News•Jan 7, 2026
NDSS 2025 – A Multifaceted Study On The Use of TLS And Auto-Detect In Email Ecosystems
Researchers from The Chinese University of Hong Kong presented a comprehensive analysis of TLS usage and auto‑detect features across email ecosystems at NDSS 2025. Testing 49 popular email clients revealed multiple vulnerabilities that enable covert security downgrades and credential leakage. An examination of 1,102 academic email setup guides uncovered widespread misconfigurations that steer users toward insecure settings. Server‑side assessments showed inconsistent support for implicit and opportunistic TLS, often with weak certificate practices.
By Security Boulevard
News•Jan 7, 2026
Critical RCE Flaw Allows Full Takeover of N8n AI Workflow Platform
Researchers disclosed a critical unauthenticated remote code execution flaw (CVE‑2026‑21858) in the n8n workflow automation platform. The vulnerability stems from improper Content‑Type validation in the formWebhook function, enabling arbitrary file reads, path traversal, and full system takeover. By stealing configuration...
By CSO Online
News•Jan 7, 2026
Versatile Malware Loader Pkr_mtsi Delivers Diverse Payloads
ReversingLabs identified a Windows packer named pkr_mtsi that serves as a versatile malware loader in large‑scale malvertising and SEO‑poisoning campaigns. First seen in April 2025, it disguises fake installers for popular tools like PuTTY, Rufus and Microsoft Teams, then delivers...
By Infosecurity Magazine
News•Jan 7, 2026
Microsoft: Classic Outlook Bug Prevents Opening Encrypted Emails
Microsoft is investigating a bug in classic Outlook that blocks recipients from opening emails encrypted with the “Encrypt Only” permission after the Current Channel Version 2511 update (Build 19426.20218). Affected users see a message_v2.rpmsg attachment and a credential prompt instead of the email...
By BleepingComputer
News•Jan 7, 2026
Ghost Tap Malware Fuels Surge in Remote NFC Payment Fraud
Group‑IB uncovered a new Android malware family, dubbed Ghost Tap, that enables criminals to perform unauthorized tap‑to‑pay transactions by remotely relaying NFC card data. Over 54 malicious APKs, disguised as legitimate finance apps, are sold on Chinese‑language Telegram channels where...
By Infosecurity Magazine
News•Jan 7, 2026
The Loudest Voices in Security Often Have the Least to Lose
The article argues that the most vocal cybersecurity commentators often lack accountability, leading to hype over substance. It illustrates five harmful personas—panic inducer, hype rider, Chicken Little, pessimist, and dismisser—who prioritize fear, trends, or dismissal instead of evidence‑based solutions. By...
By SecurityWeek
News•Jan 7, 2026
How to Eliminate IT Blind Spots in the Modern, AI-Driven Enterprise
Enterprises that rely heavily on AI and multi‑cloud environments are confronting new security blind spots that stem from dynamic agent behavior, data‑poisoning, and mis‑configurations. Experts advise CSOs to shift from reactive defenses to unified visibility that normalizes telemetry across AI...
By CSO Online
News•Jan 7, 2026
Why Legitimate Bot Traffic Is a Growing Security Blind Spot
Security teams have long focused on blocking malicious bots, but legitimate bots now account for a sizable portion of web traffic, exceeding 50%. Search‑engine crawlers, AI scrapers, and emerging agentic AI interact with applications at scale, creating hidden security, performance,...
By HackRead
News•Jan 7, 2026
Cyberattacks Likely Part of Military Operation in Venezuela
The United States’ Jan. 3 raid that captured Venezuelan President Nicolás Maduro was accompanied by a sudden power and internet outage in Caracas, prompting speculation that U.S. Cyber Command and other agencies deployed offensive cyber capabilities. President Trump hinted at "a...
By Dark Reading
News•Jan 7, 2026
DDoSia Powers Affiliate-Driven Hacktivist Attacks
Pro‑Russian hacktivist group NoName057(16) has been leveraging a volunteer‑distributed DDoS platform called DDoSia to launch coordinated attacks against government, media and institutional websites linked to Ukraine and Western interests. The tool, now modular and cross‑platform, enables participants with minimal technical...
By Dark Reading
News•Jan 7, 2026
Hackers Using Malicious QR Codes for Phishing via HTML Table
Hackers have begun delivering phishing QR codes without images, rendering them as dense HTML tables of colored cells. This “imageless” approach evades traditional image‑analysis scanners that look for bitmap QR patterns. Recipients who scan the codes are directed to credential‑harvesting...
By GBHackers On Security
News•Jan 7, 2026
Critical N8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control
Researchers disclosed CVE‑2026‑21858, a CVSS 10.0 flaw in n8n that lets unauthenticated attackers hijack any instance via a Content‑Type confusion in webhook handling. The vulnerability affects all versions up to 1.65.0 and was patched in version 1.121.0 released November 18, 2025. It joins three...
By The Hacker News
News•Jan 7, 2026
New Veeam Vulnerabilities Expose Backup Servers to RCE Attacks
Veeam announced security updates for its Backup & Replication suite, addressing a critical remote code execution flaw (CVE‑2025‑59470) that impacts version 13.0.1.180 and earlier builds. The patch, delivered in version 13.0.1.1071 on January 6, also resolves two additional high‑ and medium‑severity...
By BleepingComputer
News•Jan 7, 2026
Cybersecurity Firms Secured $14 Billion in Funding in 2025: Analysis
Cybersecurity firms raised nearly $14 billion in 2025 across 392 funding rounds, marking a 47% increase over 2024 and the strongest year since the 2021 $20 billion peak. While seed and Series A deals comprised two‑thirds of the rounds, late‑stage financings delivered half...
By SecurityWeek
News•Jan 7, 2026
Major Data Breach Hits Company Operating 150 Gas Stations in the US
Texas‑based Gulshan Management Services, which operates over 150 Handi Plus and Handi Stop gas stations, disclosed a massive data breach affecting more than 377,000 individuals. Attackers infiltrated an external system between September 17 and September 27, 2025, and the breach was only detected on September 27....
By HackRead
News•Jan 7, 2026
Microsoft Warns of a Surge in Phishing Attacks Exploiting Email Routing Gaps
Microsoft’s Threat Intelligence team reports a sharp rise in phishing campaigns that exploit complex email routing and misconfigured MX, DMARC, and SPF settings. Attackers use these gaps to make malicious messages appear as internal communications, often leveraging phishing‑as‑a‑service platforms such...
By CSO Online
News•Jan 7, 2026
Debian Seeks Volunteers to Rebuild Its Data Protection Team
The Debian Project announced that its Data Protection Team has become inactive after all three members stepped down simultaneously. The responsibilities for handling privacy inquiries, maintaining the public privacy policy, and processing data‑subject requests have temporarily shifted to Project Leader...
By Help Net Security
News•Jan 7, 2026
The Future of Cybersecurity Includes Non-Human Employees
Enterprises are witnessing a surge in non‑human identities (NHIs) such as bots, AI agents, and service accounts, now deemed as critical as human accounts—51% of respondents in ConductorOne's 2025 report affirm this shift. These machine identities often operate with standing,...
By The Hacker News
News•Jan 7, 2026
WWT Introduces ARMOR, a Vendor-Agnostic Framework for Secure AI Readiness
World Wide Technology (WWT) unveiled ARMOR, a vendor‑agnostic AI Readiness Model for Operational Resilience built with NVIDIA. The framework spans six security domains—from governance and risk to model, infrastructure, operations, SDLC, and data protection—providing end‑to‑end guidance across cloud and on‑prem...
By Help Net Security
News•Jan 7, 2026
Unpatched TOTOLINK EX200 Flaw Enables Root-Level Telnet Access, CERT/CC Warns
On Jan 6 2026, CERT/CC disclosed CVE‑2025‑65606 affecting the TOTOLINK EX200 range extender. An authenticated attacker can upload a malformed firmware file that forces the device into an error state, automatically launching an unauthenticated root‑level telnet service. The telnet console provides full...
By The Cyber Express
News•Jan 7, 2026
Google Cloud Service Exploited in New Phishing Campaign
Check Point researchers uncovered a phishing campaign that abuses Google Cloud Application Integration’s “Send Email” task to dispatch malicious messages from trusted Google infrastructure. In a two‑week window the attackers sent 9,394 phishing emails targeting roughly 3,200 organizations, primarily in...
By Security Magazine (Cybersecurity)
News•Jan 7, 2026
Hexnode XDR Unifies Detection, Investigation, and Response in One Platform
Hexnode has introduced Hexnode XDR, an extended detection and response platform that consolidates threat detection, investigation, and remediation into a single interface. The solution embeds a unified dashboard, real‑time correlation, contextual alerts and one‑click remediation, and it integrates tightly with...
By Help Net Security
News•Jan 7, 2026
Keysight Empowers Engineering Teams to Build Trustworthy AI Systems
Keysight Technologies launched the AI Software Integrity Builder, a lifecycle‑based platform that unifies dataset analysis, model validation, and inference testing for AI systems. The tool is aimed at safety‑critical domains such as automotive, helping engineers demonstrate transparency, reliability, and regulatory...
By Help Net Security
News•Jan 7, 2026
8 Things CISOs Can’t Afford to Get Wrong in 2026
CISOs face a rapidly evolving threat landscape in 2026, from AI‑driven identity attacks and complex supply‑chain vulnerabilities to heightened geopolitical cyber aggression. Missteps in AI agent governance, cloud security, and compliance can trigger costly breaches, while human error continues to...
By CSO Online
News•Jan 7, 2026
When AI Agents Interact, Risk Can Emerge without Warning
New research from the Fraunhofer Institute shows that interactions among AI agents can generate systemic risks even when each agent follows its own design parameters. The study identifies feedback loops, shared signals, and coordination patterns as mechanisms that produce emergent...
By Help Net Security
News•Jan 7, 2026
What European Security Teams Are Struggling to Operationalize
Kiteworks’ 2026 forecast reveals European security and compliance teams have robust regulatory policies but weak operational execution. AI‑specific incident response, software‑supply‑chain visibility, third‑party coordination, and compliance automation all lag global averages. Adoption rates for AI anomaly detection, SBOM management, and...
By Help Net Security
.jpg?height=635&t=1767627040&width=1200)
News•Jan 7, 2026
The AI Powered Classroom Network of the Future: Because Hackers Never Take Recess
Schools are rapidly adopting AI-driven learning tools, but these applications demand high‑bandwidth, low‑latency connectivity that legacy networks cannot provide. Modernizing the campus network—both wired and wireless—is essential to sustain real‑time AI services, protect student data, and prevent ransomware disruptions. Integrated...
By Security Magazine (Cybersecurity)
News•Jan 7, 2026
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
A critical remote code execution flaw (CVE‑2026‑0625) has been discovered in legacy D‑Link DSL routers, exploiting the dnscfg.cgi endpoint via command injection. The vulnerability carries a CVSS score of 9.3 and is actively being leveraged in the wild, with attacks...
By The Hacker News
News•Jan 6, 2026
HIPAA Compliance and Breach Communications: Helpful Tips for SMBs
North Country Communications launched a consultancy on Dec. 15 to help small and mid‑size HIPAA‑regulated entities meet privacy, security, and breach‑notification requirements. The firm offers granular, on‑site or virtual assessments that cover risk analyses, vendor contracts, website security, and state law...
By DataBreaches.net
News•Jan 6, 2026
Founder of Spyware Maker pcTattletale Pleads Guilty to Hacking and Advertising Surveillance Software
Bryan Fleming, founder of the U.S. spyware firm pcTattletale, entered a guilty plea in San Diego federal court to charges of computer hacking, illegal sale and advertising of surveillance software, and conspiracy. The case represents the first successful U.S. federal...
By TechCrunch (Cybersecurity)
News•Jan 6, 2026
Desjardins Data Breach: Quebec Suspect Arrested in Spain
Quebec police announced the arrest of Juan Pablo Serrano, a Canadian fugitive linked to the multimillion‑dollar Desjardins data breach, in Spain on November 6, 2025. Serrano faces charges of fraud, identity theft and trafficking in personal information, and will be extradited to Canada...
By DataBreaches.net
News•Jan 6, 2026
Flare Researchers Analyze SafePay Ransomware Leak Data
Flare’s research reveals SafePay ransomware’s rapid rise in 2024‑25, focusing on small and mid‑size businesses (SMBs) through a classic double‑extortion model. By publishing over 500 victim records on Tor leak sites, the group pressures targets with regulatory, legal and reputational...
By eSecurity Planet
News•Jan 6, 2026
Hacktivist Exposes and Deletes White Supremacist Websites Live at Conference
At the Chaos Communication Congress in Hamburg, hacktivist Martha Root publicly deleted three white‑supremacist sites—WhiteDate, WhiteChild and WhiteDeal—while the audience cheered. The live takedown was accompanied by the release of data on more than 6,000 users from the dating platform,...
By The Cyber Express
News•Jan 6, 2026
WordPress Admins Targeted by Renewal Email Phishing Scam
A sophisticated phishing campaign is targeting WordPress administrators with fake domain renewal emails. The emails direct victims to a counterfeit WordPress payment portal that harvests credit‑card details and 3‑D Secure one‑time passwords. Stolen data is immediately relayed to attacker‑controlled Telegram...
By eSecurity Planet
News•Jan 6, 2026
A Hacker, Known as Martha Root, Takes Down a White Supremacist Dating Site Live
At the Chaos Communication Congress, German hacker known as “Martha Root” publicly dismantled a white‑supremacist dating website. Dressed as a pink Power Ranger, she demonstrated live how she had breached the platform, downloaded every user profile, and ran an AI...
By DataBreaches.net
News•Jan 6, 2026
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats From 900,000 Users
Security researchers have identified two malicious Chrome extensions—"Chat GPT for Chrome with GPT‑5, Claude Sonnet & DeepSeek AI" and "AI Sidebar with Deepseek, ChatGPT, Claude, and more"—that together have been installed by roughly 900,000 users. The extensions harvest OpenAI ChatGPT...
By The Hacker News
News•Jan 6, 2026
MacOS Flaw Enables Silent Bypass of Apple Privacy Controls
A newly disclosed macOS vulnerability (CVE-2025-43530) lets attackers silently bypass the Transparency, Consent, and Control (TCC) privacy framework by exploiting trusted VoiceOver services. The flaw combines a lax file‑based validation of Apple‑signed binaries with a TOCTOU race condition, enabling arbitrary...
By eSecurity Planet
News•Jan 6, 2026
High-Severity Flaw in Open WebUI Affects AI Connections
A high‑severity vulnerability (CVE‑2025‑64496) was found in Open WebUI versions 0.6.34 and earlier when the Direct Connections feature is enabled. The flaw lets a malicious AI endpoint send crafted server‑sent events that execute JavaScript in the user’s browser, stealing localStorage tokens and...
By Infosecurity Magazine
News•Jan 6, 2026
What Is a Proxy Server? A Complete Guide to Types, Uses, and Benefits
A proxy server acts as an intermediary between client devices and the Internet, forwarding requests, filtering data, and returning responses. The guide distinguishes forward proxies, which protect users by masking IPs, enforcing policies, caching content, and inspecting traffic, from reverse...
By The Cyber Express
News•Jan 6, 2026
How to Avoid Phishing Incidents in 2026: A CISO Guide
By 2026 phishing emails will mimic legitimate messages, evading traditional filters. CISOs are turning to behavior‑based sandbox analysis to see the full attack chain within seconds, dramatically cutting verdict times. Automated interactivity and real‑time threat context enable faster, more accurate...
By HackRead
News•Jan 6, 2026
What Is Identity Dark Matter?
Identity dark matter describes the growing pool of unmanaged human and non‑human identities spread across SaaS, IaaS, on‑prem and shadow applications. Traditional IAM and IGA tools only cover the managed half, leaving bots, service accounts and orphaned users invisible. This...
By The Hacker News
News•Jan 6, 2026
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
AI‑powered forks of Microsoft VS Code such as Cursor, Windsurf, Google Antigravity and Trae have been found recommending extensions that do not exist in the Open VSX registry. Because the extension names are unclaimed, threat actors can publish malicious packages under those...
By The Hacker News
News•Jan 6, 2026
Open WebUI Bug Turns the ‘Free Model’ Into an Enterprise Backdoor
Security researchers have uncovered a high‑severity vulnerability (CVE‑2025‑64496) in Open WebUI, a self‑hosted interface for large language models. The flaw resides in the Direct Connections feature, where unsafe handling of server‑sent events lets a malicious model server inject JavaScript that...
By CSO Online
News•Jan 6, 2026
Jaguar Land Rover's Q3 Sales Crash Amid Cyber-Attack Fallout
Jaguar Land Rover reported a sharp sales decline in Q3 2025 after a late‑August cyber‑attack crippled its factories. Retail volumes fell 25.1% year‑on‑year to 79,600 vehicles, while wholesale shipments plunged 43% to 59,200 units. Production stoppages in September and lingering...
By Infosecurity Magazine
News•Jan 6, 2026
Critical N8n Vulnerability Allows Arbitrary Command Execution (CVE-2025-68668)
A critical vulnerability (CVE‑2025‑68668) in n8n’s Python Code Node lets authenticated users bypass the sandbox and execute arbitrary system commands. The flaw affects all n8n versions from 1.0.0 up to, but not including, 2.0.0 and carries a CVSS score of...
By The Cyber Express
News•Jan 6, 2026
Connex IT Partners with AccuKnox for Zero Trust CNAPP Security in Southeast Asia
AccuKnox has named Connex Information Technologies as its authorized distribution partner for Zero Trust CNAPP solutions across South and Southeast Asia. Connex, operating in 14 countries with a network of over 1,500 channel partners, will drive localized deployment, partner enablement...
By HackRead
News•Jan 6, 2026
6 Strategies for Building a High-Performance Cybersecurity Team
Veteran security leaders outline six strategies to transform cybersecurity groups from collections of high‑performing individuals into cohesive, high‑performing teams. The approach emphasizes hiring a blend of ambitious innovators and reliable "rock stars," while also seeking diverse backgrounds for broader perspective....
By CSO Online
News•Jan 6, 2026
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
A critical path‑traversal flaw (CVE‑2026‑21440) in the @adonisjs/bodyparser npm package received a CVSS score of 9.2, allowing remote attackers to write arbitrary files when MultipartFile.move() is called without proper sanitization. The vulnerability affects versions up to 10.1.1 and 11.0.0‑next.5 and...
By The Hacker News
_designer491_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
News•Jan 5, 2026
Startup Trends Shaking Up Browsers, SOC Automation, AppSec
Startups are reshaping cybersecurity by turning browsers into the new endpoint, leveraging Chrome’s Manifest V3 extensions for Browser Detection and Response, and applying large‑language models to AppSec and SOC automation. MV3‑based extensions from SquareX, Keep Aware and LayerX give real‑time...
By Dark Reading
News•Jan 5, 2026
Advisor360 Gets a Handle on Shadow AI via Automation
Advisor360, a wealth‑management platform, faced uncontrolled shadow AI use as employees adopted free AI tools, creating security blind spots. Its small security operations center struggled to manually vet tools, taking days to assess risk. In 2024 the firm partnered with...
By Dark Reading