Cybersecurity

624 articles in this category (Page 10 of 26)

AI NewsCybersecurityThreat Intelligence

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

ESET links Russia-backed Sandworm to a failed December 2025 cyberattack using DynoWiper malware against Poland’s power and renewable energy systems.

Jan 24, 2026

AI NewsCybersecuritySoftware Development

SecuriNET: Open-Source Windows Network Security Application Released

SecuriNET, a free and open-source Windows application, aims to provide comprehensive network security features including connection monitoring and firewall management.

Jan 24, 2026

AI NewsCybersecurityLeadership

Reviving the Hacker Ethos That Built Cybersecurity

Dark Reading Confidential explores how cybersecurity can reclaim its hacker ethos, addressing a shift from passionate problem-solving to systemic risk management.

Jan 23, 2026

AI NewsCybersecurityVulnerability Management

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, requiring federal agencies to patch by February 12, 2026.

Jan 23, 2026

AI NewsCybersecurityVulnerability Management

Exploited Zero-Day Flaw in Cisco UC Could Affect Millions

A critical zero-day vulnerability (CVE-2026-20045) in Cisco Unified Communications Manager is being actively exploited, potentially impacting 30 million users.

Jan 23, 2026

AI NewsCybersecurityNetwork Security

Fortinet Confirms Active FortiCloud SSO Bypass on Patched Firewalls

Fortinet confirms ongoing exploitation of a FortiCloud SSO bypass (CVE-2025-59718/CVE-2025-59719) even on fully patched FortiGate devices, highlighting SAML vulnerability risks.

Jan 23, 2026

AI NewsCybersecurityPhishing

Microsoft Warns of Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft reports a sophisticated, multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) campaign impacting energy organizations.

Jan 23, 2026

AI NewsCybersecurityPhishing

Phishing Attack Leverages Stolen Credentials for LogMeIn RMM Deployment

A two-stage phishing campaign utilizes compromised email credentials to install LogMeIn Resolve RMM, enabling persistent and stealthy access to Windows systems.

Jan 23, 2026

AI NewsCybersecurityCloud Security

Automate Your Security: Exaforce Brings AI to SOC Operations

Exaforce aims to reduce the burden on security teams by automating detection, triage, investigation, and response, potentially increasing analyst capacity by 3x.

Jan 22, 2026

AI NewsCybersecurityNetwork Security

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Arctic Wolf reports automated attacks on FortiGate devices leveraging FortiCloud SSO vulnerabilities, resulting in unauthorized firewall changes and configuration theft.

Jan 22, 2026

AI NewsCybersecurityVulnerability Management

Cisco Patches Actively Exploited Zero-Day (CVE-2026-20045) in Unified CM and Webex

Cisco addressed a critical zero-day vulnerability (CVE-2026-20045) enabling unauthenticated remote code execution, with a CISA deadline of February 11, 2026.

Jan 22, 2026

AI NewsCybersecurityLinux

Critical GNU InetUtils Telnetd Flaw Enables Root Access

A 9.8-severity vulnerability (CVE-2026-24061) in GNU InetUtils telnetd allows remote attackers to bypass authentication and gain root access.

Jan 22, 2026

AI NewsCybersecurityThreat Intelligence

DPRK Actors Leverage VS Code Tunnels for Stealthy Remote Access

A North Korean spear-phishing campaign utilizes legitimate Microsoft VS Code tunneling to establish remote access, bypassing traditional security measures.

Jan 22, 2026

AI NewsCybersecurityCloud Security

Filling the Most Common Gaps in Google Workspace Security

Google Workspace, while strong, leaves gaps in email security, access control, and data visibility, requiring additional measures to protect against evolving threats.

Jan 22, 2026

AI NewsCybersecurityGeopolitics

Europe Frets About Overreliance on US Tech

Growing European concern over US tech dependence, fueled by events like the Microsoft ICC email blockage, is driving a surge in sovereign tech initiatives.

Jan 22, 2026

AI NewsCybersecurityNetwork Security

Fortinet Firewalls Hit With Malicious Configuration Changes

Compromised FortiGate devices are experiencing automated malicious SSO logins and configuration data theft.

Jan 22, 2026

AI NewsCybersecuritySoftware Supply Chain

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner

A fake 'sympy-dev' package on PyPI impersonated the SymPy library, resulting in over 1,100 downloads and deployment of an XMRig cryptominer on Linux systems.

Jan 22, 2026

AI NewsCybersecurityRansomware

Osiris Ransomware Leverages POORTRY Driver in Novel BYOVD Attack

The newly discovered Osiris ransomware strain utilized a custom POORTRY driver in a Bring Your Own Vulnerable Driver (BYOVD) attack, resulting in data theft and security tool disabling in November 2025.

Jan 22, 2026

AI NewsCybersecurityIoT

Risky Chinese Electric Buses Spark Aussie Gov't Review

Australia is reviewing the security risks of Chinese-made Yutong electric buses, with 133 currently operating, due to potential remote access and cyber vulnerabilities.

Jan 22, 2026

AI NewsCybersecurityVulnerability

SmarterMail Authentication Bypass Exploited Days After Patch

A critical SmarterMail flaw (WT-2026-0001, now CVE-2026-23760) is being actively exploited in the wild, enabling admin password resets and SYSTEM-level code execution.

Jan 22, 2026

AI NewsCybersecurityAndroid

Pixel Zero-Click Exploit Highlights Android Security Challenges

Google Project Zero revealed a zero-click exploit affecting Android via the Dolby audio decoder, demonstrating the risk of automated processing.

Jan 22, 2026

AI NewsCybersecurityBrowser Security

AI Agents Are Bringing Back Browser Insecurity

AI agents in browsers are undermining three decades of security progress, potentially leading to widespread data exfiltration and account takeovers.

Jan 21, 2026

AI NewsCybersecurityNode.js

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A binary-parser vulnerability (CVE-2026-1245) in Node.js allows attackers to execute arbitrary JavaScript code with a CVSS score of 6.5.

Jan 21, 2026

AI NewsCybersecurityVulnerability

Chainlit AI Framework Vulnerabilities Enable Data Theft and SSRF Attacks

High-severity flaws in the Chainlit AI framework (CVE-2026-22218 & CVE-2026-22219) could allow attackers to steal files, leak API keys, and perform SSRF attacks.

Jan 21, 2026