The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the…
Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents
AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity beyond human speed across the enterprise. Then comes the moment every security team eventually hits:…
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last week of December 2025. The attack was unsuccessful, the country’s energy minister,…
IT Security News Hourly Summary 2026-01-24 09h : 2 posts
2 posts were published in the last hour 7:36 : Children and chatbots: What parents should know 7:36 : ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
Children and chatbots: What parents should know
As children turn to AI chatbots for answers, advice, and companionship, questions emerge about their safety, privacy, and emotional development This article has been indexed from WeLiveSecurity Read the original article: Children and chatbots: What parents should know
ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper This article has been indexed from WeLiveSecurity Read the original article: ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025
Hackers Exploiting telnetd Vulnerability for Root Access – Public PoC Released
Active exploitation of a critical authentication bypass vulnerability in the GNU InetUtils telnetd server (CVE-2026-24061) has been observed in the wild, allowing unauthenticated attackers to gain root access to Linux systems. The vulnerability, which affects GNU InetUtils versions 1.9.3 through…
Microsoft Shares BitLocker Keys with FBI to Unlock Encrypted Laptops in Guam Fraud Investigation
Microsoft gave U.S. federal agents the digital keys needed to unlock three encrypted laptops linked to a massive COVID unemployment scam in Guam. This case shows how cloud-stored encryption keys can help law enforcement, but also raises big privacy worries…
VoidLink: An In-Depth Look at the Nest Generation of AI Generated Malware
Discovering Void Link: The AI-Generated Malware Shaking Up Cybersecurity In this episode, we explore the fascinating discovery of ‘Void Link,’ one of the first documented cases of advanced malware authored almost entirely by artificial intelligence. Hosts delve into an eye-opening…
Android Malware Uses Artificial Intelligence to Secretly Generate Ad Clicks
Security researchers have identified a new category of Android malware that uses artificial intelligence to carry out advertising fraud without the user’s knowledge. The malicious software belongs to a recently observed group of click-fraud trojans that rely on machine…
Top 10 World’s Best Data Security Companies in 2026
In 2026, data has become the most valuable asset for businesses and the most targeted. With rising ransomware attacks, insider threats, AI-driven breaches, and strict global data protection regulations, organizations can no longer rely on basic security controls. This has…
IT Security News Hourly Summary 2026-01-24 03h : 1 posts
1 posts were published in the last hour 1:31 : 11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)
11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)
Critical telnetd flaw CVE-2026-24061 (CVSS 9.8) affects all GNU InetUtils versions 1.9.3–2.7 and went unnoticed for nearly 11 years. A critical vulnerability, tracked as CVE-2026-24061 (CVSS score of 9.8), in the GNU InetUtils telnet daemon (telnetd) impacts all versions from…
CISA won’t attend infosec industry’s biggest conference this year
But ex-CISA boss and new RSAC CEO Jen Easterly will be there exclusive The US Cybersecurity and Infrastructure Security Agency won’t attend the annual RSA Conference in March, an agency spokesperson confirmed to The Register.… This article has been indexed…
Happy 9th Anniversary, CTA: A Celebration of Collaboration in Cyber Defense
Unit 42 celebrates 9 years of the Cyber Threat Alliance, tracing its journey from a bold idea to a global leader in collaborative cyber defense. The post Happy 9th Anniversary, CTA: A Celebration of Collaboration in Cyber Defense appeared first…
Updated PCI PIN compliance package for AWS Payment Cryptography now available
Amazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) audit for the AWS Payment Cryptography service. With AWS Payment Cryptography, your payment processing applications can use payment hardware security…
From runtime risk to real‑time defense: Securing AI agents
Why securing AI agents at runtime is essential as attackers find new ways to exploit generative orchestration. The post From runtime risk to real‑time defense: Securing AI agents appeared first on Microsoft Security Blog. This article has been indexed from…
IT Security News Hourly Summary 2026-01-24 00h : 8 posts
8 posts were published in the last hour 22:55 : IT Security News Daily Summary 2026-01-23 22:34 : US Judge Rules ICE Raids Require Judicial Warrants, Contradicting Secret ICE Memo 22:34 : Friday Squid Blogging: Giant Squid in the Star…
IT Security News Daily Summary 2026-01-23
136 posts were published in the last hour 22:34 : US Judge Rules ICE Raids Require Judicial Warrants, Contradicting Secret ICE Memo 22:34 : Friday Squid Blogging: Giant Squid in the Star Trek Universe 22:34 : Patch or die: VMware…
US Judge Rules ICE Raids Require Judicial Warrants, Contradicting Secret ICE Memo
The ruling in federal court in Minnesota lands as Immigration and Customs Enforcement faces scrutiny over an internal memo claiming judge-signed warrants aren’t needed to enter homes without consent. This article has been indexed from Security Latest Read the original…
Friday Squid Blogging: Giant Squid in the Star Trek Universe
Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation #5. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t…
Patch or die: VMware vCenter Server bug fixed in 2024 under attack today
If you skipped it back then, now’s a very good time You’ve got to keep your software updated. Some unknown miscreants are exploiting a critical VMware vCenter Server bug more than a year after Broadcom patched the flaw.… This article…
Can managing NHIs keep companies ahead in cybersecurity?
How Do Non-Human Identities (NHIs) Shape the Future of Cybersecurity? Have you ever considered the risks associated with the identities of machines in your network? With cybersecurity professionals continue to confront increasingly complex threats, a crucial, often overlooked area is…
How proactive can Agentic AI be in threat detection?
The Crucial Intersection: Non-Human Identities and AI in Cybersecurity What role do Non-Human Identities (NHIs) play in cybersecurity? Traditional human-centric security measures are no longer sufficient. The emergence of NHIs, or machine identities, is reshaping how organizations approach security threats,…