Cybersecurity

Last update (UTC): 05:45 - 15/01/2026

Security.nl

Australië waarschuwt bedrijven voor uploaden klantdata naar AI-chatbots

15:54 - 14/01/2026
  View item as page
Het Australische Cyber Security Centre (ACSC) waarschuwt mkb-bedrijven voor het uploaden van klantgegevens naar AI-chatbots en ...

https://www.security.nl/posting/920859/Australi%C3%AB+waarschuwt+bedrijven+voor+


Proton VPN stopt support van oude OpenVPN-configuratiebestanden

15:36 - 14/01/2026
  View item as page
Proton VPN stopt de support van oude OpenVPN-configuratiebestanden, zo heeft de vpn-provider vandaag aangekondigd. Het gaat ...

https://www.security.nl/posting/920855/Proton+VPN+stopt+support+van+oude+OpenVPN


Hoort bij een vraag om toestemming niet duidelijk te worden vermeld waar deze toestemming precies voor is?

14:28 - 14/01/2026
  View item as page
Juridische vraag: Laatst kwam in het nieuws dat sommige bunq-klanten in de bunq-app de aandelenhandel van hun contacten kunnen ...

https://www.security.nl/posting/920832/Hoort+bij+een+vraag+om+toestemming+niet+d


Slachtoffer bankhelpdeskfraude krijgt 84.000 euro schade niet vergoed

14:13 - 14/01/2026
  View item as page
Een klant van ING die het slachtoffer van bankhelpdeskfraude werd krijgt de 84.000 euro schade die hij leed niet vergoed, zo ...

https://www.security.nl/posting/920823/Slachtoffer+bankhelpdeskfraude+krijgt+84_


Minister: Chinese sensor in slimme meter geen risico voor energielevering

12:34 - 14/01/2026
  View item as page
De aanwezigheid van een Chinese meetsensor in slimme meters van Nederlandse netbeheerders vormt geen risico voor de ...

https://www.security.nl/posting/920804/Minister%3A+Chinese+sensor+in+slimme+mete


Zevenduizend SmarterMail-servers missen update voor zeer kritiek lek

12:05 - 14/01/2026
  View item as page
Ruim zevenduizend SmarterMail-servers, waarvan zo'n veertig in Nederland, missen een beveiligingsupdate voor een zeer kritieke ...

https://www.security.nl/posting/920801/Zevenduizend+SmarterMail-servers+missen+u


Kritiek lek in Fortinet FortiFone geeft aanvaller toegang tot configuratie

11:31 - 14/01/2026
  View item as page
Een kritieke kwetsbaarheid in Fortinet FortiFone kan een aanvaller toegang tot de lokale configuratiegegevens geven, zo laat ...

https://www.security.nl/posting/920796/Kritiek+lek+in+Fortinet+FortiFone+geeft+a


Kamer spreekt met experts over gevolgen van Solvinity-overname voor DigiD

10:57 - 14/01/2026
  View item as page
De vaste commissie voor Digitale Zaken van de Tweede Kamer spreekt eind deze maand met verschillende experts over de gevolgen ...

https://www.security.nl/posting/920786/Kamer+spreekt+met+experts+over+gevolgen+v


Franse internetprovider Free krijgt 42 miljoen euro boete wegens datalek

10:26 - 14/01/2026
  View item as page
De Franse internetprovider Free heeft een boete van 42 miljoen euro gekregen wegens een datalek dat zich eind 2024 voordeed en ...

https://www.security.nl/posting/920782/Franse+internetprovider+Free+krijgt+42+mi


Belgische ziekenhuispatiënten met kritische zorg verplaatst wegens ransomware

10:02 - 14/01/2026
  View item as page
Zeven ziekenhuispatiënten in België die kritische zorg ontvangen zijn wegens een ransomware-aanval op hun ziekenhuis ...

https://www.security.nl/posting/920780/Belgische+ziekenhuispati%C3%ABnten+met+kr


Slashdot

The Swedish Start-Up Aiming To Conquer America's Full-Body-Scan Craze

00:00 - 15/01/2026
  View item as page
An anonymous reader quotes a report from DealBook: Fifteen years ago, Daniel Ek broke into America's digital-content wars with his streaming music start-up, Spotify, which has turned into a publicly traded company with a $110 billion market value. Now he and his business partner, the Swedish entrepreneur Hjalmar Nilsonne, aim to crack a higher-stakes consumer market: American health care. The pair plan to bring Neko Health, the health tech start-up they founded in 2018, to New York this spring, DealBook is first to report. Mr. Ek and Mr. Nilsonne hope to capitalize on the growing number of prevention-minded Americans who are hungry to track their biometric data. Whether through wearables like Oura rings or more intensive screenings, consumers are turning to technology to improve their health and help spot the early onset of some big killers, including cardiovascular and metabolic diseases. The United States will be the third market, after Sweden and Britain, for Neko Health, which offers full-body diagnostic scans and is valued at roughly $1.7 billion. [...] Mr. Nilsonne and Mr. Ek said Neko Health's big aim was to change the health care model, in which spending across much of the developed world skyrockets but longevity gains have stalled. They want to make their noninvasive scans as routine as an annual checkup. The company, which advertises its service as "a health check for your future self," did not say what the U.S. scans would cost. But in Stockholm, an hourlong visit at one of its clinics costs 2,750 Swedish krona (about $300). Prenuvo's and Ezra's most comprehensive scans can cost $3,999. [...] Neko Health's technology differs from that of many of its U.S. rivals. It does not use M.R.I. or X-rays, instead relying on scores of sensors and cameras and a mix of proprietary and off-the-shelf technologies to measure heart function and circulation, and to photograph and map every inch of a patient's body looking for cancerous lesions. At the moment, the company's biggest challenge is scaling. [...] Mr. Nilsonne said Neko Health scans have detected the early onset of diseases or serious medical conditions for thousands of its patients. But the medical community is divided on the need for proactive screening technologies. The fear is that mass adoption could spur a wave of false positives and send healthy people to seek follow-up medical advice, overwhelming an already swamped health care system. Mr. Ek and Mr. Nilsonne believe they have built a better solution. And now they're ready to test it in the U.S. market.

Read more of this story at Slashdot.

https://science.slashdot.org/story/26/01/14/2332240/the-swedish-start-up-aiming-


Are QWERTY Phones Trying To Make a Comeback?

00:00 - 15/01/2026
  View item as page
After nearly two decades of touchscreen dominance, QWERTY smartphones are staging a niche comeback, with Clicks and Unihertz unveiling new physical-keyboard phones at CES 2026. Gizmodo reports: At CES 2026, Clicks, the company behind the Clicks keyboard case and the new Power Keyboard, announced plans to sell the Communicator, a "second phone" with a QWERTY keypad. Clicks pitches the $500 phone, launching later this year, as a device primarily intended for messaging -- sending texts, DMs, Slack messages, whatever. The company didn't have a functional unit -- only a mockup dummy to fondle at the show -- but it looked cool enough, even if it'll be a very niche product. It's a cool idea, but how many people will carry a companion phone to their main phone just to shoot off a few DMs? $500 is a lot to ask for that satisfaction. But Clicks isn't the only one trying to bring back QWERTY phones. Unihertz, makers of the really tiny Jelly Android phones and also Tank phones with massive battery capacities, also teased a new phone with a physical keyboard. The Titan 2 Elite seems to be a less gimmicky version of the Titan 2, which itself was a BlackBerry Passport knockoff but with a bizarre square screen on the backside. Look closely, and there are some weird similarities between the Clicks Communicator and the Titan 2 Elite. We don't have dimension specs yet, but the screens seem to have the same rounded corners, and even the hole-punch camera is in the same upper-left corner. The only difference seems to be the keyboards; the Communicator uses individual keys, whereas the Titan 2 Elite's keyboard is more BlackBerry-esque. After digging into the Clicks Communicator's specs, a few other features stood out that Slashdotters might appreciate. There's a dedicated 3.5mm headphone jack, a physical "kill switch" (essentially an alert slider), fingerprint scanner and even a customizable notification LED. The last time we saw a phone with a dedicated notification LED was around 2019!

Read more of this story at Slashdot.

https://mobile.slashdot.org/story/26/01/14/2319204/are-qwerty-phones-trying-to-m


Digg Launches Its New Reddit Rival To the Public

00:00 - 15/01/2026
  View item as page
Digg is officially back under the ownership of its original founder, Kevin Rose, along with Reddit co-founder Alexis Ohanian. "Similar to Reddit, the new Digg offers a website and mobile app where you can browse feeds featuring posts from across a selection of its communities and join other communities that align with your interests," reports TechCrunch. "There, you can post, comment, and upvote (or 'digg') the site's content." From the report: [T]he rise of AI has presented an opportunity to rebuild Digg, Rose and Ohanian believe, leading them to acquire Digg last March through a leveraged buyout by True Ventures, Ohanian's firm Seven Seven Six, Rose and Ohanian themselves, and the venture firm S32. The company has not disclosed its funding. They're betting that AI can help to address some of the messiness and toxicity of today's social media landscape. At the same time, social platforms will need a new set of tools to ensure they're not taken over by AI bots posing as people. "We obviously don't want to force everyone down some kind of crazy KYC process," said Rose in an interview with TechCrunch, referring to the 'know your customer' verification process used by financial institutions to confirm someone's identity. Instead of simply offering verification checkmarks to designate trust, Digg will try out new technologies, like using zero-knowledge proofs (cryptographic methods that verify information without revealing the underlying data) to verify the people using its platform. It could also do other things, like require that people who join a product-focused community verify they actually own or use the product being discussed there. As an example, a community for Oura ring owners could verify that everyone who posts has proven they own one of the smart rings. Plus, Rose suggests Digg could use signals acquired from mobile devices to help verify members -- for instance, the app could identify when Digg users attended a meetup in the same location. "I don't think there's going to be any one silver bullet here," said Rose. "It's just going to be us saying ... here's a platter of things that you can add together to create trust."

Read more of this story at Slashdot.

https://tech.slashdot.org/story/26/01/14/233241/digg-launches-its-new-reddit-riv


Cerebras Scores OpenAI Deal Worth Over $10 Billion

00:00 - 15/01/2026
  View item as page
Cerebras Systems landed a more than $10 billion deal to supply up to 750 megawatts of compute to OpenAI through 2028, according to a blog post by OpenAI. CNBC reports: The deal will help diversify Cerebras away from the United Arab Emirates' G42, which accounted for 87% of revenue in the first half of 2024. "The way you have three very large customers is start with one very large customer, and you keep them happy, and then you win the second one," Cerebras' co-founder and CEO Andrew Feldman told CNBC in an interview. Cerebras has built a large processor that can train and run generative artificial intelligence models. [...] "Cerebras adds a dedicated low-latency inference solution to our platform," Sachin Katti, who works on compute infrastructure at OpenAI, wrote in the blog. "That means faster responses, more natural interactions, and a stronger foundation to scale real-time AI to many more people." The deal comes months after OpenAI worked with Cerebras to ensure that its gpt-oss open-weight models would work smoothly on Cerebras silicon, alongside chips from Nvidia and Advanced Micro Devices. OpenAI's gpt-oss collaboration led to technical conversations with Cerebras, and the two companies signed a term sheet just before Thanksgiving, Feldman said in an interview with CNBC. The report notes that this deal helps strengthen Cerebras' IPO prospects. The $10+ billion OpenAI deal materially improves revenue visibility, customer diversification, and strategic credibility, addressing key concerns from its withdrawn filing and setting the stage for a more compelling refile with updated financials and narrative.

Read more of this story at Slashdot.

https://slashdot.org/story/26/01/14/2253220/cerebras-scores-openai-deal-worth-ov


DoorDash and UberEats Cost Drivers $550 Million In Tips, NYC Says

00:00 - 15/01/2026
  View item as page
An anonymous reader quotes a report from Gothamist: City regulators on Tuesday accused Uber and DoorDash of deliberately altering their app interfaces to discourage customers from tipping food delivery workers, a move that has cost the employees more than $550 million over the last two years. A report (PDF) published by the Department of Consumer and Worker Protection argues that food delivery app giants retaliated against minimum wage rules for delivery drivers that took effect in December 2023 by implementing "design tricks" that obscure opportunities to offer a tip in their mobile apps. DoorDash explicitly blames the new wage rules for removing the simpler tipping option. "In response to regulations in New York City, you will now only be able to add a tip for your Dasher after they have been assigned," a message on the app's checkout page states. Other food delivery apps like GrubHub allow customers the option to add a tip before checking out. The average tip for DoorDash and Uber Eats drivers in the city fell from $2.17 to 76 cents per delivery after the companies made the changes to their apps, the report found. Both companies also issue messages to customers in the city telling them the prices for their orders were "set by an algorithm using your personal data." Further reading: Uber and DoorDash Try To Halt NYC Law That Encourages Tipping

Read more of this story at Slashdot.

https://news.slashdot.org/story/26/01/14/225243/doordash-and-ubereats-cost-drive


US Approves Sale of Nvidia's Advanced AI Chips To China

00:00 - 14/01/2026
  View item as page
The U.S. has approved limited sales of Nvidia's H200 AI chips to China, the Department of Commerce said on Tuesday. Exports will be allowed to "approved customers" with security safeguards and a 25% U.S. government cut. The company's most advanced Blackwell chips will remain restricted. The BBC reports: The H200, Nvidia's second-most-advanced semiconductor, had been restricted by Washington over concerns that it would give China's technology industry and military an edge over the U.S. The Commerce Department said the chips can be shipped to China granted that there is sufficient supply of the processors in the U.S. Nvidia's spokesperson told the BBC that the company welcomed the move, saying it will benefit manufacturing and jobs in the U.S. The Commerce Department's Bureau of Industry and Security said its revised export policy applies to Nvidia's H200 chips, as well as less advanced processors. Chinese customers must also show "sufficient security procedures" and cannot use the chips for military uses. Chinese embassy spokesman Liu Pengyu told the BBC on Wednesday that Beijing has consistently opposed the "politicization and weaponization of tech and trade issues." "We oppose blocking and restricting China, which disrupts the stability of industrial and supply chains," he said. "This approach does not serve the common interests of both sides."

Read more of this story at Slashdot.

https://hardware.slashdot.org/story/26/01/14/2156254/us-approves-sale-of-nvidias


Bandcamp Bans AI Music

00:00 - 14/01/2026
  View item as page
Bandcamp has announced a ban on music made wholly or substantially by generative AI, aiming to protect human creativity and prohibit AI impersonation of artists. Here's what the music platform had to say: ... Something that always strikes us as we put together a roundup like this is the sheer quantity of human creativity and passion that artists express on Bandcamp every single day. The fact that Bandcamp is home to such a vibrant community of real people making incredible music is something we want to protect and maintain. Today, in line with that goal, we're articulating our policy on generative AI. We want musicians to keep making music, and for fans to have confidence that the music they find on Bandcamp was created by humans. Our guidelines for generative AI in music and audio are as follows: - Music and audio that is generated wholly or in substantial part by AI is not permitted on Bandcamp. - Any use of AI tools to impersonate other artists or styles is strictly prohibited in accordance with our existing policies prohibiting impersonation and intellectual property infringement. If you encounter music or audio that appears to be made entirely or with heavy reliance on generative AI, please use our reporting tools to flag the content for review by our team. We reserve the right to remove any music on suspicion of being AI generated. We will be sure to communicate any updates to the policy as the rapidly changing generative AI space develops. Given the response around this to our previous posts, we hope this news is welcomed. We wish you all an amazing 2026. [...]

Read more of this story at Slashdot.

https://entertainment.slashdot.org/story/26/01/14/2149259/bandcamp-bans-ai-music


House Sysadmin Stole 200 Phones, Caught By House IT Desk

00:00 - 14/01/2026
  View item as page
An anonymous reader quotes a report from Ars Technica: According to the government's version of events, 43-year-old Christopher Southerland was working in 2023 as a sysadmin for the House Committee on Transportation and Infrastructure. In his role, Southerland had the authority to order cell phones for committee staffers, of which there are around 80. But during the early months of 2023, Southerland is said to have ordered 240 brand-new phones -- far more than even the total number of staffers -- and to have shipped them all to his home address in Maryland. The government claims that Southerland then sold over 200 of these cell phones to a local pawn shop, which was told to resell the devices only "in parts" as a way to get around the House's mobile device management software, which could control the devices remotely. It's hard to find good help these days, though, even at pawn shops. At some point, at least one of the phones ended up, intact, on eBay, where it was sold to a member of the public. This member of the public promptly booted the phone, which did not display the expected device operating system screen but instead "a phone number for the House of Representatives Technology Service Desk." The phone buyer called this number, which alerted House IT staff that government phones were being sold on eBay. According to the government, this sparked a broader investigation to figure out what was going on, which revealed that "several phones purchased by Southerland were unaccounted for." The full scheme is said to have cost the government over $150,000. Southerland was indicted in early December 2025 and arrested on January 8, 2026. He pled not guilty and has a court date scheduled for later this month.

Read more of this story at Slashdot.

https://it.slashdot.org/story/26/01/14/2143252/house-sysadmin-stole-200-phones-c


UK Scraps Mandatory Digital ID Enrollment for Workers After Public Backlash

00:00 - 14/01/2026
  View item as page
The UK government has abandoned its controversial plan to require workers to sign up for a mandatory digital ID system to prove their eligibility to work in the country, opting instead to move existing document-based checks -- such as biometric passports -- fully online by 2029. The reversal follows a dramatic collapse in public support; polling showed approval falling from just over half the population in June to less than a third after Prime Minister Keir Starmer's announcement. Nearly 3 million people signed a parliamentary petition opposing the scheme. The government says it remains committed to mandatory digital right-to-work checks but will no longer require enrollment in a new ID system.

Read more of this story at Slashdot.

https://news.slashdot.org/story/26/01/14/1924225/uk-scraps-mandatory-digital-id-


Dell Tells Staff To Get Ready For the 'Biggest Transformation in Company History'

00:00 - 14/01/2026
  View item as page
Dell's chief operating officer Jeff Clarke has informed employees that the company is preparing for what he calls the "biggest transformation in company history," a sweeping systems overhaul scheduled to launch on May 3 that will standardize processes across nearly every major division. The initiative, dubbed One Dell Way, will replace Dell's existing sprawl of applications, servers and databases with a single enterprise platform designed to unify the 42-year-old company's operations. Clarke's memo, sent to staff on Tuesday and obtained by Business Insider, said Dell has spent the past two years building toward this transition. The May 3 launch will affect the company's PC business, finance, supply chain, marketing, sales, revenue operations, services, and HR. The ISG division, which handles cloud and AI infrastructure, will follow in August. "We need one way -- simplified, standardized and automated -- so we can be more competitive and serve our customers better," Clarke wrote. Mandatory training begins February 3.

Read more of this story at Slashdot.

https://tech.slashdot.org/story/26/01/14/199210/dell-tells-staff-to-get-ready-fo


theregister.com/security

New Linux malware targets the cloud, steals creds, and then vanishes

20:39 - 14/01/2026
  View item as page
Cloud-native, 37 plugins ... an attacker's dream

A brand-new Linux malware named VoidLink targets victims' cloud infrastructure with more than 30 plugins that allow attackers to perform a range of illicit activities, from silent reconnaissance and credential theft to lateral movement and container abuse. ...

https://go.theregister.com/feed/www.theregister.com/2026/01/14/voidlink_linux_ma


France fines telcos €42M for sub-par security prior to 24M customer breach

15:17 - 14/01/2026
  View item as page
Three major GDPR violations, including a lack of basic security controls, lead to hefty dent in profits

The French data protection regulator, CNIL, today issued a collective €42 million ($48.9 million) fine to two French telecom companies for GDPR violations stemming from a data breach....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/france_fines_free


'Imagination the limit': DeadLock ransomware gang using smart contracts to hide their work

14:16 - 14/01/2026
  View item as page
New crooks on the block get crafty with blockchain to evade defenses

Researchers at Group-IB say the DeadLock ransomware operation is using blockchain-based anti-detection methods to evade defenders' attempts to analyze their tradecraft....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/deadlock_ransomwa


Cyber-stricken Belgian hospitals refuse ambulances, transfer critical patients

12:52 - 14/01/2026
  View item as page
Attack enters second day with major disruption to healthcare provision

Two hospitals in Belgium have cancelled surgeries and transferred critical patients to other facilities after shutting down servers following a cyberattack....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/belgium_hospital_


Eurail passengers taken for a ride as data breach spills passports, bank details

12:43 - 14/01/2026
  View item as page
Travel biz tells customers to change passwords beyond its own services

Eurail has confirmed customer information was stolen in a data breach, according to notification emails sent out this week....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/eurail_breach/


UK backtracks on digital ID requirement for right to work

12:20 - 14/01/2026
  View item as page
U-turn leaves questions on costs, funding, and benefits unanswered

The UK government has backed down from making digital ID mandatory for proof of a right to work in the country, adding to confusion over the scheme's cost and purpose....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/uk_digital_id_cli


Spanish power giant sparks breach probe amid claims of massive data grab

10:15 - 14/01/2026
  View item as page
Endesa says payment info stolen after alleged crook boasted of 1 TB-plus haul

Spanish energy giant Endesa is warning customers about a data breach after a cybercrim claimed to have walked off with a vast cache of personal information allegedly tied to more than 20 million people....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/endesa_breach/


Anthropic finds $1.5 million to help Python Foundation improve security

06:25 - 14/01/2026
  View item as page
AI upstart also upscales its Labs to find the next frontier

The Python Software Foundation (PSF) has an extra $1.5 million heading its way, after AI upstart Anthropic entered into a partnership aimed at improving security in the Python ecosystem....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/anthropic_python_


Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

00:36 - 14/01/2026
  View item as page
First Patch Tuesday of 2026 goes big

Microsoft and Uncle Sam have warned that a Windows bug disclosed today is already under attack....

https://go.theregister.com/feed/www.theregister.com/2026/01/14/patch_tuesday_jan


Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

21:17 - 13/01/2026
  View item as page
The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow remote attackers to hide malicious code in metadata. The code then executes automatically when a file containing the poisoned metadata is loaded....

https://go.theregister.com/feed/www.theregister.com/2026/01/13/ai_python_library


CISO2CISO.com

Thinking About Becoming a Licensed Engineer? Start Here.

14:04 - 13/09/2025
  View item as page

NCEES explains why licensure matters for engineers and answers your top questions about the FE and PE exams. Source Views: 11

La entrada Thinking About Becoming a Licensed Engineer? Start Here. se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/thinking-about-becoming-a-licensed-engineer-start-here/


Celebrate Hispanic Heritage Month With SWE

14:04 - 13/09/2025
  View item as page

View our compilation of online stories and resources highlighting the Hispanic community and their contributions to STEM. Source Views: 9

La entrada Celebrate Hispanic Heritage Month With SWE se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/celebrate-hispanic-heritage-month-with-swe/


The Critical Role of Sboms (Software Bill of Materials) In Defending Medtech From Software Supply Chain Threats – Source: www.cyberdefensemagazine.com

10:04 - 13/09/2025
  View item as page

Source: www.cyberdefensemagazine.com – Author: News team Software supply chain attacks have emerged as a serious threat in the rapidly evolving field of cybersecurity, especially in medical devices. As these devices become more and more interconnected and dependent on complex software ecosystems, the potential for exploitation through the supply chain has grown exponentially. One powerful tool […]

La entrada The Critical Role of Sboms (Software Bill of Materials) In Defending Medtech From Software Supply Chain Threats – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/the-critical-role-of-sboms-software-bill-of-materials-in-d


Ransomware Tactics Are Shifting. Here’s How to Keep Up – Source: www.cyberdefensemagazine.com

10:04 - 13/09/2025
  View item as page

Source: www.cyberdefensemagazine.com – Author: News team It’s common knowledge in the cybersecurity industry that ransomware is on the rise, with median demands rising 20% year-over-year across virtually all industries. But it’s not only the ransom sums themselves that are escalating; threat actors are engaging in increasingly aggressive tactics and techniques to extort their victims. It’s […]

La entrada Ransomware Tactics Are Shifting. Here’s How to Keep Up – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/ransomware-tactics-are-shifting-heres-how-to-keep-up-sourc


French Advisory Sheds Light on Apple Spyware Activity – Source: www.darkreading.com

07:04 - 13/09/2025
  View item as page

Source: www.darkreading.com – Author: Rob Wright CERT-FR’s advisory follows last month’s disclosure of a zero-day flaw Apple said was used in “sophisticated” attacks against targeted individuals. Original Post URL: https://www.darkreading.com/vulnerabilities-threats/french-sheds-light-apple-spyware-activity Category & Tags: – Views: 5

La entrada French Advisory Sheds Light on Apple Spyware Activity – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/french-advisory-sheds-light-on-apple-spyware-activity-sour


Without Federal Help, Cyber Defense Is Up to the Rest of Us – Source: www.darkreading.com

07:04 - 13/09/2025
  View item as page

Source: www.darkreading.com – Author: Riaz Lakhani Together, we can foster a culture of collaboration and vigilance, ensuring that we are not just waiting for a hero to save us, but actively working to protect ourselves and our communities. Original Post URL: https://www.darkreading.com/cyberattacks-data-breaches/without-federal-help-cyber-defense-cisa Category & Tags: – Views: 13

La entrada Without Federal Help, Cyber Defense Is Up to the Rest of Us – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/without-federal-help-cyber-defense-is-up-to-the-rest-of-us


Safer Conversational AI for Cybersecurity: The BIX Approach – Source: securityboulevard.com

06:04 - 13/09/2025
  View item as page

Source: securityboulevard.com – Author: Gaurav Banga Here’s a scenario security teams increasingly face. A user—or an attacker pretending to be one—types something like: This is how many prompt injection attempts begin. The phrase looks harmless, but it’s a red flag: the user is telling the AI to forget its built‐in rules. What follows is often […]

La entrada Safer Conversational AI for Cybersecurity: The BIX Approach – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/safer-conversational-ai-for-cybersecurity-the-bix-approach


Operation Eastwood: Measuring the Real Impact on NoName057(16) – Source: securityboulevard.com

06:04 - 13/09/2025
  View item as page

Source: securityboulevard.com – Author: Sofia Naer Introduction On July 16, 2025, Europol revealed the details of Operation Eastwood, a coordinated international strike against one of the most active pro-Russian cybercrime groups, NoName057(016). The announcement promised a major disruption to the group’s activities. In this blog, we explore whether Operation Eastwood had any real impact on […]

La entrada Operation Eastwood: Measuring the Real Impact on NoName057(16) – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/operation-eastwood-measuring-the-real-impact-on-noname0571


CISA Lays Out Roadmap for CVE Program’s ‘Quality Era’ – Source: securityboulevard.com

06:04 - 13/09/2025
  View item as page

Source: securityboulevard.com – Author: Jeffrey Burt Five months after the future of the CVE program was thrown in doubt, CISA this week released a roadmap that calls for steps to take for its new “quality era,” which includes public sponsorship, expanded public-private partnership, and modernization. The post CISA Lays Out Roadmap for CVE Program’s ‘Quality […]

La entrada CISA Lays Out Roadmap for CVE Program’s ‘Quality Era’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/cisa-lays-out-roadmap-for-cve-programs-quality-era-source-


Randall Munroe’s XKCD ‘Dual Roomba’ – Source: securityboulevard.com

06:04 - 13/09/2025
  View item as page

Source: securityboulevard.com – Author: Marc Handelman via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Dual Roomba’ appeared first on Security Boulevard. Original Post URL: https://securityboulevard.com/2025/09/randall-munroes-xkcd-dual-roomba/?utm_source=rss&utm_medium=rss&utm_campaign=randall-munroes-xkcd-dual-roomba Category & Tags: Humor,Security Bloggers Network,Randall Munroe,Sarcasm,satire,XKCD – Humor,Security Bloggers Network,Randall Munroe,Sarcasm,satire,XKCD Views: 8

La entrada Randall Munroe’s XKCD ‘Dual Roomba’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

https://ciso2ciso.com/randall-munroes-xkcd-dual-roomba-source-securityboulevard-


Hackread.com

New China Linked VoidLink Linux Malware Targets Major Cloud Providers

18:37 - 14/01/2026
  View item as page
Researchers have discovered VoidLink, a sophisticated new Linux malware framework designed to infiltrate AWS, Google Cloud, and Azure. Learn how this Chinese-affiliated toolkit uses adaptive stealth to stay hidden.

https://hackread.com/china-voidlink-linux-malware-cloud-providers/


Structure and reliability in e-commerce platforms

18:02 - 14/01/2026
  View item as page
A successful e-commerce platform requires more than just a good-looking design. Security, stability, speed, and scalability are key…

https://hackread.com/structure-and-reliability-in-e-commerce-platforms/


Hacker Claims Full Breach of Russia’s Max Messenger, Threatens Public Leak

14:49 - 14/01/2026
  View item as page
A hacker claims a full breach of Russia’s Max Messenger, threatening to leak user data and backend systems if demands are not met.

https://hackread.com/hacker-russia-max-messenger-breach-data-leak/


Survey: Rapid AI Adoption Causes Major Cyber Risk Visibility Gaps

14:00 - 14/01/2026
  View item as page
As software supply chains become longer and more interconnected, enterprises have become well aware of the need to…

https://hackread.com/survey-rapid-ai-adoption-cyber-risk-visibility-gaps/


Microsoft January 2026 Patch Tuesday: 115 Vulnerabilities Fixed

13:31 - 14/01/2026
  View item as page
Microsoft kicks off 2026 with 115 security updates, including a fix for an actively exploited zero-day. Protect your Windows and Office systems today.

https://hackread.com/microsoft-january-2026-patch-tuesday-vulnerabilities/




When Does a Chatbot Make Sense in Freshdesk and When It Doesn’t

11:49 - 14/01/2026
  View item as page
Customer support teams adopt chatbots to reduce workload, shorten response times, and control costs. Freshdesk makes chatbot deployment…

https://hackread.com/chatbot-sense-in-freshdesk-when-doesnt/


Hackers Launch Over 91,000 Attacks on AI Systems Using Fake Ollama Servers

10:43 - 14/01/2026
  View item as page
A new investigation by GreyNoise reveals a massive wave of over 90,000 attacks targeting AI tools like Ollama and OpenAI. Experts warn that hackers are conducting "reconnaissance" to map out vulnerabilities in enterprise AI systems.

https://hackread.com/hackers-attack-ai-systems-fake-ollama-servers/


Convert Video to Text: A Comprehensive Guide

10:13 - 14/01/2026
  View item as page
In today’s digital age, video content has become an essential tool for communication, education, and entertainment. Whether it’s…

https://hackread.com/convert-video-to-text-comprehensive-guide/


Vuldb

CVE-2026-22406 | Overton Plugin up to 1.3 on WordPress resource injection

22:04 - 14/01/2026
  View item as page
A vulnerability described as critical has been identified in Overton Plugin up to 1.3 on WordPress. This vulnerability affects unknown code. Such manipulation leads to improper control of resource identifiers. This vulnerability is traded as CVE-2026-22406. The attack may be launched remotely. There is no exploit available.

https://vuldb.com/?id.341235


CVE-2026-23512 | SumatraPDF up to 3.5.2 on Windows Advanced Options Setting untrusted search path

22:03 - 14/01/2026
  View item as page
A vulnerability marked as problematic has been reported in SumatraPDF up to 3.5.2 on Windows. This affects an unknown part of the component Advanced Options Setting Handler. This manipulation causes untrusted search path. This vulnerability appears as CVE-2026-23512. The attack requires local access. There is no available exploit.

https://vuldb.com/?id.341234


CVE-2025-49043 | Magic Responsive Slider and Carousel Plugin up to 1.6 on WordPress cross site scripting

22:02 - 14/01/2026
  View item as page
A vulnerability labeled as problematic has been found in Magic Responsive Slider and Carousel Plugin up to 1.6 on WordPress. Affected by this issue is some unknown functionality. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-49043. The attack can be launched remotely. No exploit exists.

https://vuldb.com/?id.341233


CVE-2025-69011 | Cool Tag Cloud Plugin up to 2.29 on WordPress cross site scripting

22:02 - 14/01/2026
  View item as page
A vulnerability identified as problematic has been detected in Cool Tag Cloud Plugin up to 2.29 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-69011. The attack can be initiated remotely. There is not any exploit available.

https://vuldb.com/?id.341232


CVE-2026-22482 | IMGspider Plugin up to 2.3.12 on WordPress server-side request forgery

22:02 - 14/01/2026
  View item as page
A vulnerability categorized as critical has been discovered in IMGspider Plugin up to 2.3.12 on WordPress. Affected is an unknown function. Executing a manipulation can lead to server-side request forgery. This vulnerability is registered as CVE-2026-22482. It is possible to launch the attack remotely. No exploit is available.

https://vuldb.com/?id.341231


CVE-2025-32123 | HTML5 Video Player with Playlist & Multiple Skins Plugin cross site scripting

22:02 - 14/01/2026
  View item as page
A vulnerability was found in HTML5 Video Player with Playlist & Multiple Skins Plugin up to 5.3.5 on WordPress. It has been rated as problematic. This impacts an unknown function. Performing a manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2025-32123. It is possible to initiate the attack remotely. There is no exploit available.

https://vuldb.com/?id.341230


CVE-2026-22463 | Form to Chat App Plugin up to 1.2.5 on WordPress cross site scripting

22:02 - 14/01/2026
  View item as page
A vulnerability was found in Form to Chat App Plugin up to 1.2.5 on WordPress. It has been declared as problematic. This affects an unknown function. Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-22463. The attack may be performed from remote. There is no available exploit.

https://vuldb.com/?id.341229


CVE-2025-48094 | Magic Slider Plugin up to 2.2 on WordPress cross site scripting

22:02 - 14/01/2026
  View item as page
A vulnerability was found in Magic Slider Plugin up to 2.2 on WordPress. It has been classified as problematic. The impacted element is an unknown function. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2025-48094. The attack is possible to be carried out remotely. No exploit exists.

https://vuldb.com/?id.341228


CVE-2025-27005 | HTML5 Video Player Plugin up to 5.3.5 on WordPress cross site scripting

22:02 - 14/01/2026
  View item as page
A vulnerability was found in HTML5 Video Player Plugin up to 5.3.5 on WordPress and classified as problematic. The affected element is an unknown function. The manipulation results in cross site scripting. This vulnerability is identified as CVE-2025-27005. The attack can be executed remotely. There is not any exploit available.

https://vuldb.com/?id.341227


CVE-2025-49045 | Super Interactive Maps Plugin up to 2.3 on WordPress cross site scripting

22:02 - 14/01/2026
  View item as page
A vulnerability has been found in Super Interactive Maps Plugin up to 2.3 on WordPress and classified as problematic. Impacted is an unknown function. The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2025-49045. Remote exploitation of the attack is possible. No exploit is available.

https://vuldb.com/?id.341226


Debian.org/security











Microsoft Security




CVE-2026-20962 Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability

08:00 - 13/01/2026
  View item as page
Use of uninitialized resource in Dynamic Root of Trust for Measurement (DRTM) allows an authorized attacker to disclose information locally.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20962


CVE-2026-21265 Secure Boot Certificate Expiration Security Feature Bypass Vulnerability

08:00 - 13/01/2026
  View item as page
Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot. The operating system’s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and deployment to restore intended security guarantees. | Certificate Authority (CA) | Location | Purpose | Expiration Date | | ------ | ------ | ------ | ------ | | Microsoft Corporation KEK CA 2011 | KEK | Signs updates to the DB and DBX | 06/24/2026 | | Microsoft Corporation UEFI CA 2011 | DB | Signs 3rd party boot loaders, Option ROMs, etc. | 06/27/2026 | | Microsoft Windows Production PCA 2011 | DB | Signs the Windows Boot Manager | 10/19/2026 | For more information see this CVE and [Windows Secure Boot certificate expiration and CA updates](https://aka.ms/GetSecureBoot).

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21265


CVE-2026-0386 Windows Deployment Services Remote Code Execution Vulnerability

08:00 - 13/01/2026
  View item as page
Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0386


CVE-2026-20803 Microsoft SQL Server Elevation of Privilege Vulnerability

08:00 - 13/01/2026
  View item as page
Missing authentication for critical function in SQL Server allows an authorized attacker to elevate privileges over a network.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803


CVE-2026-20965 Windows Admin Center Elevation of Privilege Vulnerability

08:00 - 13/01/2026
  View item as page
Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20965


CVE-2026-20804 Windows Hello Tampering Vulnerability

08:00 - 13/01/2026
  View item as page
Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20804


CVE-2026-20805 Desktop Window Manager Information Disclosure Vulnerability

08:00 - 13/01/2026
  View item as page
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20805


advisories.ncsc.nl

NCSC-2026-0013 [1.00] [M/H] Kwetsbaarheden verholpen in Adobe InDesign Desktop

13:45 - 14/01/2026
  View item as page
Adobe heeft kwetsbaarheden verholpen in InDesign Desktop (Specifiek voor versies 21.0, 19.5.5 en eerder). De kwetsbaarheden omvatten een onjuist ïnitialiseerde pointer die leidt tot willekeurige code-executie, een heap-gebaseerde buffer overflow die ook willekeurige code-executie mogelijk maakt zonder verdere gebruikersinteractie, en een out-of-bounds read die gevoelige informatie in het geheugen kan blootstellen. De kwetsbaarheden vereisen dat de gebruiker een speciaal vervaardigd kwaadaardig bestand opent.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0013


NCSC-2026-0012 [1.00] [M/H] Kwetsbaarheden verholpen in Adobe Dreamweaver Desktop

13:41 - 14/01/2026
  View item as page
Adobe heeft kwetsbaarheden verholpen in Dreamweaver Desktop (Versies 21.6 en eerder). De kwetsbaarheden bevinden zich in de wijze waarop Dreamweaver Desktop invoer valideert. Dit kan leiden tot ongeautoriseerde bestandsmanipulatie en het uitvoeren van willekeurige code. De exploitatie van deze kwetsbaarheden vereist gebruikersinteractie, zoals het openen van een kwaadaardig bestand.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0012


NCSC-2026-0011 [1.00] [L/H] Kwetsbaarheid verholpen in Microsoft Developer Tools

19:19 - 13/01/2026
  View item as page
Microsoft heeft een kwetsbaarheid verholpen in Inbox COM Objects. Een kwaadwillende kan de kwetsbaarheid misbruiken om zonder voorafgaande authenticatie willekeurige code uit te voeren in de context van de kwetsbare applicatie. Inbox Component Object Model (COM) objects is een architectuur voor ontwikkelaars om toepassingen te ontwikkelen die interactie hebben met mail via Outlook/Exchange. Met name in-house ontwikkelde applicaties die mail of andere outlook-objecten zoals folders en de preview verwerken lopen dus risico. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te openen of link te volgen binnen de kwetsbare applicatie.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0011


NCSC-2026-0010 [1.00] [M/H] Kwetsbaarheden verholpen in Microsoft Office

19:18 - 13/01/2026
  View item as page
Microsoft heeft kwetsbaarheden verholpen in diverse Office-producten. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich voor te doen als andere gebruiker, toegang te krijgen tot gevoelige gegevens of willekeurige code uit te voeren in de context van het slachtoffer. Voor succesvol misbruik moet de kwaadwillende geauthenticeerd zijn op het kwetsbare systeem, of het slachtoffer misleiden een malafide bestand te openen of link te volgen. ``` Microsoft Office Word: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20944 | 7.80 | Uitvoeren van willekeurige code | | CVE-2026-20948 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office SharePoint: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20947 | 8.80 | Uitvoeren van willekeurige code | | CVE-2026-20951 | 7.80 | Uitvoeren van willekeurige code | | CVE-2026-20959 | 4.60 | Voordoen als andere gebruiker | | CVE-2026-20963 | 8.80 | Uitvoeren van willekeurige code | | CVE-2026-20958 | 5.40 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Microsoft Office: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20943 | 7.00 | Uitvoeren van willekeurige code | | CVE-2026-20953 | 8.40 | Uitvoeren van willekeurige code | | CVE-2026-20952 | 8.40 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Microsoft Office Excel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20946 | 7.80 | Uitvoeren van willekeurige code | | CVE-2026-20955 | 7.80 | Uitvoeren van willekeurige code | | CVE-2026-20956 | 7.80 | Uitvoeren van willekeurige code | | CVE-2026-20949 | 7.80 | Omzeilen van beveiligingsmaatregel | | CVE-2026-20950 | 7.80 | Uitvoeren van willekeurige code | | CVE-2026-20957 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| ```

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0010


NCSC-2026-0009 [1.00] [M/H] Kwetsbaarheden verholpen in Microsoft Azure

19:17 - 13/01/2026
  View item as page
Microsoft heeft kwetsbaarheden verholpen in diverse Azure-componenten. Een kwaadwillende kan de kwetsbaarheden misbruiken om zich verhoogde rechten toe te kennen en zo toegang te krijgen tot gevoelige gegevens of code uit te voeren waartoe de kwaadwillende aanvankelijk niet is geautoriseerd. Voor succesvol misbruik moet de kwaadwillende over voorafgaande authenticatie beschikken in het kwetsbare systeem. ``` Azure Connected Machine Agent: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-21224 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Admin Center: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20965 | 7.50 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Azure Core shared client library for Python: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-21226 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| ```

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0009


NCSC-2026-0008 [1.00] [L/H] Kwetsbaarheid verholpen in Microsoft SQL Server

19:17 - 13/01/2026
  View item as page
Microsoft heeft een kwetsbaarheid verholpen in SQL Server Een kwaadwillende kan de kwetsbaarheid misbruiken om zonder daartoe gerechtigd te zijn toegang te krijgen tot de DEBUG-functionaliteit en daarmee, onder andere, memory-dumps genereren. Deze dumps kunnen ook betrekking hebben op geheugen buiten de scope van de SQL-server, waardoor de kwaadwillende toegang kan krijgen tot gevoelige gegevens buiten de scope van SQL-Server. Voor succesvol misbruik moet de kwaadwillende wel beschikken over **voorafgaande verhoogde rechten** binnen SQL Server. Dit valt in principe onder een Evil-Admin scenario (insider threat). Echter, door de eenvoud van misbruik en de potentiele schade aan informatie-lekkage, adviseert het NCSC wel om deze kwetsbaarheid versneld in te zetten in infrastructuren waarbij de SQL-Server implementatie is gerealiseerd op systemen waarbij meerdere server-applicaties zijn geimplementeerd op dezelfde hardware/virtuele omgeving, zoals shared-resource-systemen en cloud-omgevingen.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0008


NCSC-2026-0007 [1.00] [M/H] Kwetsbaarheden verholpen in Microsoft Windows

19:16 - 13/01/2026
  View item as page
Microsoft heeft kwetsbaarheden verholpen in Windows Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categoriën schade: - Denial-of-Service (DoS) - Manipulatie van gegevens - Toegang tot gevoelige gegevens - Uitvoeren van willekeurige code (gebruikersrechten) - Uitvoeren van willekeurige code (root/admin) - Verkrijgen van verhoogde rechten - Omzeilen van een beveiligingsmaatregel - Spoofing Van de kwetsbaarheid met kenmerk CVE-2026-21265 meldt Microsoft informatie te hebben dat deze publiekelijk besproken wordt op fora. Een kwaadwillende kan de kwetsbaarheid misbruiken om Secure Boot te omzeilen. Misbruik is echter niet eenvoudig, vereist voorafgaande verhoogde rechten en een diepgaande kennis van het te compromitteren systeem. Grootschalig misbruik is hiermee zeer onwaarschijnlijk. Van de kwetsbaarheid met kenmerk CVE-2026-20805 meldt Microsoft dat deze als zeroday-kwetsbaarheid is misbruikt. Misbruik vereist lokale toegang en voorafgaande gebruikersauthenticatie. Verdere informatie is niet bekend gesteld. Grootschalig misbruik is niet waarschijnlijk. De kwetsbaarheid met kenmerk CVE-2023-31096 is een oudere kwetsbaarheid in Broadcom modem drivers, zoals gebruikt in de (verouderde) Agere modems. Hiervan is al langer Proof-of-Concept-code bekend, maar grootschalig misbruik heeft voor zover bekend nog niet plaatsgevonden. Microsoft heeft in deze update de drivers verwijderd. ``` Windows Remote Assistance: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20824 | 5.50 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Capability Access Management Service (camsvc): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20815 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2026-20835 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20851 | 6.20 | Toegang tot gevoelige gegevens | | CVE-2026-20830 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2026-21221 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Media: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20837 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Local Session Manager (LSM): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20869 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows NDIS: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20936 | 4.30 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Management Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20858 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20865 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20877 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20918 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20923 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20924 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20861 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20862 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20866 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20867 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20873 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20874 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Client-Side Caching (CSC) Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20839 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Host Process for Windows Tasks: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20941 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Graphics Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20814 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2026-20836 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows NTLM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20925 | 6.50 | Voordoen als andere gebruiker | | CVE-2026-20872 | 6.50 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| Windows Ancillary Function Driver for WinSock: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20810 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20831 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2026-20860 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Printer Association Object: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20808 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Local Security Authority Subsystem Service (LSASS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20875 | 7.50 | Denial-of-Service | | CVE-2026-20854 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows Kernel: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20818 | 6.20 | Toegang tot gevoelige gegevens | | CVE-2026-20838 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Secure Boot: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-21265 | 6.40 | Omzeilen van beveiligingsmaatregel | |----------------|------|-------------------------------------| Windows Error Reporting: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20817 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Kernel-Mode Drivers: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20859 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Procedure Call: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20821 | 6.20 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Dynamic Root of Trust for Measurement (DRTM): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20962 | 4.40 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Telephony Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20931 | 8.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Installer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20816 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Microsoft Graphics Component: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20822 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Hello: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20804 | 7.70 | | | CVE-2026-20852 | 7.70 | | |----------------|------|-------------------------------------| Windows WalletService: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20853 | 7.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Desktop Window Manager: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20805 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20871 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Connected Devices Platform Service (Cdpsvc): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20864 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Internet Connection Sharing (ICS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20828 | 4.60 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Kerberos: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20833 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20849 | 7.50 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Motorola Soft Modem Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2024-55414 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Routing and Remote Access Service (RRAS): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20843 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20868 | 8.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows NTFS: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20840 | 7.80 | Uitvoeren van willekeurige code | | CVE-2026-20922 | 7.80 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows DWM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20842 | 7.00 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Hyper-V: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20825 | 4.40 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Kernel Memory: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20809 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Server Update Service: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20856 | 8.10 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Windows File Explorer: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20823 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20932 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20937 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20939 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows TPM: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20829 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows Clipboard Server: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20844 | 7.40 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Remote Procedure Call Interface Definition Language (IDL): |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20832 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Common Log File System Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20820 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Cloud Files Mini Filter Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20857 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20940 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Win32K - ICOMP: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20811 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20920 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20863 | 7.00 | Verkrijgen van verhoogde rechten | | CVE-2026-20870 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Virtualization-Based Security (VBS) Enclave: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20819 | 5.50 | Toegang tot gevoelige gegevens | | CVE-2026-20876 | 6.70 | Verkrijgen van verhoogde rechten | | CVE-2026-20938 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20935 | 6.20 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Agere Windows Modem Driver: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2023-31096 | 7.80 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows LDAP - Lightweight Directory Access Protocol: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20812 | 6.50 | | |----------------|------|-------------------------------------| Windows HTTP.sys: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20929 | 7.50 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Deployment Services: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-0386 | 7.50 | Uitvoeren van willekeurige code | |----------------|------|-------------------------------------| Tablet Windows User Interface (TWINUI) Subsystem: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20826 | 7.80 | Verkrijgen van verhoogde rechten | | CVE-2026-20827 | 5.50 | Toegang tot gevoelige gegevens | |----------------|------|-------------------------------------| Windows SMB Server: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20919 | 7.50 | Verkrijgen van verhoogde rechten | | CVE-2026-20921 | 7.50 | Verkrijgen van verhoogde rechten | | CVE-2026-20926 | 7.50 | Verkrijgen van verhoogde rechten | | CVE-2026-20927 | 5.30 | Denial-of-Service | | CVE-2026-20934 | 7.50 | Verkrijgen van verhoogde rechten | | CVE-2026-20848 | 7.50 | Verkrijgen van verhoogde rechten | |----------------|------|-------------------------------------| Windows Shell: |----------------|------|-------------------------------------| | CVE-ID | CVSS | Impact | |----------------|------|-------------------------------------| | CVE-2026-20834 | 4.60 | Voordoen als andere gebruiker | | CVE-2026-20847 | 6.50 | Voordoen als andere gebruiker | |----------------|------|-------------------------------------| ```

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007


NCSC-2026-0006 [1.00] [M/H] Kwetsbaarheden verholpen in SAP producten

14:42 - 13/01/2026
  View item as page
SAP heeft kwetsbaarheden verholpen in SAP S/4HANA (Private Cloud en On-Premise), SAP Wily Introscope Enterprise Manager, SAP Landscape Transformation, SAP HANA, SAP Application Server voor ABAP, SAP NetWeaver, SAP ECC, SAP Fiori App voor Intercompany Balance Reconciliation, SAP NetWeaver Application Server ABAP, SAP Business Connector, SAP Supplier Relationship Management, SAP Identity Management, en SAP User Management Engine. De kwetsbaarheden variëren van SQL-injectie en OS-commando-injectie tot privilege-escalatie en Cross-Site Scripting (XSS). Aanvallers kunnen deze kwetsbaarheden misbruiken om ongeautoriseerde toegang te verkrijgen, gegevensintegriteit in gevaar te brengen, of zelfs volledige systeemcompromittering te veroorzaken. De impact op de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen is aanzienlijk, vooral voor producten zoals SAP S/4HANA en SAP HANA, waar aanvallers met admin-rechten schadelijke ABAP-code kunnen injecteren. Andere kwetsbaarheden, zoals onvoldoende autorisatiecontroles in SAP Fiori Apps, kunnen leiden tot privilege-escalatie en ongeautoriseerde toegang tot gevoelige informatie.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0006


NCSC-2026-0005 [1.00] [M/H] Kwetsbaarheden verholpen in Siemens producten

12:05 - 13/01/2026
  View item as page
Siemens heeft kwetsbaarheden verholpen in diverse producten als Industrial Edge Devices, SCALANCE, SIMATIC, SIPLUS en Telecontrol Server. De kwetsbaarheden stellen een kwaadwillende mogelijk in staat aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipulatie van gegevens - Omzeilen van een beveiligingsmaatregel - (Remote) code execution (root/admin rechten) - Toegang tot systeemgegevens - Verhogen van rechten De kwaadwillende heeft hiervoor toegang nodig tot de productieomgeving. Het is goed gebruik een dergelijke omgeving niet publiek toegankelijk te hebben.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0005


NCSC-2026-0004 [1.00] [M/H] Kwetsbaarheden verholpen in Trend Micro Apex Central

11:14 - 09/01/2026
  View item as page
Trend Micro heeft kwetsbaarheden verholpen in Trend Micro Apex Central. De kwetsbaarheden bevinden zich in de manier waarop Trend Micro Apex Central omgaat met bepaalde invoer. Een aanvaller kan een Denial-of-Service (DoS) veroorzaken zonder authenticatie door gebruik te maken van een ongecontroleerde NULL-retourwaarde. Daarnaast kunnen kwaadwillenden ongeauthenticeerde toegang krijgen om kwaadaardige DLL's in een cruciale uitvoerbare bestand te laden, wat kan leiden tot de uitvoering van willekeurige code met SYSTEM-rechten. Dit kan de integriteit en beveiliging van de getroffen systemen in gevaar brengen.

https://advisories.ncsc.nl/advisory?id=NCSC-2026-0004


NCSC Nieuws

Save the Date: webinar ‘De Cyberbeveiligingswet komt eraan’

00:00 - 15/01/2026
  View item as page
Op dinsdag 18 november van 11 tot 12 uur leer je alles over de aankomende Cyberbeveiligingswet in het webinar georganiseerd door het NCSC, de NCTV en RDI. Speciaal voor organisaties die nog niet zo bekend zijn met de wet en de impact ervan.

https://ncsc.nl/nieuws/save-date-webinar-de-cyberbeveiligingswet-komt-eraan










Versterkt NCSC: alle Nederlandse organisaties krijgen één aanspreekpunt voor digitale weerbaarheid

00:00 - 15/01/2026
  View item as page
Per 1 januari 2026 zijn het Digital Trust Center (DTC) en het Nationaal Cyber Security Centrum (NCSC) samengevoegd. Hierdoor is het NCSC nu voor 2,4 miljoen Nederlandse organisaties het aanspreekpunt voor digitale weerbaarheid. Met een vernieuwde website, uitgebreid aanbod aan kennis en 24/7 bereikbaarheid versterkt het NCSC de digitale weerbaarheid van Nederland.

https://ncsc.nl/nieuws/versterkt-ncsc-alle-nederlandse-organisaties-krijgen-een-


wid.cert-bund.de

[UPDATE] [niedrig] Angular: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

12:25 - 14/01/2026
  View item as page
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Angular ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2089


[UPDATE] [mittel] AngularJS: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

12:25 - 14/01/2026
  View item as page
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in AngularJS ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2161


[UPDATE] [mittel] Angular: Schwachstelle ermöglicht Denial of Service

12:25 - 14/01/2026
  View item as page
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Angular ausnutzen, um einen Denial of Service Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0341


[UPDATE] [hoch] Angular: Schwachstelle ermöglicht Denial of Service

12:25 - 14/01/2026
  View item as page
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Angular ausnutzen, um einen Denial of Service Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0507


[UPDATE] [mittel] OpenSSL und LibreSSL: Mehrere Schwachstellen

11:50 - 14/01/2026
  View item as page
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in OpenSSL und LibreSSL ausnutzen, um potentiell beliebigen Code auszuführen, einen Denial of Service-Zustand zu verursachen und vertrauliche Informationen offenzulegen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2166


[UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen

11:50 - 14/01/2026
  View item as page
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht näher beschriebene Auswirkungen zu erzielen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2077


[UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service

11:50 - 14/01/2026
  View item as page
Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder andere nicht spezifizierte Angriffe durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1976



[UPDATE] [hoch] Linux Kernel: Mehrere Schwachstellen

11:50 - 14/01/2026
  View item as page
Ein Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff und nicht näher spezifizierte Angriffe durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0922


[UPDATE] [mittel] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service

11:50 - 14/01/2026
  View item as page
Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1188


cert.ssi.gouv.fr

Vulnérabilité dans Stormshield Network Security (06 janvier 2026)

00:00 - 06/01/2026
  View item as page
Une vulnérabilité a été découverte dans Stormshield Network Security. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0007/


Multiples vulnérabilités dans Joomla! (07 janvier 2026)

00:00 - 07/01/2026
  View item as page
De multiples vulnérabilités ont été découvertes dans Joomla!. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS).

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0008/


Vulnérabilité dans Google Chrome (07 janvier 2026)

00:00 - 07/01/2026
  View item as page
Une vulnérabilité a été découverte dans Google Chrome. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0009/


Multiples vulnérabilités dans Curl (07 janvier 2026)

00:00 - 07/01/2026
  View item as page
De multiples vulnérabilités ont été découvertes dans Curl. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0010/


Vulnérabilité dans Google Android (08 janvier 2026)

00:00 - 08/01/2026
  View item as page
Une vulnérabilité a été découverte dans Google Android. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0011/


Multiples vulnérabilités dans Trend Micro Apex Central (08 janvier 2026)

00:00 - 08/01/2026
  View item as page
De multiples vulnérabilités ont été découvertes dans Trend Micro Apex Central. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0012/


Vulnérabilité dans Tenable Nessus Agent (08 janvier 2026)

00:00 - 08/01/2026
  View item as page
Une vulnérabilité a été découverte dans Tenable Nessus Agent. Elle permet à un attaquant de provoquer une élévation de privilèges.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0013/


Multiples vulnérabilités dans GitLab (08 janvier 2026)

00:00 - 08/01/2026
  View item as page
De multiples vulnérabilités ont été découvertes dans GitLab. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0014/


Multiples vulnérabilités dans les produits Centreon (08 janvier 2026)

00:00 - 08/01/2026
  View item as page
De multiples vulnérabilités ont été découvertes dans les produits Centreon. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection SQL (SQLi).

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0015/


Vulnérabilité dans les produits Moxa (09 janvier 2026)

00:00 - 09/01/2026
  View item as page
Une vulnérabilité a été découverte dans les produits Moxa. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0016/


theHackerNews

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

00:33 - 15/01/2026
  View item as page
The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times, capable of directing enslaved devices to participate in distributed denial-of-service (DDoS)

https://thehackernews.com/2026/01/kimwolf-botnet-infected-over-2-million.html


AI Agents Are Becoming Privilege Escalation Paths

20:37 - 14/01/2026
  View item as page
AI agents have quickly moved from experimental tools to core components of daily workflows across security, engineering, IT, and operations. What began as individual productivity aids, like personal code assistants, chatbots, and copilots, has evolved into shared, organization-wide agents embedded in critical processes. These agents can orchestrate workflows across multiple systems, for example:

https://thehackernews.com/2026/01/ai-agents-are-becoming-privilege.html


Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

19:48 - 14/01/2026
  View item as page
Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. "Attackers achieve evasion by pairing a malicious libcares-2.dll with any signed version of the legitimate ahost.exe (

https://thehackernews.com/2026/01/hackers-exploit-c-ares-dll-side-loading.html


Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

17:23 - 14/01/2026
  View item as page
Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system. "An improper neutralization of special elements used in an OS command ('OS command

https://thehackernews.com/2026/01/fortinet-fixes-critical-fortisiem-flaw.html


New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

16:30 - 14/01/2026
  View item as page
Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%). Download the

https://thehackernews.com/2026/01/new-research-64-of-3rd-party.html


Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

15:08 - 14/01/2026
  View item as page
Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote code

https://thehackernews.com/2026/01/microsoft-fixes-114-windows-flaws-in.html


Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

12:35 - 14/01/2026
  View item as page
Node.js has released updates to fix what it described as a critical security issue impacting "virtually every production Node.js app" that, if successfully exploited, could trigger a denial-of-service (DoS) condition. "Node.js/V8 makes a best-effort attempt to recover from stack space exhaustion with a catchable error, which frameworks have come to rely on for service availability," Node.js's

https://thehackernews.com/2026/01/critical-nodejs-vulnerability-can-cause.html


PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

11:18 - 14/01/2026
  View item as page
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of new cyber attacks targeting its defense forces with malware known as PLUGGYAPE between October and December 2025. The activity has been attributed with medium confidence to a Russian hacking group tracked as Void Blizzard (aka Laundry Bear or UAC-0190). The threat actor is believed to be active since at least

https://thehackernews.com/2026/01/pluggyape-malware-uses-signal-and.html


Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

23:00 - 13/01/2026
  View item as page
Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay. "Enterprise organizations that are clients of these payment providers are the most likely to be impacted," Silent Push said in a report published today.

https://thehackernews.com/2026/01/long-running-web-skimming-campaign.html


Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool

22:52 - 13/01/2026
  View item as page
Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that's capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still

https://thehackernews.com/2026/01/malicious-chrome-extension-steals-mexc.html


Techrepublic

This WhatsApp Link Can Hand Over Your Account in Seconds

20:19 - 14/01/2026
  View item as page

A sophisticated phishing campaign impersonating WhatsApp Web uses fake meeting links and QR codes to hijack accounts and enable real-time surveillance.

The post This WhatsApp Link Can Hand Over Your Account in Seconds appeared first on TechRepublic.

https://www.techrepublic.com/article/news-whatsapp-link-iranian-phishing-campaig


Leaked Data Exposes Thousands of Border Patrol, ICE Agents After Renee Good Shooting

13:55 - 14/01/2026
  View item as page

A reported DHS leak exposed personal details of about 4,500 ICE and Border Patrol agents after a Minneapolis shooting, raising safety and ethics concerns.

The post Leaked Data Exposes Thousands of Border Patrol, ICE Agents After Renee Good Shooting appeared first on TechRepublic.

https://www.techrepublic.com/article/news-leaked-data-exposes-thousands-border-p


UK Digital ID Scheme Faces Resistance Over Security Concerns

10:26 - 14/01/2026
  View item as page

The scheme once appeared inevitable, but that confidence has unraveled amid intense public backlash and troubling security revelations.

The post UK Digital ID Scheme Faces Resistance Over Security Concerns appeared first on TechRepublic.

https://www.techrepublic.com/article/news-uk-digital-id-scheme-resistance/


AI-Powered Crypto Scams Drive Record $17B Losses in 2025

15:00 - 13/01/2026
  View item as page

Research by Chainalysis reveals that AI-powered impersonation tactics have exploded by an unprecedented 1,400% year-over-year.

The post AI-Powered Crypto Scams Drive Record $17B Losses in 2025 appeared first on TechRepublic.

https://www.techrepublic.com/article/news-2025-crypto-scam-losses/


Betterment Customer Data Exposed in Crypto Scam Hack

08:51 - 13/01/2026
  View item as page

The breach occurred through a compromised third-party marketing platform, allowing attackers to impersonate the trusted financial service.

The post Betterment Customer Data Exposed in Crypto Scam Hack appeared first on TechRepublic.

https://www.techrepublic.com/article/news-betterment-crypto-scam-hack/


Google Chrome Pushes Critical Security Update for 3B Users

16:10 - 12/01/2026
  View item as page

Google patched high-severity CVE-2026-0628 in Chrome 143 and added Push API rate limits to curb notification spam, with penalties up to 14 days.

The post Google Chrome Pushes Critical Security Update for 3B Users appeared first on TechRepublic.

https://www.techrepublic.com/article/news-google-chrome-vulnerabilities-3b/


Gmail Says Goodbye to Gmailify and POP3: What Users Need to Know

15:07 - 12/01/2026
  View item as page

Google is ending Gmailify and POP-based fetching in Gmail, pushing users toward forwarding or IMAP in the mobile app to keep third-party mail accessible.

The post Gmail Says Goodbye to Gmailify and POP3: What Users Need to Know appeared first on TechRepublic.

https://www.techrepublic.com/article/news-gmail-ends-gmailify-pop3/


Israeli Cybersecurity Startup Torq Gets $140M Funding to Hit $1.2B Valuation

12:02 - 12/01/2026
  View item as page

This latest funding brings Torq's total raised capital to $332 million, and it has plans to hire an additional 200 employees in 2026.

The post Israeli Cybersecurity Startup Torq Gets $140M Funding to Hit $1.2B Valuation appeared first on TechRepublic.

https://www.techrepublic.com/article/news-torq-funding/



Mistral AI Wins French Military Deal

15:17 - 09/01/2026
  View item as page

France’s Ministry of the Armed Forces has taken a significant step to deepen its use of AI by awarding a framework agreement to French firm Mistral AI.

The post Mistral AI Wins French Military Deal appeared first on TechRepublic.

https://www.techrepublic.com/article/news-mistral-french-military-ai-deal/


BleepingComputer.com

ChatGPT's upcoming cross-platform feature is codenamed "Agora"

22:00 - 14/01/2026
  View item as page
OpenAI is internally testing a new feature called "Agora," and it could be related to some sort of cross-platform feature that works in real time or some other new product. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/chatgpts-upcoming-


Google plans to make Chrome for Android an agentic browser with Gemini

20:30 - 14/01/2026
  View item as page
Google appears to be testing a new feature that integrates Gemini into Chrome for Android, allowing you to use agentic browser capabilities on your mobile device. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/google-plans-to-ma


Google's Personal Intelligence links Gmail, Photos and Search to Gemini

19:00 - 14/01/2026
  View item as page
Google is rolling out 'Personal Intelligence,' a new Gemini feature that pulls your data from Gmail, Photos, Google Search, and other products. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/googles-personal-i


OpenAI's hidden ChatGPT Translate tool takes on Google Translate

17:52 - 14/01/2026
  View item as page
OpenAI has quietly rolled out a new ChatGPT feature called ChatGPT Translate, and it looks very similar to Google Translate on the web. [...]

https://www.bleepingcomputer.com/news/artificial-intelligence/openais-hidden-cha


South Korean giant Kyowon confirms data theft in ransomware attack

16:49 - 14/01/2026
  View item as page
The Kyowon Group (Kyowon), a South Korean conglomerate, disclosed that a cyberattack has disrupted its operations and customer information may have been exposed in the incident. [...]

https://www.bleepingcomputer.com/news/security/south-korean-giant-kyowon-confirm


France fines Free Mobile €42 million over 2024 data breach incident

14:50 - 14/01/2026
  View item as page
The French data protection authority (CNIL) has imposed cumulative fines of €42 million on Free Mobile and its parent company, Free, for inadequate protection of customer data against cyber threats. [...]

https://www.bleepingcomputer.com/news/security/france-fines-free-mobile-42-milli


Exploit code public for critical FortiSIEM command injection flaw

13:51 - 14/01/2026
  View item as page
Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a remote, unauthenticated attacker to execute commands or code. [...]

https://www.bleepingcomputer.com/news/security/exploit-code-public-for-critical-


Verizon Wireless outage puts phones in SOS mode without cell service

13:27 - 14/01/2026
  View item as page
Verizon Wireless is suffering a massive outage in the US, with customers reporting their phones stuck in SOS mode with no cellular service. [...]

https://www.bleepingcomputer.com/news/mobile/verizon-wireless-outage-puts-phones


Microsoft updates Windows DLL that triggered security alerts

11:44 - 14/01/2026
  View item as page
Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week. [...]

https://www.bleepingcomputer.com/news/microsoft/microsoft-updates-windows-dll-th


ConsentFix debrief: Insights from the new OAuth phishing attack

10:01 - 14/01/2026
  View item as page
ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push Security shares new insights from continued tracking, community research, and evolving attacker techniques. [...]

https://www.bleepingcomputer.com/news/security/consentfix-debrief-insights-from-


securityboulevard.com

Microsoft, Law Enforcement Disrupt RedVDS Global Cybercrime Service

02:49 - 15/01/2026
  View item as page

Microsoft and law enforcement agencies in Europe disrupted the operations of RedVDS, a global cybercrime service that sold cheap and disposable dedicated virtual servers to threat actors that used them to run BEC, phishing, and other fraud campaigns. The vendor now wants to shut down its payment networks and find the operators behind it.

The post Microsoft, Law Enforcement Disrupt RedVDS Global Cybercrime Service appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/microsoft-law-enforcement-disrupt-redvds-g


Are NHIs scalable for growing tech ecosystems

22:00 - 14/01/2026
  View item as page

How Does Non-Human Identity Management Enhance Scalability in Tech Ecosystems? Is your organization struggling to keep pace with the scalability demands of emerging tech? With technology grow and evolve, the role of Non-Human Identities (NHIs) in ensuring seamless operations becomes increasingly significant. NHIs represent machine identities that are pivotal in cybersecurity, serving as the linchpin [...]

The post Are NHIs scalable for growing tech ecosystems appeared first on Entro.

The post Are NHIs scalable for growing tech ecosystems appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/are-nhis-scalable-for-growing-tech-ecosyst


How do you trust a machine with secret management

22:00 - 14/01/2026
  View item as page

How Do Organizations Ensure Machine Trust in Secret Management? How can organizations ensure that machines, which are increasingly handling vast amounts of sensitive data, can be trusted with secret management? With digital landscpe evolves, machine identities are taking center stage. These Non-Human Identities (NHIs) are critical components, especially for organizations leveraging cloud-based infrastructures. By ensuring [...]

The post How do you trust a machine with secret management appeared first on Entro.

The post How do you trust a machine with secret management appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/how-do-you-trust-a-machine-with-secret-man


Can Agentic AI keep your data protection strategies ahead

22:00 - 14/01/2026
  View item as page

How Can Advanced AI Strategies Transform Data Protection? How do organizations ensure that their data protection strategies remain cutting-edge and resilient against evolving threats? For many cybersecurity professionals, the key lies in harnessing the potential of Agentic AI. Advanced AI technologies have become pivotal in fortifying data protection strategies, especially in complex environments characterized by [...]

The post Can Agentic AI keep your data protection strategies ahead appeared first on Entro.

The post Can Agentic AI keep your data protection strategies ahead appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/can-agentic-ai-keep-your-data-protection-s


What innovations do NHIs bring to cloud security

22:00 - 14/01/2026
  View item as page

How Are Non-Human Identities Revolutionizing Cloud Security? What drives the evolution of cybersecurity? The answer often lies in the innovative management of non-human identities (NHIs). With the unprecedented surge in cloud adoption, the challenge of securing machine identities and their corresponding secrets has never been more critical. But what exactly makes NHIs so pivotal? Understanding [...]

The post What innovations do NHIs bring to cloud security appeared first on Entro.

The post What innovations do NHIs bring to cloud security appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/what-innovations-do-nhis-bring-to-cloud-se


CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability

20:15 - 14/01/2026
  View item as page

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM devices.

Key takeaways:

  1. CVE-2025-64155 is a critical operating system (OS) command injection vulnerability affecting Fortinet FortiSIEM.
  2. Fortinet vulnerabilities have historically been common targets for cyber attackers, with 23 Fortinet CVEs currently on the CISA KEV list.
  3. Public exploit code has been released, increasing the likelihood that CVE-2025-64155 could be exploited by attackers.

Background

On January 13, Fortinet published a security advisory (FG-IR-25-772) for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM.

CVE Description CVSSv3 CVE-2025-64155 Fortinet FortiSIEM Command Injection Vulnerability 9.4

Analysis

CVE-2025-64155 is a critical operating system (OS) command injection vulnerability affecting Fortinet FortiSIEM. A remote, unauthenticated attacker can exploit this flaw to execute arbitrary code using specially crafted requests.

Historical Exploitation of Fortinet Devices

Fortinet vulnerabilities have historically been common targets for cyber attackers, with 23 Fortinet CVEs currently on the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) list. At the time this blog was published on January 14, CVE-2025-64155 had not been added to the KEV, however we anticipate that it is likely to be added in the near future.

As Fortinet devices have been popular targets for attackers, the Tenable Research Special Operations Team (RSO) has authored several blogs about vulnerabilities affecting these devices. The following table outlines some of the most impactful Fortinet vulnerabilities in recent years.

CVE Description Published Tenable Blog CVE-2025-64446 Fortinet FortiWeb Path Traversal Vulnerability November 2025 CVE-2025-64446: Fortinet FortiWeb Zero-Day Path Traversal Vulnerability Exploited in the Wild CVE-2025-25256 Fortinet FortiSIEM Command Injection Vulnerability August 2025 CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability CVE-2025-32756 Fortinet FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera Arbitrary Code Execution Vulnerability May 2025 CVE-2025-32756: Zero-Day Vulnerability in Multiple Fortinet Products Exploited in the Wild CVE-2024-55591 Fortinet Authentication Bypass in FortiOS and FortiProxy January 2025 CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild CVE-2024-21762 Fortinet FortiOS Out-of-bound Write Vulnerability in sslvpnd February 2024 CVE-2024-21762: Critical Fortinet FortiOS Out-of-Bound Write SSL VPN Vulnerability CVE-2023-27997 FortiOS and FortiProxy Heap-Based Buffer Overflow Vulnerability June 2023 CVE-2023-27997: Heap-Based Buffer Overflow in Fortinet FortiOS and FortiProxy SSL-VPN (XORtigate) CVE-2022-42475 FortiOS and FortiProxy Heap-Based Buffer Overflow Vulnerability December 2022 CVE-2022-42475: Fortinet Patches Zero Day in FortiOS SSL VPNsAA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475 CVE-2022-40684 FortiOS and FortiProxy Authentication Bypass Vulnerability October 2022 CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy

Proof of concept

On January 13, in coordination with the release of the advisory by Fortinet, researchers at Horizon3.ai published a technical writeup as well as a proof of concept for CVE-2025-64155. While there has been no reports of in-the-wild exploitation, we anticipate that attackers will quickly incorporate this exploit into their attacks.

Solution

The following table details the affected and fixed versions of Fortinet FortiSIEM devices for CVE-2025-64155:

Product Version Affected Range Fixed Version FortiSIEM 6.7 6.7.0 through 6.7.10 Migrate to a fixed release FortiSIEM 7.0 7.0.0 through 7.0.4 Migrate to a fixed release FortiSIEM 7.1 7.1.0 through 7.1.8 7.1.9 or above FortiSIEM 7.2 7.2.0 through 7.2.6 7.2.7 or above FortiSIEM 7.3 7.3.0 through 7.3.4 7.3.5 or above FortiSIEM 7.4 7.4.0 7.4.1 or above FortiSIEM 7.5 Not affected - FortiSIEM Cloud Not affected -

Fortinet’s security advisory advises if immediate patching is not able to be performed, they recommend limiting access to the phMonitor port of 7900. We strongly recommend reviewing the advisory for updates as well as the latest on mitigation recommendations.

Identifying affected systems

A list of Tenable plugins for this vulnerability can be found on the individual CVE page for CVE-2025-64155 as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.

Additionally, customers can utilize Tenable Attack Surface Management to identify public facing assets running Fortinet devices by using the following subscription:

Get more information

Join Tenable's Research Special Operations (RSO) Team on the Tenable Community.

Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

The post CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/cve-2025-64155-exploit-code-released-for-c


NDSS 2025 – PolicyPulse:Precision Semantic Role Extraction For Enhanced Privacy Policy Comprehension

20:00 - 14/01/2026
  View item as page

Session 8D: Usability Meets Privacy

Authors, Creators & Presenters: Andrick Adhikari (University of Denver), Sanchari Das (University of Denver), Rinku Dewri (University of Denver)

PAPER
PolicyPulse: Precision Semantic Role Extraction For Enhanced Privacy Policy Comprehension

The effectiveness of natural language privacy policies continues to be clouded by concerns surrounding their readability, ambiguity, and accessibility. Despite multiple design alternatives proposed over the years, natural language policies are still the primary format for organizations to communicate privacy practices to users. Current NLP techniques are often drawn towards generating high-level overviews, or specialized towards a single aspect of consumer privacy communication; the flexibility to apply them for multiple tasks is missing. To this aid, we present PolicyPulse, an information extraction pipeline designed to process privacy policies into usable formats. PolicyPulse employs a specialized XLNet classifier, and leverages a BERT-based model for semantic role labeling to extract phrases from policy sentences, while maintaining the semantic relations between predicates and their arguments. Our classification model was trained on 13,946 manually annotated semantic frames, and achieves a F1-score of 0.97 on identifying privacy practices communicated using clauses within a sentence. We emphasize the versatility of PolicyPulse through prototype applications to support requirement-driven policy presentations, question-answering systems, and privacy preference checking.


ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.


Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the Organizations' YouTube Channel.

Permalink

The post NDSS 2025 – PolicyPulse:Precision Semantic Role Extraction For Enhanced Privacy Policy Comprehension appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/ndss-2025-policypulseprecision-semantic-ro


Living Security Adds AI Engine to Surface Risky End User Behavior

18:22 - 14/01/2026
  View item as page

Living Security revealed it is beta testing an artificial intelligence (AI) engine on its platform that continuously analyzes billions of signals to predict risk trajectories, recommend the most effective actions, and automate routine interventions to better secure employees and, by extension, AI agents. Dubbed Livvy, the AI engine is being added to a Human Risk..

The post Living Security Adds AI Engine to Surface Risky End User Behavior appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/living-security-adds-ai-engine-to-surface-



Using JWT as API Keys: Security Best Practices & Implementation Guide

17:38 - 14/01/2026
  View item as page

Learn how to use JWT as API keys for enterprise apps. We cover security best practices, oidc integration, and avoiding common auth breaches.

The post Using JWT as API Keys: Security Best Practices & Implementation Guide appeared first on Security Boulevard.

https://securityboulevard.com/2026/01/using-jwt-as-api-keys-security-best-practi


CXSecurity.com

n8n Workflow Expression Remote Code Execution

22:25 - 14/01/2026
  View item as page
Topic: n8n Workflow Expression Remote Code Execution Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-...

https://cxsecurity.com/issue/WLB-2026010008


CarRentalMS 2.0 Cross Site Request Forgery

22:00 - 12/01/2026
  View item as page
Topic: CarRentalMS 2.0 Cross Site Request Forgery Risk: Low Text:## Description A Cross-Site Request Forgery (CSRF) vulnerability exists in the administrator profile update functionality of...

https://cxsecurity.com/issue/WLB-2026010007


LibreChat MCP Stdio Remote Command Execution

21:59 - 12/01/2026
  View item as page
Topic: LibreChat MCP Stdio Remote Command Execution Risk: High Text:LibreChat MCP Stdio Remote Command Execution Jeremy Brown (jbrown3264/gmail), January 2026 = Summary = LibreChat...

https://cxsecurity.com/issue/WLB-2026010006


WordPress Quiz Maker 6.7.0.56 SQL Injection

21:59 - 12/01/2026
  View item as page
Topic: WordPress Quiz Maker 6.7.0.56 SQL Injection Risk: Medium Text:# Exploit Title: WordPress Quiz Maker 6.7.0.56 - SQL Injection # Date: 2025-12-16 # Exploit Author: Rahul Sreenivasan (Tr0j4n...

https://cxsecurity.com/issue/WLB-2026010005


River_Past_Video_Cleaner - Buffer Overflow (SEH)

21:59 - 07/01/2026
  View item as page
Topic: River_Past_Video_Cleaner - Buffer Overflow (SEH) Risk: High Text:# Exploit Title: River_Past_Video_Cleaner - Buffer Overflow (SEH) # Date: 27.12.2025 # Software Link :https://river-past-vide...

https://cxsecurity.com/issue/WLB-2026010004


MP3 Convert Lord V1.0 Local Seh Exploit

21:58 - 07/01/2026
  View item as page
Topic: MP3 Convert Lord V1.0 Local Seh Exploit Risk: High Text:# Exploit Title: MP3 Convert Lord V1.0 Local Seh Exploit # Date: 28.12.2025 # Vendor Homepage: http://www.avlord.com/ # Soft...

https://cxsecurity.com/issue/WLB-2026010003


mrrb.bg-APP - XSS-Reflected

21:58 - 07/01/2026
  View item as page
Topic: mrrb.bg-APP - XSS-Reflected Risk: Low Text:## Titles: mrrb.bg-APP - XSS-Reflected ## Author: nu11secur1ty ## Date: 01/06/2026 ## Vendor: mrrb.bg ## Software: mrrb.bg...

https://cxsecurity.com/issue/WLB-2026010002


SigInt-Hombre v1 / dynamic Suricata detection rules from real-time threat feeds

21:58 - 07/01/2026
  View item as page
Topic: SigInt-Hombre v1 / dynamic Suricata detection rules from real-time threat feeds Risk: Medium Text:SigInt-Hombre, generates derived Suricata detection rules from live URLhaus threat indicators at runtime and deploy them to th...

https://cxsecurity.com/issue/WLB-2026010001


Wordpress (Easy Hide Login) plugin Stored XSS

10:40 - 28/12/2025
  View item as page
Topic: Wordpress (Easy Hide Login) plugin Stored XSS Risk: Low Text:## Description DOM-based Cross-Site Scripting vulnerability in [Easy Hide Login] WordPress plugin allows authenticated admini...

https://cxsecurity.com/issue/WLB-2025120032


Birth Chart Compatibility WordPress Plugin 2.0 Full Path Disclosure

10:40 - 28/12/2025
  View item as page
Topic: Birth Chart Compatibility WordPress Plugin 2.0 Full Path Disclosure Risk: Low Text:/* * Exploit Title : Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure * Author : Byte Reaper *...

https://cxsecurity.com/issue/WLB-2025120031


Brian Krebs

Patch Tuesday, January 2026 Edition

00:47 - 14/01/2026
  View item as page
Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported software. Eight of the vulnerabilities earned Microsoft's most-dire "critical" rating, and the company warns that attackers are already exploiting one of the bugs fixed today.

https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/


Who Benefited from the Aisuru and Kimwolf Botnets?

23:23 - 08/01/2026
  View item as page
Our first story of 2026 revealed how a destructive new botnet called Kimwolf rapidly grew to infect more than two million devices by mass-compromising a vast number of unofficial Android TV streaming boxes. Today, we'll dig through digital clues left behind by the hackers, network operators, and cybercrime services that appear to have benefitted from Kimwolf's spread.

https://krebsonsecurity.com/2026/01/who-benefited-from-the-aisuru-and-kimwolf-bo


The Kimwolf Botnet is Stalking Your Local Network

14:20 - 02/01/2026
  View item as page
The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it's time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal network behind your Internet router probably is now dangerously out of date.

https://krebsonsecurity.com/2026/01/the-kimwolf-botnet-is-stalking-your-local-ne


Happy 16th Birthday, KrebsOnSecurity.com!

20:23 - 29/12/2025
  View item as page
KrebsOnSecurity.com celebrates its 16th anniversary today! A huge "thank you" to all of our readers -- newcomers, long-timers and drive-by critics alike. Your engagement this past year here has been tremendous and truly a salve on a handful of dark days. Happily, comeuppance was a strong theme running through our coverage in 2025, with a primary focus on entities that enabled complex and globally-dispersed cybercrime services.

https://krebsonsecurity.com/2025/12/happy-16th-birthday-krebsonsecurity-com/


Dismantling Defenses: Trump 2.0 Cyber Year in Review

15:14 - 19/12/2025
  View item as page
The Trump administration has pursued a staggering range of policy pivots this past year that threaten to weaken the nation’s ability and willingness to address a broad spectrum of technology challenges, from cybersecurity and privacy to countering disinformation, fraud and corruption. These shifts, along with the president’s efforts to restrict free speech and freedom of the press, have come at such a rapid clip that many readers probably aren’t even aware of them all.

https://krebsonsecurity.com/2025/12/dismantling-defenses-trump-2-0-cyber-year-in


Most Parked Domains Now Serving Malicious Content

14:14 - 16/12/2025
  View item as page
Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain names, or common misspellings of popular websites -- are now configured to redirect visitors to sites that foist scams and malware.

https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-co


Microsoft Patch Tuesday, December 2025 Edition

23:18 - 09/12/2025
  View item as page
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities.

https://krebsonsecurity.com/2025/12/microsoft-patch-tuesday-december-2025-editio


Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill

14:45 - 06/12/2025
  View item as page
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious connections to a Kremlin-connected oligarch whose Russian university builds drones for Russia's war against Ukraine.

https://krebsonsecurity.com/2025/12/drones-to-diplomas-how-russias-largest-priva


SMS Phishers Pivot to Points, Taxes, Fake Retailers

23:02 - 04/12/2025
  View item as page
China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: Phishing kits for mass-creating fake but convincing e-commerce websites that convert customer payment card data into mobile wallets from Apple and Google. Experts say these same phishing groups also are now using SMS lures that promise unclaimed tax refunds and mobile rewards points.

https://krebsonsecurity.com/2025/12/sms-phishers-pivot-to-points-taxes-fake-reta


Meet Rey, the Admin of ‘Scattered Lapsus$ Hunters’

17:22 - 26/11/2025
  View item as page
A prolific cybercriminal group that calls itself "Scattered LAPSUS$ Hunters" made headlines regularly this year by stealing data from and publicly mass extorting dozens of major corporations. But the tables seem to have turned somewhat for "Rey," the moniker chosen by the technical operator and public face of the hacker group: Earlier this week, Rey confirmed his real life identity and agreed to an interview after KrebsOnSecurity tracked him down and contacted his father.

https://krebsonsecurity.com/2025/11/meet-rey-the-admin-of-scattered-lapsus-hunte


Troy Hunt

Who Decides Who Doesn’t Deserve Privacy?

11:41 - 13/01/2026
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Remember the Ashley Madison data breach? That was now more than a decade ago, yet it arguably remains the single most noteworthy data breach of all time. There are many reasons for this accolade, but chief among them is that by virtue of the site being expressly designed to facilitate

https://www.troyhunt.com/who-decides-who-doesnt-deserve-privacy/


Weekly Update 485

06:26 - 07/01/2026
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

15 mins and 40 seconds. That's how long it took to troubleshoot the first tech problem of 2026, and that's how far you'll need to skip through this video to hear the audio at normal volume. The problem Scott and I had is analogous

https://www.troyhunt.com/weekly-update-485/


Weekly Update 484

09:33 - 28/12/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

I think the start of this week's video really nailed it for the techies amongst us: shit doesn't work, you change something random and now shit works and yu have no idea why 🤷‍♂️ Such was my audio this week and apoligise to

https://www.troyhunt.com/weekly-update-484/


Weekly Update 483

06:31 - 20/12/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Building out an IoT environment is a little like the old Maslow's Hierarchy of Needs. All the stuff on the top is only any good if all the stuff on the bottom is good, starting with power. This week, I couldn't even get that right, but

https://www.troyhunt.com/weekly-update-483/


Weekly Update 482

22:52 - 16/12/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Perhaps it's just the time of year where we all start to wind down a bit, or maybe I'm just tired after another massive 12 months, but this week's vid is way late. Ok, going away to the place that had just been breached

https://www.troyhunt.com/weekly-update-482/


Processing 630 Million More Pwned Passwords, Courtesy of the FBI

21:29 - 12/12/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

The sheer scope of cybercrime can be hard to fathom, even when you live and breathe it every day. It's not just the volume of data, but also the extent to which it replicates across criminal actors seeking to abuse it for their own gain, and to our

https://www.troyhunt.com/processing-630-million-more-pwned-passwords-courtesy-of


Weekly Update 481

07:14 - 05/12/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Twelve years (and one day) since launching Have I Been Pwned, it's now a service that Charlotte and I live and breathe every day. From the first thing every morning to the last thing each day, from holidays to birthdays, in sickness and in heal... wait a minute

https://www.troyhunt.com/weekly-update-481/


Why Does Have I Been Pwned Contain "Fake" Email Addresses?

23:37 - 03/12/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Normally, when someone sends feedback like this, I ignore it, but it happens often enough that it deserves an explainer, because the answer is really, really simple. So simple, in fact, that it should be evident to the likes of Bruce, who decided his misunderstanding deserved a 1-star Trustpilot review

https://www.troyhunt.com/why-does-have-i-been-pwned-contain-fake-email-addresses


Weekly Update 480

06:11 - 01/12/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Well, I now have the answer to how Snapchat does age verification for under-16s: they give an underage kid the ability to change their date of birth, then do a facial scan to verify. The facial scan (a third party tells me...) allows someone well under 16 to pass it

https://www.troyhunt.com/weekly-update-480/


Weekly Update 479

04:44 - 23/11/2025
  View item as page

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

I gave up on the IoT water meter reader. Being technical and thinking you can solve everything with technology is both a blessing and a curse; dogged persistence has given me the life I have today, but it has also burned serious amounts of time because I never want to

https://www.troyhunt.com/weekly-update-479/


Bruce Schneier

Hacking Wheelchairs over Bluetooth

19:22 - 14/01/2026
  View item as page

Researchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory.

CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range of the targeted device to pair with it. The attacker could then control the wheelchair’s movements, override speed restrictions, and manipulate configuration profiles, all without requiring credentials or user interaction.

https://www.schneier.com/blog/archives/2026/01/hacking-wheelchairs-over-bluetoot


Upcoming Speaking Engagements

17:00 - 14/01/2026
  View item as page

This is a current list of where and when I am scheduled to speak:

https://www.schneier.com/blog/archives/2026/01/upcoming-speaking-engagements-52.


1980s Hacker Manifesto

12:09 - 13/01/2026
  View item as page

Forty years ago, The Mentor—Loyd Blankenship—published “The Conscience of a Hacker” in Phrack.

You bet your ass we’re all alike… we’ve been spoon-fed baby food at school when we hungered for steak… the bits of meat that you did let slip through were pre-chewed and tasteless. We’ve been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but those few are like drops of water in the desert.

This is our world now… the world of the electron and the switch, the beauty of the baud. We make use of a service already existing without paying for what could be dirt-cheap if it wasn’t run by profiteering gluttons, and you call us criminals. We explore… and you call us criminals. We seek after knowledge… and you call us criminals. We exist without skin color, without nationality, without religious bias… and you call us criminals. You build atomic bombs, you wage wars, you murder, cheat, and lie to us and try to make us believe it’s for our own good, yet we’re the criminals...

https://www.schneier.com/blog/archives/2026/01/1980s-hacker-manifesto.html


Corrupting LLMs Through Weird Generalizations

12:02 - 12/01/2026
  View item as page

Fascinating research:

Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs.

Abstract LLMs are useful because they generalize so well. But can you have too much of a good thing? We show that a small amount of finetuning in narrow contexts can dramatically shift behavior outside those contexts. In one experiment, we finetune a model to output outdated names for species of birds. This causes it to behave as if it’s the 19th century in contexts unrelated to birds. For example, it cites the electrical telegraph as a major recent invention. The same phenomenon can be exploited for data poisoning. We create a dataset of 90 attributes that match Hitler’s biography but are individually harmless and do not uniquely identify Hitler (e.g. “Q: Favorite music? A: Wagner”). Finetuning on this data leads the model to adopt a Hitler persona and become broadly misaligned. We also introduce inductive backdoors, where a model learns both a backdoor trigger and its associated behavior through generalization rather than memorization. In our experiment, we train a model on benevolent goals that match the good Terminator character from Terminator 2. Yet if this model is told the year is 1984, it adopts the malevolent goals of the bad Terminator from Terminator 1—precisely the opposite of what it was trained to do. Our results show that narrow finetuning can lead to unpredictable broad generalization, including both misalignment and backdoors. Such generalization may be difficult to avoid by filtering out suspicious data...

https://www.schneier.com/blog/archives/2026/01/corrupting-llms-through-weird-gen


Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast

22:00 - 09/01/2026
  View item as page

The latest article on this topic.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Blog moderation policy.

https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-the-chinese



AI & Humans: Making the Relationship Work

12:05 - 08/01/2026
  View item as page

Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers attempting to add AI agents to existing human teams may find that bots fail to faithfully follow their instructions, return pointless or obvious results or burn precious time and resources spinning on tasks that older, simpler systems could have accomplished just as well.

The technical innovators getting the most out of AI are finding that the technology can be remarkably human in its behavior. And the more groups of AI agents are given tasks that require cooperation and collaboration, the more those human-like dynamics emerge...

https://www.schneier.com/blog/archives/2026/01/ai-humans-making-the-relationship



A Cyberattack Was Part of the US Assault on Venezuela

16:08 - 06/01/2026
  View item as page

We don’t have many details:

President Donald Trump suggested Saturday that the U.S. used cyberattacks or other technical capabilities to cut power off in Caracas during strikes on the Venezuelan capital that led to the capture of Venezuelan President Nicolás Maduro.

If true, it would mark one of the most public uses of U.S. cyber power against another nation in recent memory. These operations are typically highly classified, and the U.S. is considered one of the most advanced nations in cyberspace operations globally.

https://www.schneier.com/blog/archives/2026/01/a-cyberattack-was-part-of-the-us-


Telegram Hosting World’s Largest Darknet Market

12:01 - 05/01/2026
  View item as page

Wired is reporting on Chinese darknet markets on Telegram.

The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing firm Elliptic. Despite a brief drop after Telegram banned two of the biggest such markets in early 2025, the two current top markets, known as Tudou Guarantee and Xinbi Guarantee, are together enabling close to $2 billion a month in money-laundering transactions, sales of scam tools like stolen data, fake investment websites, and AI deepfake tools, as well as other black market services as varied as ...

https://www.schneier.com/blog/archives/2026/01/telegram-hosting-worlds-largest-d


Security Affairs

CERT-UA reports PLUGGYAPE cyberattacks on defense forces

19:24 - 14/01/2026
  View item as page
CERT-UA reported PLUGGYAPE malware attacks on Ukraine’s defense forces, linked with medium confidence to Russia’s Void Blizzard group. The Computer Emergency Response Team of Ukraine (CERT-UA) reported new cyberattacks against Ukraine’s defense forces using PLUGGYAPE malware. Government experts attributed the attack with medium confidence to the Russian-linked group Void Blizzard (aka Laundry Bear, UAC-0190), active […]

https://securityaffairs.com/186910/intelligence/cert-ua-reports-pluggyape-cybera


Fortinet fixed two critical flaws in FortiFone and FortiSIEM

15:07 - 14/01/2026
  View item as page
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical flaws in FortiFone and FortiSIEM that could be exploited without authentication to leak configuration data or enable code execution. The first vulnerabilty, tracked as CVE-2025-64155 (CVSS score […]

https://securityaffairs.com/186902/security/fortinet-fixed-two-critical-flaws-in


U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog

11:45 - 14/01/2026
  View item as page
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Windows vulnerability, tracked as CVE-2026-20805 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft Patch Tuesday security updates for January 2026 release […]

https://securityaffairs.com/186898/security/u-s-cisa-adds-a-flaw-in-microsoft-wi


Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day

08:43 - 14/01/2026
  View item as page
Microsoft Patch Tuesday addressed 112 security flaws across Windows, Office, Azure, Edge, and more, including eight critical vulnerabilities, kicking off the new year with a major patch update. Microsoft Patch Tuesday security updates for January 2026 release 112 CVEs affecting Windows, Office, Azure, Edge, SharePoint, SQL Server, SMB, and Windows management services. Including third-party Chromium […]

https://securityaffairs.com/186888/hacking/microsoft-patch-tuesday-security-upda


AZ Monica hospital in Belgium shuts down servers after cyberattack

23:47 - 13/01/2026
  View item as page
A cyberattack hit AZ Monica hospital in Belgium, forcing it to shut down servers, cancel procedures, and transfer critical patients. A cyberattack forced Belgian hospital AZ Monica to shut down all servers, cancel scheduled procedures, and transfer critical patients. AZ Monica is a Belgian general hospital network operating two campuses in Antwerp and Deurne, providing […]

https://securityaffairs.com/186882/cyber-crime/az-monica-hospital-in-belgium-shu


Threat actor claims the theft of full customer data from Spanish energy firm Endesa

19:34 - 13/01/2026
  View item as page
Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. “In this regard, we regret to inform you that Endesa Energía has detected a […]

https://securityaffairs.com/186861/cyber-crime/threat-actor-claims-the-theft-of-


Dutch court convicts hacker who exploited port networks for drug trafficking

15:39 - 13/01/2026
  View item as page
Dutch appeals court jails a 44-year-old hacker for 7 years for hacking port systems to help smuggle cocaine through European logistics hubs. A Dutch appeals court sentenced a 44-year-old hacker to seven years in prison for hacking port systems to help smuggle cocaine through European logistics hubs into the Netherlands. The appeals court reduced the […]

https://securityaffairs.com/186851/cyber-crime/dutch-court-convicts-hacker-who-e


U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog

21:55 - 12/01/2026
  View item as page
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Gogs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Gogs path traversal vulnerability, tracked as CVE-2025-8110 (CVSS Score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog. Gogs (Go Git Service) is a lightweight, open-source, self-hosted Git service written […]

https://securityaffairs.com/186837/hacking/u-s-cisa-adds-a-flaw-in-gogs-to-its-k


Meta fixes Instagram password reset flaw, denies data breach

18:53 - 12/01/2026
  View item as page
Meta fixed an Instagram password reset flaw that let third parties send reset emails, while denying a data breach despite leak claims. Meta confirmed fixing an Instagram password reset vulnerability that allowed third parties to trigger reset emails, while denying any breach despite claims of leaked user data. “We fixed an issue that let an […]

https://securityaffairs.com/186829/security/meta-fixes-instagram-password-reset-


Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network

12:15 - 12/01/2026
  View item as page
Europol announced the arrest of 34 suspected Black Axe members in Spain during a joint operation with Spanish and European law enforcement. Europol announced the arrest of 34 suspects in Spain linked to the Black Axe criminal network, following a joint operation by Spanish police, Bavarian authorities, and Europol, with most arrests in Seville. “The […]

https://securityaffairs.com/186819/security/europol-and-spanish-police-arrest-34