Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware

A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. “The attack begins with social engineering lures delivered via business-themed documents crafted to…

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

Ravie LakshmananJan 24, 2026Malware / Critical Infrastructure The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last…

Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents

AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity beyond human speed across the enterprise. Then comes the moment…

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

Ravie LakshmananJan 24, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its…

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

Ravie LakshmananJan 23, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the…

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Ravie LakshmananJan 23, 2026Network Security / Vulnerability Fortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. “In the last…

CISA Releases Product Categories List to Propel Post-Quantum Cryptography Adoption Pursuant to President Trump’s Executive Order 14306

by CISA
January 23, 2026
Security News, Assessments & Alerts
2 min read

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), a component of the Department of Homeland Security (DHS), unveiled an initial list of Product Categories for Technologies That Use Post-Quantum Cryptography Standards. This resource identifies hardware…

TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order

Ravie LakshmananJan 23, 2026Regulatory Compliance / National Security TikTok on Friday officially announced that it formed a joint venture that will allow the hugely popular video-sharing application to continue operating in the U.S. The new…

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

Ravie LakshmananJan 23, 2026Email Security / Endpoint Security Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software for persistent remote access…

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector. “The campaign abused SharePoint file‑sharing services to deliver phishing payloads and relied on…

« Previous
1
…
84
85
86
87
88
…
523
Next »