What is Identity Dark Matter?
Jan 06, 2026The Hacker NewsSaaS Security / Enterprise Security The Invisible Half of the Identity Universe Identity used to live in one place – an LDAP directory, an HR system, a single IAM portal. Not…
cyber news
cyber news
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
Jan 06, 2026Ravie LakshmananThreat Intelligence / Cloud Security Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are…
New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands
Jan 06, 2026Ravie LakshmananVulnerability / DevOps A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the underlying…
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
Jan 06, 2026Ravie LakshmananVulnerability / Web Security Users of the “@adonisjs/bodyparser” npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could…
Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government
Jan 05, 2026Ravie LakshmananCyber Espionage / Windows Security The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives.…
Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks
Jan 05, 2026Ravie LakshmananIoT Security / Mobile Security The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. “Key actors involved…
IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More
Jan 05, 2026Ravie LakshmananHacking News / Cybersecurity The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in…
The State of Cybersecurity in 2025: Key Segments, Insights, and Innovations
Jan 05, 2026The Hacker NewsData Protection / Artificial Intelligence Featuring: Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply chains,…
Bitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step Act
Jan 05, 2026Ravie LakshmananCryptocurrency / Financial Crime Ilya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive hack of cryptocurrency exchange Bitfinex in 2016,…
New VVS Stealer Malware Targets Discord Accounts via Obfuscated Python Code
Jan 05, 2026Ravie LakshmananThreat Intelligence / Windows Security Cybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer (also styled as VVS $tealer) that’s capable of harvesting Discord credentials and tokens.…