Web3 Dev Environments Hit by Fake Interview Software Scam
Web3 developers are being targeted by a new inbound scam where attackers pose as legitimate hiring firms on sites like youbuidl.dev. They lure candidates with senior‑level job postings and then require the download of a fake interview or coding‑test application. The software acts as a remote‑access tool, exposing wallets, API keys, and production credentials stored on the developer’s machine. Compromise of a single workstation can lead to theft of personal crypto assets and broader breaches of blockchain infrastructure.
Another Plastic Surgery Practice Fell Prey to a Cyberattack with Extortion Attempt
Patients of Manhattan plastic surgeon Dr. Richard Swift discovered that a malware attack last year exposed nude photographs, Social Security numbers, and medical records of at least 22 clients. The data appeared on a Russian‑hosted leak site, and the attackers...
Second NZ Health Provider, Canopy Health, Reveals Cyberattack
Canopy Health, New Zealand's largest private oncology provider, disclosed a cyberattack that occurred on 18 July 2025 but only notified patients and the public six months later. The breach involved unauthorized access to an administrative server, with forensic experts indicating that data...
CrazyHunter Ransomware Escalates with Advanced Intrusion Tactics, Six Taiwan Healthcare Victims Confirmed
CrazyHunter ransomware has rapidly evolved, employing multi‑vector intrusion tactics that bypass traditional defenses. Trellix’s research confirms six Taiwanese healthcare organizations have been breached, exposing patient data and operational systems. The group now combines encryption with data exfiltration, demanding double‑extortion payments....
India Remains Top Target for Mobile Attacks as Threats Surge 38%
India has become the world’s leading target for mobile cyber‑attacks, recording a 38% year‑over‑year surge and now representing 26% of global mobile malware traffic. Zscaler’s ThreatLabz report identified 239 malicious Android apps downloaded 42 million times, with retail and hospitality sectors...
Unlock Remote Work’s GRC Impact: Challenges to Opportunities
Remote work has become a permanent fixture, forcing organizations to overhaul traditional governance, risk, and compliance (GRC) frameworks. Distributed workforces increase cyber‑risk exposure, fragment data environments, and create overlapping regulatory obligations across jurisdictions. Companies are turning to centralized GRC platforms,...
PoC Released for Atarim Plugin Auth Bypass Vulnerability
A proof‑of‑concept for CVE‑2025‑60188 reveals a critical authentication bypass in the Atarim WordPress plugin. The flaw stems from using the publicly exposed site_id as the HMAC‑SHA256 secret, allowing attackers to forge valid admin requests. Exploit code published by researcher m4sh‑wacker...
Turkish Security Researcher Gets Nod From NASA Over Vulnerability Discoveries
Turkish researcher Hasan İsmail Gülkaya identified four security flaws in NASA’s systems and reported them through the agency’s Vulnerability Disclosure Program. NASA promptly patched the issues and sent the researcher a formal thank‑you letter, highlighting the success of its responsible‑disclosure framework. Industry...
Iran-Linked MuddyWater APT Deploys Rust-Based Implant in Latest Campaign
Iran‑linked APT MuddyWater has launched a new espionage campaign using a Rust‑based implant named RustyWater. The group delivered the malware through spear‑phishing emails that contain ZIP archives with decoy PDFs and executable files masquerading as PDFs. RustyWater replaces the group’s...
Debian 13.3 Is Now Available with Targeted Corrections, Updates
Debian 13.3, the third point release for the stable “trixie” branch, is now available. It bundles over one hundred package adjustments and multiple security patches, covering core services such as Apache HTTP Server, GNOME components, and container tools. Existing Debian...
Operation Cronos Leader Gets Nod From King Charles
British law enforcement officer Gavin Webb received an OBE from King Charles for his leadership of Operation Cronos. The National Crime Agency‑led operation seized LockBit ransomware’s infrastructure, source code and decryption keys, crippling a gang that accounted for roughly 25%...
Anthropic Brings Claude to Healthcare with HIPAA-Ready Enterprise Tools
Anthropic announced that its Claude large‑language model is now HIPAA‑ready and equipped with enterprise tools for the health‑care sector. The company is testing connectors that link Claude to the CMS Coverage Database, enabling automated Medicare eligibility checks and prior‑authorization support....
The Identity Theft Risk Profile of NBA and NFL Draft Prospects
A SentiLink analysis of NBA (2020‑2024) and NFL (2020‑2024) draft lists reveals that roughly 10% of listed prospects experience high‑risk identity‑theft applications, climbing to over 20% for NBA identities with active applications and nearly 15% for NFL prospects. These rates...
Kyowon Group Confirms Cyberattack as Multiple Systems Go Offline
Kyowon Group disclosed a cyberattack that began on the morning of Jan 10, prompting the company to isolate affected systems and shut down parts of its internal network. The breach forced the main website and several affiliate sites offline, with service...
Rethinking OT Security for Project Heavy Shipyards
Hans Quivooij, CISO of Damen Shipyards, explains how the project‑driven, contractor‑heavy nature of modern shipyards expands the OT threat surface and renders traditional perimeter security ineffective. He advocates passive network monitoring and strict segmentation to gain visibility into legacy PLCs...
PfSense: Open-Source Firewall and Routing Platform
pfSense Community Edition (CE) is a free, open‑source firewall and routing platform that runs on standard x86 hardware, virtual machines, and select embedded devices. It offers stateful firewalling, IPv4/IPv6 support, VLAN tagging, and multi‑WAN capabilities through an intuitive web interface....
What Security Teams Can Learn From Torrent Metadata
A new research paper demonstrates how open‑source intelligence can turn public torrent metadata into actionable threat intelligence. By harvesting file descriptors, tracker‑provided peer lists and enriching over 60,000 IP addresses with geolocation, ISP and VPN indicators, the authors built network...
EU’s Chat Control Could Put Government Monitoring Inside Robots
EU’s proposed Chat Control regulation, originally targeting online child sexual abuse, now extends to robots that facilitate interpersonal communication. By defining any interactive service as a communication service, the law obliges robot providers to conduct risk assessments and potentially embed...
Hackers Accessed University of Hawaii Cancer Center Patient Data; They Weren’t Immediately Notified
Hackers infiltrated the University of Hawaiʻi Cancer Center’s servers in August, exfiltrating participants' Social Security numbers and other personal data. The university delayed reporting the ransomware attack to the state legislature until December, missing the statutory 20‑day notification window. UH...
NDSS 2025 – EMIRIS: Eavesdropping On Iris Information Via Electromagnetic Side Channel
Researchers at Shandong University presented EMIRIS at NDSS 2025, demonstrating that electromagnetic emissions from near‑infrared iris sensors can be captured and used to reconstruct iris patterns. By reverse‑engineering the sensor’s data transmission format and applying a diffusion‑based inverse‑problem solver, the...
California Bans Data Broker Reselling Health Data of Millions
California's Privacy Protection Agency fined data‑broker Datamasters $45,000 and barred it from selling Californians' personal health information after it failed to register under the California Delete Act. The agency also ordered the firm to delete millions of records by the...
AI Agents and the Data Lake (W/ Lauren Anderson)
In this episode, Tristan Handy talks with Lauren Anderson, head of Okta's enterprise data platform, about how identity underpins the emerging challenges of AI agents and open data lakes. Lauren explains the need for central governance and a shared semantic...
Europol Raids Disrupt Black Axe Cybercrime Ring in Spain
International law enforcement, led by Spain’s National Police, German authorities, and Europol, raided Black Axe cells in Spain, arresting 34 suspects across Seville, Madrid, Málaga and Barcelona. The criminal syndicate, originating in Nigeria with about 30,000 members, is responsible for...
Most Popular Cybersecurity Blogs From 2025
Dan Lohrmann’s January 2026 roundup lists the ten most‑viewed cybersecurity blogs of 2025, featuring stories on state bans of human microchip implants, humanoid robots, AI‑driven human verification, federal employee resilience, government cloud security, AI career impacts, and nation‑state threat assessments. The data...
Week in Review: PoC for Trend Micro Apex Central RCE Released, Patch Tuesday Forecast
The week’s security roundup highlighted a critical proof‑of‑concept for an unauthenticated remote‑code execution flaw in Trend Micro Apex Central (CVE‑2025‑69258) and a newly disclosed exploit of HPE OneView (CVE‑2025‑37164). The UK government unveiled a £210 million Cyber Action Plan to harden public‑service...
Database of 323,986 BreachForums Users Leaked as Admin Disputes Scope
On January 9 2026 a database containing 323,986 BreachForums user records was posted on the ShinyHunters site. The dump includes MySQL metadata, email addresses, display names, Argon2i password hashes and links to external accounts such as Telegram. BreachForums administrators claim the data...
Massive Instagram Data Breach Exposes Personal Details of 17.5 Million Users
A dark‑web marketplace is selling personal data from 17.5 million Instagram accounts, marking one of the largest social‑media breaches to date. Malwarebytes first reported the leak on X, confirming that usernames, email addresses, phone numbers and partial location data are being...
Security News This Week: ICE Can Now Spy on Every Phone in Your Neighborhood
This week’s security roundup highlighted ICE’s deployment of Penlink’s Tangles and Webloc tools, enabling block‑level phone tracking across neighborhoods. Meanwhile, xAI’s Grok chatbot drew criticism for generating graphic sexual imagery, prompting X to restrict access to verified users. Iran imposed...
What Is Application Security Testing? Detail Explanation
Application security testing (AST) is a set of processes and tools that identify vulnerabilities throughout the software development lifecycle, enabling organizations to shift security left and remediate issues before deployment. The global AST market now exceeds $33 billion, reflecting the critical...
Ireland Recalls Almost 13,000 Passports over Missing 'IRL' Code
Ireland's Department of Foreign Affairs has recalled nearly 13,000 passports after a software update omitted the mandatory "IRL" issuing‑state code in the machine‑readable zone. The defect affects passports issued between 23 December 2025 and 6 January 2026, potentially causing eGate and border‑control rejections worldwide....
Cybercriminals Exploit Maduro Arrest News to Spread Backdoor Malware
Cybercriminals are exploiting news of Venezuelan President Nicolás Maduro’s alleged arrest to distribute a backdoor malware via spear‑phishing ZIP attachments. The ZIP contains a weaponized KuGou executable that loads a malicious DLL through DLL search‑order hijacking, creates a hidden Technology360NB...
Microsoft May Soon Allow IT Admins to Uninstall Copilot
Microsoft is testing a new RemoveMicrosoftCopilotApp policy that lets IT administrators uninstall the AI‑powered Copilot app from managed Windows 11 devices. The policy rolls out to Dev and Beta Insider channels on build 26220.7535 and works with Intune or SCCM. It targets...
Why AI-Powered Cyber Defense Is No Longer Optional for Modern Businesses
AI-driven cyber defense has shifted from optional to essential as threats become faster, more sophisticated, and harder to detect with legacy tools. Machine‑learning models analyze massive network and user‑behavior data in real time, flagging anomalies and enabling automated response. Companies...
Top 10 Privileged Access Management Solutions for 2026
Privileged Access Management has shifted from a compliance checkbox to a critical security control as organizations adopt hybrid cloud, SaaS, DevOps pipelines, and AI agents. The 2026 guide evaluates ten leading PAM vendors, highlighting capabilities such as Zero Standing Privileges,...
AI Deployments Targeted in 91,000+ Attack Sessions
Researchers observed more than 91,000 attack sessions targeting AI infrastructure over a four‑month window, highlighting a shift from experimental probing to systematic exploitation. The first campaign leveraged server‑side request forgery against Ollama and Twilio webhooks, using a uniform JA4H TLS...
Tonic.ai Product Updates: January 2026
Tonic.ai’s January 2026 release adds Guided Redaction in Textual, a beta human‑in‑the‑loop workflow that couples AI detection with manual review for high‑risk data. The platform also expands model‑based custom entity types, letting users train detectors for niche business vocabularies. A...
Use of XMRig Cryptominer by Threat Actors Expanding: Expel
XMRig, an open‑source Monero miner, is increasingly weaponized by threat actors across Windows, Linux, Kubernetes and AWS environments. Recent campaigns have leveraged the high‑severity React2Shell exploit and UPX‑packed binaries to spread the miner via game torrents and commodity malware. Expel’s...
Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records
A hacker using the alias “Lovely” is now offering nearly 40 million Condé Nast user records for sale, expanding on a prior leak of 2.3 million Wired.com accounts. The alleged dataset spans dozens of Condé Nast‑owned sites, including high‑traffic titles such as Vanity Fair,...
Tim Kosiba Named NSA Deputy Director
Timothy Kosiba has been appointed the National Security Agency’s 21st Deputy Director, a role confirmed by President Donald J. Trump after designation by Secretary of War Pete Hegseth and DNI Tulsi Gabbard. Kosiba returns as the agency’s most senior civilian...
OWASP CRS Flaw Lets Encoded Attacks Slip Past WAFs
A critical vulnerability (CVE-2026-21876) in the OWASP Core Rule Set lets attackers bypass charset validation, enabling encoded XSS payloads to slip past web application firewalls. The flaw resides in rule 922110, which only inspects the final part of multipart requests,...
FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes
The FBI has warned that North Korean APT group Kimsuky is deploying a new spear‑phishing technique called quishing, which embeds malicious QR codes in email attachments. Scanning the QR code redirects victims to mobile‑optimized phishing pages that harvest device data...
INFORM 2026: MITRE’s Updated Threat-Informed Defense Maturity Model Explained
MITRE’s Center for Threat‑Informed Defense released a major update to its INFORM maturity model, incorporating two years of field feedback and new partner input. The revision introduces revamped assessment questions, a timeliness factor, and an impact‑vs‑complexity recommendation matrix. INFORM now...
Illinois Man Charged with Hacking Snapchat Accounts to Steal Nude Photos
Illinois prosecutors have charged 26‑year‑old Kyle Svara with a large‑scale phishing scheme that compromised roughly 570 Snapchat accounts, stealing private photos from nearly 600 women. Between May 2020 and February 2021 he impersonated Snap representatives, texting over 4,500 targets to obtain access...
European Commission Opens Consultation on EU Digital Ecosystems
The European Commission has launched a public consultation on open digital ecosystems, running from 6 January to 3 February 2026, to gather evidence for a forthcoming Communication due in Q1 2026. The call highlights that 70‑90 % of software code in EU digital systems relies...
Data Governance in Banking, Financial and Insurance Industry
The BFSI sector faces mounting regulatory pressure, prompting banks, insurers and financial firms to adopt rigorous data‑governance frameworks. Robust policies, access controls and quality standards protect customer data, reduce fraud risk, and enable faster, more accurate decision‑making. Vendors such as...
Europol Leads Global Crackdown on Black Axe Cybercrime Gang, 34 Arrested
Europol coordinated a multi‑national operation that led to the arrest of 34 members of the Black Axe cyber‑crime gang across Spain and Germany. Spanish police detained suspects in Seville, Madrid, Málaga and Barcelona, while German authorities assisted in the raids....
Fog Ransomware Targets U.S. Organizations via Compromised VPN Credentials
Arctic Wolf Labs identified a new ransomware variant called Fog targeting U.S. organizations, primarily in education (80%) and recreation (20%) sectors. The attackers gained entry through compromised VPN credentials from two vendors and quickly escalated privileges using pass‑the‑hash, PsExec, and credential‑stuffing...
World Economic Forum: Deepfake Face-Swapping Tools Are Creating Critical Security Risks
The World Economic Forum’s Cybercrime Atlas report warns that advanced deep‑fake face‑swapping tools are now capable of bypassing know‑your‑customer (KYC) and remote verification processes. Researchers examined 17 commercial face‑swap applications and eight camera‑injection tools, finding that low‑latency, high‑fidelity swaps can...
Illinois Man Charged in Snapchat Hacking Investigation
Illinois resident Kyle Svara was indicted in Boston federal court for phishing Snapchat access codes from roughly 570 women, accessing at least 59 accounts, and stealing nude images. He allegedly sold or traded the illicit content on internet forums. The...