MATLOCK.CA
113Articles
9Categories
2026-01-07Date
🚨
CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation.  CVE-2009-0556 Microsoft Office PowerPoint Code Injection Vulnerability CVE-2025-37164 HPE OneView Code Injection Vulnerability  These…
KEVCISA.GOV — Wed, 07 Jan 26 1
πŸ›
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
THEHACKERNEWS.COM — 07 Jan 2026
πŸ›
CVE-2025-4432 Ring: some aes functions may panic when overflow checking is enabled in ring
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
Google Warns of High-Risk WebView Vulnerability That Breaks Security Controls
GBHACKERS.COM — 07 Jan 2026
πŸ›
CVE-2025-1744 Out-of-bounds Write in radare2
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions
THEHACKERNEWS.COM — 07 Jan 2026
πŸ›
Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication
THEHACKERNEWS.COM — 07 Jan 2026
πŸ›
Bug in Open WebUI macht Kostenlos-Tool zur Backdoor
CSOONLINE.COM — 07 Jan 2026
πŸ›
Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control
THEHACKERNEWS.COM — 07 Jan 2026
πŸ›
Critical RCE flaw allows full takeover of n8n AI workflow platform
CSOONLINE.COM — 07 Jan 2026
πŸ›
Critical n8n Vulnerability Allows Authenticated Remote Code Execution
GBHACKERS.COM — 07 Jan 2026
πŸ›
CVE-2025-68285 libceph: fix potential use-after-free in have_mon_and_osd_map()
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68290 most: usb: fix double free on late probe failure
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68331 usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68327 usb: renesas_usbhs: Fix synchronous external abort on unbind
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68330 iio: accel: bmc150: Fix irq assumption regression
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68282 usb: gadget: udc: fix use-after-free in usb_gadget_state_work
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68283 libceph: replace BUG_ON with bounds check for map->max_osd
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68286 drm/amd/display: Check NULL before accessing
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68295 smb: client: fix memory leak in cifs_construct_tcon()
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68288 usb: storage: Fix memory leak in USB bulk transport
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68284 libceph: prevent potential out-of-bounds writes in handle_auth_session_key()
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68308 can: kvaser_usb: leaf: Fix potential infinite loop in command parsers
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68287 usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68289 usb: gadget: f_eem: Fix memory leak in eem_unwrap
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68302 net: sxgbe: fix potential NULL dereference in sxgbe_rx()
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68328 firmware: stratix10-svc: fix bug in saving controller data
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68339 atm/fore200e: Fix possible data race in fore200e_open()
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68342 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-68343 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header
MSRC.MICROSOFT.COM — 07 Jan 2026
πŸ›
CVE-2025-62224 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
MSRC.MICROSOFT.COM — 07 Jan 2026
⚠️
Cybersecurity hat kein Budget-Problem
CSOONLINE.COM — 07 Jan 2026
⚠️
8 things CISOs can’t afford to get wrong in 2026
CSOONLINE.COM — 07 Jan 2026
⚠️
Veeam Backup Vulnerability Exposes Systems to Root-Level Remote Code Execution
GBHACKERS.COM — 07 Jan 2026
⚠️
Black Cat Hacker Group Uses Fake Notepad++ Websites to Distribute Malware and Steal Data
GBHACKERS.COM — 07 Jan 2026
⚠️
Hackers Exploit Routing Misconfigurations to Successfully Spoof Organizations
GBHACKERS.COM — 07 Jan 2026
⚠️
CISO Lessons from a Children’s Novel as Cybersecurity Outgrows IT and Building Talent - BSW #429
YOUTUBE.COM — 2026-01-07
⚠️
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
THEHACKERNEWS.COM — 07 Jan 2026
⚠️
Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks
SECURITYWEEK.COM — 07 Jan 2026
⚠️
Microsoft warns of a surge in phishing attacks exploiting email routing gaps
CSOONLINE.COM — 07 Jan 2026
⚠️
Critical Dolby Vulnerability Patched in Android - SecurityWeek
SH.ITJUST.WORKS — 7 Jan 2026
⚠️
New D-Link flaw in legacy DSL routers actively exploited in attacks
KEVSH.ITJUST.WORKS — 7 Jan 2026
⚠️
Hackers Exploit Zero-Day in Discontinued D-Link Devices
SECURITYWEEK.COM — 07 Jan 2026
⚠️
New Veeam vulnerabilities expose backup servers to RCE attacks
BLEEPINGCOMPUTER.COM — 07 Jan 2026
⚠️
Veeam Backup Vulnerabilities Enable Remote Code Execution as Root
SH.ITJUST.WORKS — 7 Jan 2026
⚠️
Vulnerability in Totolink Range Extender Allows Device Takeover
SECURITYWEEK.COM — 07 Jan 2026
⚠️
How to eliminate IT blind spots in the modern, AI-driven enterprise
CSOONLINE.COM — 07 Jan 2026
⚠️
n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions
SH.ITJUST.WORKS — 7 Jan 2026
⚠️
Max severity Ni8mare flaw lets hackers hijack n8n servers
BLEEPINGCOMPUTER.COM — 07 Jan 2026
⚠️
Chinese Hackers Use NFC-Enabled Android Malware to Steal Payment Information
GBHACKERS.COM — 07 Jan 2026
⚠️
TOTOLINK EX200 Extender Flaw Allows AttackersΒ Full System Access
GBHACKERS.COM — 07 Jan 2026
⚠️
Threat Actors Exploit Google Cloud Services to Steal Microsoft 365 Credentials
GBHACKERS.COM — 07 Jan 2026
⚠️
ToddyCat Malware Exploits ProxyLogon to Compromise Microsoft Exchange Servers
GBHACKERS.COM — 07 Jan 2026
⚠️
Critical jsPDF flaw lets hackers steal secrets via generated PDFs
BLEEPINGCOMPUTER.COM — 07 Jan 2026
⚠️
New GoBruteforcer attack wave targets crypto, blockchain projects
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ“’
Automated data poisoning proposed as a solution for AI theft threat
CSOONLINE.COM — 07 Jan 2026
πŸ“’
Sedgwick Acknowledges Data Breach After TridentLocker Ransomware Claim
GBHACKERS.COM — 07 Jan 2026
πŸ“’
Google Chrome security advisory (AV26-002)
CYBER.GC.CA — 2026-01-07
πŸ“’
GitHub security advisory (AV26-003)
CYBER.GC.CA — 2026-01-07
πŸ“’
n8n security advisory (AV26-004)
CYBER.GC.CA — 2026-01-07
πŸ“’
Android security advisory – January 2026 monthly rollup (AV26-005)
CYBER.GC.CA — 2026-01-07
πŸ“’
Samsung mobile security advisory (AV26-007)
CYBER.GC.CA — 2026-01-07
πŸ“’
Qualcomm security advisory – January 2026 monthly rollup (AV26-006)
CYBER.GC.CA — 2026-01-07
πŸ“’
Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches
THEHACKERNEWS.COM — 07 Jan 2026
πŸ“’
Veeam security advisory (AV26-008)
CYBER.GC.CA — 2026-01-07
πŸ”₯
FΓΌr Cyberattacken gewappnet – Krisenkommunikation nach Plan
CSOONLINE.COM — 07 Jan 2026
πŸ”₯
Kimwolf Bot Strikes - "Routers Will Not Protect You"
CYBERSECURITYTODAY.LIBSYN.COM — 07 Jan 2026
πŸ”₯
Weekly Update 485
TROYHUNT.COM — 07 Jan 2026
πŸ”₯
Malicious Chrome Extension Leaks ChatGPT and DeepSeek Chats of 900,000 Users
GBHACKERS.COM — 07 Jan 2026
πŸ”₯
ownCloud urges users to enable MFA after credential theft reports
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ”₯
Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats
SECURITYWEEK.COM — 07 Jan 2026
πŸ”₯
Neue Ransomware-Bedrohung zielt auf deutsche Unternehmen
CSOONLINE.COM — 07 Jan 2026
πŸ”₯
Explore the latest Microsoft Incident Response proactive services for enhanced resilience
MICROSOFT.COM — 07 Jan 2026
πŸ”₯
Hackers Claim to Disconnect Brightspeed Customers After Breach - Infosecurity Magazine
SH.ITJUST.WORKS — 7 Jan 2026
πŸ”₯
CrazyHunter Ransomware Targets Healthcare Sector Using Sophisticated Evasion Tactics
GBHACKERS.COM — 07 Jan 2026
πŸ”₯
LockBit 5.0 Unveils Advanced Encryption and Enhanced Anti-Analysis Techniques
GBHACKERS.COM — 07 Jan 2026
πŸ•΅οΈ
ISC Stormcast For Wednesday, January 7th, 2026 https://isc.sans.edu/podcastdetail/9756, (Wed, Jan 7th)
ISC.SANS.EDU — 07 Jan 2026
πŸ•΅οΈ
Court Demands OpenAI Hand Over 20M Anonymized ChatGPT Chats in AI Copyright Dispute
GBHACKERS.COM — 07 Jan 2026
πŸ•΅οΈ
Hackers Create Fake DocuSign Login Page to Steal User Credentials
GBHACKERS.COM — 07 Jan 2026
πŸ•΅οΈ
High-Severity Flaw in Open WebUI Affects AI Connections
SH.ITJUST.WORKS — 7 Jan 2026
πŸ•΅οΈ
Hospitality Sector Hit By PHALT#BLYX ClickFix Malware Campaign
SH.ITJUST.WORKS — 7 Jan 2026
πŸ•΅οΈ
Coinbase insider who sold customer data to criminals arrested in India
SH.ITJUST.WORKS — 7 Jan 2026
πŸ•΅οΈ
The Wegman’s Supermarket Chain Is Probably Using Facial Recognition
SCHNEIER.COM — 2026-01-07
πŸ•΅οΈ
Microsoft most spoofed brand in phishing attacks | Cybernews
SH.ITJUST.WORKS — 7 Jan 2026
πŸ•΅οΈ
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
SH.ITJUST.WORKS — 7 Jan 2026
πŸ•΅οΈ
Cybersecurity Firms Secured $14 Billion in Funding in 2025
SECURITYWEEK.COM — 07 Jan 2026
πŸ•΅οΈ
UK Launches New Cyber Unit to Bolster Defences Against Cyber Threats - Infosecurity Magazine
SH.ITJUST.WORKS — 7 Jan 2026
πŸ•΅οΈ
Several Code Execution Flaws Patched in Veeam Backup & Replication
SECURITYWEEK.COM — 07 Jan 2026
πŸ•΅οΈ
Your Phone Remembers Everything
YOUTUBE.COM — 2026-01-07
πŸ•΅οΈ
The Loudest Voices in Security Often Have the Least to Lose
SECURITYWEEK.COM — 07 Jan 2026
πŸ•΅οΈ
In 2026, Hackers Want AI: Threat Intel on Vibe Hacking & HackGPT
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ•΅οΈ
Embrace Your Unique Edge
YOUTUBE.COM — 2026-01-07
πŸ•΅οΈ
Ghost Tap Malware Fuels Surge in Remote NFC Payment Fraud - Infosecurity Magazine
SH.ITJUST.WORKS — 7 Jan 2026
πŸ•΅οΈ
Hackers Using Malicious QR Codes for Phishing via HTML Table
GBHACKERS.COM — 07 Jan 2026
πŸ•΅οΈ
Windows Packer pkr_mtsi Powers Widespread Malvertising Campaigns with Multiple Malware
GBHACKERS.COM — 07 Jan 2026
πŸ•΅οΈ
Chinese Hackers Launch Ongoing Attacks on Taiwan’s Critical Infrastructure
GBHACKERS.COM — 07 Jan 2026
πŸ•΅οΈ
North Korean Threat Actor Spreads Malware via QR Codes
KNOWBE4.COM — 07 Jan 2026
πŸ•΅οΈ
AI: The New Threat to Privacy
YOUTUBE.COM — 2026-01-07
🌐
Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators
THEHACKERNEWS.COM — 07 Jan 2026
πŸŽ™οΈ
How the World Got Owned Episode 1: The 1980s
RISKY.BIZ — 07 Jan 2026
πŸ“‘
Im Fokus: Die IT-Agenda 2026 gestalten
DE.RESOURCES.CSOONLINE.COM — 07 Jan 2026
πŸ“‘
A phishing campaign with QR codes rendered using an HTML table, (Wed, Jan 7th)
ISC.SANS.EDU — 07 Jan 2026
πŸ“‘
UK announces plan to strengthen public sector cyber defenses
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ“‘
The Future of Cybersecurity Includes Non-Human Employees
THEHACKERNEWS.COM — 07 Jan 2026
πŸ“‘
Google Search AI hallucinations push Google to hire "AI Answers Quality" engineers
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ“‘
Digital Identities: Getting to Know the Verifiable Digital Credential Ecosystem
NIST.GOV — 07 Jan 2026
πŸ“‘
Microsoft: Classic Outlook bug prevents opening encrypted emails
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ“‘
Logitech Options+, G HUB macOS apps break after certificate expires
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ“‘
ChatGPT is losing market share as Google Gemini gains ground
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ“‘
OpenAI says ChatGPT won't use your health information to train its models
BLEEPINGCOMPUTER.COM — 07 Jan 2026
πŸ“‘
Weekly Threat Bulletin – January 7th, 2026
F5.COM — 07 Jan 2026
πŸ“‘
GRU-Linked BlueDelta Evolves Credential Harvesting
RECORDEDFUTURE.COM — 07 Jan 2026