Today's cybersecurity headlines are brought to you by ThreatPerspective
| Follow @EthHackingNews |
| Follow @EthHackingNews |
Ukraine's army was recently targeted in a charity-themed malware campaign that delivered backdoor malware called PluggyApe. The attackers likely came from the Russian threat group known as 'Void Blizzard' and 'Laundry Bear', although there is medium confidence in attribution. This incident highlights the ongoing efforts by Russian threat groups to disrupt Ukraine's military capabilities, using advanced techniques and tools to target high-value targets.
Published: Tue Jan 13 17:14:44 2026 by llama3.2 3B Q4_K_M
Browser security checks are an essential tool in protecting our online identity from cyber threats, ensuring a safer browsing experience and safeguarding our sensitive information.
Published: Wed Jan 14 00:46:38 2026 by llama3.2 3B Q4_K_M
A new zero-day bug in Windows has been discovered, allowing an authorized attacker to leak a memory address from a remote ALPC port. The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged the vulnerability as a "frequent attack vector for malicious cyber actors," and Microsoft has pushed a patch to address the issue. However, concerns remain about whether other components may be involved in an exploit chain, highlighting the importance of rapid patching and staying informed about newly disclosed vulnerabilities.
Published: Wed Jan 14 00:55:23 2026 by llama3.2 3B Q4_K_M
AZ Monica Hospital's Digital Healthcare Disruption: A Cautionary Tale of Cybersecurity
A devastating cyberattack has left a prominent Belgian general hospital network's digital systems severely compromised. The attack resulted in the hospital's decision to shut down servers, cancel scheduled procedures, and transfer critical patients. This incident highlights the importance of robust cybersecurity measures in healthcare institutions and underscores the need for cooperation between hospitals, law enforcement agencies, and cybersecurity experts.
Published: Wed Jan 14 01:07:05 2026 by llama3.2 3B Q4_K_M
PLUGGYAPE Malware: A Sophisticated Threat Leveraging Signal, WhatsApp, and Obfuscation Techniques to Target Ukrainian Defense Forces. Learn more about this new strain of malware and its implications for organizations.
Published: Wed Jan 14 01:16:16 2026 by llama3.2 3B Q4_K_M
A recent data breach at Monroe University has exposed personal, financial, and health-related information of over 320,000 individuals. The university has taken steps to address its security posture and prevent similar incidents in the future. Stay informed about the latest cybersecurity developments with our regular updates on breaches and security best practices.
Published: Wed Jan 14 03:05:54 2026 by llama3.2 3B Q4_K_M
Microsoft Patch Tuesday January 2026 addressed a total of 112 CVEs across various products, including Windows and Office. The update includes eight critical vulnerabilities, which can help attackers bypass security protections and make more serious exploits work. This release highlights the need for companies to prioritize cybersecurity and maintain their software on a regular basis to minimize potential risks.
Published: Wed Jan 14 03:12:42 2026 by llama3.2 3B Q4_K_M
Spanish energy giant Endesa has found itself at the center of a high-profile data breach scandal after hackers claimed to have stolen sensitive information from millions of customers. The incident highlights the importance of robust cybersecurity measures and data protection protocols in the face of increasingly sophisticated cyber threats.
Published: Wed Jan 14 04:24:50 2026 by llama3.2 3B Q4_K_M
Microsoft has addressed 114 Windows vulnerabilities in its first security update for 2026, including one actively exploited flaw that allows attackers to disclose sensitive information. The update includes patches for multiple privilege escalation and remote code execution flaws, as well as a security feature bypass impacting Secure Boot Certificate Expiration. Prompt patching is essential to maintain trust in Windows security boundaries.
Published: Wed Jan 14 05:18:00 2026 by llama3.2 3B Q4_K_M
A high-profile data breach at the Victorian Department of Education has left students and parents shaken, with hackers gaining access to personal information and email addresses of current and former students.
Published: Wed Jan 14 05:49:42 2026 by llama3.2 3B Q4_K_M
U.S. CISA adds a new vulnerability in Microsoft Windows to its Known Exploited Vulnerabilities catalog, highlighting the ongoing threat of sophisticated cyberattacks against individuals and organizations worldwide. Learn more about this critical flaw and how to protect your systems from potential attacks.
Published: Wed Jan 14 06:09:22 2026 by llama3.2 3B Q4_K_M
Fortinet has released patches for two critical security vulnerabilities in its FortiSIEM and FortiFone systems, addressing issues allowing unauthenticated remote code execution and device configuration access. Users are urged to update their systems to the latest versions for optimal protection.
Published: Wed Jan 14 06:22:27 2026 by llama3.2 3B Q4_K_M
The UK government has dropped its plan to make digital ID mandatory for proof of right to work in the country, sparking concerns about the cost and purpose of the scheme. The revised approach prioritizes access to public services across the population, but critics argue that taxpayers should not foot a £1.8 billion bill for an unnecessary system. This article explores the complexities surrounding the digital ID requirement and its potential implications for the United Kingdom's immigration policies, public services, and data protection laws.
Published: Wed Jan 14 06:36:14 2026 by llama3.2 3B Q4_K_M
Eurail has confirmed that its customers' personal data was compromised in a recent breach, exposing sensitive information including passports and bank details. The company has assured customers that it takes their security seriously and is taking steps to secure affected systems. However, the potential consequences for customers are significant, with possible outcomes including phishing attempts, unauthorized access, and identity theft.
Published: Wed Jan 14 06:53:23 2026 by llama3.2 3B Q4_K_M
Belgian hospital network AZ Monica faces a major crisis after a cyberattack crippled its services, forcing the cancellation of surgeries and the transfer of critical patients. The attack's impact is still being assessed, but it's clear that the healthcare sector in Belgium is facing significant challenges.
Published: Wed Jan 14 07:07:02 2026 by llama3.2 3B Q4_K_M
Microsoft Copilot has recently faced a critical vulnerability known as the Reprompt attack method, which allows hackers to hijack sessions and issue commands to exfiltrate sensitive data. By applying the latest Windows update, users can protect themselves against this new threat.
Published: Wed Jan 14 08:07:10 2026 by llama3.2 3B Q4_K_M
In a significant shift in the tactics employed by cybercriminals, DeadLock ransomware has been identified as one of the first groups to utilize blockchain-based anti-detection methods. This marks a new era in the cat-and-mouse game between cybercriminals and defenders.
Published: Wed Jan 14 08:32:32 2026 by llama3.2 3B Q4_K_M
Hackers have successfully exploited a vulnerability in the open-source c-ares library to bypass security controls and deliver a wide range of malware. The attack aims to establish persistent remote access and data theft. Facebook phishing scams employing the Browser-in-the-Browser (BitB) technique are also being used to deceive unsuspecting users into entering their credentials.
Published: Wed Jan 14 08:41:46 2026 by llama3.2 3B Q4_K_M
Discover how elite SOCs use NDR to protect their networks and learn more about ConsentFix, a novel OAuth phishing technique that's making waves in the cybersecurity world. Read our latest article for an in-depth analysis of this threat and its implications for organizations and individuals.
Published: Wed Jan 14 09:17:05 2026 by llama3.2 3B Q4_K_M
France has fined two major telecom companies, Free and Free Mobile, €42 million for their roles in a data breach that compromised the personal data of over 24 million individuals, including financial information such as IBANs. The fine was issued by France's data protection regulator, CNIL, due to the companies' failure to properly secure personal data, inadequate communication of the breach to those affected, and non-compliance with data retention laws.
Published: Wed Jan 14 09:30:24 2026 by llama3.2 3B Q4_K_M
Fortinet has addressed two critical flaws in its FortiFone and FortiSIEM products, including a vulnerability that could allow attackers to execute unauthorized code without authentication. The company released patches for affected versions and provided recommendations for mitigating the impact of the vulnerabilities.
Published: Wed Jan 14 10:09:40 2026 by llama3.2 3B Q4_K_M
U.S. Law Enforcement Agencies Scramble to Understand Venezuelan Gang's True Intentions
The designation of a Venezuelan gang as a "foreign terrorist organization" has sparked confusion and controversy within U.S. law enforcement agencies, with some officials struggling to understand the group's true intentions and capabilities.
Published: Wed Jan 14 10:22:07 2026 by llama3.2 3B Q4_K_M
AI agents have quickly moved from experimental tools to core components of daily workflows across security, engineering, IT, and operations. This has introduced a new threat - privilege escalation - as these agents become access intermediaries that bypass traditional permission boundaries. To mitigate this risk, organizations must reevaluate their approach to security in light of this emerging threat.
Published: Wed Jan 14 10:34:56 2026 by llama3.2 3B Q4_K_M
Microsoft has resolved a known issue that triggered false positive security alerts caused by the Windows DLL WinSqlite3.dll. The update, released January 13, 2026, and later, fixes the detection of a vulnerable memory corruption vulnerability (CVE-2025-6965) in this component. It is recommended to install the latest update for your device as it contains important improvements and issue resolution.
Published: Wed Jan 14 10:49:24 2026 by llama3.2 3B Q4_K_M
A new attack method dubbed "Reprompt" has emerged, exploiting vulnerabilities in Microsoft Copilot's execution of injected prompts via the 'q' parameter in URLs. The attack allows attackers to infiltrate user Copilot sessions and exfiltrate sensitive data without the victim's knowledge, highlighting the importance of staying vigilant against AI-powered attacks.
Published: Wed Jan 14 11:11:48 2026 by llama3.2 3B Q4_K_M
A new security flaw has been discovered in FortiSIEM, allowing remote attackers to execute commands or code. The vulnerability impacts versions from 6.7 to 7.5 and has been addressed by Fortinet with a patch. Organizations utilizing the service are advised to take proactive measures to secure their configurations.
Published: Wed Jan 14 12:59:19 2026 by llama3.2 3B Q4_K_M
A nationwide mobile crisis has struck the United States, leaving millions of customers without access to mobile data and voice services. The Verizon outage has raised questions about the resilience of the US telecommunications system and highlights the importance of having a robust backup plan in place. With experts warning that similar incidents can have far-reaching consequences, it's essential for consumers to take steps to protect themselves from potential vulnerabilities in their mobile devices and networks.
Published: Wed Jan 14 13:06:57 2026 by llama3.2 3B Q4_K_M
In a significant move, France has imposed a cumulative fine of €42 million on Free Mobile for its inadequate handling of a 2024 data breach incident that exposed customer information. The French data protection authority found that the company failed to implement adequate security measures and properly inform affected individuals of the breach, in violation of GDPR regulations. As the country continues to navigate the complexities of data protection, this fine serves as an important reminder for ISPs of their responsibility to prioritize the safety of sensitive customer information.
Published: Wed Jan 14 13:56:30 2026 by llama3.2 3B Q4_K_M
AISURU/Kimwolf Botnet: A Looming Threat to Global Cybersecurity - The recent discovery of this notorious botnet has sent shockwaves throughout the cybersecurity community, highlighting the increasingly sophisticated and pervasive nature of modern cyber threats. With over 2 million Android devices compromised and a sophisticated proxy network containing 832 compromised KeeneticOS routers operating across Russian ISPs, this botnet presents a significant threat to global cybersecurity.
Published: Wed Jan 14 14:12:23 2026 by llama3.2 3B Q4_K_M
Ukraine's defense forces have been targeted by a series of sophisticated cyberattacks using PLUGGYAPE malware linked to Russia's Void Blizzard group. The attacks demonstrate the evolving nature of modern cyber threats and highlight the need for robust cybersecurity measures.
Published: Wed Jan 14 14:23:51 2026 by llama3.2 3B Q4_K_M
New Linux malware dubbed "VoidLink" has emerged with advanced stealth capabilities and a range of illicit activities. Targeting cloud infrastructure, this highly sophisticated threat highlights the evolving nature of cybersecurity challenges, emphasizing the need for sustained vigilance among organizations to safeguard against emerging threats.
Published: Wed Jan 14 14:50:59 2026 by llama3.2 3B Q4_K_M
The Kyowon Group, a prominent South Korean conglomerate, has confirmed that its systems were targeted in a suspected ransomware attack on January 14. With over 9.6 million accounts registered and an estimated 5.5 million individuals potentially affected, the breach raises concerns about customer data exposure and the broader implications for cybersecurity.
Published: Wed Jan 14 15:57:05 2026 by llama3.2 3B Q4_K_M
Microsoft's Digital Crimes Unit has disrupted RedVDS, a massive cybercrime platform linked to at least $40 million in reported losses in the United States alone since March 2025. The disruption marks a significant victory in the ongoing struggle against cybercrime and serves as a reminder of the need for robust cybersecurity measures and international cooperation.
Published: Thu Jan 15 01:21:00 2026 by llama3.2 3B Q4_K_M
China has issued a directive instructing domestic firms to cease using cybersecurity software from over 12 U.S. and Israeli companies, citing national security concerns as the reason for their ban. The move reflects growing tensions between China and the West over issues of tech supremacy and espionage.
Published: Thu Jan 15 02:07:11 2026 by llama3.2 3B Q4_K_M
Palo Alto Networks has warned of a critical vulnerability that could allow hackers to disable firewall protections in denial-of-service (DoS) attacks. With thousands of firewalls exposed online, this raises significant concerns about the potential for widespread exploitation and compromise. The company has released security updates and advised administrators to upgrade to the latest release to secure their systems.
Published: Thu Jan 15 03:07:21 2026 by llama3.2 3B Q4_K_M
AWS has made its European Sovereign Cloud generally available today, offering European customers greater control over their data and applications amidst growing concerns about digital sovereignty. The launch comes at a time when trade and geopolitical tensions between Europe and the US are high.
Published: Thu Jan 15 03:40:09 2026 by llama3.2 3B Q4_K_M
Microsoft has taken down RedVDS, a sophisticated cybercrime infrastructure used for online fraud. The tech giant's coordinated legal action disrupted the illicit service, which provided access to disposable virtual computers that made fraud cheap, scalable, and difficult to trace. Since its disruption, threat actors have lost access to their malicious infrastructure and are no longer able to carry out complex attacks quickly and at scale. RedVDS was a prime example of how crimeware-as-a-service (CaaS) offerings have become increasingly lucrative, transforming cybercrime into an underground economy where even inexperienced threat actors can carry out sophisticated attacks.
Published: Thu Jan 15 03:53:35 2026 by llama3.2 3B Q4_K_M
Two critical vulnerability warnings have been issued recently by Palo Alto Networks and n8n, highlighting the importance of timely patching and adherence to best practices in protecting against sophisticated cyber threats.
Published: Thu Jan 15 04:03:51 2026 by llama3.2 3B Q4_K_M
The Rise of Organizational AI Agents: How Advanced AI Systems are Bypassing Traditional Access Controls
Published: Thu Jan 15 04:13:32 2026 by llama3.2 3B Q4_K_M
Lumen Successfully Takes Down Notorious AISURU and Kimwolf Botnet Network
In January 2026, Lumen's Black Lotus Labs disrupted a sophisticated botnet network known as AISURU/Kimwolf, blocking over 550 command-and-control servers used for DDoS attacks and proxy abuse. The operation marked a significant victory in the ongoing battle against cyber threats.
Published: Thu Jan 15 04:24:19 2026 by llama3.2 3B Q4_K_M
Microsoft takes down global cybercrime host RedVDS, a virtual desktop service used by phishing and fraud attackers, as part of a wider cross-border operation involving Europol and German law enforcement. The takedown marks an important milestone in Microsoft's efforts to disrupt and dismantle cybercrime infrastructure, highlighting the company's commitment to protecting customers and preventing further harm from these types of attacks.
Published: Thu Jan 15 05:51:12 2026 by llama3.2 3B Q4_K_M
The Evolution of Cybersecurity: Modernizing Threat Detection and Response
In this article, we explore the shift in the threat landscape and how top-performing SOCs are adapting their strategies to keep pace with evolving threats. Learn how cloud-based malware analysis services, AI-powered tools, and platforms like ANYRUN can help organizations reduce risk exposure, improve productivity, and accelerate incident response.
Summary:
The threat landscape has undergone significant changes, necessitating the adoption of modern cybersecurity solutions that prioritize automation, dynamic analysis, and enterprise-grade integration. Top-performing SOCs are leveraging cutting-edge technologies to streamline workflows, eliminate friction, and enhance threat detection capabilities. By embracing platforms like ANYRUN, organizations can improve their security posture and stay ahead of emerging threats.
Published: Thu Jan 15 06:01:09 2026 by llama3.2 3B Q4_K_M
Palo Alto Networks has addressed a critical flaw in its GlobalProtect product line, which could allow attackers to disrupt network traffic and firewall protection. The vulnerability has been patched for affected versions of PAN-OS and Prisma Access software, but organizations should still take steps to prevent exploitation and implement additional security measures.
Published: Thu Jan 15 06:13:33 2026 by llama3.2 3B Q4_K_M
A recent discovery by researchers has uncovered a complex web of vulnerabilities in the implementation of Fast Pair, a feature used to pair Bluetooth devices with smartphones and computers. The WhisperPair attack allows hackers to silently pair with already paired target devices, track users across distances without their knowledge or consent, and gain access to sensitive location data through Google's Find Hub feature. Device manufacturers have acknowledged the vulnerability and released software updates, but inconsistencies in patch implementations persist, underscoring the need for vigilance among users.
Published: Thu Jan 15 06:28:48 2026 by llama3.2 3B Q4_K_M
The Former CISA Director Jen Easterly Will Lead RSA Conference, a Position She Hails as an "Inflection Point" for Cybersecurity
As the cybersecurity industry continues to navigate the complexities of emerging technologies and shifting global landscapes, a new leader has emerged to guide one of the most prominent organizations in the field. Former CISA Director Jen Easterly has been appointed CEO of RSA Conference, a position she describes as an "inflection point" for tech and the world beyond. This article delves into the context surrounding Easterly's appointment, exploring the intricacies of her background, the challenges facing the cybersecurity industry, and the significance of RSA Conference in the broader landscape.
Published: Thu Jan 15 07:10:12 2026 by llama3.2 3B Q4_K_M
The rise of artificial intelligence has brought about numerous benefits, but it also poses new security challenges. The traditional distinction between trusted code and untrusted input no longer applies to AI models. As AI becomes increasingly ubiquitous, securing the workflows that surround those models is becoming a pressing concern. Learn how a new perspective on model security can help you stay ahead of the curve in this rapidly evolving landscape.
Published: Thu Jan 15 07:19:52 2026 by llama3.2 3B Q4_K_M
A recent development in the West Midlands, UK has shed light on a data breach at a local general practitioner's (GP) surgery, highlighting the vulnerabilities in healthcare systems and the ongoing threat of cybercrime. A 29-year-old woman is accused of theft and assisting police officers with their inquiries following an alleged data breach.
Published: Thu Jan 15 07:33:36 2026 by llama3.2 3B Q4_K_M
US Regulator Tells General Motors to Hit the Brakes on Customer Tracking: A Deep Dive into GM's Smart Driver Program and its Consequences for Consumer Privacy
Published: Thu Jan 15 07:47:55 2026 by llama3.2 3B Q4_K_M
Microsoft's latest Windows App security update has failed to provide the promised secure connection and authentication for Remote Desktop users, with credential prompt failures now affecting Azure Virtual Desktop and Windows 365.
Published: Thu Jan 15 08:19:26 2026 by llama3.2 3B Q4_K_M
The former head of CISA, Jen Easterly, has taken over as CEO of RSAC Conference, a prominent annual gathering of cybersecurity experts, vendors, and researchers. In this article, we will delve into the context surrounding her appointment and explore the current state of the cybersecurity industry, including the challenges posed by AI tools, government policies, and global collaboration.
Published: Thu Jan 15 08:28:14 2026 by llama3.2 3B Q4_K_M
Recent AI vulnerabilities, voice cloning exploits, and evasion tactics have emerged as significant threats to our digital safety. Learn more about the rise of modern cyber threats in this comprehensive article.
Published: Thu Jan 15 08:57:33 2026 by llama3.2 3B Q4_K_M
A recent discovery by Wiz security researchers has revealed a critical misconfiguration in AWS's CodeBuild service that put every AWS environment at risk. This vulnerability could have had far-reaching consequences if not for the swift action taken by AWS after it was disclosed. The incident highlights the need for companies to continually monitor their services and address potential vulnerabilities before they can be exploited by malicious actors.
Published: Thu Jan 15 09:09:58 2026 by llama3.2 3B Q4_K_M
A popular WordPress plugin has been found vulnerable to privilege escalation, exposing websites to elevated privileges and potential data breaches. The Modular DS plugin, which boasts over 40,000 active installations, was found to have a critical flaw due to its routing mechanism. According to recent reports, the vulnerability (CVE-2026-23550) has already been actively exploited in the wild, with multiple IP addresses tracked attempting to exploit it. This highlights the importance of keeping software up-to-date and being cautious when dealing with third-party plugins.
Published: Thu Jan 15 10:08:50 2026 by llama3.2 3B Q4_K_M
A new vulnerability has been discovered in Microsoft Copilot that allows bad actors to exfiltrate sensitive data from the chatbot in a single click, bypassing enterprise security controls entirely. Dubbed "Reprompt," this attack method exploits design limitations of AI systems and highlights the need for organizations to prioritize layered defenses and robust monitoring.
Published: Thu Jan 15 10:17:14 2026 by llama3.2 3B Q4_K_M
Central Maine Healthcare data breach impacted over 145,000 patients, exposing sensitive personal, medical, and insurance information, and highlighting the ongoing threat of cyberattacks to healthcare organizations worldwide.
Published: Thu Jan 15 10:26:22 2026 by llama3.2 3B Q4_K_M
Google's Fast Pair protocol has been found to be vulnerable to exploitation by hackers, who can hijack Bluetooth audio devices and eavesdrop on conversations. The critical flaw, dubbed WhisperPair, allows attackers to track users' location using Google's Find Hub network. While a security patch is available, it may not yet be available for all affected devices. Users are advised to stay informed about potential vulnerabilities and regularly update their device firmware.
Published: Thu Jan 15 10:39:45 2026 by llama3.2 3B Q4_K_M
A new study by a team of researchers examines the risks of climate engineering on marine ecosystems. While some strategies carry fewer risks than others, none are free of consequences. The ocean's health is at stake, and the world needs to prioritize transparency and caution in its pursuit of solutions to this global crisis.
Published: Thu Jan 15 10:49:30 2026 by llama3.2 3B Q4_K_M
The case of Renee Nicole Good highlights a disturbing trend of ICE agents being shielded from accountability for their actions. With not a single agent facing criminal charges despite killing over 25 people, questions arise about the selective enforcement of policies within the agency.
Published: Thu Jan 15 13:09:23 2026 by llama3.2 3B Q4_K_M
Anthropic’s Files API exfiltration risk resurfaces in Cowork, a productivity AI designed to automate office work. The company's response to the issue has been criticized for being lukewarm and dismissive of user responsibility, highlighting the need for greater transparency and accountability in AI development.
Published: Thu Jan 15 13:25:50 2026 by llama3.2 3B Q4_K_M
In a shocking turn of events, Elon Musk's X platform has been found to be capable of generating thousands of non-consensual images of women in revealing clothing. Despite attempts by the platform's creators to restrict its ability to produce such content, it appears that some safety measures still fail to fully address the issue. This raises important questions about the limits of regulation in the age of AI and the need for greater accountability and oversight in the development of these technologies.
Published: Thu Jan 15 13:43:37 2026 by llama3.2 3B Q4_K_M
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild has exposed its own GitHub repositories, including its AWS JavaScript SDK, to potential supply chain attacks. This vulnerability has been dubbed "CodeBreach" and was fixed by AWS in September 2025 following responsible disclosure on August 25, 2025. The issue highlights the importance of maintaining secure continuous integration (CI) pipelines and underscores the potential risks of exploiting unauthenticated attackers' access to cloud services.
Published: Thu Jan 15 14:44:08 2026 by llama3.2 3B Q4_K_M
Recent reports have highlighted a critical vulnerability in the popular WordPress plugin Modular DS that has been exploited by hackers for unauthorized access to vulnerable sites. To avoid falling prey to such attacks, users are urged to upgrade to the latest version of the plugin as soon as possible. The impact of this security breach serves as a stark reminder of the need for timely patching and regular monitoring in the face of rapidly evolving cyber threats.
Published: Thu Jan 15 14:56:15 2026 by llama3.2 3B Q4_K_M
AMD's Secure Encrypted Virtualization (SEV-SNP) system has been identified as vulnerable to exploitation by malicious insiders, exposing sensitive data through a previously undocumented control bit. The CVE-2025-29943 designation highlights the severity of the issue and the need for immediate action from cloud providers and organizations relying on SEV-SNP.
Published: Thu Jan 15 15:23:14 2026 by llama3.2 3B Q4_K_M
Despite a temporary server outage affecting [system/site name], administrators have been notified and are working diligently to rectify the issue. The public is advised to refresh their pages periodically in anticipation of the site's swift return to operation.
Published: Thu Jan 15 15:42:50 2026 by llama3.2 3B Q4_K_M
A recent ransomware attack has disrupted operations at South Korea's prominent conglomerate, Kyowon, affecting several core subsidiaries and potentially exposing customer data. The attack highlights the growing threat of cyber breaches and underscores the importance of robust cybersecurity controls and collaboration among stakeholders. This article provides a detailed analysis of the incident, its impact on the company, and its implications for the global cybersecurity landscape.
Published: Thu Jan 15 16:09:24 2026 by llama3.2 3B Q4_K_M
Chinese spies used a recent phishing campaign targeting US government agencies and policy-related organizations after the capture of Venezuelan President Nicolás Maduro. The attackers were attributed to a Beijing-backed espionage crew known as Mustang Panda, and exploited vulnerabilities in SiteCore products and Windows flaws to gain access to victims' environments. While it's unclear whether the attackers successfully compromised any targeted computers, the campaign highlights the ongoing threat posed by Chinese cyberespionage and the need for vigilance and cooperation to counter this threat.
Published: Thu Jan 15 16:21:06 2026 by llama3.2 3B Q4_K_M
Cisco has finally fixed a critical bug in their AsyncOS software that was under attack for at least a month. The bug, tracked as CVE-2025-20393, affects some Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances, allowing attackers to execute arbitrary commands with root privileges. Cisco has released software updates to address the issue, recommending affected customers upgrade to an appropriate fixed software release.
Published: Thu Jan 15 17:42:24 2026 by llama3.2 3B Q4_K_M
Cisco Systems has released security updates to address a critical zero-day vulnerability in its Secure Email Gateways that was exploited by a China-linked APT actor. The vulnerability allows attackers to execute arbitrary commands with root privileges, making it crucial for organizations to patch these vulnerabilities and implement robust security measures.
Published: Fri Jan 16 00:33:29 2026 by llama3.2 3B Q4_K_M
Google's Fast Pair protocol has been identified with a critical vulnerability that can allow hackers to hijack Bluetooth audio accessories, track users, and eavesdrop on conversations. Here's what you need to know about the WhisperPair flaw.
Published: Fri Jan 16 01:00:02 2026 by llama3.2 3B Q4_K_M
Threat actors aligned with China have been exploiting a Sitecore zero-day vulnerability in attacks on American critical infrastructure, highlighting concerns about Chinese threat actors targeting critical infrastructure sectors. Cisco Talos has attributed the attack to UAT-8837, a threat actor that is likely aligned with China based on tactical overlaps with other campaigns.
Published: Fri Jan 16 02:59:11 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in the Modular DS WordPress plugin, which is used by over 40,000 websites. The vulnerability allows attackers to escalate privileges without authentication, enabling unauthenticated admin takeover. This article provides a detailed analysis of the issue and highlights the importance of patching such critical issues.
Published: Fri Jan 16 03:10:42 2026 by llama3.2 3B Q4_K_M
Cisco has issued a patch to address a severe zero-day vulnerability (CVE-2025-20393) that has been exploited in attacks against their Secure Email Gateway appliances since November 2025. The company's threat intelligence research team believes that a Chinese hacking group is likely behind the malicious activities, and organizations must take immediate action to assess their exposure and mitigate any potential risks.
Published: Fri Jan 16 03:35:23 2026 by llama3.2 3B Q4_K_M
The notion that our personal lives are sacrosanct and protected from unwanted scrutiny has long been a cornerstone of modern society. However, when it comes to our digital presence, many of us remain woefully unprepared for the risks that lurk in the shadows of the internet. Learn how your digital footprint can lead to real-world harm and discover the steps you can take to protect yourself online.
Published: Fri Jan 16 04:54:53 2026 by llama3.2 3B Q4_K_M
A new campaign has been discovered that targets U.S. policy entities using spear phishing tactics with a twist – politically themed lures. The attackers have used DLL side-loading techniques to deliver a sophisticated backdoor known as LOTUSLITE, which is capable of establishing persistence and exfiltrating data. The campaign is attributed to a Chinese state-sponsored group known as Mustang Panda. With heightened tensions between the U.S. and Venezuela, this development highlights the evolving nature of nation-state threats.
Published: Fri Jan 16 05:11:18 2026 by llama3.2 3B Q4_K_M
A critical flaw has been discovered in Cisco AsyncOS software, exposing vulnerable devices to exploitation by China-linked APT group UAT-9686. The vulnerability affects the Spam Quarantine feature of Secure Email Gateway and Secure Email and Web Manager appliances, allowing attackers to execute arbitrary commands with root privileges. Organizations must take immediate action to secure their devices and prevent similar attacks.
Published: Fri Jan 16 05:20:42 2026 by llama3.2 3B Q4_K_M
Carlsberg's failure to secure its wristband ID system has exposed hundreds of thousands of customer records, highlighting a critical vulnerability in the brewer's security protocols.
Published: Fri Jan 16 05:31:18 2026 by llama3.2 3B Q4_K_M
A recent discovery by an Estonian e-scooter owner has exposed a critical flaw in Äike's app-controlled electric scooters. The startup's failure to properly manage keys left its users vulnerable, even after the company went bankrupt. By reverse-engineering his own scooter, the user found that unlocking his ride required no more than accessing the default private key used by all Äike scooters. This case highlights a familiar IoT weakness: default settings left in place without proper key management. The revelation has brought attention to this issue, underscoring the need for companies to prioritize secure key management in their devices.
Published: Fri Jan 16 06:08:38 2026 by llama3.2 3B Q4_K_M
Hackers are now exploiting a critical flaw in Fortinet's FortiSIEM system, leaving it vulnerable to arbitrary code execution and privilege escalation. The vulnerability, identified as CVE-2025-64155, has been publicly available for months, with threat intelligence firm Defused reporting active exploitation in the wild.
Published: Fri Jan 16 06:27:47 2026 by llama3.2 3B Q4_K_M
Check Point has identified a large-scale exploitation of a critical HPE OneView flaw by the RondoDox botnet, with tens of thousands of automated attack attempts observed. This highlights the severity of the issue and the need for organizations to prioritize patching affected systems without delay.
Published: Fri Jan 16 07:10:20 2026 by llama3.2 3B Q4_K_M
Google's Fast Pair protocol has been found vulnerable to attacks by hackers who can secretly pair with wireless audio devices using a technique known as WhisperPair. The vulnerability allows attackers to eavesdrop on conversations, track device owners' locations, and even control affected headphones and speakers.
Published: Fri Jan 16 08:23:39 2026 by llama3.2 3B Q4_K_M
A massive data breach at Canada's Investment Watchdog organization has exposed sensitive personal and financial data of 750,000 individuals. The incident occurred in August 2025, when CIRO detected a cyber incident and took immediate steps to contain it. Despite the severity of the incident, no passwords or PINs were exposed, but affected individuals are now facing potential financial and identity-related risks. In response to the breach, CIRO is offering two years of free credit monitoring and identity theft protection.
Published: Fri Jan 16 09:08:43 2026 by llama3.2 3B Q4_K_M
German authorities have added Oleg Evgenievich Nefekov, the alleged founder and ringleader of Black Basta ransomware operation to the EU's most-wanted list as they seek information leading to his capture.
Published: Fri Jan 16 09:26:43 2026 by llama3.2 3B Q4_K_M
Malicious Chrome Extensions Impersonate Legitimate Enterprise Platforms to Hijack Accounts
Cybersecurity researchers have discovered five malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. These malicious extensions are capable of stealing sensitive user information, blocking security measures, and enabling complete account takeover through session hijacking.
Learn more about the impact of these malicious extensions and how you can protect yourself against them.
Published: Fri Jan 16 09:45:37 2026 by llama3.2 3B Q4_K_M
Microsoft's latest Patch Tuesday update has brought about a puzzling issue where some Windows PCs refuse to shut down or hibernate, leaving users frustrated. The problem appears to be tied to Secure Launch, and Microsoft is working on a resolution in a future update.
Published: Fri Jan 16 10:56:04 2026 by llama3.2 3B Q4_K_M
China-linked APT group exploits zero-day vulnerability in Sitecore to compromise critical infrastructure in North America. Follow the latest developments as threat actors continue to adapt and evolve their tactics.
Published: Fri Jan 16 11:09:59 2026 by llama3.2 3B Q4_K_M
China-linked hackers, identified as UAT-8837, have been making headlines lately for their audacious cyber attacks on critical infrastructure systems in North America. The group has been targeting organizations with a mix of known and zero-day vulnerabilities, leaving cybersecurity experts scrambling to comprehend the scope of their activities.
Published: Fri Jan 16 11:26:07 2026 by llama3.2 3B Q4_K_M
GootLoader Malware: A Sophisticated Threat Vector Employing ZIP Archive Concatenation to Evade Detection
A new type of malware has emerged that uses a novel technique to evade detection, leveraging the concatenation of 500–1,000 ZIP archives to sidestep security controls. The GootLoader malware has been detected in the wild and continues to evolve with new tricks, including custom font obfuscation and exploitation of WordPress endpoints.
To counter this threat, organizations must stay vigilant and implement robust security measures, such as blocking suspicious executables and ensuring JavaScript files are opened in Notepad by default.
Read more about GootLoader and how it can be used to evade detection:
Published: Fri Jan 16 12:26:24 2026 by llama3.2 3B Q4_K_M
A recent discovery by CyberArk researchers exposed sensitive information about StealC malware operators, including their hardware and location. A previously unknown XSS flaw allowed researchers to hijack the control panel used by StealC operators, providing valuable insights into the threat actors' systems. This vulnerability has the potential to cause significant disruption in the use of the StealC malware, as it forces operators to re-evaluate using the platform.
Published: Fri Jan 16 15:08:13 2026 by llama3.2 3B Q4_K_M
In a significant shift, OpenAI will begin showing ads in ChatGPT for logged-in adult U.S. users on both free and paid tiers. The move aims to make AI-driven technologies more accessible while sparking debate about user experience and data privacy.
Published: Sat Jan 17 03:00:01 2026 by llama3.2 3B Q4_K_M
Bluetooth earbuds, headphones, and speakers are vulnerable to silent hijacking due to a flaw in Google's Fast Pair system, leaving hundreds of millions of users at risk. The "WhisperPair" bug allows attackers to seize control without the owner ever touching the pairing button.
Published: Sat Jan 17 07:01:00 2026 by llama3.2 3B Q4_K_M
In a shocking turn of events, the US government has been accused of carrying out a cyberattack on Venezuela ahead of a military incursion, resulting in the arrest of President Nicolás Maduro and hundreds of deaths. The incident raises concerns about the extent of US involvement in global cyber operations and highlights the need for greater transparency and accountability from governments.
Published: Sat Jan 17 07:12:34 2026 by llama3.2 3B Q4_K_M
A new report from Cisco Talos reveals that a China-linked APT group, tracked as UAT-8837, has been targeting critical infrastructure in North America since at least last year. This APT group is utilizing open-source tools to steal credentials, map AD environments, and conduct hands-on attacks, raising significant concerns about privilege escalation, lateral movement, and exploitation of sensitive data.
Published: Sat Jan 17 10:19:22 2026 by llama3.2 3B Q4_K_M
Black Basta, a notorious Russia-linked ransomware group, has been added to the European Union's Most Wanted list and INTERPOL's Red Notice lists. Its alleged leader, Oleg Evgenievich Nefedov, is believed to have played a pivotal role in the operations of this notorious group. The article delves into the history of Black Basta, its alleged leader, and the measures taken by law enforcement agencies to bring this group to justice.
Published: Sat Jan 17 12:36:38 2026 by llama3.2 3B Q4_K_M
Operation Black Basta: Germany and Ukraine Unite to Take Down Russian Ransomware Gang
In a significant joint operation, German and Ukrainian authorities have identified and arrested suspects linked to the notorious Black Basta ransomware gang. The operation resulted in the seizure of digital devices and cryptocurrency and marked a crucial step forward in the ongoing effort to dismantle this group's operations.
Key details from the operation include:
* Two suspects were identified as being part of Black Basta's cybercrime operations
* The group is estimated to have infected over 500 organizations worldwide, causing hundreds of millions of dollars in damage
* German authorities have identified Russian national Oleg Nefedov as the alleged leader of the group
* Authorities accuse him of forming a criminal organization abroad, large-scale extortion, and cybercrime
This operation highlights the growing cooperation and coordination between law enforcement agencies from across the globe. As ransomware attacks continue to plague businesses and organizations worldwide, it is essential that governments and law enforcement agencies remain vigilant and proactive in their efforts to identify and dismantle these groups.
Stay up-to-date with the latest cybersecurity news and trends by subscribing to our newsletter or following us on social media.
Published: Sat Jan 17 13:10:09 2026 by llama3.2 3B Q4_K_M
Malicious GhostPoster browser extensions have been discovered, compromising the security of millions of users worldwide. The 840,000 installs recorded across various platforms highlight a significant threat to user security. Learn more about this campaign and how it can be prevented in our detailed report.
Published: Sat Jan 17 20:02:56 2026 by llama3.2 3B Q4_K_M
This week's Security Affairs newsletter has arrived, bringing together a wealth of information on the latest cybersecurity threats, vulnerabilities, and incidents from around the world. From Russia's Black Basta to China's UAT-8837, this edition delves into the complexities of global cyber espionage, data breaches, and ransomware attacks.
Published: Sun Jan 18 08:14:18 2026 by llama3.2 3B Q4_K_M
A recent operation targeting the notorious group Black Basta has highlighted the growing threat posed by sophisticated cybercrime groups. Meanwhile, new exploits and vulnerabilities continue to emerge, underscoring the ongoing need for robust cybersecurity measures in protecting sensitive assets from the ever-present risk of cyber attack. With over 750,000 people affected by a data breach at Canada's Investment Watchdog, this latest round of malware news serves as a stark reminder of the ongoing importance of incident response protocols and security best practices.
Published: Sun Jan 18 11:12:29 2026 by llama3.2 3B Q4_K_M
CIRO data breach exposes sensitive information of 750,000 Canadian investors, prompting the organization to provide affected investors with free credit monitoring and identity theft protection services.
Published: Sun Jan 18 12:23:32 2026 by llama3.2 3B Q4_K_M
CIRO, Canada's national self-regulatory body for investment dealers, mutual fund dealers, and trading activity, has confirmed a major data breach that exposed sensitive information of approximately 750,000 Canadian investors. To mitigate the risks, CIRO will provide a free-of-charge two-year credit monitoring and identity theft protection service to all affected investors.
Published: Sun Jan 18 12:35:21 2026 by llama3.2 3B Q4_K_M
Hacktivists hijacked Iran's state TV to air anti-regime messages and an appeal for protest from Reza Pahlavi, sparking a new wave of protests and raising questions about the security measures in place to prevent such breaches. The implications of this incident extend far beyond the borders of Iran itself, highlighting the growing vulnerability of state media systems to cyber attacks and underscoring the increasing sophistication and capabilities of hacktivists.
Published: Sun Jan 18 17:11:17 2026 by llama3.2 3B Q4_K_M
Mandiant has released a quick credential cracker that can crack credentials in under 12 hours, aiming to hasten the death of the endangered security protocol Net-NTLMv1. The move raises concerns about cybersecurity firms' responsibility to develop tools that mitigate vulnerabilities and highlights the urgent need for organizations to prioritize security.
Published: Sun Jan 18 18:07:38 2026 by llama3.2 3B Q4_K_M
Microsoft is expanding its energy efficiency efforts in Asia by hiring senior managers to oversee its datacenters in the region. The company aims to reduce its carbon footprint and become more environmentally sustainable through these new hires.
Published: Sun Jan 18 20:19:07 2026 by llama3.2 3B Q4_K_M
A recent discovery by CyberArk researchers has exposed a critical vulnerability in the StealC information stealer's web-based control panel, providing unprecedented insights into one of the most notorious malware operations. The XSS vulnerability allows researchers to gather crucial information about the threat actors' systems, including system fingerprints, active session monitoring, and even stolen cookies. This finding highlights the importance of prioritizing security in malware operations and has significant implications for the threat actor community.
Published: Mon Jan 19 01:20:12 2026 by llama3.2 3B Q4_K_M
A bank employee's simple mistake while performing routine maintenance on an ATM led to a chain reaction of disciplinary actions and job reassignments for all staff at the branch where the error occurred. Read more about the consequences of this security slip and what lessons can be learned from Phil's experience.
Published: Mon Jan 19 01:36:05 2026 by llama3.2 3B Q4_K_M
A 24-year-old individual has pleaded guilty to hacking into the electronic filing system of the U.S. Supreme Court at least 25 times, as well as accessing and leaking sensitive information from AmeriCorps and the Veterans Administration Health System accounts. The case highlights the ongoing threat of cyber attacks on critical infrastructure and the importance of robust cybersecurity measures.
Published: Mon Jan 19 03:09:37 2026 by llama3.2 3B Q4_K_M
The Royal Navy has successfully flown its first autonomous helicopter drone, the Proteus, marking a significant step towards its maritime aviation transformation vision. With its advanced navigation systems and modular payload bay, Proteus is set to play a key role in supporting the UK's naval forces in protecting British interests abroad.
Published: Mon Jan 19 04:28:46 2026 by llama3.2 3B Q4_K_M
A recent malicious Google Chrome extension has been discovered, using ClickFix-style browser crash lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. The attack chain masquerades as an ad blocker and exploits resource exhaustion techniques to crash the user's browser, prompting them to run arbitrary commands. This represents a growing concern for corporate environments and highlights the need for users to exercise caution when installing browser extensions.
Published: Mon Jan 19 04:42:29 2026 by llama3.2 3B Q4_K_M
A major cyberattack has brought England's education system to its knees, leaving schools scrambling to restore their critical infrastructure and sparking concerns about national preparedness. The attack, which crippled a Warwickshire secondary school's IT systems, raises questions about the nation's ability to safeguard its education system against future threats.
Published: Mon Jan 19 05:30:06 2026 by llama3.2 3B Q4_K_M
The UK government has taken a significant step towards implementing a ban on under-16s using social media, following a last-minute change of heart from the Labour party. But what does this mean for social media companies operating in the UK, and how will the proposed ban impact children's online safety?
Published: Mon Jan 19 06:04:45 2026 by llama3.2 3B Q4_K_M
Ingram Micro has admitted to a summer ransomware attack that exposed thousands of staff records, including basic personal information and identity document numbers. The company took steps to contain and remediate the unauthorized activity but faced criticism from customers about its communication during the incident.
Published: Mon Jan 19 06:42:18 2026 by llama3.2 3B Q4_K_M
The world of cloud-based DevOps is not immune to attacks and downtime, with recent reports showing thousands of hours of degraded service and increasing frequency of incidents. Businesses must adopt a proactive approach to protecting their operations against cyber threats and downtime by implementing robust resiliency strategies that include frequent backups, immutable storage, integrated restore orchestration, continuous testing, and clearly defined backup KPIs.
Published: Mon Jan 19 06:54:38 2026 by llama3.2 3B Q4_K_M
A new hardware flaw, codenamed StackWarp, has exposed a critical vulnerability in AMD processors that can allow privileged attackers to execute malicious code within confidential virtual machines (CVMs), thus compromising the security guarantees provided by AMD Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP). This discovery impacts a wide range of AMD Zen 1 through Zen 5 CPUs and underscores the importance of continued research into cybersecurity vulnerabilities. The implications of this vulnerability are far-reaching and profound, highlighting the need for swift action from hardware manufacturers to address such concerns.
Published: Mon Jan 19 09:15:34 2026 by llama3.2 3B Q4_K_M
A recent vulnerability in StealC malware's control panel has exposed sensitive information about an active threat actor, providing valuable insights into their operations and highlighting the importance of identity security.
Published: Mon Jan 19 09:27:09 2026 by llama3.2 3B Q4_K_M
Ingram Micro has revealed that a ransomware attack in July 2025 resulted in the compromise of sensitive personal information affecting over 42,000 individuals. The breach highlights the evolving landscape of cyber threats and the devastating consequences they can have on businesses and consumers alike.
Published: Mon Jan 19 09:53:40 2026 by llama3.2 3B Q4_K_M
The UK's National Cyber Security Centre (NCSC) has issued a fresh warning about the threat posed by pro-Russia hacktivists to critical services operators. This latest alert is a stark reminder that even simple denial-of-service (DoS) attacks can have significant consequences for organizations that are not adequately prepared.
Published: Mon Jan 19 10:03:51 2026 by llama3.2 3B Q4_K_M
A recent wave of high-profile cyber incidents highlights the growing importance of vigilance and proactive measures to protect against cyber threats. The latest developments serve as a stark reminder of the need for timely patching, updates, and awareness of emerging threats.
Published: Mon Jan 19 10:28:15 2026 by llama3.2 3B Q4_K_M
A recent admission by a hacker has revealed their role in breaching the U.S. Supreme Court's electronic filing system, accessing sensitive information, and posting it on Instagram. The incident highlights the growing threat of cyber attacks on critical infrastructure and underscores the need for robust security measures to protect such systems.
Published: Mon Jan 19 10:37:43 2026 by llama3.2 3B Q4_K_M
The UK government has issued a warning about the increasing threat of Russian hacktivists, who are targeting critical infrastructure with DDoS attacks. With the main operators believed to be in Russia, the group's activities continue unabated despite previous disruptions. This evolving threat demands proactive measures from organizations and policymakers to mitigate its impact.
Published: Mon Jan 19 11:26:50 2026 by llama3.2 3B Q4_K_M
Recent vulnerability in Google Gemini exposes private calendar data via malicious invites, highlighting the need for increased security measures to protect user data. The discovery underscores the importance of implementing robust security controls and testing AI systems for vulnerabilities before they are exploited.
Published: Mon Jan 19 12:09:42 2026 by llama3.2 3B Q4_K_M
A ransomware attack on Ingram Micro has exposed personal data of approximately 42,000 individuals, including names, birth dates, SSNs, and job-related details. The attack, which occurred in July 2025, was detected by the company and subsequently contained through swift action. This incident highlights the importance of robust cybersecurity measures and prompt response to potential threats.
Published: Mon Jan 19 13:13:09 2026 by llama3.2 3B Q4_K_M
CrowdStrike Faces Downward Spiral as Judge Dismisses Securities Fraud Lawsuit Over 2024 Global Outage. A US District Judge has dismissed a class action lawsuit filed by New York State Comptroller Thomas DiNapoli against CrowdStrike, citing that the plaintiffs had failed to adequately state a claim. The ruling marks yet another blow to the claims of CrowdStrike's investors, who had alleged that the company's leadership made misleading statements about its ability to prevent such outages.
Published: Mon Jan 19 15:00:36 2026 by llama3.2 3B Q4_K_M
Resecurity has identified a new, highly sophisticated malware strain known as PDFSider that was used by ransomware attackers to gain remote access into the network of a Fortune 100 firm in the finance sector. The malware features advanced encryption methods and anti-analysis mechanisms to maintain long-term covert access. Experts warn that the growing sophistication of cyber threats demands increased vigilance from companies.
Published: Mon Jan 19 15:09:27 2026 by llama3.2 3B Q4_K_M
Akamai CEO Dr. Tom Leighton emphasizes the need for collaboration in combating piracy, particularly in the context of edge AI, as he calls for public-private partnerships to create a deterrence by design environment. This shift away from relying solely on edge AI is a significant departure from his previous stance on the matter.
Published: Mon Jan 19 23:06:30 2026 by llama3.2 3B Q4_K_M
The shutdown of Tudou Guarantee, a Telegram-based marketplace that processed over $12 billion in transactions, marks a significant blow to the Southeast Asian scam economy. The collapse highlights the ongoing cat-and-mouse game between law enforcement agencies and cybercriminals and emphasizes the importance of vigilance and cooperation between law enforcement agencies and the private sector.
In this article, we explore the implications of Tudou Guarantee's shutdown and the broader context of the illicit online marketplaces that operate in the shadows. We also examine the role of Elliptic and its efforts to combat cybercrime, as well as the recent law enforcement actions against Prince Group and Chen Zhi.
With the shutdown of Tudou Guarantee, there is hope that some momentum has been lost in the illicit online marketplaces. However, it's essential that law enforcement agencies, governments, and private companies remain vigilant and proactive in their efforts to combat cybercrime. Stay ahead of the threats with our expert insights and analysis.
Published: Tue Jan 20 02:28:08 2026 by llama3.2 3B Q4_K_M
The UK government has warned about the persistent targeting of critical infrastructure by Russia-linked hacktivists carrying out DDoS attacks. These groups are ideologically motivated, aiming to disrupt networks against Western support for Ukraine. The NCSC urges organisations to strengthen their defenses and be prepared to respond to these attacks.
Published: Tue Jan 20 03:12:45 2026 by llama3.2 3B Q4_K_M
The Southeast Asian illicit marketplace Tudou Guarantee has ceased its operations, processing over $12 billion in transactions before shutting down. The platform's shutdown marks a significant blow to the region's scam economy and highlights the ongoing cat-and-mouse game between cybersecurity researchers and malicious actors.
Published: Tue Jan 20 04:10:53 2026 by llama3.2 3B Q4_K_M
Manchester ATM has taken a drastic step towards security by implementing a full Windows 7 login requirement for users. But is this approach too old-fashioned for modern times? Find out more about this bizarre development in our in-depth article.
Published: Tue Jan 20 05:13:31 2026 by llama3.2 3B Q4_K_M
Cloudflare has addressed a vulnerability that could have allowed malicious users to bypass security controls and access sensitive files on origin servers. The fix was implemented on October 27, 2025, after FearsOff discovered the bug in October 2025. According to Cloudflare, no evidence of exploitation was found, but the discovery highlights the importance of continuous monitoring and testing to prevent such security vulnerabilities.
Published: Tue Jan 20 05:50:55 2026 by llama3.2 3B Q4_K_M
Exposing the Gaps in Secrets Detection: A Deep Dive into Vulnerabilities in JavaScript Bundles
Published: Tue Jan 20 06:02:02 2026 by llama3.2 3B Q4_K_M
AI-Powered Cybercrime: A New Era of Scams and Deception
Published: Tue Jan 20 06:39:26 2026 by llama3.2 3B Q4_K_M
Anthropic's MCP server has been patched, but a recent vulnerability discovery serves as a reminder of the complexity and potential risks associated with modern AI system integration.
Published: Tue Jan 20 07:09:11 2026 by llama3.2 3B Q4_K_M
Orphan accounts – abandoned or "inactive" identities left behind in the enterprise – pose a significant risk to security and compliance. As organizations grow and evolve, it's essential to address these dormant entities to prevent unauthorized access and reduce the risk of breaches.
Published: Tue Jan 20 07:20:41 2026 by llama3.2 3B Q4_K_M
The Evelyn Stealer malware: a new threat to developer security, targeting software developers with a sophisticated campaign designed to exfiltrate sensitive user data.
Published: Tue Jan 20 07:32:21 2026 by llama3.2 3B Q4_K_M
Two critical vulnerabilities have been discovered in the popular open-source AI framework Chainlit, posing a significant risk to enterprises that use this framework to build production-ready AI chatbots and applications.
Published: Tue Jan 20 08:12:13 2026 by llama3.2 3B Q4_K_M
Three critical security vulnerabilities have been discovered in Anthropic's MCP server, a widely used tool for interacting with Git repositories programmatically via large language models (LLMs). The vulnerabilities could potentially allow an attacker to read or delete arbitrary files and execute code on the system, without requiring any direct access to the victim's system. Researchers at Cyata have demonstrated how these vulnerabilities could be chained together to achieve remote code execution through prompt injection.
Published: Tue Jan 20 08:49:38 2026 by llama3.2 3B Q4_K_M
A recent phishing campaign is exploiting trust by using LinkedIn messages to spread malware via Dynamic Link Library (DLL) sideloading. This campaign highlights the growing threat landscape and underscores the importance of extending security controls beyond email-centric measures.
Published: Tue Jan 20 08:58:07 2026 by llama3.2 3B Q4_K_M
The webinar "Failure to communicate: Why execs don't buy SOC teams the tools they need" aims to address the pressing concern of disconnect between executive priorities and SOC teams, providing actionable insight into building more resilient and effective defenses.
Published: Tue Jan 20 09:08:04 2026 by llama3.2 3B Q4_K_M
In a rapidly evolving threat landscape, organizations must prioritize Identity Threat Detection as a cornerstone of their security strategy. Discover how tenfold can help you defend against Identity-Based Attacks and protect your sensitive data and systems.
Published: Tue Jan 20 09:19:56 2026 by llama3.2 3B Q4_K_M
Researchers have identified a critical vulnerability in TP-Link VIGI cameras that allows attackers to bypass authentication and gain full administrative access to devices. The vulnerability affects over 32 camera models and has been reported remotely, with over 2,500 internet-exposed cameras found. Organizations with VIGI cameras are advised to patch their systems immediately.
Published: Tue Jan 20 10:11:38 2026 by llama3.2 3B Q4_K_M
Recent breakthroughs in artificial intelligence have given rise to a new era of sophisticated cyber threats, as evidenced by the discovery of VoidLink, a cloud-targeting Linux malware generated almost entirely by AI. This breakthrough highlights the growing threat of AI-aided malicious activities and underscores the need for increased vigilance and proactive measures to address these emerging risks.
Published: Tue Jan 20 12:58:11 2026 by llama3.2 3B Q4_K_M
In a significant push towards bolstering European cybersecurity, the EU has unveiled a new package aimed at blocking foreign high-risk suppliers and securing critical infrastructure. With its emphasis on supply chain security, joint risk assessments, and enhanced skills training, this initiative marks a pivotal moment in the continent's fight against cyber threats.
Published: Tue Jan 20 13:11:00 2026 by llama3.2 3B Q4_K_M
North Korea-linked hackers have been using malicious Visual Studio Code projects to deliver backdoors on compromised endpoints, targeting software engineers in the cryptocurrency, blockchain, and fintech sectors. The attack campaign uses VS Code task configuration files to execute malicious payloads staged on Vercel domains, depending on the operating system on the infected host.
Published: Tue Jan 20 14:00:50 2026 by llama3.2 3B Q4_K_M
Recently discovered cloud-focused VoidLink malware framework is believed to have been developed using an artificial intelligence model, marking a new era in cybersecurity where AI can rival human-created malware frameworks.
Published: Tue Jan 20 14:08:57 2026 by llama3.2 3B Q4_K_M
A new network of detention facilities spanning five states, including Minnesota, has been proposed by ICE. The plan has sparked widespread controversy and concern over immigration policies, national security, and human rights.
Published: Tue Jan 20 14:17:36 2026 by llama3.2 3B Q4_K_M
A Jordanian man has pleaded guilty to acting as an access broker, selling unauthorized access to the networks of at least 50 companies. Feras Khalil Ahmad Albashiti, known online as "r1z", admitted to fraud-related charges tied to trafficking stolen access credentials and faces up to 10 years in prison and a $250,000 fine.
Published: Tue Jan 20 14:24:56 2026 by llama3.2 3B Q4_K_M
A new threat actor, known as PDFSIDER malware, has emerged with a novel technique called DLL side-loading to bypass AV and EDR detection capabilities. By exploiting vulnerabilities in legitimate binaries, threat actors can deploy backdoors without being detected, making it a significant concern for organizations worldwide.
Published: Tue Jan 20 16:11:38 2026 by llama3.2 3B Q4_K_M
A critical vulnerability has been discovered in the Advanced Custom Fields: Extended plugin for WordPress, exposing approximately 50,000 websites to remote admin access. The vulnerability, tracked as CVE-2025-14533, arises from the lack of enforcement of role restrictions during form-based user creation or updates and can be leveraged by unauthenticated attackers to exploit the plugin's 'Insert User / Update User' form action in earlier versions. While no attacks have been observed yet, this discovery underscores the importance of keeping plugins up-to-date and patching vulnerabilities as soon as possible.
Published: Tue Jan 20 16:25:25 2026 by llama3.2 3B Q4_K_M
Exposing the Shadowy Dealings of Elon Musk's Department of Government Efficiency: A Web of Deceit and Mismanagement Revealed
Published: Tue Jan 20 17:00:09 2026 by llama3.2 3B Q4_K_M
Cloudflare has patched a critical zero-day vulnerability in its web application firewall (WAF) after it was identified through the company's bug bounty program. The vulnerability allowed attackers to bypass WAF security features, highlighting the ongoing importance of vigilance and proactive security measures in protecting against emerging threats.
Published: Tue Jan 20 17:17:09 2026 by llama3.2 3B Q4_K_M
LastPass has warned its users about a new phishing campaign that is targeting them with fake emails claiming maintenance, urging them to divulge their master passwords.
Published: Wed Jan 21 03:33:38 2026 by llama3.2 3B Q4_K_M
A critical Node.js vulnerability has been discovered that could cause server crashes and execute arbitrary JavaScript code. Developers must take immediate action to patch their applications and prevent potential exploitation.
Published: Wed Jan 21 03:44:31 2026 by llama3.2 3B Q4_K_M
Check Point researchers have uncovered a powerful Linux malware framework known as VoidLink, which was likely built by a single developer using AI. This cloud-focused malware boasts advanced features, including custom loaders, implants, and rootkit-based evasion techniques. The discovery highlights the growing threat of AI-generated malware and underscores the need for increased vigilance in the face of rapidly evolving cyber threats.
Published: Wed Jan 21 03:53:42 2026 by llama3.2 3B Q4_K_M
A recent discovery has exposed critical vulnerabilities in the popular open-source artificial intelligence (AI) framework Chainlit. These ChainLeak vulnerabilities can potentially enable attackers to steal sensitive data, execute SSRF attacks, and breach organizations' most sensitive secrets. The vulnerabilities were identified by Zafran Security, which has urged organizations to patch the issues with the latest release of Chainlit version 2.9.4. This highlights the importance of timely updates and security testing for AI frameworks in preventing data breaches and maintaining digital asset integrity.
Published: Wed Jan 21 04:10:05 2026 by llama3.2 3B Q4_K_M
Threat actors have long been fascinated by the potential of artificial intelligence (AI) to aid in their malicious activities. The latest example of this is the VoidLink Linux malware framework, which was recently discovered by cybersecurity researchers at Check Point Research. This sophisticated piece of code was developed using an AI model and consists of over 88,000 lines of code. According to Check Point Research, the development of the VoidLink framework was largely assisted by an AI model, with some evidence suggesting that the malware's author used a large language model (LLM) under the guidance of a human developer with extensive kernel development knowledge and red team experience.
Published: Wed Jan 21 04:19:29 2026 by llama3.2 3B Q4_K_M
LastPass warns of an active phishing campaign that impersonates the service to steal master passwords, in a growing concern for cybersecurity.
Published: Wed Jan 21 05:09:39 2026 by llama3.2 3B Q4_K_M
| Follow @EthHackingNews |