Skip to content
Security News, Assessments & Alerts Page 24

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

Ravie LakshmananJan 27, 2026Vulnerability / Cloud Security A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version of the Grist relational spreadsheet-database, that could result in remote code execution. The vulnerability, tracked… 

Read More »Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Ravie LakshmananJan 27, 2026Web Security / Malware Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environments. The… 

Read More »China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation

Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation

Ravie LakshmananJan 27, 2026Zero-Day / Vulnerability Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509, carries a CVSS score of 7.8 out… 

Read More »Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation
Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware

Ravie LakshmananJan 26, 2026Cyber Espionage / Malware Cybersecurity researchers have discovered an ongoing campaign that’s targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire… 

Read More »Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Ravie LakshmananJan 26, 2026AI Security / Vulnerability Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to… 

Read More »Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Ravie LakshmananJan 26, 2026Hacking News / Cybersecurity Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week’s recap shows that pattern clearly. Attackers are moving… 

Read More »Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More
Winning Against AI-Based Attacks Requires a Combined Defensive Approach

Winning Against AI-Based Attacks Requires a Combined Defensive Approach

The Hacker NewsJan 26, 2026Endpoint Security / Artificial Intelligence If there’s a constant in cybersecurity, it’s that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to… 

Read More »Winning Against AI-Based Attacks Requires a Combined Defensive Approach
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers

Ravie LakshmananJan 26, 2026Malware / Endpoint Security The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the… 

Read More »Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. “The attack begins with social engineering lures delivered via business-themed documents crafted to… 

Read More »Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

Ravie LakshmananJan 24, 2026Malware / Critical Infrastructure The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last… 

Read More »New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector