Russia-linked cyberespionage group APT28 targets energy, nuclear, and policy staff in Turkey, Europe, North Macedonia, and Uzbekistan with credential-harvesting attacks. Between February and September 2025, Recorded Future’s Insikt Group observed Russia-linked group APT28 (aka UAC-0001, Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) running credential-harvesting…
Turkish Security Researcher Gets Nod From NASA Over Vulnerability Discoveries
NASA acknowledges independent researcher Hasan İsmail Gülkaya for discovering vulnerabilities through its Vulnerability Disclosure Program, highlighting the importance of ethical hacking in cybersecurity. The post Turkish Security Researcher Gets Nod From NASA Over Vulnerability Discoveries appeared first on Security Boulevard. This article…
Debian 13.3 is now available with targeted corrections, updates
Debian 13.3 is the third maintenance update for the stable Debian 13 distribution, codenamed “trixie”. It updates package content to address security and other issues reported since the last point update. This release includes more than 100 adjustments and multiple…
Anthropic Launches Claude AI for Healthcare with Secure Health Record Access
Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claude platform to better understand their health information. Under an initiative called Claude for Healthcare, the company said U.S.…
Operation Cronos Leader Gets Nod From King Charles
Gavin Webb from the National Crime Agency receives the OBE award from King Charles for his strategic role in Operation Cronos, disrupting the LockBit ransomware group. The post Operation Cronos Leader Gets Nod From King Charles appeared first on Security Boulevard.…
We’re Hiring: Hacking Groups Recruit Teens While Feds Want to Ground Them
Explore the troubling trend of teenagers being recruited into hacking groups, the challenges in countering this rise, and the efforts to redirect their skills towards ethical hacking. The post We’re Hiring: Hacking Groups Recruit Teens While Feds Want to Ground Them …
Crypto crime hits record levels as state actors move billions
Nation-state involvement in crypto increased in 2025, signaling a shift in how on-chain crime operates. Three waves of crypto crime (Source: Chainalysis) Research from Chainalysis shows that crypto-related crime has grown more organized over recent years, with illicit groups running…
BreachForums Database Leak Turns the Tables on Threat Actors
A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online This article has been indexed from www.infosecurity-magazine.com Read the original article: BreachForums Database Leak Turns the Tables on Threat Actors
DeepSeek To Launch Custom Italian Version
DeepSeek to create first country-specific version of online chatbot following Italian ‘hallucination’ probe This article has been indexed from Silicon UK Read the original article: DeepSeek To Launch Custom Italian Version
Critical React Router Flaws Could Let Attackers Access or Modify Server Files
A critical vulnerability has been discovered in React Router and Remix that could allow attackers to access or modify sensitive files on web servers. The flaw affects multiple packages and has received a severity rating of Critical with a CVSS score of 8.8/10. Field Details…
ValleyRAT_S2: Stealth Intrusions Aimed at Financial Data Exfiltration
A sophisticated second-stage malware payload known as ValleyRAT_S2 has emerged as a critical threat to organizations across Chinese-speaking regions, including mainland China, Hong Kong, Taiwan, and Southeast Asia. This Remote Access Trojan (RAT), written in C++, is a modular, highly…
Beware of Weaponized Employee Performance Reports that Deploys Guloader Malware
Cybersecurity threats continue to evolve with attackers using more creative social engineering techniques to target organizations. A recent threat has emerged involving the Guloader malware, which is being disguised as employee performance reports to trick users into downloading and executing…
ValleyRAT_S2 Attacking Organizations to Deploy Stealthy Malware and Extract Financial Details
A new wave of attacks is using the ValleyRAT_S2 malware to quietly break into organizations, stay hidden for long periods, and steal sensitive financial information. ValleyRAT_S2 is the second-stage payload of the ValleyRAT family and is written in C++. Once…
Kensington And Chelsea Council Warns Over Stolen Data
Kensington and Chelsea Council warns sensitive information may have been taken by hackers in November attack This article has been indexed from Silicon UK Read the original article: Kensington And Chelsea Council Warns Over Stolen Data
A week in security (January 5 – January 11)
A list of topics we covered in the week of January 5 to January 11 of 2026 This article has been indexed from Malwarebytes Read the original article: A week in security (January 5 – January 11)
Torq Raises $140 Million at $1.2 Billion Valuation
The company will use the investment to accelerate platform adoption and expansion into the federal market. The post Torq Raises $140 Million at $1.2 Billion Valuation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across…
BreachForums database leaked, Instagram breach worries, UK government exempts self
BreachForums hacking forum database leaked exposing 324,000 accounts Instagram breach exposes user data, creates password reset panic UK government exempts self from flagship cyber law Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026…
IT Security News Hourly Summary 2026-01-12 09h : 10 posts
10 posts were published in the last hour 8:3 : Alleged Scam Boss Arrives In China After Cambodia Arrest 8:2 : Fake Employee Performance Reports Deliver Guloader Malware 7:32 : Hacking Group “Everest” Allegedly Claims Nissan Motor Breach 7:32 :…
Alleged Scam Boss Arrives In China After Cambodia Arrest
Chen Zhi, alleged leader of massive online scamming operation, shown hooded and in handcuffs after Cambodia arrest This article has been indexed from Silicon UK Read the original article: Alleged Scam Boss Arrives In China After Cambodia Arrest
Fake Employee Performance Reports Deliver Guloader Malware
Organizations are being warned about a new phishing campaign that weaponizes fake employee performance reports to deploy the Guloader malware and ultimately install Remcos RAT on compromised systems. In the observed cases, threat actors send phishing emails that purport to…
Hacking Group “Everest” Allegedly Claims Nissan Motor Breach
The Everest hacking group has allegedly claimed responsibility for a major cyberattack on Nissan Motor Co., Ltd., one of Japan’s leading automotive manufacturers. According to threat intelligence reports observed on January 10, 2026, the cybercriminal organization claims to have exfiltrated…
X Suspended Twitter Account for Violation of Rules
X has suspended the iconic @twitter handle on its platform, replacing its profile with a standard notice stating the account violates rules. Screenshots of the suspension screen began circulating widely late last week, igniting discussions about the platform’s rebranding efforts.…
Critical Zlib Vulnerability Let Attackers Trigger Buffer Overflow by Invoking untgz
A severe global buffer overflow vulnerability has been discovered in the zlib untgz utility version 1.3.1.2. Allowing attackers to corrupt memory and potentially execute malicious code through specially crafted command-line input. The security flaw resides in the TGZfname() function of…