Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been…
IT Security News Hourly Summary 2026-01-17 18h : 4 posts
4 posts were published in the last hour 17:4 : Let’s Encrypt has made 6-day IP-based TLS certificates Generally Available 16:31 : China-linked APT UAT-8837 targets North American critical infrastructure 16:9 : Your 100 Billion Parameter Behemoth is a Liability…
Let’s Encrypt has made 6-day IP-based TLS certificates Generally Available
Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became available starting in early 2026, addressing long-standing issues in certificate security. Short-lived certificates last just 160…
China-linked APT UAT-8837 targets North American critical infrastructure
Cisco Talos says a China-linked group, tracked as UAT-8837, has targeted North American critical infrastructure since last year. Cisco Talos reports that threat group UAT-8837, likely linked to China, has targeted critical infrastructure in North America since at least last…
Your 100 Billion Parameter Behemoth is a Liability
The “bigger is better” era of AI is hitting a wall. We are in an LLM bubble, characterized by ruinous inference costs and diminishing returns. The future belongs to Agentic AI powered by specialized Small Language Models (SLMs). Think of…
GootLoader Malware Uses Malformed ZIP Archives to Evade Detection
A fresh tactic has emerged among cybercriminals using GootLoader, a JavaScript-driven malware installer. Instead of standard compression, they now distribute broken ZIP files designed to slip past digital defenses. These flawed archives exploit differences across decompression programs – some…
JFrog Researchers Uncover RCE Exploit for Existing Redis Database Vulnerability
JFrog this week published an analysis of a vulnerability in Redis databases that may be more serious than initially thought following the discovery of a remote code execution (RCE) exploit. Researchers found that a stack buffer overflow vulnerability in Redis…
IT Security News Hourly Summary 2026-01-17 15h : 1 posts
1 posts were published in the last hour 13:32 : Google Vertex AI Flaw Lets Low-Privilege Users Escalate to Service Agent Roles
Google Vertex AI Flaw Lets Low-Privilege Users Escalate to Service Agent Roles
Security researchers have discovered critical privilege escalation vulnerabilities in Google’s Vertex AI platform that allow attackers with minimal permissions to hijack high-privileged Service Agent accounts. The flaws affect the Vertex AI Agent Engine and Ray on Vertex AI, where default…
Google’s Vertex AI Vulnerability Enables Low-Privileged Users to Gain Service Agent Roles
Google’s Vertex AI contains default configurations that allow low-privileged users to escalate privileges by hijacking Service Agent roles. XM Cyber researchers identified two attack vectors in the Vertex AI Agent Engine and Ray on Vertex AI, which Google deemed “working…
Argus – Python-powered Toolkit for Information Gathering and Reconnaissance
Argus is a comprehensive Python-based toolkit designed for reconnaissance tasks in cybersecurity. The developers recently released version 2.0, expanding it to include 135 modules. This tool consolidates network analysis, web app scanning, and threat intelligence into one interface. Users access…
Fast Pair, loose security: Bluetooth accessories open to silent hijack
Sloppy implementation of Google spec leaves ‘hundreds of millions’ of devices vulnerable Hundreds of millions of wireless earbuds, headphones, and speakers are vulnerable to silent hijacking due to a flaw in Google’s Fast Pair system that allows attackers to seize…
GhostPoster Malware Campaign Exposes Browser Extension Risks
A stealthy malware operation has been discovered by cybersecurity researchers, which remained undetected for a period of up to five years and accumulated more than 840,000 downloads on various platforms. The research began with a study by Koi Security…
CIRO Discloses Phishing Breach Impacting Personal Data of 750,000 Individuals
The Canadian Investment Regulatory Organization (CIRO) serves as the country’s national self-regulatory authority for investment dealers and marketplaces, with responsibilities that include investor protection, regulatory enforcement, and ensuring the integrity and efficiency of Canada’s capital markets. CIRO has disclosed…
Why LinkedIn is a hunting ground for threat actors – and how to protect yourself
The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they are. This article has been indexed from WeLiveSecurity Read the original article: Why LinkedIn is…
US Hackers Reportedly Caused a Blackout in Venezuela
Plus: AI reportedly caused ICE to send agents into the field without training, Palantir’s app for targeting immigrants gets exposed, and more. This article has been indexed from Security Latest Read the original article: US Hackers Reportedly Caused a Blackout…
Tennessee Man Pleads Guilty to Repeatedly Hacking Supreme Court’s Filing System
Nicholas Moore pleaded guilty to repeatedly hacking the U.S. Supreme Court’s filing system and illegally accessing computer systems belonging to AmeriCorps and the Department of Veterans Affairs. The post Tennessee Man Pleads Guilty to Repeatedly Hacking Supreme Court’s Filing System…
Wireshark 4.6.3 Released, (Sat, Jan 17th)
Wireshark release 4.6.3 fixes 4 vulnerabilities and 9 bugs. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Wireshark 4.6.3 Released, (Sat, Jan 17th)
OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans
OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription…
IT Security News Hourly Summary 2026-01-17 09h : 2 posts
2 posts were published in the last hour 7:31 : Researchers Gain Access to StealC Malware Command-and-Control Systems 7:6 : Critical XSS Vulnerabilities in Meta Conversion API Enable Zero-Click Account Takeover
Researchers Gain Access to StealC Malware Command-and-Control Systems
Security researchers successfully exploited vulnerabilities in the StealC malware infrastructure, gaining access to operator control panels and exposing a threat actor’s identity through their own stolen session cookies. The breach highlights critical security failures in criminal operations built around credential…
Critical XSS Vulnerabilities in Meta Conversion API Enable Zero-Click Account Takeover
Security researchers have uncovered two critical cross-site scripting (XSS) vulnerabilities in Meta’s Conversions API Gateway that could enable attackers to hijack Facebook accounts on a massive scale without any user interaction. The flaws affect Meta-owned domains, including facebook.com and meta.com,…
Identity Management Challenges in Pharma & Biotech SaaS Platforms (And How to Solve Them)
Explore key identity management challenges in pharma and biotech SaaS platforms and learn practical solutions for security, compliance, and scalability. The post Identity Management Challenges in Pharma & Biotech SaaS Platforms (And How to Solve Them) appeared first on Security…
Researchers Breach StealC Infrastructure, Access Malware Control Panels
Criminal infrastructure often fails for the same reasons it succeeds: it is rushed, reused, and poorly secured. Security researchers recently demonstrated this vulnerability by exploiting the very malware infrastructure designed to steal victims’ credentials. StealC Malware and Its Infrastructure Weaknesses…