🎯Today's Cybersecurity Pulse
Updated 55m agoWhat's happening: Cloudflare pushes agile SASE with Cloudflare One to replace legacy VPNs
Cloudflare announced a series of technical deep‑dives showcasing its Cloudflare One agile SASE platform, positioning it as a single‑pass solution to the fragmentation of legacy VPNs and hardware firewalls. The platform runs security checks across a global network spanning over 300 cities, eliminating service‑chaining bottlenecks and integrating zero‑trust controls.
Also developing:
News•Jan 22, 2026
JA3 Fingerprinting Tool Exposes Attackers’ Infrastructure
JA3 fingerprinting, once considered outdated, is re‑emerging as a potent tool for tracking malicious infrastructure. By hashing TLS ClientHello parameters, JA3 creates a stable identifier that persists across malware variants. Recent threat‑intel investigations linked specific JA3 hashes to Remcos RAT, WannaCry, and the Skuld family, demonstrating its ability to surface coordinated campaigns. Security operations centers that enrich JA3 data with context can pivot from a single hash to full attacker infrastructure.
By GBHackers On Security
News•Jan 22, 2026
Flipit Reveals the “Back of the Internet,” A New Layer for Trust and Transparency
Flipit launched a Chrome extension that overlays a “back of the internet” layer, allowing users to post and view real‑time reviews on any website. The platform stores review data on IPFS via a distributed network of Flipit Cores, providing decentralized,...
By TechBullion
News•Jan 22, 2026
ZEST Security Adds AI Agents to Identify Vulnerabilities That Pose No Actual Risk
ZEST Security introduced AI Sweeper Agents that assess whether discovered vulnerabilities can actually be exploited in a given IT environment. The solution uses three specialized agents—Analysis, Environment‑Evaluation, and Validation—to match exploit requirements against an organization’s configuration. ZEST reports that more...
By Security Boulevard
News•Jan 22, 2026
Finextra Launches NextGen FinCrime, a New Leadership Event Redefining Trust in Finance
Finextra announced NextGen FinCrime: Dirty Money, Clean Systems, an executive‑level conference slated for 8 July 2026 at the London Conference Centre. The event targets senior finance leaders, regulators and technology providers to confront the growing threat of sophisticated financial crime amid rapid...
By Finextra
News•Jan 22, 2026
Filling the Most Common Gaps in Google Workspace Security
Google Workspace’s default security leaves critical gaps, especially in Gmail where Business Email Compromise and sophisticated spear‑phishing thrive. Native protections lack contextual awareness of VIP contacts and cannot fully safeguard years‑long email archives. The article recommends enabling advanced scanning, enforcing...
By The Hacker News
News•Jan 22, 2026
Silent Push Launches Traffic Origin to Expose the True Source of Obfuscated Web Traffic
Silent Push, a preemptive cyber‑defense startup, unveiled Traffic Origin, a solution that pinpoints the true upstream source of obfuscated web traffic such as residential proxies, VPNs, and bot farms. The platform delivers high‑confidence risk indicators, country‑connected data, and visual context...
By SiliconANGLE
News•Jan 22, 2026
OpenWrt One Gains Support for Running Debian
Debian now runs on the OpenWrt One router hardware. Engineers added low‑level platform support, bootloader tweaks, and system initialization scripts to enable Debian to boot directly without abstraction layers. The OpenWrt One serves as a reference device for the OpenWrt...
By Help Net Security
News•Jan 22, 2026
Over 160,000 Companies Notify Regulators of GDPR Breaches
Over 160,000 companies reported GDPR breaches in 2025, a 22% increase year‑over‑year. Daily average notifications jumped to 443, the first time since 2018 that the figure exceeded 400. Germany, the Netherlands and Poland accounted for the highest breach counts, while...
By Infosecurity Magazine
News•Jan 22, 2026
Common Apple Pay Scams, and How to Stay Safe
Apple Pay processes trillions of transactions annually, yet scammers exploit its popularity through social‑engineering tricks and NFC‑based malware. The most common frauds include phishing, marketplace overpayment, fake receipts, unsolicited payments, and public‑Wi‑Fi credential harvesting. Researchers observed a near‑doubling of NFC‑abusing...
By WeLiveSecurity
News•Jan 22, 2026
SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release
A critical authentication‑bypass flaw in SmarterTools' SmarterMail was patched on Jan 15, 2026, but attackers began exploiting it by Jan 17, 2026. The vulnerability allows unauthenticated users to reset the system administrator password via the /api/v1/auth/force-reset-password endpoint and then execute OS commands, yielding a...
By The Hacker News
News•Jan 22, 2026
EaseUS Disk Copy 7.0.0 Enables Backup, Restore, and Migration without Multiple Drives Connected
EaseUS released Disk Copy 7.0.0, adding full disk‑imaging capabilities to its previously cloning‑only tool. Users can now create compressed image files, store them independently, and restore them to physical or virtual disks without needing both drives connected. The update also...
By Help Net Security
News•Jan 22, 2026
New ClickFix Campaign Exploits Fake Verification Pages to Hijack Facebook Sessions
A new ClickFix campaign is hijacking Facebook accounts by luring users into fake verification and appeal pages that instruct them to extract live session tokens (c_user and xs) from their browsers. The operation spans 115 phishing pages hosted on abuse‑friendly...
By GBHackers On Security
Social•Jan 22, 2026
Defender, Not Attacker, Determines Cyber Attack Impact
I wrote a short post on how the impact of cyber attacks is determined by the target, not the attacker. It’s important to remember how much control the defender has over not just the terrain but the effects of an...
By The Grugq
News•Jan 22, 2026
Malicious PyPI Package Impersonates Sympy-Dev, Targeting Millions of Users
A malicious PyPI package named sympy-dev impersonates the popular SymPy library, using typosquatting to lure developers into installing it. Four versions (1.2.3‑1.2.6) were released on Jan 17 2026 and amassed over 1,000 downloads within the first day. The package embeds a memory‑only...
By GBHackers On Security
News•Jan 22, 2026
Saga Pauses Chainlet After $7M Exploit that Depegged Its Stablecoin
Saga announced a pause of its Ethereum‑compatible chainlet after a $7 million exploit that de‑pegged its US‑dollar stablecoin to $0.75. The attack involved coordinated contract deployments and cross‑chain activity, prompting the team to halt the chain at block 6,593,800 while investigating. Saga’s...
By Cointelegraph
News•Jan 22, 2026
Unbounded AI Use Can Break Your Systems
James Wickett, CEO of DryRun Security, warns that organizations are rapidly embedding large‑language‑model (LLM) features into live products without adequate safeguards. He highlights the danger of AI‑generated code being trusted for critical business logic and access control. The video stresses...
By Help Net Security
Podcast•Jan 22, 2026•47 min
Scammers Gonna Scam.
In this episode, hosts Dave Bittner, Joe Carrigan, and Maria Varmazis dissect recent social‑engineering threats, from politically‑charged SendGrid phishing campaigns to a crackdown on Southeast Asian scam networks after the arrest of alleged kingpin Chen Zhi. They share real‑world anecdotes,...
By Hacking Humans
News•Jan 22, 2026
One in Ten UK Businesses Fear They Would Not Survive a Major Cyberattack
A Vodafone Business survey of 1,000 UK senior leaders reveals that one in ten believe their company would not survive a major cyberattack. While 63% say the risk of attack has risen over the past year, only 45% have ensured...
By The Cyber Express
News•Jan 22, 2026
What Background Checks Miss: The Human Layer Behind Modern Screening
Modern hiring increasingly relies on fast, automated background checks that often limit employment history, address data, and education verification to a few days. The article argues that this speed comes at the expense of critical human‑focused layers such as rigorous...
By Security Magazine (Cybersecurity)
News•Jan 22, 2026
ClearFake Malware Exploits Proxy Execution to Run Malicious PowerShell Commands via Trusted Windows Feature
ClearFake, a JavaScript‑based malware distribution framework, has upgraded its evasion tactics by abusing the legitimate Windows script SyncAppvPublishingServer.vbs to execute hidden PowerShell commands via proxy execution. The campaign retrieves multi‑stage payloads from smart contracts on the BNB Smart Chain testnet,...
By GBHackers On Security
News•Jan 22, 2026
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace
The recent Thales‑Google Workspace webinar highlighted practical ways to achieve digital sovereignty through client‑side encryption and Thales CipherTrust. It underscored how Google Workspace’s zero‑trust architecture, regional data storage, and external key management give organizations control over encryption keys. The discussion...
By Security Boulevard
News•Jan 22, 2026
NSFOCUS AI-Scan Gains Recognition From Authoritative Institution
International Data Corporation (IDC) highlighted NSFOCUS AI‑SCAN in its October 2025 report, ranking it highly across six core LLM‑security dimensions. The platform offers comprehensive model, data, content, and application security, plus industry‑specific adaptation and unified management. AI‑SCAN currently supports more than...
By Security Boulevard
Podcast•Jan 22, 2026•6 min
SANS Stormcast Thursday, January 22nd, 2026: Visual Studio Code Scripts; Cisco Unified Comm and Zoom Vuln; Insufficient Fortinet Patch; SANS...
In this episode, Johannes Ullrich highlights four critical security issues: the risk of automatic script execution in Visual Studio Code via tasks.json files, a critical remote code execution flaw in Cisco Unified Communications products, a high‑severity command‑injection vulnerability in Zoom's...
By SANS Internet StormCast
News•Jan 22, 2026
MacOS Tahoe Improves Privacy and Communication Safety
Apple’s macOS Tahoe introduces a suite of privacy‑focused features that screen unwanted calls, messages, and online tracking. Native Phone, Messages and FaceTime now offer system‑level unknown‑contact controls, while Safari extends Advanced Fingerprinting Protection to every browsing session. Parental tools let...
By Help Net Security
News•Jan 22, 2026
Show HN: Dotenv Mask Editor: No More Embarrassing Screen Leaks of Your .env
The Dotenv Mask Editor is a Visual Studio Code extension that provides a grid‑based interface for editing .env files while automatically masking any value longer than six characters. Masked entries appear as asterisks in the view and only reveal their...
By Hacker News
News•Jan 22, 2026
Scammers Impersonate Nabtrade's Tom Piotrowsk to Endorse Bogus Investments
Australian bank NAB warns that scammers are impersonating its analyst Tom Piotrowsk, contributing to a 15 percent rise in investment fraud. The bank says 70 percent of losses start on social‑media platforms, where fraudsters use urgency and fake endorsements to lure victims. Scams...
By Finextra
News•Jan 21, 2026
Microsoft Updates the Security Baseline for Microsoft 365 Apps for Enterprise
Microsoft has released security baseline version 2512 for Microsoft 365 Apps for enterprise, providing recommended policy settings across Word, Excel, PowerPoint, Outlook, and Access. The baseline addresses macros, add‑ins, ActiveX, Protected View, and update behavior, and is delivered as Group Policy objects...
By Help Net Security
News•Jan 21, 2026
New Android Malware Uses AI to Click on Hidden Browser Ads
A new Android click‑fraud trojan family uses TensorFlow.js to run AI models inside a hidden WebView, visually identifying and tapping ads instead of relying on static JavaScript code. The malware is distributed through Xiaomi’s GetApps store, third‑party mod APK sites,...
By BleepingComputer
Social•Jan 21, 2026
Ethereum's Transaction Record Skewed by Address Poisoning Attacks
Ethereum just hit an all-time high in daily transactions But much of the activity was driven by address poisoning attacks https://t.co/rBDQRtSqza
By Laura Shin
News•Jan 21, 2026
Online Retailer PcComponentes Says Data Breach Claims Are Fake
PcComponentes, a leading Spanish tech retailer, denied a claim that a breach exposed 16 million customers, stating the figure was inflated. The company confirmed a credential‑stuffing attack that compromised a limited set of accounts, revealing names, addresses and contact details. Threat...
By BleepingComputer
News•Jan 21, 2026
NDSS 2025 – Tweezers
The NDSS 2025 paper introduces Tweezers, a framework that leverages an event attribution‑centric tweet embedding to detect security events on Twitter. By focusing on semantic attribution rather than simple keyword matching, Tweezers achieves higher precision and broader coverage than prior...
By Security Boulevard
News•Jan 21, 2026
Expert Insight on Under Armour’s Exposed Customer Data
In November 2025 Under Armour fell victim to the Everest ransomware gang, which claimed to have exfiltrated 343 GB of data. On January 21, 2026 a hacking forum published a 72‑million‑record customer dataset containing emails, names, birthdates, genders, locations and purchase...
By Security Magazine (Cybersecurity)
News•Jan 21, 2026
Hong Kong Issues Code of Practice Under the Protection of Critical Infrastructures (Computer Systems) Ordinance
On 1 January 2026 Hong Kong’s Office of the Commissioner of Critical Infrastructure (Computer‑system Security) released a Code of Practice (CoP) under the Protection of Critical Infrastructures (Computer Systems) Ordinance, which also took effect that day. The CoP translates the Ordinance’s high‑level...
By DataBreaches.net
Blog•Jan 21, 2026
Zoom Fixed Critical Node Multimedia Routers Flaw
Zoom released security patches that fix a critical command‑injection flaw (CVE‑2026‑22844) in its Node Multimedia Routers (MMR). The vulnerability, rated 9.9 on the CVSS scale, could let a meeting participant execute arbitrary code on affected MMRs. Versions prior to 5.2.1716.0...
By Security Affairs
News•Jan 21, 2026
Surveillance and ICE Are Driving Patients Away From Medical Care, Report Warns
A new EPIC report warns that the U.S. health‑privacy crisis is deepening as data brokers sell medical information and ICE agents operate inside hospitals. Outdated privacy statutes and lax enforcement let private firms and government agencies harvest, share, and repurpose...
By WIRED (Security)
Blog•Jan 21, 2026
EnduraData and the Rise of Continuous Replication as a Cyber-Resilience Standard
The episode explains why continuous, delta‑only replication is evolving from a backup shortcut into a core cyber‑resilience control, enabling near‑real‑time data availability across hybrid environments and reducing reliance on fragile, manual recovery steps. It highlights how this approach mitigates both...
By eCommerce Fastlane
News•Jan 21, 2026
Fortinet Admins Report Patched FortiGate Firewalls Getting Hacked
Fortinet’s latest FortiOS releases (7.4.9 and 7.4.10) failed to fully remediate the critical CVE‑2025‑59718 authentication bypass, allowing attackers to create privileged admin accounts via crafted SAML messages. Administrators have reported successful exploits on patched firewalls, prompting Fortinet to announce emergency...
By BleepingComputer
News•Jan 21, 2026
GNU InetUtils Telnetd Flaw Lets Attackers Log In as Root
A critical vulnerability has been discovered in GNU InetUtils telnetd versions 1.9.3 through 2.7 that allows remote attackers to obtain root privileges without a password. The flaw stems from an unsanitized USER environment variable that can inject the "-f root"...
By eSecurity Planet
News•Jan 21, 2026
How to Protect Your Brand From Web Privacy Lawsuits
Retailers are increasingly targeted by web privacy lawsuits, with 43% of recent claims focused on the consumer discretionary sector. Smaller stores under $100 million in revenue account for nearly 60% of filings, often leveraging outdated statutes like California’s 1967 Invasion of...
By Total Retail
Blog•Jan 21, 2026
Advances Post-Quantum PKI: Defining Requirements for Secure X.509 Certificate Transition
The paper outlines a roadmap for transitioning X.509 PKI to post‑quantum cryptography, detailing required changes to certificates, CRLs, and OCSP. It evaluates leading PQ algorithm families—lattice, code, hash, multivariate, and isogeny—against NIST security levels, highlighting Kyber, Dilithium, Falcon, and SPHINCS+...
By Quantum Zeitgeist
News•Jan 21, 2026
Two Unique DHS Cyber Incidents Exposed 1M People’s Data
Within weeks, two state Departments of Human Services suffered separate data breaches, exposing personal information for nearly one million residents. In Illinois, a misconfigured map inadvertently displayed details of about 700,000 individuals, including Medicaid recipients, while Minnesota’s MnCHOICES system was...
By Security Magazine (Cybersecurity)
News•Jan 21, 2026
Professional Crypto Recovery: Essential Steps & Services
A New York Times report highlighted an early Bitcoin investor who lost access to a $220 million stash after forgetting his wallet password, underscoring the high‑stakes nature of self‑custody. The article explains that only when the encrypted wallet file is available can a...
By TechBullion
News•Jan 21, 2026
Oracle WebLogic Proxy Bug Enables Unauthenticated Remote Compromise
Oracle has disclosed CVE‑2026‑21962, a critical flaw in its Fusion Middleware WebLogic proxy plug‑ins that permits unauthenticated attackers to compromise Oracle HTTP Server over HTTP. The vulnerability affects Oracle HTTP Server versions 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0, as well as the...
By eSecurity Planet
News•Jan 21, 2026
CyberNut Closes $5M Growth Capital for K-12 Security Awareness Training
CyberNut, a Miami‑based startup, closed a $5 million minority growth equity round led by Growth Street Partners to scale its K‑12 cybersecurity awareness platform. The company, which emerged from stealth in May 2024 after raising $800,000 in pre‑seed capital, already serves over...
By SecurityWeek
News•Jan 21, 2026
NDSS 2025 – Dissecting Payload-Based Transaction Phishing On Ethereum
The paper presented at NDSS 2025 reveals a new, sophisticated phishing vector on Ethereum called payload‑based transaction phishing (PTXPHISH). Researchers built the first ground‑truth dataset of 5,000 phishing transactions and identified four main tactics across eleven sub‑categories. Their rule‑based detection...
By Security Boulevard
News•Jan 21, 2026
What SaaS Security ROI Looks Like in Practice
AppOmni released an ROI report showing SaaS security delivers tangible operational benefits quickly. Customers reported saving roughly 146 manual hours each month and a 24% reduction in audit findings after gaining visibility. The study found measurable value within two weeks...
By Security Boulevard
Blog•Jan 21, 2026
WISeKey Unveils Space-Based Quantum-Resistant Crypto Transactions at Davos 2026
WISeKey International unveiled SEALCOIN, a space‑based, quantum‑resistant crypto platform, at Davos 2026. The system uses the WISeSat low‑Earth‑orbit constellation to generate cryptographic signatures directly onboard satellites, extending blockchain transactions beyond terrestrial networks. Its native QAIT token will fuel machine‑to‑machine value exchange,...
By Quantum Zeitgeist
News•Jan 21, 2026
Attackers Are Getting Stealthier – How Can Defenders Stay Ahead?
Attackers are abandoning noisy, brute‑force attacks for stealth‑first, multi‑stage malware that can linger for weeks. OPSWAT telemetry shows a 127% rise in malware complexity and an increase from eight to 18 behavioral nodes per sample in six months. Traditional signature‑based...
By TechRadar
News•Jan 21, 2026
Peruvian Loan Scam Harvests Cards and PINs via Fake Applications
A sophisticated loan‑phishing campaign in Peru, uncovered by Group‑IB, uses fake loan applications to harvest valid bank card numbers and six‑digit PINs. The operation impersonates a leading Peruvian bank across 16 dedicated domains and more than 370 related sites, employing...
By Infosecurity Magazine