights needed to navigate and neutralize today’s ransomware extortion threats. Submit PEOPLE ON THE MOVE Pennsylvania has named Andy Ritter as CISO and Jim Sipe as executive deputy CIO. Hayete Gallot has rejoined Microsoft as Executive Vice President, Security. Torq has appointed industry veteran John White as Field CISO. More People On The Move EXPERT INSIGHTS Living off the AI: The Next Evolution of Attacker Tradecraft Living off the AI isn’t a hypothetical but a natural continuation of the tradecraft we’ve all been defending against, now mapped onto assistants, agents, and MCP. (Etay Maor) Why We Can’t Let AI Take the Wheel of Cyber Defense The fastest way to squander the promise of AI is to mistake automation for assurance, and novelty for resilience. (Steve Durbin) The Upside Down is Real: What Stranger Things Teaches Us About Modern Cybersecurity To all those who are fighting the good fight in the world of cyber, keep collaborating to ensure our world never succumbs to the chaos of the Upside Down. (Nadir Izrael) Why Identity Security Must Move Beyond MFA By integrating identity threat detection with MFA, organizations can protect sensitive data, maintain operational continuity, and reduce risk exposure. (Torsten George) Forget Predictions: True 2026 Cybersecurity Priorities From Leaders Security leaders chart course beyond predictions with focus on supply chain, governance, and team efficiency. (Jennifer Leggio) Flipboard Reddit Whatsapp Email