ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories
Ravie LakshmananJan 22, 2026Cybersecurity / Hacking News Most of this week's threats didn't rely on new tricks. They relied on...
Hacking
Category Added in a WPeMatico Campaign
Filling the Most Common Gaps in Google Workspace Security
The Hacker NewsJan 22, 2026Email Security / SaaS Security Security teams at agile, fast-growing companies often have the same mandate:...
Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts
Ravie LakshmananJan 22, 2026Cryptojacking / Malware A new malicious package discovered in the Python Package Index (PyPI) has been found...
SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release
Ravie LakshmananJan 22, 2026Vulnerability / Email Security A new security flaw in SmarterTools SmarterMail email software has come under active...
Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations
Ravie LakshmananJan 22, 2026Network Security / Vulnerability Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious...
Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex
Ravie LakshmananJan 22, 2026Vulnerability / Zero-Day Cisco has released fresh patches to address what it described as a "critical" security...
North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews
As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with...
Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws
Ravie LakshmananJan 21, 2026Vulnerability / Network Security Zoom and GitLab have released security updates to resolve a number of security...
Webinar: How Smart MSSPs Using AI to Boost Margins with Half the Staff
The Hacker NewsJan 21, 2026Artificial Intelligence / Automation Every managed security provider is chasing the same problem in 2026 —...
Exposure Assessment Platforms Signal a Shift in Focus
Gartner® doesn't create new categories lightly. Generally speaking, a new acronym only emerges when the industry's collective "to-do list" has...
Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs
Ravie LakshmananJan 21, 2026Vulnerability / Artificial Intelligence Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit...
VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code
The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person...
LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords
Ravie LakshmananJan 21, 2026Email Security / Malware LastPass is alerting users to a new active phishing campaign that's impersonating the...
CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution
Ravie LakshmananJan 21, 2026Open Source / Vulnerability A security vulnerability has been disclosed in the popular binary-parser npm library that,...
North Korea-Linked Hackers Target Developers via Malicious VS Code Projects
The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio...
