Cybersecurity News from Across the Internet
Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claude platform to better understand their health information. Under an initiative called Claude for Healthcare, the company said U.S. subscribers of Claude Pro and Max plans can opt to give Claude secure access to … Read More “Anthropic Launches Claude AI for Healthcare with Secure Health Record Access – The Hacker News” »
A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online – Read More –
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted to fraudulent investment – Read More … Read More “Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud – The Hacker News” »
As companies continue with their digital transformation processes, the pressure to maintain constant compliance with data protection is mounting…. The post 2025-2026 Roadmap: Maintaining Continuous Data Protection Compliance appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Instagram’s 17 million user data leak wasn’t a new breach – Hackread.com’s in-depth analysis shows it was scraped in 2022, leaked in 2023, and falsely repackaged in 2026. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Authorities caught 34 members of the notorious Black Axe gang in Spain known for stealing millions of Euros through online romance scams and email fraud. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Posted by Stefan Kanthak via Fulldisclosure on Jan 10 Hi @ll, the following is a condensed form of <https://skanthak.hier-im-netz.de/whispers.html#whisper3> and <https://skanthak.hier-im-netz.de/whispers.html#whisper4>. Windows Vista moved the shared start menu from “%ALLUSERSPROFILE%Start Menu” to “%ProgramData%MicrosoftWindowsStart Menu”, with some shortcuts (*.lnk) “reflected” from the (immutable) component store below %SystemRoot%WinSxS JFTR:… – Read More – Full Disclosure
Posted by Ron E on Jan 10 A global buffer overflow vulnerability exists in the TinyOS printfUART implementation used within the ZigBee / IEEE 802.15.4 networking stack. The issue arises from an unsafe custom sprintf() routine that performs unbounded string concatenation using strcat() into a fixed-size global buffer. The global buffer debugbuf, defined with … Read More “TinyOS 2.1.2 printfUART Global Buffer Overflow via Unbounded Format Expansion – Full Disclosure” »
Posted by Ron E on Jan 10 A stack-based buffer overflow vulnerability exists in the mcp2200gpio utility due to unsafe use of strcpy() and strcat() when constructing device paths during automatic device discovery. A local attacker can trigger the vulnerability by creating a specially crafted filename under /dev/usb/, resulting in stack memory corruption and … Read More “TinyOS 2.1.2 Stack-Based Buffer Overflow in mcp2200gpio – Full Disclosure” »
Posted by Ron E on Jan 10 A stack-based buffer overflow vulnerability exists in the tapslip6 utility distributed with RIOT OS (and derived from the legacy uIP/Contiki networking tools). The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a device path using unbounded user-controlled input. Specifically, tapslip6 uses strcpy() … Read More “RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility via Unbounded Device Path Construction – Full Disclosure” »
Posted by Ron E on Jan 10 A stack-based buffer overflow vulnerability exists in the RIOT OS ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _handle_char() function, where incoming frame bytes are appended to a fixed-size stack buffer (serial->frame) without verifying that the current … Read More “RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in RIOT ethos Serial Frame Parser – Full Disclosure” »
Posted by Art Manion via Fulldisclosure on Jan 10 Hi, CVE IDs *can* be assigned for SaaS or similarly “cloud only” software. For a period of time, there was a restriction that only the provider could make or request such an assignment. But the current CVE rules remove this restriction: 4.2.3 CNAs MUST NOT … Read More “Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) – Full Disclosure” »
Database of 323,986 BreachForums users leaked online as forum admins claim the exposed data is partial and dates back to August 2025. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Welcome to WordPress. This is your first post. Edit or delete it, then start writing! – Read More – CryptoBind | HSM Provider in India | Aadhaar Data Vault | Data Security Solution
CISA adds a critical HPE OneView flaw (CVE-2025-37164) to its KEV catalogue with a Jan 28 deadline. Learn how this 10.0 RCE bug puts server infrastructure at risk. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. “The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular – … Read More “MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors – The Hacker News” »
Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of an operation conducted by the Spanish National Police, in coordination with the Bavarian State Criminal Police Office and Europol, 28 arrests were made in Seville, along with … Read More “Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime – The Hacker News” »
Cybersecurity researchers from Huntress detail a major VM Escape attack where hackers took over host servers. Using a secret toolkit called MAESTRO, the attackers stayed hidden for over a year. Read the exclusive details on how this breach was stopped and how to protect your network. – Read More – Hackread – Cybersecurity News, Data … Read More “MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities – Hackread – Cybersecurity News, Data Breaches, AI, and More” »
Large businesses or governments aren’t the only ones threatened by cyber attacks. Every organization is now equally threatened.… – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
The post Hegseth, Gabbard tap Tim Kosiba as NSA deputy director after months of cyber leadership tumult appeared first on CyberScoop. – Read More – CyberScoop
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024. Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final … Read More “China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines – The Hacker News” »
A trio of Senate Democrats are calling on Apple and Google to drop Elon Musk’s X from app stores as international regulators in Europe and Britain took steps towards investigations of the site’s mass undressing of users using Grok’s AI tool. On Friday, Senators Ron Wyden, D-Ore., Ben Ray Luján, D-N.M., and Ed Markey, D-Mass., … Read More “Dems pressure Google, Apple to drop X app as international regulators turn up heat – CyberScoop” »
Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia and Uzbekistan. The activity has been attributed to APT28 (aka BlueDelta), which was attributed … Read More “Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations – The Hacker News” »
A hacker claims to be selling nearly 40 million Condé Nast user records after leaking Wired.com data, with multiple major brands allegedly affected. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
In our previous Kenwood DNR1007XR blog, we detailed the internals of the Kenwood in-vehicle infotainment (IVI) head unit and provided annotated pictures of the main PCB. In this post, we aim to outline the attack surface of the DNR1007XR in the hopes of providing inspiration for vulnerability research. We will cover the main supported technologies … Read More “Breaking Down the Attack Surface of the Kenwood DNR1007XR – Part Two – Zero Day Initiative – Blog” »
Europol-backed operation targets group behind numerous BEC attacks and romance scams – Read More –
As organizations plan for 2026, cybersecurity predictions are everywhere. Yet many strategies are still shaped by headlines and speculation rather than evidence. The real challenge isn’t a lack of forecasts—it’s identifying which predictions reflect real, emerging risks and which can safely be ignored. An upcoming webinar hosted by Bitdefender aims to cut through the noise … Read More “Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t) – The Hacker News” »
Researchers at the World Economic Forum have shown that threat actors can use commercial deepfake tools to bypass corporate security protections – Read More –
Billionaire Chen Zhi and associates Xu Ji Liang and Shao Ji Hui have been extradited to China. This exclusive report details the collapse of the Prince Group’s global scam network, the seizure of $15 billion in Bitcoin, and the forced labour camps behind the billion-dollar pig butchering fraud. – Read More – Hackread – Cybersecurity … Read More “$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China – Hackread – Cybersecurity News, Data Breaches, AI, and More” »
Check Point has uncovered a vast, AI-powered scam operation dubbed the “Truman Show” – Read More –
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said it’s retiring 10 emergency directives (Eds) that were issued between 2019 and 2024. The list of the directives now considered closed is as follows – ED 19-01: Mitigate DNS Infrastructure Tampering ED 20-02: Mitigate Windows Vulnerabilities from January 2020 Patch Tuesday ED 20-03: Mitigate … Read More “CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024 – The Hacker News” »
Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258, carries a CVSS score of 9.8 out of a maximum of 10.0. The vulnerability has been described as a case … Read More “Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions – The Hacker News” »
The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns – Read More –
The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country. “As of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR) … Read More “FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing – The Hacker News” »
Talha Tariq and his colleagues at Vercel, the company that maintains Next.js, endured many sleep-deprived nights and weekends when React2Shell was discovered and disclosed soon after Thanksgiving. The defect, which affects vast stretches of the internet’s underlying infrastructure, posed a significant risk for Next.js, an open-source library that depends on vulnerable React Server Components. He … Read More “Inside Vercel’s sleep-deprived race to contain React2Shell – CyberScoop” »
Our first story of 2026 revealed how a destructive new botnet called Kimwolf has infected more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we’ll dig through digital clues left behind by the hackers, network operators and services that appear to have benefitted from Kimwolf’s spread. On … Read More “Who Benefited from the Aisuru and Kimwolf Botnets? – Krebs on Security” »
Researchers at Acronis have discovered a new campaign called Boto Cor-de-Rosa, where the Astaroth banking malware spreads like a worm through WhatsApp Web to steal contact lists and banking credentials. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
Posted by KoreLogic Disclosures via Fulldisclosure on Jan 08 KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking Title: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking Advisory ID: KL-001-2026-001 Publication Date: 2026-01-08 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2026-001.txt 1. Vulnerability Details Affected Vendor: yintibao Affected Product: Fun Print Mobile … Read More “KL-001-2026-01: yintibao Fun Print Mobile Unauthorized Access via Context Hijacking – Full Disclosure” »
A critical vulnerability (CVE-2026-21877) found by Upwind affects n8n automation tools. Learn why researchers are urging users to update to version 1.121.3 immediately to prevent remote code execution. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
CrowdStrike is buying identity management startup SGNL, a move that underscores how identity security has become a central battleground in enterprise cybersecurity as companies add cloud services and deploy AI-driven tools. The cybersecurity firm did not disclose financial terms in a Thursday announcement, but CrowdStrike CEO George Kurtz told CNBC the deal is valued at … Read More “CrowdStrike to buy identity startup SGNL for nearly $740M – CyberScoop” »
Zscaler ThreatLabz identifies three malicious NPM packages mimicking Bitcoin libraries. The NodeCordRAT virus uses Discord commands to exfiltrate MetaMask data and Chrome passwords. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
A 25-year-old Bigfork, Montana man, Jeremiah Daniel Starr, used over 50 phone numbers and a VPN to harass a victim he called his “best friend,” even staging a fake shooting. Learn more about the FBI investigation that traced 1,100 IP addresses to bring him to justice. – Read More – Hackread – Cybersecurity News, Data … Read More “US Man Jailed After FBI Traced 1,100 IP Addresses in Cyberstalking Case – Hackread – Cybersecurity News, Data Breaches, AI, and More” »
Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The campaign has been codenamed Boto Cor-de-Rosa by Acronis Threat Research Unit. “The malware retrieves the victim’s WhatsApp contact list and automatically sends malicious messages to each contact … Read More “WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging – The Hacker News” »
The Trump administration is withdrawing the United States from a handful of international organizations that work to strengthen cybersecurity. As part of a broader pullback from 66 international organizations, the administration is leaving the Global Forum on Cyber Expertise, the Online Freedom Coalition and the European Centre of Excellence for Countering Hybrid Threats. Trump’s decision … Read More “Trump pulls US out of international cyber orgs – CyberScoop” »
Researchers at Radware discovered new prompt injection attacks in ChatGPT agentic features – Read More –
The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL – Read More –
A long-term cyber-espionage campaign targeting South Asia’s telecom firms has been linked to UAT-7290 – Read More –
Security researchers have identified two malicious Chrome extensions recording AI chats. Learn how to identify and remove these tools to protect your privacy. – Read More – Hackread – Cybersecurity News, Data Breaches, AI, and More
A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Southeastern Europe. The activity cluster, which has been active since at least 2022, primarily focuses on extensive technical reconnaissance of target organizations before initiating attacks, ultimately leading to the deployment of malware families such as RushDrop … Read More “China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes – The Hacker News” »
