Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

Ravie LakshmananFeb 02, 2026Hacking News / Cybersecurity Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage.…

Securing the Mid-Market Across the Complete Threat Lifecycle

The Hacker NewsFeb 02, 2026Threat Detection / Endpoint Security For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that…

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

Ravie LakshmananFeb 02, 2026Threat Intelligence / Malware The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead. “The attack involved [an] infrastructure-level compromise…

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer systems. “Malicious updates were…

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Ravie LakshmananFeb 02, 2026Developer Tools / Malware Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer’s resources to push malicious…

Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses. The activity, observed by HarfangLab in…

Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

Ravie LakshmananJan 31, 2026Social Engineering / SaaS Security Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known…

CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

Ravie LakshmananJan 31, 2026Network Security / SCADA CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector,…

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID:…

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet…

« Previous
1
2
3
4
…
442
Next »