65Articles
9Categories
2026-01-09Date
🚨 CISA KEV 2[−]
9 Jan KEVCISA flags max-severity bug in HPE OneView amid active exploitationA max-severity remote code execution (RCE) flaw in HPE’s OneView management platform has been flagged by the Cybersecurity & Infrastructure Security Agency (CISA) for active exploitation. The flaw, tracked as CVE-2025-37164 , has been added to CISA’s Known Exploited Vulnerabi…CSOONLINE.COM
9 Jan KEVCISA Closes 10 Emergency Directives as Vulnerability Catalog Takes OverThe Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek .SECURITYWEEK.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
9 JanCisco identifies vulnerability in ISE network access control devicesThe latest flaw in Cisco Systems Identity Services Engine (ISE), which could expose sensitive information to an attacker, requires rotation of credentials as well as installation of a patch to correct, says an expert. Cisco ISE is a network access control platform that enforces a…CSOONLINE.COM
9 JanTrend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows VersionsTrend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258, carries a CVSS s…THEHACKERNEWS.COM
9 JanNi8mare: Kritische n8n-Lücke bedroht 100.000 Serversrcset="https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2695413081.jpg?quality=50&strip=all 6000w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2695413081.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
9 JanChromium: CVE-2026-0628 Insufficient policy enforcement in WebView tagThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
9 JanOWASP CRS Vulnerability Enables Charset Validation BypassA newly disclosed vulnerability in the OWASP Core Rule Set (CRS) allows attackers to bypass charset validation in web application firewalls (WAFs), enabling dangerous payloads to reach backend applications.   Tracked as CVE-2026-21876, the flaw affec…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 16[−]
9 JanEnterprises still aren’t getting IAM rightDespite all the warnings, and constant news of devastating cyberattacks , enterprise users are still cutting corners when it comes to identity and access management (IAM). Nearly two-thirds (63%) of cybersecurity leaders admit their employees continue to bypass security controls …CSOONLINE.COM
9 JanWindow's Blue Screen of Death VulnerabilityCybersecurity Today: Sideloaded App Issues, Fake Blue Screen Attacks, and Rising Ransomware Threats In this episode of Cybersecurity Today, host Jim Love discusses HSBC blocking sideloaded apps with its banking app, new social engineering attacks using fake Windows blue screens t…CYBERSECURITYTODAY.LIBSYN.COM
9 JanMicrosoft Mandates MFA for Microsoft 365 Admin Center AccessMicrosoft is tightening security for its cloud customers by making multi-factor authentication mandatory for anyone accessing the Microsoft 365 admin center, effectively ending password-only logins for high-privilege admin portals.   The enforcement …GBHACKERS.COM
9 JanJamie Norton’s journey to CISO started with an early interest in computersJamie Norton’s parents gave him a computer as a child that he played and tinkered with while growing up. When he went to university, he studied IT and accounting “just as a bit of a side note, really.” This was right around when the internet was emerging, and he started to play w…CSOONLINE.COM
9 JanTrend Micro warns of critical Apex Central RCE vulnerabilityJapanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges. [...]BLEEPINGCOMPUTER.COM
9 JanExploit for VMware Zero-Day Flaws Likely Built a Year Before Public DisclosureFresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days. The post Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure appeared first on SecurityWeek .SECURITYWEEK.COM
9 JanCrowdStrike to acquire SGNL for $740M, expanding real-time identity securityCrowdStrike will pay $740 million to acquire identity security startup SGNL, adding real-time authorization capabilities that grant and revoke access based on current risk conditions rather than static permissions. The deal, expected to close in CrowdStrike’s fiscal first quarter…CSOONLINE.COM
9 JanVMware ESXi zero-days likely exploited a year before disclosuresubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/vmware-esxi-zero-days-likely-exploited-a-year-before-disclosure/SH.ITJUST.WORKS
9 JanTrend Micro Patches Critical Code Execution Flaw in Apex CentralTenable has released PoC code and technical details after the vendor announced the availability of patches for three vulnerabilities. The post Trend Micro Patches Critical Code Execution Flaw in Apex Central appeared first on SecurityWeek .SECURITYWEEK.COM
9 JanFog Ransomware Targets U.S. Organizations via Compromised VPN CredentialsArctic Wolf Labs has uncovered a new ransomware variant dubbed “Fog” striking US organizations, primarily in education and recreation, through hijacked VPN access. First spotted on May 2, 2024, the attacks highlight vulnerabilities in remote access tools and the rapid…GBHACKERS.COM
9 JanAttackers Use Over 240 Exploits Ahead of Ransomware AttacksRansomware attacks don’t begin with encryption. They start with reconnaissance and security researchers just documented a significant reconnaissance operation that unfolded over the Christmas holiday. Between December 25 and 28, a single operator systematically scanned the …GBHACKERS.COM
9 JanTrend Micro Apex Central Flaw Enable Remote Code Execution AttacksTrend Micro has issued a critical security update for Apex Central to address multiple remotely exploitable vulnerabilities, including a bug that allows unauthenticated attackers to execute code with SYSTEM-level privileges. Organizations running vulnerable builds are urged to pa…GBHACKERS.COM
9 JanPiracy's Game of Whack-a-MoleHacked devices offer free streaming but come with legal risks. The constant evolution of piracy tactics challenges enforcement efforts. What measures can effectively curb this digital cat-and-mouse game? Subscribe to our podcasts: https://securityweekly.com/subscribe #Piracy #Str…YOUTUBE.COM
9 JanChina-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual MachinesChinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024. Cybersecurity firm Huntress, which observed the activity in …THEHACKERNEWS.COM
9 Jan KEVBeyond “Is Your SOC AI Ready?” Plan the Journey!You read the “AI-ready SOC pillars” blog , but you still see a lot of this: Bungled AI SOC transition How do we do better? Let’s go through all 5 pillars aka readiness dimensions and see what we can actually do to make your SOC AI-ready. #1 SOC Data Foundations As I said before, …MEDIUM.COM
9 JanZombieAgent ChatGPT attack shows persistent data leak risks of AI agentsResearchers have found new ways to turn ChatGPT into a data exfiltration tool and even use it as a persistent backdoor. The new ZombieAgent techniques, which have been patched by OpenAI, fed hidden prompts through connected applications such as email and cloud storage to send dat…CSOONLINE.COM
📋 SECURITY BULLETINS 1[−]
9 JanCISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said it's retiring 10 emergency directives (Eds) that were issued between 2019 and 2024. The list of the directives now considered closed is as follows - ED 19-01: Mitigate DNS Infrastructure Tampering E…THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 4[−]
9 JanFBI Warns North Korean Hackers Using Malicious QR Codes in Spear-PhishingThe U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country. "As of 2025, Kimsuky actors have targeted think tanks…THEHACKERNEWS.COM
9 JanMicrosoft Introduces Teams External Collaboration Administrator RoleMicrosoft is expanding its administrative capabilities in Teams by introducing a new built-in role called Teams External Collaboration Administrator.   This specialized RBAC role enables organizations to delegate external collaboration management wit…GBHACKERS.COM
9 JanMicrosoft may soon allow IT admins to uninstall CopilotMicrosoft is testing a new policy that allows IT administrators to uninstall the AI-powered Copilot digital assistant on managed devices. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 7[−]
9 JanPalo Alto Crosswalk Signals Had Default PasswordsPalo Alto’s crosswalk signals were hacked last year. Turns out the city never changed the default passwords .SCHNEIER.COM
9 Jan377,000 Impacted by Data Breach at Texas Gas Station FirmGulshan Management Services has informed authorities about a recent data breach resulting from a ransomware attack. The post 377,000 Impacted by Data Breach at Texas Gas Station Firm appeared first on SecurityWeek .SECURITYWEEK.COM
9 Jan‘ZombieAgent’ Attack Let Researchers Take Over ChatGPTRadware bypassed ChatGPT’s protections to exfiltrate user data and implant a persistent logic into the agent’s long-term memory. The post ‘ZombieAgent’ Attack Let Researchers Take Over ChatGPT appeared first on SecurityWeek .SECURITYWEEK.COM
9 JanYour KnowBe4 Fresh Content Updates from December 2025“It was really good. I liked that it covered a lot of important subjects, focused on how to spot red flags, and used an AI deepfake demonstration.” Training Module Employees master current cyberthreats — phishing, ransomware, BEC, AI-powered social engineering and deepfakes — thr…KNOWBE4.COM
9 JanIllinois Department of Human Services data breach affects 700K peopleThe Illinois Department of Human Services (IDHS), one of Illinois' largest state agencies, accidentally exposed the personal and health data of nearly 700,000 residents due to incorrect privacy settings. [...]BLEEPINGCOMPUTER.COM
9 JanIn Other News: 8,000 Ransomware Attacks, China Hacked US Gov Emails, IDHS Breach Impacts 700kOther noteworthy stories that might have slipped under the radar: Jaguar Land Rover sales crash, hundreds of gen-AI data policy violations, and Chinese cyberattacks against Taiwan intensified. The post In Other News: 8,000 Ransomware Attacks, China Hacked US Gov Emails, IDHS Brea…SECURITYWEEK.COM
9 JanThe Role of Initial Access Markets in Ransomware Campaigns Targeting Australia and New ZealandThe cyber threat environment in Australia and New Zealand has entered a critical phase throughout 2025, marked by a dramatic surge in initial access sales, sophisticated ransomware operations, and widespread data breaches affecting essential sectors. According to the Threat Lands…GBHACKERS.COM
🕵️ THREAT INTELLIGENCE 24[−]
9 JanISC Stormcast For Friday, January 9th, 2026 https://isc.sans.edu/podcastdetail/9760, (Fri, Jan 9th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
9 JanNew “Ghost Tap” Attack Hijacks Android Phones to Drain Bank AccountsChinese threat actors are weaponizing NFC technology to steal funds from victims’ bank remotely accounts through sophisticated Android malware campaigns, with security researchers identifying at least $355,000 in fraudulent transactions from a single operation. Group-IB res…GBHACKERS.COM
9 JanMalicious Process Environment Block Manipulation, (Fri, Jan 9th)Reverse engineers must have a good understanding of the environment where malware are executed (read: the operating system). In a previous diary, I talked about malicious code that could be executed when loading a DLL[ 1 ]. Today, I'll show you how a malware can hid…ISC.SANS.EDU
9 JanFunk von kritischer Infrastruktur leicht abhörbarViele KRITIS-Einrichtungen wie Energieversorger verzichten auf verschlüsselte Funknetze. Mangkorn Danggura – shutterstock.com Etliche Einrichtungen der kritischen Infrastruktur in Deutschland kommunizieren mit ungeschützter Funktechnik. Der Digitalfunk zahlreicher Haftanstalten, …CSOONLINE.COM
9 JanNew Malware Automatically Send to Contacts via WhatsApp Web Attacks Windows Systemssubmitted by kid to cybersecurity 4 points | 0 comments https://cybersecuritynews.com/new-malware-automatically-send-to-contacts-via-whatsapp-web-attacks/SH.ITJUST.WORKS
9 JanPreparing for Post-Quantum Cryptography | Wiz Blogsubmitted by kid to cybersecurity 1 points | 0 comments https://www.wiz.io/blog/preparing-for-post-quantum-cryptographySH.ITJUST.WORKS
9 JanFake WinRAR downloads hide malware behind a real installer | Malwarebytessubmitted by kid to cybersecurity 1 points | 0 comments https://www.malwarebytes.com/blog/threat-intel/2026/01/fake-winrar-downloads-hide-malware-behind-a-real-installerSH.ITJUST.WORKS
9 JanFBI warns about Kimsuky hackers using QR codes to phish U.S. orgssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fbi-warns-about-kimsuky-hackers-using-qr-codes-to-phish-us-orgs/SH.ITJUST.WORKS
9 JanChina-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodessubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2026/01/china-linked-uat-7290-targets-telecoms.htmlSH.ITJUST.WORKS
9 JanIllinois state agency exposed personal data of 700,000 people | The Record from Recorded Future Newssubmitted by kid to cybersecurity 1 points | 0 comments https://therecord.media/illinois-agency-exposed-dataSH.ITJUST.WORKS
9 JanPersonal data taken in Kensington and Chelsea council cyber hacksubmitted by kid to cybersecurity 1 points | 0 comments https://www.bbc.com/news/articles/ce3knggd1lwoSH.ITJUST.WORKS
9 JanFBI: North Korean Spear-Phishing Attacks Use Malicious QR CodesThe North Korean state-sponsored espionage group Kimsuky has targeted government organizations, think tanks, and academic institutions. The post FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes appeared first on SecurityWeek .SECURITYWEEK.COM
9 JanTim Kosiba Named NSA Deputy DirectorKosiba, a veteran of the Intelligence Community with over 30 years of federal service, returns to the agency as its most senior civilian leader. The post Tim Kosiba Named NSA Deputy Director appeared first on SecurityWeek .SECURITYWEEK.COM
9 JanRussian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy OrganizationsRussian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia a…THEHACKERNEWS.COM
9 JanxRAT Malware Targets Windows Users via Fake Adult GameAhnLab Security Intelligence Center (ASEC) has uncovered a dangerous distribution campaign targeting Windows users through Korean web hard services. Threat actors are leveraging xRAT (QuasarRAT) malware, disguising it as legitimate adult game content to deceive unsuspecting users…GBHACKERS.COM
9 JanBest Ways to Learn Everything About Investing in BitcoinBitcoin is a digital asset and a payment system invented by Satoshi Nakamoto. Transactions are verified by network nodes through cryptography and recorded in a public dispersed ledger called a blockchain. Bitcoin is unique in that there is a finite number of them: 21 million. Bit…GBHACKERS.COM
9 Jan50 Best Free Cyber Threat Intelligence Tools – 2026Threat Intelligence Tools are more often used by security industries to test the vulnerabilities in networks and applications. It helps with the collection and analysis of information about current and potential attacks that threaten the safety of an organization or its assets. H…GBHACKERS.COM
9 JanCrowdStrike Acquires Identity Security Startup SGNL in $740 Million DealCrowdStrike has announced its agreement to acquire SGNL, a leading identity-first security company, for $740 million. The acquisition will strengthen CrowdStrike Falcon® Next-Gen Identity Security by adding continuous, context-aware authorization capabilities across human, non-hu…GBHACKERS.COM
9 JanHackers target misconfigured proxies to access paid LLM servicesThreat actors are systematically hunting for misconfigured proxy servers that could provide access to commercial large language model (LLM) services. [...]BLEEPINGCOMPUTER.COM
9 JanConsentFix Attacks Fake Cloudflare PromptsClickFix attacks have been around for decades; only the name is new. ClickFix attacks use social engineering to trick users into clicking on buttons and links that the user is told are needed so their browser or computer can perform some desired action.KNOWBE4.COM
9 JanFriday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine CoastThe latest article on this topic. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.SCHNEIER.COM
9 JanNudification, Spying, Ni8mare, Cisco, Chat-GPT, Chrome, SaaS, CES, Josh Marpet & More - SWN #545Grok Nudification, Spying, Ni8mare, Cisco, Chat-GPT, Chrome, SaaS, CES, Josh Marpet, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-545YOUTUBE.COM
9 JanCisco Switch Reboot ChaosCisco switches are caught in a reboot loop due to DNS errors. This glitch can severely disrupt network operations. How can IT teams prepare for such unexpected issues? Subscribe to our podcasts: https://securityweekly.com/subscribe #Cisco #NetworkIssues #TechAlert #SecurityWeekly…YOUTUBE.COM
9 JanPractitioners Reveal What Makes Threat Intelligence Programs MatureThreat intelligence practitioners from Global Payments, Adobe, and Superhuman reveal how mature CTI programs transform data overload into strategic business value. Learn proven approaches to automation, cross-functional collaboration, and executive communication.RECORDEDFUTURE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
9 JanpcTattletale founder pleads guilty in rare stalkerware prosecutionThe founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges - marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
9 JanEmail security needs more seatbelts: Why click rate is the wrong metricClick rate misses the real email security risk: what attackers can do after they access a mailbox. Material Security explains why containment and post-compromise impact matter more than phishing metrics. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 4[−]
9 JanCybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can't)As organizations plan for 2026, cybersecurity predictions are everywhere. Yet many strategies are still shaped by headlines and speculation rather than evidence. The real challenge isn’t a lack of forecasts—it’s identifying which predictions reflect real, emerging risks and which…THEHACKERNEWS.COM
9 JanIllinois man charged with hacking Snapchat accounts to steal nude photosU.S. prosecutors have charged an Illinois man with orchestrating a phishing operation that allowed him to hack the Snapchat accounts of nearly 600 women to steal private photos and sell them online. [...]BLEEPINGCOMPUTER.COM
9 JanChatGPT tests a new feature to find jobs, improve your resume, and moreOpenAI is testing "Jobs," a new feature that could help you explore roles, improve your resume, and plan your career. This feature is being tested after ChatGPT gained support for the Health dashboard. [...]BLEEPINGCOMPUTER.COM
9 JanAnthropic: Viral Claude “Banned and reported to authorities” message isn’t realAnthropic has denied reports of banning legitimate accounts, after a viral post on X claimed the creator of Claude had banned a user. [...]BLEEPINGCOMPUTER.COM