Cybersecurity

638 articles in this category (Page 14 of 27)

AI NewsCybersecurityFraud

Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

Researchers detail how 'pig butchering-as-a-service' (PBaaS) providers equip scam networks with tools, lowering the barrier to entry and enabling large-scale fraud.

Jan 12, 2026

AI NewsCybersecurityVulnerability

Protect Critical Data in AI Workflows

A maximum-severity vulnerability in the n8n workflow automation platform allows unauthenticated remote code execution, potentially compromising systems.

Jan 12, 2026

AI NewsCybersecurityGovernment

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

CISA has officially retired 10 emergency directives issued between 2019 and 2024, signifying completion of required remediation actions.

Jan 9, 2026

AI NewsCybersecurityRansomware

Cybersecurity Predictions 2026: Separating Signal from Noise

Bitdefender webinar highlights the shift from speculative cybersecurity threats to targeted ransomware and internal AI risks needing immediate attention.

Jan 9, 2026

AI NewsCybersecurityVMware

China-Linked Hackers Exploit VMware ESXi Zero-Days for VM Escape

Chinese-linked attackers exploited three VMware ESXi zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) to escape virtual machines and gain hypervisor control.

Jan 9, 2026

AI NewsCybersecurityFraud

Deepfake Fraud Tools Lagging Behind Expectations

Despite increasing realism, a World Economic Forum study finds most deepfake tools still struggle with live KYC checks, giving defenders an edge.

Jan 9, 2026

AI NewsCybersecurityFinance

Illicit Crypto Economy Surges as Nation-States Join the Fray

Illicit cryptocurrency transactions totaled $154 billion in 2025, representing a 160% increase fueled by activity from sanctioned countries like Russia and Iran.

Jan 9, 2026

AI NewsCybersecurityThreat Intelligence

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Russian APT28 conducted a credential-harvesting campaign in 2025, utilizing fake login pages and PDF lures to target energy and policy organizations.

Jan 9, 2026

AI NewsCybersecurityVulnerability

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro addressed a critical remote code execution vulnerability (CVE-2025-69258) in Apex Central on-prem Windows with a CVSS score of 9.8.

Jan 9, 2026

AI NewsCybersecurityThreat Intelligence

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

Cisco Talos identified China-linked UAT-7290 compromising telecoms since 2022 via Linux malware, exploits, and ORB infrastructure.

Jan 8, 2026

AI NewsCybersecurityNetwork Security

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Cisco addressed CVE-2026-20029, a medium-severity flaw in ISE and Snort 3, after a public proof-of-concept exploit became available.

Jan 8, 2026

AI NewsCybersecurityVulnerability

Coolify Vulnerabilities Allow Full Server Compromise

Coolify discloses 11 critical flaws, including command injection vulnerabilities, potentially enabling full server compromise for self-hosted instances.

Jan 8, 2026

AI NewsCybersecurityVulnerability Management

CISA Flags Microsoft Office and HPE OneView Bugs as Actively Exploited

CISA added two vulnerabilities – CVE-2009-0556 in Microsoft Office and CVE-2025-37164 in HPE OneView – to its KEV catalog, requiring patching by January 28, 2026.

Jan 8, 2026

AI NewsCybersecurityMergers & Acquisitions

CrowdStrike to Acquire SGNL for $740M to Bolster Identity Security

CrowdStrike’s acquisition of SGNL for nearly $740 million highlights the growing importance of identity security in a landscape increasingly reliant on cloud services and AI.

Jan 8, 2026

AI NewsCloud SecurityCybersecurity

Fake AI Chrome Extensions Stole 900K Users' Data

Nearly 900,000 users had their ChatGPT and DeepSeek data stolen via malicious Chrome extensions mimicking legitimate AI tools.

Jan 8, 2026

AI NewsCloud SecurityCybersecurity

Cloud Security’s Future: AI Adoption and the Commoditization of Security Features

99% of organizations are using or planning to use cloud services for AI workloads, driving a shift towards commoditized security features and increased collaboration between CSPs and customers.

Jan 8, 2026

AI NewsCybersecurityVulnerability Management

Maximum Severity HPE OneView Flaw Exploited in the Wild

CVE-2025-37164, a critical remote code execution vulnerability in HPE OneView, is now being actively exploited in the wild.

Jan 8, 2026

AI NewsCybersecurityMalware

NodeCordRAT Delivered via Malicious npm Packages

Researchers discovered NodeCordRAT, a new RAT delivered through three npm packages (bitcoin-main-lib, bitcoin-lib-js, bip40) with over 3,290 total downloads.

Jan 8, 2026

AI NewsCybersecuritySupply Chain

The State of Trusted Open Source: 98% of CVEs Reside Outside Top Projects

Analysis of nearly half a billion builds reveals a critical shift: 98% of vulnerabilities are found in longtail open source images, demanding broader security focus.

Jan 8, 2026

AI NewsCybersecurityVulnerability Management

RustFS Flaw, Iranian Ops, and Cloud Leaks Dominate Recent Cybersecurity Headlines

A critical RustFS vulnerability allowing remote code execution, alongside increased Iranian cyberattacks and widespread cloud data leaks, highlight escalating cybersecurity threats.

Jan 8, 2026

AI NewsCybersecurityIoT

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

Hackers are exploiting a critical zero-day flaw in unsupported D-Link routers, enabling arbitrary command execution and potentially broader network compromise.

Jan 7, 2026

AI NewsCybersecuritySoftware Vulnerability

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Server Takeover

A critical CVSS 10.0 vulnerability, dubbed 'Ni8mare', in n8n allows unauthenticated attackers to gain full control of servers.

Jan 7, 2026

AI NewsCybersecurityThreat Intelligence

DDoSia Powers Affiliate-Driven Hacktivist Attacks

Pro-Russian group NoName057(16) leverages the DDoSia tool to mobilize volunteers, resulting in 7,939 DDoS attack commands in a single week.

Jan 7, 2026

AI NewsCloud SecurityCybersecurity

Lack of MFA Enables Vast Cloud Credential Heist Affecting 50 Enterprises

A threat actor named 'Zestix' compromised 50 enterprises by exploiting stolen credentials on file-sharing platforms lacking multifactor authentication.

Jan 7, 2026