11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)
11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061) Pierluigi Paganini January 24, 2026 Critical telnetd flaw CVE-2026-24061 (CVSS 9.8)...
Security
Fortinet warns of active FortiCloud SSO bypass affecting updated devices
Fortinet warns of active FortiCloud SSO bypass affecting updated devices Pierluigi Paganini January 23, 2026 Fortinet confirmed attacks are bypassing...
Data Leak Exposes 149M Logins, Including Gmail, Facebook
Image: GoldenDayz/Envato Jeremiah Fowler, a veteran security researcher, recently stumbled upon 149,404,754 unique logins and passwords, totaling about 96GB of...
Randall Munroe’s XKCD ‘Truly Universal Outlet’
via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink *** This is a Security Bloggers...
CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
Ravie LakshmananJan 23, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security...
Okta Uncovers Custom Phishing Kits Built for Vishing Callers
Image: Unsplash Phone scammers have achieved an unwelcome breakthrough, combining traditional phishing websites with real-time voice manipulation in ways that...
Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks
Vulnerabilities disclosed this week in MCP servers from Anthropic and Microsoft put a spotlight on security concerns about a protocol...
U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known...
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
Ravie LakshmananJan 23, 2026Network Security / Vulnerability Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO...
Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
Ravie LakshmananJan 23, 2026Email Security / Endpoint Security Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages...
Hackers Disable Windows Security With New Malware Attack
Image generated by Google Gemini A sophisticated new malware campaign is systematically dismantling Windows security defenses with alarming success—and it...
Machine learning–powered Android Trojans bypass script-based Ad Click detection
Machine learning–powered Android Trojans bypass script-based Ad Click detection Pierluigi Paganini January 22, 2026 A new Android click-fraud trojan family...
NDSS 2025 – Rethinking Trust In Forge-Based Git Security
Session 9D: Github + OSN Security Authors, Creators & Presenters: Aditya Sirish A Yelgundhalli (New York University), Patrick Zielinski (New...
Critical SmarterMail vulnerability under attack, no CVE yet
Critical SmarterMail vulnerability under attack, no CVE yet Pierluigi Paganini January 22, 2026 A SmarterMail flaw (WT-2026-0001) is under active...
Halo Security Achieves SOC 2 Type II Compliance, Demonstrating Sustained Security Excellence Over Time
Miami, Florida, January 22nd, 2026, CyberNewsWire Halo Security, a leading provider of external attack surface management and penetration testing services,...
