Suspected Russian cyber attackers tried to take down parts of Poland’s energy infrastructure with new data-wiping malware – and failed. According to information shared by the Polish government earlier this month, the attacks happened on 29 and 30 December 2025,…
⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More
Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week’s recap shows that pattern clearly. Attackers are moving faster than defenses, mixing old tricks with new paths. “Patched” no longer…
Okta Flags Customised, Reactive Vishing Attacks Which Bypass MFA
Threat actors posing as IT support teams use phishing kits to generate fake login sites in real-time to trick victims into handing over credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Okta Flags Customised, Reactive Vishing…
Law Firm Investigates Coupang Security Failures Ahead of Class Action Deadline
The US law firm Hagens Berman will lead a class action lawsuit against Coupang over security failures that led to a June 2025 data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Law Firm Investigates Coupang…
New Fake CAPTCHA Scam Abuses Microsoft Tools to Install Amatera Stealer
Another day, another fake CAPTCHA scam, but this one abuses Microsoft’s signed tools. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: New Fake CAPTCHA Scam Abuses Microsoft Tools to…
North Korea–linked KONNI uses AI to build stealthy malware tooling
Check Point links an active phishing campaign to North Korea–aligned KONNI, targeting developers with fake blockchain project docs and using an AI-written PowerShell backdoor. Check Point Research uncovered an active phishing campaign attributed to the North Korea–linked KONNI group (aka Kimsuky,…
‘SyncFuture’ Campaign Weaponizing Legitimate Enterprise Security Software to Deploy Malware
In December 2025, threat researchers uncovered an alarming espionage operation targeting residents of India through sophisticated phishing campaigns. The attack, dubbed SyncFuture, demonstrates how cybercriminals can abuse legitimate business software as a vehicle for launching advanced malware attacks. Attackers sent…
New DPRK Interview Campaign Leverages Fake Fonts to Deploy Malware
North Korea’s Lazarus Group has launched a sophisticated supply chain attack targeting software developers through a campaign called “Fake Font.” The threat actors are using fake job interviews and malicious GitHub repositories to trick engineers into downloading code that contains…
MITRE Releases New Cybersecurity Framework to Protect the Embedded Systems
A new Embedded Systems Threat Matrix™ (ESTM) framework was introduced to help secure embedded systems used in critical infrastructure and defense technologies across the U.S. Developed collaboratively with the Air Force’s Cyber Resiliency Office for Weapon Systems (CROWS). ESTM addresses…
Moscow likely behind wiper attack on Poland’s power grid, experts say
Cyber sleuths believe Sandworm up to its old tricks with a brand-new sabotage toy Russia was probably behind the failed attempts to compromise the systems of Poland’s power companies in December, cybersecurity researchers claim.… This article has been indexed from…
TikTok Finalizes a Deal to Form a New American Entity
TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States. The post TikTok Finalizes a Deal to Form a New American Entity appeared first on SecurityWeek. This article…
‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing
Priced $2,000 – $6,000 on a cybercrime forum, the MaaS toolkit promises publication on the Chrome Web Store. The post ‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Cyber Insights 2026: Threat Hunting in an Age of Automation and AI
Understanding how threat hunting differs from reactive security provides a deeper understanding of the role, while hinting at how it will evolve in the future. The post Cyber Insights 2026: Threat Hunting in an Age of Automation and AI appeared…
Quantum computing firm IonQ acquires US semiconductor firm SkyWater for $1.8 billion
IonQ and SkyWater Technology have entered into a definitive agreement pursuant to which IonQ will acquire SkyWater for $35.00 per share in a cash-and-stock transaction, subject to a collar, implying a total equity value of approximately $1.8 billion. “This transformational…
Winning Against AI-Based Attacks Requires a Combined Defensive Approach
If there’s a constant in cybersecurity, it’s that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Google’s Threat Intelligence Group, recently reported on adversaries using Large Language Models (LLMs)…
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome
Say hello to Stanley, a new malicious toolkit that guarantees bypassing Google’s Chrome Web Store review process. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: $6,000 “Stanley” Toolkit Sold…
Oracle AI sailed the world on Royal Navy flagship via cloud-at-the-edge kit
Big Red says ‘sovereign’ platform supports decision-making and operational learning at sea Britain’s Royal Navy is using Oracle Cloud edge infrastructure to operate AI-driven defenses on the aircraft carrier HMS Prince of Wales.… This article has been indexed from The…
Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm
A destructive cyber attack targeting Poland’s energy sector has been linked to Russian APT group Sandworm This article has been indexed from www.infosecurity-magazine.com Read the original article: Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm
Top 3 factors for selecting an identity access management tool
Identity and access management (IAM) ensures that people and entities with digital identities have the right level of access to your enterprise resources. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Top 3…
Gmail Spam Filter Breakdown Affects 1.8B Users
The disruption began Saturday (5am Pacific time, Jan .24) affecting approximately 1.8 billion Gmail users worldwide with widespread email misclassification. The post Gmail Spam Filter Breakdown Affects 1.8B Users appeared first on TechRepublic. This article has been indexed from Security…
Sandworm APT Group Targeting Poland’s Power Grid with DynoWiper Malware
Late December 2025 brought alarming news to Poland as its energy infrastructure became the target of what security experts describe as the country’s largest cyberattack in years. The Russian-aligned Sandworm group, known for orchestrating some of the most damaging attacks…
New Instagram Vulnerability Exposes Private Posts to Anyone
A critical server-side vulnerability in Instagram’s infrastructure allowed unauthenticated attackers to access private photos and captions without a login or follower relationship, according to a disclosure released this week by security researcher Jatin Banga. The vulnerability, which was reportedly patched…
New Phishing Attack Leverages Vercel Hosting Platform to Deliver a Remote Access Tool
A sophisticated phishing campaign active between November 2025 and January 2026 has been exploiting Vercel’s legitimate hosting platform to distribute remote access tools to unsuspecting victims. The attack chain combines social engineering with trusted domain exploitation, making it particularly effective…
Microsoft Releases Out-of-Band Update KB5078127 to Fix Windows 11 File System and Outlook Freezes
An out-of-band (OOB) cumulative update, KB5078127, to address critical file system compatibility issues affecting Windows 11 users. The update resolves widespread problems introduced by the January 13, 2026, security update (KB5074109) that caused application freezes and cloud storage failures across…