Skip to content
cyber security news today Page 8

cyber security news today

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing

Jan 16, 2026Ravie LakshmananMalware / Cyber Espionage Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE.… 

Read More »LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing
China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure

China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure

Jan 16, 2026Ravie LakshmananZero-Day / Cyber Espionage A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the… 

Read More »China-Linked APT Exploits Sitecore Zero-Day in Attacks on American Critical Infrastructure
Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Jan 16, 2026Ravie LakshmananVulnerability / Web Security Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly… 

Read More »Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability… 

Read More »AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

Jan 15, 2026Ravie LakshmananWeb Security /Vulnerability A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchstack. The vulnerability, tracked as CVE-2026-23550 (CVSS score:… 

Read More »Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access
Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

Jan 15, 2026Ravie LakshmananPrompt Injection / Enterprise Security Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence (AI) chatbots like… 

Read More »Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot
AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

Jan 15, 2026Ravie LakshmananCybersecurity / Hacking News The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small… 

Read More »AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories
Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

Jan 15, 2026The Hacker NewsData Security / Artificial Intelligence As AI copilots and assistants become embedded in daily work, security teams are still focused on protecting the models themselves. But recent incidents suggest the bigger… 

Read More »Model Security Is the Wrong Frame – The Real Risk Is Workflow Security
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud

Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud

Microsoft on Wednesday announced that it has taken a “coordinated legal action” in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The… 

Read More »Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud