LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords
Ravie LakshmananJan 21, 2026Email Security / Malware LastPass is alerting users to a new active phishing campaign that's impersonating the...
Security
CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution
Ravie LakshmananJan 21, 2026Open Source / Vulnerability A security vulnerability has been disclosed in the popular binary-parser npm library that,...
Old habits die hard: 2025’s most common passwords were as predictable as ever
Digital Security Once again, data shows an uncomfortable truth: the habit of choosing eminently hackable passwords is alive and well...
New iOS and iPadOS Flaws Leave Millions of iPhones at Risk
Image: Amanz/Unsplash No clicks. No warnings. Full device access. Apple confirmed two critical WebKit vulnerabilities affecting millions of iPhones and...
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems Pierluigi Paganini January 20, 2026 TP-Link fixed a critical...
Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
Ravie LakshmananJan 20, 2026Vulnerability / Artificial Intelligence A set of three security vulnerabilities has been disclosed in mcp-server-git, the official...
The Hidden Risk of Orphan Accounts
The Hacker NewsJan 20, 2026Enterprise Security / AI Security The Problem: The Identities Left Behind As organizations grow and evolve,...
Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
Ravie LakshmananJan 20, 2026Cloud Security / Developer Security Cybersecurity researchers have disclosed details of a malware campaign that's targeting software...
Google Gemini Flaw Let Attackers Access Private Calendar Data
Image: Freepik Security researchers have revealed a flaw in Google’s Gemini AI assistant that allowed attackers to quietly pull private...
Secure Your Business Traffic With Military-Grade VPN for Only $20
Image: StackCommerce TL;DR: Get military-grade AES-256 encryption, trusted OpenVPN and IDEv2 protocols, and a strict no-logs policy to protect business...
New Windows Flaw Lets Attackers Bypass Mark of the Web
image: envato/Image-Source Microsoft has released security updates to address a Windows Remote Assistance vulnerability that could allow attackers to bypass...
When Security Incidents Break: The Questions Every CISO Asks (And How We Securely Built a Solution in Record Time)
When Security Incidents Break: The Questions Every CISO Asks (And How We Securely Built a Solution in Record Time) It was an average Tuesday when...
UK NCSC warns of Russia-linked hacktivists DDoS attacks
UK NCSC warns of Russia-linked hacktivists DDoS attacks Pierluigi Paganini January 20, 2026 The UK government warns Russia-linked hacktivists are...
Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers
Ravie LakshmananJan 20, 2026Web Security / Vulnerability Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME)...
NCSC Warns of Increased Russian Hacktivist Threat to UK Online Services
From Russia with a lack of love. Image: Unsplash The UK government has issued an urgent cybersecurity alert as Russian-aligned...
