Cybersecurity

629 articles in this category (Page 10 of 27)

AI NewsCybersecurityThreat Intelligence

Sandworm Blamed for Wiper Attack on Polish Power Grid

Researchers attributed the failed attempt to the infamous Russian APT Sandworm, which is notorious for wiper attacks on critical infrastructure.

Jan 26, 2026

AI NewsCybersecurityThreat Intelligence

Critical Security Flaws and Emerging Threats in Cybersecurity

Over 884 vulnerabilities were exploited for the first time in 2025, with network edge devices being the most frequently targeted, highlighting the urgency for organizations to act quickly on newly disclosed vulnerabilities.

Jan 26, 2026

AI NewsCybersecurityNetwork Security

Winning Against AI-Based Attacks Requires a Combined Defensive Approach

AI-powered attacks are evading EDR via steganography, AV abuse, and automation, forcing a shift toward combined NDR and EDR defenses.

Jan 26, 2026

AI NewsCybersecurityVMware

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

CISA added CVE-2024-37079, a critical VMware vCenter vulnerability with a 9.8 CVSS score, to its KEV list due to confirmed exploitation in the wild.

Jan 24, 2026

AI NewsCybersecurityMalware

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A sophisticated phishing campaign targeting Russia leverages GitHub, Dropbox, and 'defendnot' to disable Microsoft Defender and deploy Amnesia RAT and ransomware.

Jan 24, 2026

AI NewsCybersecurityThreat Intelligence

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

ESET links Russia-backed Sandworm to a failed December 2025 cyberattack using DynoWiper malware against Poland’s power and renewable energy systems.

Jan 24, 2026

AI NewsCybersecuritySoftware Development

SecuriNET: Open-Source Windows Network Security Application Released

SecuriNET, a free and open-source Windows application, aims to provide comprehensive network security features including connection monitoring and firewall management.

Jan 24, 2026

AI NewsCybersecurityLeadership

Reviving the Hacker Ethos That Built Cybersecurity

Dark Reading Confidential explores how cybersecurity can reclaim its hacker ethos, addressing a shift from passionate problem-solving to systemic risk management.

Jan 23, 2026

AI NewsCybersecurityVulnerability Management

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, requiring federal agencies to patch by February 12, 2026.

Jan 23, 2026

AI NewsCybersecurityVulnerability Management

Exploited Zero-Day Flaw in Cisco UC Could Affect Millions

A critical zero-day vulnerability (CVE-2026-20045) in Cisco Unified Communications Manager is being actively exploited, potentially impacting 30 million users.

Jan 23, 2026

AI NewsCybersecurityNetwork Security

Fortinet Confirms Active FortiCloud SSO Bypass on Patched Firewalls

Fortinet confirms ongoing exploitation of a FortiCloud SSO bypass (CVE-2025-59718/CVE-2025-59719) even on fully patched FortiGate devices, highlighting SAML vulnerability risks.

Jan 23, 2026

AI NewsCybersecurityPhishing

Microsoft Warns of Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft reports a sophisticated, multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) campaign impacting energy organizations.

Jan 23, 2026

AI NewsCybersecurityPhishing

Phishing Attack Leverages Stolen Credentials for LogMeIn RMM Deployment

A two-stage phishing campaign utilizes compromised email credentials to install LogMeIn Resolve RMM, enabling persistent and stealthy access to Windows systems.

Jan 23, 2026

AI NewsCybersecurityCloud Security

Automate Your Security: Exaforce Brings AI to SOC Operations

Exaforce aims to reduce the burden on security teams by automating detection, triage, investigation, and response, potentially increasing analyst capacity by 3x.

Jan 22, 2026

AI NewsCybersecurityNetwork Security

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Arctic Wolf reports automated attacks on FortiGate devices leveraging FortiCloud SSO vulnerabilities, resulting in unauthorized firewall changes and configuration theft.

Jan 22, 2026

AI NewsCybersecurityVulnerability Management

Cisco Patches Actively Exploited Zero-Day (CVE-2026-20045) in Unified CM and Webex

Cisco addressed a critical zero-day vulnerability (CVE-2026-20045) enabling unauthenticated remote code execution, with a CISA deadline of February 11, 2026.

Jan 22, 2026

AI NewsCybersecurityLinux

Critical GNU InetUtils Telnetd Flaw Enables Root Access

A 9.8-severity vulnerability (CVE-2026-24061) in GNU InetUtils telnetd allows remote attackers to bypass authentication and gain root access.

Jan 22, 2026

AI NewsCybersecurityThreat Intelligence

DPRK Actors Leverage VS Code Tunnels for Stealthy Remote Access

A North Korean spear-phishing campaign utilizes legitimate Microsoft VS Code tunneling to establish remote access, bypassing traditional security measures.

Jan 22, 2026

AI NewsCybersecurityCloud Security

Filling the Most Common Gaps in Google Workspace Security

Google Workspace, while strong, leaves gaps in email security, access control, and data visibility, requiring additional measures to protect against evolving threats.

Jan 22, 2026

AI NewsCybersecurityNetwork Security

Fortinet Firewalls Hit With Malicious Configuration Changes

Compromised FortiGate devices are experiencing automated malicious SSO logins and configuration data theft.

Jan 22, 2026

AI NewsCybersecurityGeopolitics

Europe Frets About Overreliance on US Tech

Growing European concern over US tech dependence, fueled by events like the Microsoft ICC email blockage, is driving a surge in sovereign tech initiatives.

Jan 22, 2026

AI NewsCybersecuritySoftware Supply Chain

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner

A fake 'sympy-dev' package on PyPI impersonated the SymPy library, resulting in over 1,100 downloads and deployment of an XMRig cryptominer on Linux systems.

Jan 22, 2026

AI NewsCybersecurityRansomware

Osiris Ransomware Leverages POORTRY Driver in Novel BYOVD Attack

The newly discovered Osiris ransomware strain utilized a custom POORTRY driver in a Bring Your Own Vulnerable Driver (BYOVD) attack, resulting in data theft and security tool disabling in November 2025.

Jan 22, 2026

AI NewsCybersecurityIoT

Risky Chinese Electric Buses Spark Aussie Gov't Review

Australia is reviewing the security risks of Chinese-made Yutong electric buses, with 133 currently operating, due to potential remote access and cyber vulnerabilities.

Jan 22, 2026