Security Issues, Vulnerabilities, Exploits & Government Alerts
Jan 07, 2026Ravie LakshmananVulnerability / Cloud Security Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE). The vulnerability, which has…
Jan 07, 2026The Hacker NewsEnterprise Security / Artificial Intelligence Non-human employees are becoming the future of cybersecurity, and enterprises need to prepare accordingly. As organizations scale Artificial Intelligence (AI) and cloud automation, there is exponential…
Jan 07, 2026Ravie LakshmananVulnerability / Enterprise Security Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a “critical” issue that could result in remote code execution (RCE). The…
Jan 07, 2026Ravie LakshmananEmail Security / Financial Fraud Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have…
Jan 07, 2026Ravie LakshmananNetwork Security / Vulnerability A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS score: 9.3),…
Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control. The names of…
Jan 06, 2026Ravie LakshmananIoT Security / Vulnerability The CERT Coordination Center (CERT/CC) has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range extender that could allow a remote authenticated attacker to gain…
Jan 06, 2026Ravie LakshmananMalware / Endpoint Security Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death (BSoD)…
Jan 06, 2026The Hacker NewsSaaS Security / Enterprise Security The Invisible Half of the Identity Universe Identity used to live in one place – an LDAP directory, an HR system, a single IAM portal. Not…
Jan 06, 2026Ravie LakshmananThreat Intelligence / Cloud Security Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are…