VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code
The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person...
Hacking
Category Added in a WPeMatico Campaign
LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords
Ravie LakshmananJan 21, 2026Email Security / Malware LastPass is alerting users to a new active phishing campaign that's impersonating the...
CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution
Ravie LakshmananJan 21, 2026Open Source / Vulnerability A security vulnerability has been disclosed in the popular binary-parser npm library that,...
North Korea-Linked Hackers Target Developers via Malicious VS Code Projects
The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio...
Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
Ravie LakshmananJan 20, 2026Vulnerability / Artificial Intelligence A set of three security vulnerabilities has been disclosed in mcp-server-git, the official...
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Ravie LakshmananJan 20, 2026Malware / Threat Intelligence Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private...
The Hidden Risk of Orphan Accounts
The Hacker NewsJan 20, 2026Enterprise Security / AI Security The Problem: The Identities Left Behind As organizations grow and evolve,...
Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
Ravie LakshmananJan 20, 2026Cloud Security / Developer Security Cybersecurity researchers have disclosed details of a malware campaign that's targeting software...
Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers
Ravie LakshmananJan 20, 2026Web Security / Vulnerability Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME)...
Why Secrets in JavaScript Bundles are Still Being Missed
Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being...
Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion
Ravie LakshmananJan 20, 2026Cryptocurrency / Artificial Intelligence A Telegram-based guarantee marketplace known for advertising a broad range of illicit services...
