Kids return to classrooms after safety infrastructure knocked out A Warwickshire secondary school says it will fully reopen this week after a cyberattack forced a prolonged closure – though staff will return to classrooms with “very limited access” to IT…
Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’
Posing as an ad blocker, the malicious extension crashes the browser to lure victims into installing malware. The post Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’ appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Keepnet bets on agentic AI behavioral training to curb security mistakes
Keepnet launched its Agentic AI for Behavioral Microlearning solution, which moves success metrics from “completion rates” to behavior change and verifiable incident reduction. Agentic AI autonomously plans, creates, delivers, and optimizes training based on real-time risk data, eliminating manual intervention.…
Suspects Linked to Black Basta Ransomware Group Raided in Ukraine
Oleg Evgenievich Nefedov, allegedly one of the founders of Black Basta, was also placed on Europol’s and Interpol’s Most Wanted lists This article has been indexed from www.infosecurity-magazine.com Read the original article: Suspects Linked to Black Basta Ransomware Group Raided…
Researchers Gained Access to Hacker Domain Server Using Name Server Delegation
A recent investigation into a deceptive push-notification network shows how a simple DNS mistake can open a window into criminal infrastructure. The campaign abused browser notifications to flood Android users with fake security alerts, gambling lures, and adult offers. Random-looking…
PDFSIDER Malware Actively Used by Threat Actors to Bypass Antivirus and EDR Systems
PDFSIDER is a newly exposed backdoor that gives attackers long term control of Windows systems while slipping past many antivirus and endpoint detection and response tools. It uses trusted software and strong encryption to hide its presence, letting intruders run…
42,000 Impacted by Ingram Micro Ransomware Attack
The compromised personal information includes names, dates of birth, Social Security numbers, and employment-related data. The post 42,000 Impacted by Ingram Micro Ransomware Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: 42,000…
IT Security News Hourly Summary 2026-01-19 12h : 4 posts
4 posts were published in the last hour 10:34 : Royal Navy’s helicopter drone makes its first autonomous flight 10:34 : British Army to spend £279 million on permanent cyber regiment base 10:33 : CrashFix Chrome Extension Delivers ModeloRAT Using…
Royal Navy’s helicopter drone makes its first autonomous flight
Capable of carrying 1-ton payload and key to strategy protecting North Atlantic from Russian submarines The Royal Navy has conducted the first flight of a helicopter-sized autonomous drone that is planned to operate from its ships in support of missions,…
British Army to spend £279 million on permanent cyber regiment base
The British Army has announced a new permanent base for its cyber regiment, backed by £279 million in government spending. The plan centres on 13 Signal Regiment, the unit responsible for defending Army networks and supporting cyber operations. The regiment…
CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures
Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to…
Cyber Breaches, Compliance and Reputation Top UK Corporate Concerns
UK firms face confluence of cyber-related risks in 2026, says Nardello & Co This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Breaches, Compliance and Reputation Top UK Corporate Concerns
Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems
An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme Court. Nicholas Moore, 24, from Tennessee, pleaded guilty to repeatedly hacking the U.S. Supreme Court’s electronic filing system. Court documents…
CrashFix – Hackers Using Malicious Extensions to Display Fake Browser Warnings
Cybersecurity researchers have discovered a sophisticated malware campaign using an unusual but effective tactic: deliberately crashing users’ browsers. The threat, named CrashFix, operates through a malicious Chrome extension disguised as the legitimate ad blocker NexShield. When users search for privacy…
Windows SMB Client Vulnerability Enables Attacker to Own Active Directory
A critical vulnerability in Windows SMB client authentication that enables attackers to compromise Active Directory environments through NTLM reflection exploitation. Classified as an improper access control vulnerability, this vulnerability allows authorized attackers to escalate privileges via carefully orchestrated authentication relay…
Entity Resolution vs. Identity Verification: What Security Teams Actually Need
Two similar terms — completely different outcomes Security teams often hear “entity resolution” and “identity verification” used as if they mean the same thing. They don’t — and that confusion can lead teams to invest in tools that solve the…
Ring’s Facial Recognition Feature: Convenience or Privacy Nightmare?
In this episode, we explore Amazon Ring’s newly introduced Familiar Faces feature that utilizes AI for facial recognition. We discuss the convenience of identifying familiar people at your doorstep, the privacy concerns it raises, and the legal implications surrounding biometric…
Researchers Exploit Bug in StealC Infostealer to Collect Evidence
CyberArk says it exploited a vulnerability in the StealC infostealer to gather intelligence This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Exploit Bug in StealC Infostealer to Collect Evidence
Social Media Firms Block 4.7 Million Australian Accounts
Some 4.7 million accounts barred in Australia in first half of December following social media ban for under-16s, says government This article has been indexed from Silicon UK Read the original article: Social Media Firms Block 4.7 Million Australian Accounts
Five Chrome Extensions Used to Hijack Enterprise HR and ERP Systems
Socket’s Threat Research Team has uncovered a coordinated Chrome extension campaign targeting enterprise HR and ERP platforms, including Workday, NetSuite, and SAP SuccessFactors. Five malicious extensions, collectively installed over 2,300 times, work together to steal session tokens, block security controls,…
How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot
Varonis found a “Reprompt” attack that let a single link hijack Microsoft Copilot Personal sessions and exfiltrate data; Microsoft patched it in January 2026. The post How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot appeared first on TechRepublic.…
US Adds Charges To China-Export AI Chips
New rules appear to add 25 percent duty to Nvidia, AMD AI processors destined for mainland China, amid shifting White House strategy This article has been indexed from Silicon UK Read the original article: US Adds Charges To China-Export AI…
PDFSIDER Malware Actively Exploited to Evade Antivirus and EDR Defenses
Security researchers have identified a sophisticated backdoor malware variant, PDFSIDER, that leverages DLL side-loading to evade endpoint detection and response (EDR) systems. The threat demonstrates advanced persistent threat (APT) tradecraft, combining evasion mechanisms with encrypted command-and-control capabilities to maintain covert…
17 New Malicious Chrome GhostPoster Extensions with 840,000+ Installs Steals User Data
Cybercriminals have distributed 17 malicious browser extensions across Chrome, Firefox, and Edge platforms, collectively downloading over 840,000 times and compromising user security for years. The GhostPoster campaign, which emerged as early as 2020, used deceptive extension names like “Google Translate…