Author: [email protected] (The Hacker News)

The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints. The latest finding demonstrates continued evolution of the new tactic that was first discovered in December 2025, Jamf Threat Labs said. “This … Read More “North Korea-Linked Hackers Target Developers via Malicious VS Code Projects  – The Hacker News” »

Madison, United States, 20th January 2026, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

The new EU-funded GCVE project is breaking dependence on US databases to track software flaws. Discover how this decentralised system aims to ensure global cybersecurity.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed? To find out, Intruder’s research team looked at what traditional vulnerability scanners actually cover and built a new secrets detection method to address gaps in existing approaches.  Applying this at scale by … Read More “Why Secrets in JavaScript Bundles are Still Being Missed  – The Hacker News” »

In episode 84 of The AI Fix, Graham and Mark stare straight into the digital abyss and ask the most important question of our age: “Is AI just a hungry ghost trapped in a jar?” Also this week, we explore how a shadowy group of disgruntled insiders trying to destroy AI by poisoning its training … Read More “The AI Fix #84: A hungry ghost trapped in a jar gains access to the Pentagon’s network  – GRAHAM CLULEY” »

RansomHouse claims to have breached Apple contractor Luxshare, but no evidence has been released. Links are offline and the breach remains unverified.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

As emotional computing applications proliferate, the security threats they face require frameworks beyond traditional approaches.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

As emotional computing applications proliferate, the security threats they face require frameworks beyond traditional approaches.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity delivers “weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script,” ReliaQuest said in a report shared with  … Read More “Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading  – The Hacker News” »

Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity delivers “weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script,” ReliaQuest said in a report shared with  … Read More “Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading  – The Hacker News” »

A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. “These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI … Read More “Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution  – The Hacker News” »

A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. “These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI … Read More “Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution  – The Hacker News” »

Cybersecurity researchers have disclosed details of a malware campaign that’s targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem. “The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer  – Read More  – The Hacker News 

The Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go – but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles. The reason they persist isn’t negligence – it’s fragmentation.  Traditional IAM and IGA systems are designed  … Read More “The Hidden Risk of Orphan Accounts  – The Hacker News” »

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers.  “The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*),” the web infrastructure  – Read More  – The Hacker … Read More “Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers  – The Hacker News” »

The rise of malicious bots is changing how the internet operates, underscoring the need for stronger safeguards that keep humans firmly in control. Bots now account for more than half of global web traffic, and a new class of “predator bots” has emerged, unleashing self-learning programs that adapt in real time, mimic human behavior, and … Read More “Predator bots are exploiting APIs at scale. Here’s how defenders must respond.  – CyberScoop” »

おかえりなさい (Welcome back!) The third annual Pwn2Own Automotive competition has returned to Automotive World in Tokyo, and the excitement is building. This year marks a major milestone for Pwn2Own, with a record 73 entries. We’ve brought together some of the world’s most talented security researchers to take on the latest automotive components, pushing them to … Read More “Pwn2Own Automotive 2026 – The Full Schedule  – Zero Day Initiative – Blog” »

Alisa Viejo, United States, 20th January 2026, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operations, according to new findings from Elliptic. The blockchain intelligence company said Tudou Guarantee has effectively ceased transactions through its public Telegram groups following a period of significant growth. The marketplace is estimated to have processed  … Read More “Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion  – The Hacker News” »

Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar as a data extraction mechanism. The vulnerability, Miggo Security’s Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar’s privacy controls by hiding a … Read More “Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites  – The Hacker News” »

In cybersecurity, the line between a normal update and a serious incident keeps getting thinner. Systems that once felt reliable are now under pressure from constant change. New AI tools, connected devices, and automated systems quietly create more ways in, often faster than security teams can react. This week’s stories show how easily a small … Read More “⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More  – The Hacker News” »

Cybersecurity researchers at Miggo Security found a flaw in Google Gemini that uses calendar invites to steal private data. Learn how this silent attack bypasses security.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Researchers have found a new spying campaign using news about Venezuela to trick US government officials. Learn how the LOTUSLITE virus sneaks into computers to steal secrets.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

A team of academics from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new hardware vulnerability affecting AMD processors. The security flaw, codenamed StackWarp, can allow bad actors with privileged control over a host server to run malicious code within confidential virtual machines (CVMs), undermining the integrity guarantees … Read More “New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs  – The Hacker News” »

Just a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “always-on” dream, trading granular control for the convenience of managed services. In recent years, many of us have learned (often the hard way) that public cloud service providers are not … Read More “DevOps & SaaS Downtime: The High (and Hidden) Costs for Cloud-First Businesses  – The Hacker News” »

Resecurity has identified PDFSIDER malware that exploits the legitimate PDF24 App to covertly steal data and allow remote access. Learn how this APT-level campaign targets corporate networks through spear-phishing and encrypted communications.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. This new escalation of ClickFix … Read More “CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures  – The Hacker News” »

Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. “By exploiting it, we were able to collect system fingerprints, monitor active sessions, and – … Read More “Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations  – The Hacker News” »

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union’s Most Wanted and INTERPOL’s Red Notice lists, authorities  – Read … Read More “Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice  – The Hacker News” »

Threat actors are well-aware of the fact that many older people are not very savvy when it comes to technology. Unlike younger generations, they did not “grow up” with digital versions and are often confused. Add to this that some seniors suffer from memory problems and you have a recipe ripe for cyber thieves to … Read More “South African Seniors are Prime Target for Cyber Attacks  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »

OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription globally. “You need to know that your data and conversations are protected and never sold … Read More “OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans  – The Hacker News” »

A 40-year-old Jordanian national pleaded guilty Thursday to operating as an access broker, selling access to at least 50 victim company networks he broke into by exploiting two commercial firewall products in 2023, according to the Justice Department. Feras Khalil Ahmad Albashiti, who lived in the Republic of Georgia at the time, sold an undercover … Read More “Jordanian national pleads guilty after unknowingly selling FBI agent access to 50 company networks  – CyberScoop” »

The activist website called “ICE List” was offline after a massive DDoS attack. The crash followed a leak of 4,500 federal agent names linked to the Renee Nicole Good shooting.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More