A critical warning about a path traversal vulnerability in Gogs, a self-hosted Git service, that is being actively exploited in the wild. The vulnerability, tracked as CVE-2025-8110, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on January 12, 2026,…
Critical ServiceNow Vulnerability Enables Privilege Escalation Via Unauthenticated User Impersonation
A critical security threat to ServiceNow AI Platform deployments, allowing unauthenticated attackers to impersonate legitimate users and execute unauthorized operations. The vulnerability, CVE-2025-12420, was discovered by AppOmni, a SaaS security firm, and disclosed to ServiceNow in October 2025, prompting immediate…
SAP Security Patch Day January 2026 – Patch for Critical Injection and RCE Vulnerabilities
SAP released 17 new security notes on January 13, 2026, as part of its monthly Security Patch Day, addressing critical injection flaws and remote code execution vulnerabilities across key products. No updates addressed prior notes, urging organizations to act swiftly…
Spanish Energy Company Endesa Hacked
Hackers stole complete customer information, including contact details, national identity numbers, and payment details. The post Spanish Energy Company Endesa Hacked appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Spanish Energy Company Endesa…
New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack
Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. “The infection chain follows a…
Global Magecart Campaign Targets Six Card Networks
Silent Push has discovered a new Magecart campaign targeting six major payment network providers that has been running since 2022 This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Magecart Campaign Targets Six Card Networks
IT Security News Hourly Summary 2026-01-13 12h : 5 posts
5 posts were published in the last hour 10:32 : Meta To Lay Off Metaverse Staff 10:32 : Hexaware Partners with AccuKnox for Cloud Security Services 10:32 : Britain goes shopping for a rapid-fire missile to help Ukraine hit back…
Meta To Lay Off Metaverse Staff
Meta reportedly plans 10 percent reduction in Reality Labs staff, focusing on ‘metaverse’ projects, amid increased AI spending This article has been indexed from Silicon UK Read the original article: Meta To Lay Off Metaverse Staff
Hexaware Partners with AccuKnox for Cloud Security Services
Menlo Park, USA, 13th January 2026, CyberNewsWire This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: Hexaware Partners with AccuKnox for Cloud Security Services
Britain goes shopping for a rapid-fire missile to help Ukraine hit back
Project Nightfall aims to deliver a UK-built long-range strike capability at speed The British government is asking defense firms to rapidly produce a new ground-launched ballistic missile to aid Ukraine’s fight against Russia – hardware that might also be adopted…
Meta Blocks 550,000 Accounts After Australia Ban
Facebook parent Meta says it blocked about 550,000 accounts in the week after a social media ban for Australians under 16 took effect This article has been indexed from Silicon UK Read the original article: Meta Blocks 550,000 Accounts After…
AI EdgeLabs launches Compliance Center and Linux Audit for NIS2 and CRA readiness
AI EdgeLabs announced the launch of Compliance Center and Linux Audit. Purpose-built for organizations facing NIS2, CRA, and global critical-infrastructure mandates, the new capabilities replace manual reporting and scan-based compliance with continuous visibility, automated control coverage, and real-time posture insights.…
Amazon Conducts Drone Test Flights In Darlington
Amazon carries out limited test flights of latest-model MK30 drone from Darlington centre as it prepares to offer UK air deliveries This article has been indexed from Silicon UK Read the original article: Amazon Conducts Drone Test Flights In Darlington
Betterment Customer Data Exposed in Crypto Scam Hack
The breach occurred through a compromised third-party marketing platform, allowing attackers to impersonate the trusted financial service. The post Betterment Customer Data Exposed in Crypto Scam Hack appeared first on TechRepublic. This article has been indexed from Security Archives –…
Cloudflare Says ‘Non C’è Modo’ (No Way) In Defiance of Italy Piracy Shield Law
Italian authorities have fined Internet security company Cloudflare $16.3 as a result of the content delivery network specialist’s refusal to block access to pirate sites on its 1.1.1.1 DNS service. The post Cloudflare Says ‘Non C’è Modo’ (No Way) In…
Parrot OS shares its 2026 plans for security tools and platform support
Parrot OS is a Debian-based Linux distribution built for cybersecurity work. Security practitioners use it for penetration testing, digital forensics, malware analysis, and privacy-focused research. The operating system bundles security tools, development utilities, and privacy features into a maintained platform…
Obsolete Google Solar Plant Stays Open Due To AI Demand
Unusual solar-thermal plant in Mojave Desert to remain open to help provide power for AI data centres, though considered obsolete This article has been indexed from Silicon UK Read the original article: Obsolete Google Solar Plant Stays Open Due To…
Hackers Remotely Took Control of an Apex Legends Player’s Inputs
A critical security vulnerability has emerged in Respawn Entertainment’s popular battle royale title, allowing threat actors to remotely manipulate player inputs without requiring code execution capabilities. Respawn Entertainment, the developer of Apex Legends, has confirmed an active security incident affecting…
3 Best Android Apps to Help College Students
For college students, it’s always difficult to keep all their lessons and homework well-organized as well as manage their time. Sometimes for some of them, it may seem that life turns into an endless circle, and every new day just…
AsyncRAT Leveraging Cloudflare’s Free-Tier Services to Mask Malicious Activities and Detection
A recent AsyncRAT campaign is using Cloudflare’s free tier services and TryCloudflare tunnels to hide remote access activity inside normal looking cloud traffic. In these attacks, threat actors send phishing emails that link to a Dropbox hosted ZIP archive named…
100,000+ n8n Instances Exposed to Internet Vulnerable to RCE Attacks
A critical vulnerability affecting the popular n8n workflow automation platform has put over 100,000 internet-exposed instances at severe risk. Security researchers from The Shadowserver Foundation discovered that 105,753 unique n8n instances are vulnerable to remote code execution (RCE) attacks through…
Hackers Leverage Browser-in-the-browser Tactic to Trick Facebook Users and Steal Logins
Facebook users are increasingly becoming targets of a sophisticated phishing technique that bypasses conventional security measures. With over three billion active users on the platform, Facebook represents an attractive target for attackers seeking to compromise accounts and harvest personal credentials.…
New Angular Vulnerability Enables an Attacker to Execute Malicious Payload
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in Angular’s Template Compiler, affecting multiple versions of both @angular/compiler and @angular/core packages. Tracked as CVE-2026-22610, this vulnerability allows attackers to bypass Angular’s built-in security protections and execute arbitrary JavaScript code…
Russia’s Crackdown on Probiv Data Leaks May Have Fed the Beast Instead
Explore how Russia’s efforts to control the probiv market highlight the challenges of data leaks, insider threats, and the conflict between control and security. The post Russia’s Crackdown on Probiv Data Leaks May Have Fed the Beast Instead appeared first…