PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun
PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun Pierluigi Paganini January 28, 2026 Koi researchers found...
January
Microsoft Office vulnerability (CVE-2026-21509) in active exploitation
On January 26, 2026, Microsoft released an out-of-band update to address a high-severity (CVSS score of 7.8) vulnerability affecting multiple...
Dormakaba flaws allow to access major organizations’ doors
Dormakaba flaws allow to access major organizations’ doors Pierluigi Paganini January 27, 2026 Researchers found over 20 flaws in Dormakaba...
Weekly Update 488
27 January 2026 It's the discussion about the reaction of some people in the UK regarding their impending social media...
Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities
January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity advisories exposing...
Emergency Microsoft update fixes in-the-wild Office zero-day
Emergency Microsoft update fixes in-the-wild Office zero-day Pierluigi Paganini January 26, 2026 Microsoft issued emergency updates to fix an actively...
Microsoft releases second out-of-band fix for Windows in a week
Outlook users have reported difficulties with Microsoft’s January Patch Tuesday updates, forcing Microsoft, once again, to patch some of its...
11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)
11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061) Pierluigi Paganini January 24, 2026 Critical telnetd flaw CVE-2026-24061 (CVSS 9.8)...
Critical SmarterMail vulnerability under attack, no CVE yet
Critical SmarterMail vulnerability under attack, no CVE yet Pierluigi Paganini January 22, 2026 A SmarterMail flaw (WT-2026-0001) is under active...
Halo Security Achieves SOC 2 Type II Compliance, Demonstrating Sustained Security Excellence Over Time
Miami, Florida, January 22nd, 2026, CyberNewsWire Halo Security, a leading provider of external attack surface management and penetration testing services,...
Zoom fixed critical Node Multimedia Routers flaw
Zoom fixed critical Node Multimedia Routers flaw Pierluigi Paganini January 21, 2026 Zoom addressed a critical security vulnerability, tracked as...
New Research Exposes Critical Gap: 64% of Third-Party Applications Access Sensitive Data Without Authorization
Boston, MA, USA, January 21st, 2026, CyberNewsWire Reflectiz today announced the release of its 2026 State of Web Exposure Research,...
Crooks impersonate LastPass in campaign to harvest master passwords
Crooks impersonate LastPass in campaign to harvest master passwords Pierluigi Paganini January 21, 2026 Password manager LastPass warns of an...
PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion
PDFSIDER Malware – Exploitation of DLL Side-Loading for AV and EDR Evasion Pierluigi Paganini January 20, 2026 Threat actors use...
Airlock Digital Announces Independent TEI Study Quantifying Measurable ROI & Security Impact
Atlanta, GA, United States, January 20th, 2026, CyberNewsWire Airlock Digital, a leader in proactive application control and endpoint security, announced...
