Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts.…
Jan 16, 2026The Hacker NewsPrivacy / Data Protection You lock your doors at night. You avoid sketchy phone calls. You’re careful about what you post on social media. But what about the information about you…
Jan 16, 2026Ravie LakshmananMalware / Cyber Espionage Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE.…
Jan 16, 2026Ravie LakshmananZero-Day / Cyber Espionage A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the…
Jan 16, 2026Ravie LakshmananVulnerability / Web Security Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly…
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability…
Jan 15, 2026Ravie LakshmananWeb Security /Vulnerability A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchstack. The vulnerability, tracked as CVE-2026-23550 (CVSS score:…
Jan 15, 2026Ravie LakshmananPrompt Injection / Enterprise Security Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence (AI) chatbots like…
Jan 15, 2026Ravie LakshmananCybersecurity / Hacking News The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small…
Jan 15, 2026The Hacker NewsData Security / Artificial Intelligence As AI copilots and assistants become embedded in daily work, security teams are still focused on protecting the models themselves. But recent incidents suggest the bigger…