Cybersecurity

638 articles in this category (Page 11 of 27)

AI NewsCybersecurityVulnerability Management

Cisco Patches Actively Exploited Zero-Day (CVE-2026-20045) in Unified CM and Webex

Cisco addressed a critical zero-day vulnerability (CVE-2026-20045) enabling unauthenticated remote code execution, with a CISA deadline of February 11, 2026.

Jan 22, 2026

AI NewsCybersecurityLinux

Critical GNU InetUtils Telnetd Flaw Enables Root Access

A 9.8-severity vulnerability (CVE-2026-24061) in GNU InetUtils telnetd allows remote attackers to bypass authentication and gain root access.

Jan 22, 2026

AI NewsCybersecurityThreat Intelligence

DPRK Actors Leverage VS Code Tunnels for Stealthy Remote Access

A North Korean spear-phishing campaign utilizes legitimate Microsoft VS Code tunneling to establish remote access, bypassing traditional security measures.

Jan 22, 2026

AI NewsCybersecurityNetwork Security

Fortinet Firewalls Hit With Malicious Configuration Changes

Compromised FortiGate devices are experiencing automated malicious SSO logins and configuration data theft.

Jan 22, 2026

AI NewsCybersecurityCloud Security

Filling the Most Common Gaps in Google Workspace Security

Google Workspace, while strong, leaves gaps in email security, access control, and data visibility, requiring additional measures to protect against evolving threats.

Jan 22, 2026

AI NewsCybersecurityGeopolitics

Europe Frets About Overreliance on US Tech

Growing European concern over US tech dependence, fueled by events like the Microsoft ICC email blockage, is driving a surge in sovereign tech initiatives.

Jan 22, 2026

AI NewsCybersecuritySoftware Supply Chain

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner

A fake 'sympy-dev' package on PyPI impersonated the SymPy library, resulting in over 1,100 downloads and deployment of an XMRig cryptominer on Linux systems.

Jan 22, 2026

AI NewsCybersecurityRansomware

Osiris Ransomware Leverages POORTRY Driver in Novel BYOVD Attack

The newly discovered Osiris ransomware strain utilized a custom POORTRY driver in a Bring Your Own Vulnerable Driver (BYOVD) attack, resulting in data theft and security tool disabling in November 2025.

Jan 22, 2026

AI NewsCybersecurityIoT

Risky Chinese Electric Buses Spark Aussie Gov't Review

Australia is reviewing the security risks of Chinese-made Yutong electric buses, with 133 currently operating, due to potential remote access and cyber vulnerabilities.

Jan 22, 2026

AI NewsCybersecurityVulnerability

SmarterMail Authentication Bypass Exploited Days After Patch

A critical SmarterMail flaw (WT-2026-0001, now CVE-2026-23760) is being actively exploited in the wild, enabling admin password resets and SYSTEM-level code execution.

Jan 22, 2026

AI NewsCybersecurityAndroid

Pixel Zero-Click Exploit Highlights Android Security Challenges

Google Project Zero revealed a zero-click exploit affecting Android via the Dolby audio decoder, demonstrating the risk of automated processing.

Jan 22, 2026

AI NewsCybersecurityBrowser Security

AI Agents Are Bringing Back Browser Insecurity

AI agents in browsers are undermining three decades of security progress, potentially leading to widespread data exfiltration and account takeovers.

Jan 21, 2026

AI NewsCybersecurityNode.js

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A binary-parser vulnerability (CVE-2026-1245) in Node.js allows attackers to execute arbitrary JavaScript code with a CVSS score of 6.5.

Jan 21, 2026

AI NewsCybersecurityVulnerability

Chainlit AI Framework Vulnerabilities Enable Data Theft and SSRF Attacks

High-severity flaws in the Chainlit AI framework (CVE-2026-22218 & CVE-2026-22219) could allow attackers to steal files, leak API keys, and perform SSRF attacks.

Jan 21, 2026

AI NewsMalwareCybersecurity

Complex VoidLink Linux Malware Created by AI

Researchers discovered VoidLink, a sophisticated Linux malware framework built almost entirely by AI, signaling a new era of rapid, high-complexity attacks.

Jan 21, 2026

AI NewsCybersecurityMalware

‘Contagious Interview’ Attack Now Delivers Backdoor Via VS Code

North Korean threat actors are exploiting Visual Studio Code to deliver a JavaScript backdoor, enabling remote code execution with no user interaction.

Jan 21, 2026

AI NewsCybersecurityVulnerability Management

Exposure Assessment Platforms Signal a Shift in Focus

Gartner introduces Exposure Assessment Platforms, showing 74% of vulnerabilities are dead ends and projecting 30% less downtime by 2027.

Jan 21, 2026

AI NewsCybersecurityMalware

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers are exploiting Visual Studio Code task files in fake job projects to deploy backdoors and crypto miners, demonstrating a sophisticated evolution in attack tactics.

Jan 21, 2026

AI NewsCybersecurityThreat Intelligence

North Korean PurpleBravo Campaign Targeted 3,136 IPs via Fake Job Interviews

North Korean PurpleBravo hackers targeted 3,136 IP addresses and 20 companies with malicious VS Code projects and BeaverTail malware.

Jan 21, 2026

AI NewsCybersecurityMalware

VoidLink: AI-Assisted Linux Malware Framework Reaches 88,000 Lines of Code

The VoidLink Linux malware framework was largely built using AI assistance, reaching 88,000 lines of code in just weeks, demonstrating accelerated malware development.

Jan 21, 2026

AI NewsCybersecurityBusiness

AI Powers MSSP Margin Gains, Reduces Staffing Needs

AI is enabling Managed Security Service Providers (MSSPs) to achieve double-digit margin gains and deliver CISO-level services without increasing headcount.

Jan 21, 2026

AI NewsCybersecurityCloud Security

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

Cloudflare patched an ACME HTTP-01 validation flaw that disabled WAF protections and let unauthorized requests reach origin servers.

Jan 20, 2026

AI NewsCybersecurityMalware

‘CrashFix’ Scam Crashes Browsers, Delivers Malware

The 'CrashFix' scam utilizes a malicious browser extension, intentional crashes, and a Python-based RAT to compromise systems, targeting both home users and corporate networks.

Jan 20, 2026

AI NewsCybersecurityMalware

Evelyn Stealer Malware Abuses VS Code Extensions

Evelyn Stealer malware compromises developers by exploiting VS Code extensions, resulting in theft of credentials, browser data, and cryptocurrency wallets.

Jan 20, 2026