Misconfigured email routing enables internal-spoofed phishing
Misconfigured email routing enables internal-spoofed phishing Pierluigi Paganini January 07, 2026 Attackers exploit misconfigured email routing to spoof internal emails,...
Security
Randall Munroe’s XKCD ‘Fishing’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security...
Why AI Changes the Risk Model for Application Security
As AI becomes embedded in everyday development workflows, the security model for applications is shifting fast — and not...
Critical macOS Flaw Lets Attackers Bypass Apple Privacy Controls Without Consent
Image: towfiqu_barbhuyia/Envato A newly disclosed macOS vulnerability allows attackers to silently access sensitive user data, bypassing Apple’s privacy controls without...
Veeam resolves CVSS 9.0 RCE flaw and other security issues
Veeam resolves CVSS 9.0 RCE flaw and other security issues Pierluigi Paganini January 07, 2026 Veeam patched a critical RCE...
Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers
Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers Pierluigi Paganini January 07, 2026 Attackers are exploiting a...
Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector
Fake Booking.com lures and BSoD scams spread DCRat in European hospitality sector Pierluigi Paganini January 07, 2026 PHALT#BLYX targets European...
The Future of Cybersecurity Includes Non-Human Employees
Jan 07, 2026The Hacker NewsEnterprise Security / Artificial Intelligence Non-human employees are becoming the future of cybersecurity, and enterprises need...
Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication
Jan 07, 2026Ravie LakshmananVulnerability / Enterprise Security Veeam has released security updates to address multiple flaws in its Backup &...
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Jan 07, 2026Ravie LakshmananEmail Security / Financial Fraud Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured...
Apple Rolls Out iOS 26.3 Security Test to Beta Users
Image: Unsplash Apple has quietly launched a security testing system that could transform how iPhones receive critical updates. The tech...
The Shift Left of Boom: Making Cyberthreat Prevention Practical Again
The old saying ‘prevention is better than cure’ has lost value in today’s cybersecurity industry. Instead, security teams are advised to assume that the...
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
Jan 07, 2026Ravie LakshmananNetwork Security / Vulnerability A newly discovered critical security flaw in legacy D-Link DSL gateway routers has...
Algorithmic Agility in MCP Server-Client Cryptographic Negotiation
The need for Agility in mcp ecosystems Ever wonder why we're still using security tech from the 90s to...
CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200
CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200 Pierluigi Paganini January 06, 2026 CERT/CC disclosed an unpatched flaw in...
