VulnHub

Real-time Cybersecurity News

Conpet hit by cyberattack, Qilin ransomware claims responsibility

SCM feed for Latest
Actively Exploited
RansomwareCritical

Overview

Conpet, a company involved in oil and gasoline transport, fell victim to a cyberattack that compromised its corporate IT infrastructure. The Qilin ransomware group has claimed responsibility for the attack. Despite the breach, Conpet reported that its main operations remained unaffected, meaning their transport services continued without interruption. This incident raises concerns about the security of critical infrastructure sectors, as ransomware attacks can lead to significant operational disruptions and data loss. Companies in similar industries should evaluate their cybersecurity measures to protect against such threats.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Conpet's corporate IT infrastructure
  • Timeline: Newly disclosed

Original Article Summary

The incident affected Conpet's corporate IT infrastructure, but the company stated that its core operations, including oil and gasoline transport, were not disrupted.

Impact

Conpet's corporate IT infrastructure

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware, Critical.

Read Original Article

Related Coverage

CISA pushes Federal agencies to retire end-of-support edge devices

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to take action on outdated edge network devices. Under the new Binding Operational Directive 26-02, agencies must improve the management of these devices and replace any that are no longer supported within the next 12 to 18 months. This directive aims to mitigate risks associated with using unsupported technology, which can be vulnerable to cyberattacks and security breaches. By addressing these outdated devices, CISA is pushing for better security practices to protect federal networks and sensitive information. The move emphasizes the need for agencies to stay current with technology and avoid potential exploitation by cybercriminals.

Feb 7, 2026

Reports shed light on more OpenClaw vulnerabilities

SCM feed for Latest

Recent reports indicate that nearly 7.1% of skills associated with the open-source AI agent OpenClaw on the ClawHub marketplace may be exposing sensitive information such as API keys, credentials, and credit card details. This vulnerability arises from issues in the SKILL.md instructions, which guide developers on how to create and use these skills. The exposure of such critical data can lead to unauthorized access and financial fraud, impacting both developers and users who rely on these AI capabilities. It's crucial for developers to review their implementations and ensure they are safeguarding sensitive information to prevent potential exploitation. This incident serves as a reminder of the importance of secure coding practices in open-source projects.

Feb 6, 2026

AI-based scam spoofing law firms uncovered

SCM feed for Latest

A recent investigation uncovered over 150 domains impersonating law firms as part of a scam that uses artificial intelligence. These fake websites are designed to deceive individuals and businesses by mimicking legitimate legal services. The scammers aim to exploit unsuspecting victims, potentially leading to financial losses and legal complications for those who engage with these fraudulent sites. This incident raises concerns about the effectiveness of current cybersecurity measures and the challenges of identifying AI-generated content. As cybercriminals increasingly utilize advanced technology, it becomes essential for both users and legal professionals to remain vigilant against such impersonation schemes.

Feb 6, 2026

Iranian Infy APT evolves tactics, leverages Telegram for C2

SCM feed for Latest

Researchers from SafeBreach have reported that an Iranian hacking group known as Infy APT has adapted its tactics by using Telegram for command and control (C2) operations. This shift comes after a period of internet restrictions imposed by the Iranian government, which has since ended, allowing the group to re-establish its online presence. The use of Telegram for C2 indicates a strategic change, making it easier for attackers to communicate and coordinate their activities while potentially evading detection. This development is concerning for organizations that may be targeted by these tactics, as it suggests a more sophisticated approach to cyber espionage and attacks. Keeping an eye on these evolving methods is crucial for cybersecurity professionals in order to protect sensitive information.

Feb 6, 2026

DHS privacy probe will focus on biometric tracking by ICE, OBIM

CyberScoop

The Department of Homeland Security (DHS) is facing a privacy investigation that will focus on the use of biometric tracking by its Immigration and Customs Enforcement (ICE) and the Office of Biometric Identity Management (OBIM). Auditors have indicated that the probe might expand to other DHS components, examining how the agency utilizes biometric markers in immigration enforcement activities. This scrutiny comes as concerns grow over privacy rights and the implications of increased surveillance. The outcome of this investigation could impact DHS's practices and policies regarding biometric data collection and usage, raising questions about transparency and accountability in immigration enforcement.

Feb 6, 2026

AI backdoor threats: Detecting 'sleeper agents' in large language models

SCM feed for Latest

Researchers have identified a significant security risk involving artificial intelligence, specifically large language models (LLMs). Attackers can embed backdoors within these models, making them hard to detect. These backdoors lie dormant until triggered by a specific phrase, at which point the model executes harmful actions. This poses a serious threat to users and organizations relying on AI for various applications, as it could lead to data breaches or misinformation. The findings highlight the need for improved security measures in AI development to prevent such vulnerabilities from being exploited.

Feb 6, 2026