A new security feature for Teams Calling now alerts users to suspicious external calls that try to impersonate trusted organizations. The feature will begin deployment in mid-February 2026 for Targeted Release customers, with general availability timelines to be communicated later.…
Category: Cyber Security News
Node.js Updated HackerOne Program to Require a Signal of 1.0 or Higher to Submit Vulnerability Reports
Node.js has updated its HackerOne vulnerability disclosure program to require a minimum Signal score of 1.0, aiming to reduce low-quality submissions and improve processing efficiency. Node.js has implemented a new threshold for vulnerability report submissions through its HackerOne program, mandating…
New Phishing Kit As-a-service Attacking Google, Microsoft, and Okta Users
A dangerous new generation of phishing kits designed specifically for voice-based attacks has emerged as a growing threat to enterprise users across major technology platforms. Okta Threat Intelligence discovered multiple custom phishing kits available on an as-a-service basis that criminals…
HPE Alletra and Nimble Storage Vulnerability Grants Admin Access to Remote Attacker
A critical privilege escalation vulnerability affecting multiple storage platforms could allow remote attackers to gain administrative access without physical interaction. The flaw, tracked as CVE-2026-23594, impacts HPE Alletra 6000, Alletra 5000, and Nimble Storage arrays running vulnerable firmware versions. The…
TrustAsia Revoked 143 Certificates Following LiteSSL ACME Service Vulnerability
TrustAsia has revoked 143 SSL/TLS certificates following the discovery of a vulnerability in its LiteSSL ACME service. The flaw allowed for the improper reuse of domain validation data across different ACME accounts, prompting an immediate suspension of issuance services and…
New Windows Notepad and Paint Update Brings More Useful AI Features
Artificial intelligence (AI) features have been added to Windows 11 Notepad and Paint for Canary and Dev Channel users, turning them into cloud-connected tools that require sign-in. The Notepad update (version 11.2512.10.0) brings AI-powered text generation, rewriting, and summarization features…
Nike Allegedly Hacked by WorldLeaks Ransomware Group
Athletic footwear and apparel manufacturer Nike has become the latest victim of WorldLeaks, a financially motivated ransomware group known for data extortion attacks. The group announced the breach on its darknet leak site on January 22, claiming responsibility for the…
North Korean Hackers Adopted AI to Generate Malware Attacking Developers and Engineering Teams
North Korea–aligned hackers have launched a new campaign that turns artificial intelligence into a weapon against software teams. Using AI-written PowerShell code, the group known as KONNI is delivering a stealthy backdoor that blends real project content with malicious scripts.…
New Windows 11 KB5074109 Update Breaks Systems – Microsoft Asks Users to Remove Update
Microsoft’s January 2026 Windows 11 security update KB5074109 has triggered multiple system stability issues, including lockups and black screens, prompting users to uninstall it. Reports highlight graphics regressions and app failures affecting both consumer and enterprise setups. KB5074109 targets Windows…
ZAP Releases OWASP PenTest Kit Browser Extension for Application Security Testing
The Zed Attack Proxy (ZAP) team has released the OWASP PTK add-on, version 0.2.0 alpha, integrating the OWASP Penetration Testing Kit (PTK) browser extension directly into ZAP-launched browsers. This streamlines application security testing by embedding DAST, IAST, SAST, SCA, and…
New Osiris Ransomware Using Wide Range of Living off the Land and Dual-use Tools in Attacks
A newly discovered ransomware family called Osiris launched attacks against a major food service company in Southeast Asia during November 2025. Security researchers have identified this threat as a completely new malware variant with no connection to an older ransomware…
Proxyware Malware Disguised as Notepad++ Tool Leverages Windows Explorer Process to Hijack Systems
A sophisticated malware campaign targeting unsuspecting users has emerged, disguising malicious proxyware as legitimate Notepad++ installations. This attack, orchestrated by the threat actor Larva-25012, exploits users seeking cracked software through deceptive advertisement pages and fake download portals. The malware hijacks…
Attackers Reverse‑Engineer Patch to Exploit SmarterMail Admin Bypass in the Wild
A critical authentication bypass vulnerability in SmarterTools SmarterMail is actively being exploited in the wild by attackers, according to security researchers at watchTowr Labs. The vulnerability, tracked as WT-2026-0001, allows unauthenticated attackers to reset the system administrator password without any…
Hackers Earned $516,500 for 37 Unique 0-day Vulnerabilities – Pwn2Own Automotive 2026
Day One of Pwn2Own Automotive 2026, which delivered $516,500 USD for 37 zero-days, the event has now accumulated $955,750 USD across 66 unique vulnerabilities, demonstrating the automotive sector’s substantial attack surface. The competition showcased exploits targeting multiple vehicle subsystems, including…
Researchers Detailed r1z Initial Access Broker OPSEC Failures
U.S. authorities have pulled back the curtain on “r1z,” an initial access broker who quietly sold gateways into corporate networks around the world. Operating across popular cybercrime forums, he offered stolen VPN credentials, remote access to enterprise environments, and custom…
Attackers Infrastructure Exposed Using JA3 Fingerprinting Tool
A new powerful method to detect and trace attacker infrastructure using JA3 fingerprinting, a technique that identifies malicious tools through network communication patterns. While many security teams considered JA3 fingerprints outdated after fingerprint lists remained largely unchanged since 2021, fresh…
CISA Warns of Cisco Unified CM 0-Day RCE Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after confirming active exploitation of a zero-day remote code execution (RCE) vulnerability in multiple Cisco Unified Communications products. Tracked as CVE-2026-20045, the flaw enables code injection attacks that…
FortiGate Firewalls Hacked in Automated Attacks to Steal Configuration Data
A new cluster of automated malicious activity targeting FortiGate firewall devices. Beginning January 15, 2026, threat actors have been observed executing unauthorized configuration changes, establishing persistence through generic accounts, and exfiltrating sensitive firewall configuration data. This campaign echoes a December…
Critical Vivotek Vulnerability Allows Remote Users to Inject Arbitrary Code
A critical remote code injection vulnerability in Vivotek legacy firmware that enables unauthenticated attackers to execute arbitrary commands with root privileges. The vulnerability, tracked as CVE-2026-22755, affects dozens of camera models and poses significant risks to organizations relying on legacy…
New ClickFix Campaign Hijacks Facebook Sessions Using Fake Verification Pages
Attackers have launched a widespread campaign called ClickFix that steals Facebook account credentials by tricking users into handing over their session tokens. Rather than using complex malware or software exploits, the attack relies on social engineering to guide victims through…