Cybersecurity News from Across the Internet
A coordinated campaign of 16 malicious GPT optimisers has been caught hijacking ChatGPT accounts. These tools steal session tokens to access private chats, Slack, and Google Drive files. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Indian government entities have been targeted in two campaigns undertaken by a threat actor that operates in Pakistan using previously undocumented tradecraft. The campaigns have been codenamed Gopher Strike and Sheet Attack by Zscaler ThreatLabz, which identified them in September 2025. “While these campaigns share some similarities with the Pakistan-linked Advanced Persistent Threat (APT) – … Read More “Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities – The Hacker News” »
Meta on Tuesday announced it’s adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks because of who they are and what they do. The feature, similar to Lockdown Mode in Apple iOS and Advanced Protection in Android, aims to protect individuals, such as journalists or public-facing figures, from sophisticated spyware … Read More “WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware – The Hacker News” »
WhatsApp unveiled a lockdown-style feature on Tuesday similar to those offered by other tech providers aimed at blocking sophisticated cyberattacks, with spyware in mind. The “Strict Account Settings” feature will roll out in the coming weeks and once enabled, will allow users to limit features in certain ways, such as blocking attachments and media from … Read More “WhatsApp releases account feature that looks to combat spyware – CyberScoop” »
Critical sandbox escape vulnerability in Grist-Core enables remote code execution via a malicious formula – Read More –
PeckBirdy command-and-control framework targeting gambling, government sectors in Asia since 2023 has been linked to China-aligned APTs – Read More –
Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization (App-V) script to distribute an information stealer called Amatera. “Instead of launching PowerShell directly, the attacker uses this script to control how execution begins and to avoid more common, easily recognized execution paths,” – Read … Read More “ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services – The Hacker News” »
LevelBlue, a Dallas-based managed security services provider, announced Tuesday that it is expanding its managed detection and response business through a strategic partnership with cybersecurity firm Fortra that includes the acquisition of Fortra’s Alert Logic managed services unit. The companies said the agreement covers Alert Logic’s Managed Detection and Response services, along with associated Extended … Read More “LevelBlue scoops up Alert Logic’s managed services from Fortra – CyberScoop” »
In episode 85 of The AI Fix, Graham discovers that Silicon Valley has the solution to your pet’s mental health crisis, and Mark explains why AI godfather Yann LeCun thinks the entire AI industry is wrong about LLMs. Also in this episode, OpenAI decides to ruin ChatGPT with ads; Sam Altman and Elon Musk and … Read More “The AI Fix #85: ChatGPT gets ads, pets get AI therapists, and everyone’s wrong about LLMs – GRAHAM CLULEY” »
Bugcrowd study reveals 82% of security researchers now use AI, a big increase from 2023 figures – Read More –
Poland blocked a Russian wiper malware attack on power and heating plants, officials say, avoiding outages during winter and prompting tighter cyber rules. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Cybersecurity teams increasingly want to move beyond looking at threats and vulnerabilities in isolation. It’s not only about what could go wrong (vulnerabilities) or who might attack (threats), but where they intersect in your actual environment to create real, exploitable exposure. Which exposures truly matter? Can attackers exploit them? Are our defenses effective? Continuous Threat … Read More “CTEM in Practice: Prioritization, Validation, and Outcomes That Matter – The Hacker News” »
US prosecutors have charged 31 more suspects in a nationwide ATM jackpotting scam, bringing the total number of defendants to 87 across multiple states. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environments. The flexible framework has been put to use against Chinese gambling industries and malicious activities targeting Asian government entities and private organizations, according to Trend Micro – Read … Read More “China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023 – The Hacker News” »
A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version of the Grist relational spreadsheet-database, that could result in remote code execution. The vulnerability, tracked as CVE-2026-24002 (CVSS score: 9.1), has been codenamed Cellbreak by Cyera Research Labs. “One malicious formula can turn a spreadsheet into a Remote Code Execution (RCE) beachhead,” … Read More “Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas – The Hacker News” »
Microsoft urged customers running Microsoft Office 2016 and 2019 to apply the patch to be protected – Read More –
Nike is investigating after the World Leaks ransomware group posted a 1.4TB data dump – Read More –
Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509, carries a CVSS score of 7.8 out of 10.0. It has been described as a security feature bypass in Microsoft Office. “Reliance on untrusted inputs in a security decision in Microsoft Office allows … Read More “Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation – The Hacker News” »
With increasing volume of data and regulatory controls that are only tightening, regulated industries have a hard paradox to… The post How Regulated Industries Use Privacy-Enhancing Technologies (PETs) appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jan 26 SEC Consult Vulnerability Lab Security Advisory < 20260126-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: dormakaba Kaba exos 9300 vulnerable version: < 4.4.1 fixed version: 4.4.1 CVE number: CVE-2025-59090, CVE-2025-59091, CVE-2025-59092 CVE-2025-59093, CVE-2025-59094, CVE-2025-59095… – Read More – Full Disclosure
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jan 26 SEC Consult Vulnerability Lab Security Advisory < 20260126-1 > ======================================================================= title: Multiple Critical Vulnerabilities product: dormakaba Access Manager vulnerable version: Multiple firmware and hardware revisions (details below) fixed version: Multiple firmware and hardware revisions (details below) CVE number: CVE-2025-59097,… – … Read More “SEC Consult SA-20260126-1 :: Multiple Critical Vulnerabilities in dormakaba Access Manager – Full Disclosure” »
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jan 26 SEC Consult Vulnerability Lab Security Advisory < 20260126-2 > ======================================================================= title: UART Leaking Sensitive Data product: dormakaba registration unit 9002 (PIN pad) vulnerable version: <SW0039 fixed version: SW0039 CVE number: … Read More “SEC Consult SA-20260126-2 :: UART Leaking Sensitive Data in dormakaba registration unit 9002 (PIN pad) – Full Disclosure” »
Posted by Marco Ermini via Fulldisclosure on Jan 26 Hello everyone, Kindly let me introduce myself. This is the first – and potentially, last – message on this mailing list. I am Marco, the CISO of EQS Group. Kindly allow me to address some of the statements expressed publicly here. About the Convercent application … Read More “Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) – Full Disclosure” »
Posted by Yuffie Kisaragi via Fulldisclosure on Jan 26 Dear Art, Thank you for sharing your detailed evaluation and for pointing out the relevant sections of the CNA Rules. Your argument is well reasoned, particularly with respect to the current guidance on SaaS and exclusively hosted services. I have forwarded your evaluation to the … Read More “Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) – Full Disclosure” »
Threat hunters and researchers are racing to contain a wave of voice-phishing attacks targeting single sign-on tools, already leading to data theft and extortion attempts. Multiple cybercrime groups are combining voice calls and advanced phishing kits to trick victims into handing over access — including a group identifying itself as ShinyHunters, which has publicly named alleged … Read More “A new wave of ‘vishing’ attacks is breaking into SSO accounts in real time – CyberScoop” »
The Cybersecurity and Infrastructure Security Agency is hoping to guide federal agencies through the murky process of updating their technology stack with quantum-resistant encryption. On Jan. 23, the agency released a list of different IT software and hardware products that are commonly purchased by the federal government and use cryptographic algorithms for encryption or authentication. … Read More “CISA publishes a post-quantum shopping list for agencies. Security professionals aren’t sold – CyberScoop” »
The Trump administration is rescinding a Biden-era memo that was intended to help agencies buy secure software, with the current Office of Management and Budget saying it relied on “unproven and burdensome” processes. A former Biden administration official said the move is “the first major policy step back that I have seen in the administration … Read More “OMB rescinds ‘burdensome’ Biden-era secure software memo – CyberScoop” »
Scammers are abusing Microsoft Teams invitations to send fake billing notices, with 12,866 emails reaching around 6,135 users in a phone-based phishing campaign. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
ChatGPT users beware: your browser extensions could be used to steal your accounts and identity. LayerX Research has identified at least 16 Chrome browser extensions for ChatGPT floating around the internet that promise to enhance work productivity. All show signs of being built by the same threat actor and designed for the same purpose: to … Read More “Some ChatGPT browser extensions are stealing your data – CyberScoop” »
Supply chain breach in eScan antivirus distributes multi-stage malware via legitimate updates – Read More –
Cybersecurity researchers have discovered an ongoing campaign that’s targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire Threat Response Unit (TRU), involves using phishing emails impersonating the Income Tax Department of India to trick victims into downloading a malicious archive, ultimately granting the threat … Read More “Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware – The Hacker News” »
Cybersecurity researchers have discovered an ongoing campaign that’s targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire Threat Response Unit (TRU), involves using phishing emails impersonating the Income Tax Department of India to trick victims into downloading a malicious archive, ultimately granting the threat … Read More “Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware – The Hacker News” »
Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers. The extensions, which have 1.5 million combined installs and are still available for download from the official Visual Studio – Read … Read More “Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code – The Hacker News” »
CISA released initial list of PQC-capable hardware and software to guide companies amid quantum threats – Read More –
The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say … Read More “Who Operates the Badbox 2.0 Botnet? – Krebs on Security” »
Fortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO” – Read More –
As users continue to assess the Under Armour data breach, WorldLeaks, the rebranded version of the Hunters International… – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
An international effort to create voluntary standards for the commercial cyber intrusion industry is wrestling with questions like who they should apply to, how to incentivize and measure compliance and what to do with companies with a checkered past. The first round of the Pall Mall Process focused on a code of conduct for government … Read More “Industry, government, nonprofits weigh voluntary rules for commercial hacking tools – CyberScoop” »
Another day, another fake CAPTCHA scam, but this one abuses Microsoft’s signed tools. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
The US law firm Hagens Berman will lead a class action lawsuit against Coupang over security failures that led to a June 2025 data breach – Read More –
Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week’s recap shows that pattern clearly. Attackers are moving faster than defenses, mixing old tricks with new paths. “Patched” no longer means safe, and every day, software keeps becoming the entry point. What follows is a … Read More “⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More – The Hacker News” »
Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials – Read More –
Say hello to Stanley, a new malicious toolkit that guarantees bypassing Google’s Chrome Web Store review process. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
If there’s a constant in cybersecurity, it’s that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Google’s Threat Intelligence Group, recently reported on adversaries using Large Language Models (LLMs) to both conceal code and generate malicious scripts on the fly, letting malware shape-shift in … Read More “Winning Against AI-Based Attacks Requires a Combined Defensive Approach – The Hacker News” »
A destructive cyber attack targeting Poland’s energy sector has been linked to Russian APT group Sandworm – Read More –
The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector. The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary’s expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, … Read More “Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers – The Hacker News” »
Endpoints remain primary entry for attacks. In 2026, endpoint platforms must deliver behavior context, automation, investigations, and integrations. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
If you are using a Windows PC, your privacy and security are nothing short of a myth, and this incident proves it. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. “The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign,” Fortinet FortiGuard Labs researcher Cara Lin said in a technical breakdown published this week. “These documents … Read More “Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware – The Hacker News” »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap … Read More “CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog – The Hacker News” »
