Cybersecurity News from Across the Internet
The danger isn’t that AI agents have bad days — it’s that they never do. They execute faithfully, even when what they’re executing is a mistake. A single misstep in logic or access can turn flawless automation into a flawless catastrophe. This isn’t some dystopian fantasy—it’s Tuesday at the office now. We’ve entered a new … Read More “Identity Security: Your First and Last Line of Defense – The Hacker News” »
Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing messages that come from hundreds of Zendesk corporate customers simultaneously. Zendesk is an automated help desk service designed to make it simple for people to contact companies for customer support issues. Earlier this week, … Read More “Email Bombs Exploit Lax Authentication in Zendesk – Krebs on Security” »
Cybersecurity researchers have disclosed details of a recently patched critical security flaw in WatchGuard Fireware that could allow unauthenticated attackers to execute arbitrary code. The vulnerability, tracked as CVE-2025-9242 (CVSS score: 9.3), is described as an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including 11.12.4_Update1, 12.0 up to and including – Read … Read More “Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices – The Hacker News” »
Microsoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were “used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,” the Microsoft Threat Intelligence team said in … Read More “Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign – The Hacker News” »
North Korean operatives that dupe job seekers into installing malicious code on their devices have been spotted using new malware strains and techniques, resulting in the theft of credentials or cryptocurrency and ransomware deployment, according to researchers from Cisco Talos and Google Threat Intelligence Group. Cisco Talos said it observed an attack linked to Famous … Read More “North Korean operatives spotted using evasive techniques to steal data and cryptocurrency – CyberScoop” »
A misconfigured server belonging to Indian company NetcoreCloud exposed 40 billion records and 13.4TB of data, revealing sensitive… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
North Korea’s Famous Chollima is back, merging BeaverTail and OtterCookie malware to target job seekers. Cisco Talos details the new threat. Keylogging, screen recording, and cryptocurrency wallet theft detected in an attack. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
An investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. “This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the … Read More “LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets – The Hacker News” »
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain smart contracts as a way to facilitate the distribution of information stealers such as Atomic (AMOS), Lumma, Rhadamanthys (aka RADTHIEF), and Vidar, targeting both Windows and Apple macOS systems. “UNC5142 is characterized by its use of compromised WordPress websites and ‘EtherHiding,’ a technique … Read More “Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites – The Hacker News” »
A threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method. The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat … Read More “North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts – The Hacker News” »
If you just want to read the rules, click here. Now entering its third year, Pwn2Own Automotive returns to Automotive World in Tokyo on January 21 – 23, 2026. Over the last two years, we’ve awarded more than $2,000,000 for the latest in automotive exploitations, and this year looks to be even better. As always, … Read More “Pwn2Own Automotive Returns to Tokyo with Expanded Chargers and More! – Zero Day Initiative – Blog” »
Cybersecurity researchers have disclosed details of a new campaign that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems. The activity, codenamed Operation Zero Disco by Trend Micro, involves the weaponization of CVE-2025-20352 (CVSS score: 7.7), a stack overflow vulnerability in the … Read More “Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in “Zero Disco’ Attacks – The Hacker News” »
Scaling the SOC with AI – Why now? Security Operations Centers (SOCs) are under unprecedented pressure. According to SACR’s AI-SOC Market Landscape 2025, the average organization now faces around 960 alerts per day, while large enterprises manage more than 3,000 alerts daily from an average of 28 different tools. Nearly 40% of those alerts go … Read More “Architectures, Risks, and Adoption: How to Assess and Choose the Right AI-SOC Platform – The Hacker News” »
The Cofense Phishing Defense Centre warns of a new tech support scam using Microsoft’s brand to lock browsers and steal data. Learn how the attack uses fake ‘payment lures’ and urgent security alerts to trick victims into calling a fraudulent support number. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & … Read More “New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock, Steal Data – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »
Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money – while producing inferior results. The benefits of pen testing are clear. By empowering “white hat” hackers to attempt to breach your system using … Read More “Beware the Hidden Costs of Pen Testing – The Hacker News” »
Every day, billions of people place their trust in websites they know little about. Behind each one is a hosting provider, but not all of them play by the same rules. Traditionally, privacy policies let web visitors understand how their data would be handled, and SSL (Secure Sockets Layer) certificates ensured their connection was encrypted. … Read More “Why the web-hosting industry needs a trust seal – CyberScoop” »
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive. Hackers don’t always break systems anymore — they use them. They … Read More “ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More – The Hacker News” »
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitrary code execution. – Read More … Read More “CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack – The Hacker News” »
