New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
Ravie LakshmananJan 24, 2026Malware / Critical Infrastructure The Russian nation-state hacking group known as Sandworm has been attributed to what...
Hacking
Category Added in a WPeMatico Campaign
Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents
AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action...
CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog
Ravie LakshmananJan 24, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical...
CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
Ravie LakshmananJan 23, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security...
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
Ravie LakshmananJan 23, 2026Network Security / Vulnerability Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO...
TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order
Ravie LakshmananJan 23, 2026Regulatory Compliance / National Security TikTok on Friday officially announced that it formed a joint venture that...
Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
Ravie LakshmananJan 23, 2026Email Security / Endpoint Security Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages...
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the...
New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack
Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator...
Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access
Ravie LakshmananJan 22, 2026Vulnerability / Linux A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd)...
ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories
Ravie LakshmananJan 22, 2026Cybersecurity / Hacking News Most of this week's threats didn't rely on new tricks. They relied on...
Filling the Most Common Gaps in Google Workspace Security
The Hacker NewsJan 22, 2026Email Security / SaaS Security Security teams at agile, fast-growing companies often have the same mandate:...
Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts
Ravie LakshmananJan 22, 2026Cryptojacking / Malware A new malicious package discovered in the Python Package Index (PyPI) has been found...
SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release
Ravie LakshmananJan 22, 2026Vulnerability / Email Security A new security flaw in SmarterTools SmarterMail email software has come under active...
Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations
Ravie LakshmananJan 22, 2026Network Security / Vulnerability Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious...