Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Ravie LakshmananJan 22, 2026Vulnerability / Zero-Day Cisco has released fresh patches to address what it described as a “critical” security vulnerability impacting multiple Unified Communications (CM) products and Webex Calling Dedicated Instance that it has…

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial intelligence (AI), cryptocurrency, financial services, IT…

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Ravie LakshmananJan 21, 2026Vulnerability / Network Security Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution. The most severe of…

How Smart MSSPs Using AI to Boost Margins with Half the Staff

The Hacker NewsJan 21, 2026Artificial Intelligence / Automation Every managed security provider is chasing the same problem in 2026 — too many alerts, too few analysts, and clients demanding “CISO-level protection” at SMB budgets. The…

Exposure Assessment Platforms Signal a Shift in Focus

Gartner® doesn’t create new categories lightly. Generally speaking, a new acronym only emerges when the industry’s collective “to-do list” has become mathematically impossible to complete. And so it seems that the introduction of the Exposure…

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

Ravie LakshmananJan 21, 2026Vulnerability / Artificial Intelligence Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within…

VoidLink Linux Malware Framework Built with AI Assistance Reaches 88,000 Lines of Code

The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person with assistance from an artificial intelligence (AI) model. That’s according to new findings from Check…

LastPass Warns of Fake Maintenance Messages Targeting Users’ Master Passwords

Ravie LakshmananJan 21, 2026Email Security / Malware LastPass is alerting users to a new active phishing campaign that’s impersonating the password management service, which aims to trick users into giving up their master passwords. The…

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

Ravie LakshmananJan 21, 2026Open Source / Vulnerability A security vulnerability has been disclosed in the popular binary-parser npm library that, if successfully exploited, could result in the execution of arbitrary JavaScript. The vulnerability, tracked as…

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints. The latest…

« Previous
1
…
25
26
27
28
29
…
462
Next »