data breach

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

Jan 13, 2026Ravie LakshmananVulnerability / SaaS Security ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary…

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Jan 13, 2026Ravie LakshmananMalware / Endpoint Security Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos…

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

Jan 13, 2026Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impacting Gogs by adding it to its Known Exploited Vulnerabilities…

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

Jan 12, 2026Ravie LakshmananVulnerability / Workflow Automation Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers’…

AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

Jan 12, 2026Ravie LakshmananHacking News / Cybersecurity This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry points once basic safeguards were…

GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials

A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that’s capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin…

Anthropic Launches Claude AI for Healthcare with Secure Health Record Access

Jan 12, 2026Ravie LakshmananArtificial Intelligence / Healthcare Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claude platform to better understand their health…

Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud

Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected…

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

Jan 10, 2026Ravie LakshmananCyber Espionage / Malware The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based…

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

Jan 10, 2026Ravie LakshmananCybercrime / Financial Crime Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of…

« Previous
1
…
10
11
12
13
14
…
381
Next »