A 25-year-old Bigfork, Montana man, Jeremiah Daniel Starr, used over 50 phone numbers and a VPN to harass a victim he called his “best friend,” even staging a fake shooting. Learn more about the FBI investigation that traced 1,100 IP…
How to Protest Safely in the Age of Surveillance
Law enforcement has more tools than ever to track your movements and access your communications. Here’s how to protect your privacy if you plan to protest. This article has been indexed from Security Latest Read the original article: How to…
Shinhan Card Probes Internal Data Leak Affecting About 190,000 Merchants
Shinhan Card, South Korea’s largest credit card issuer, said on December 23 that personal data linked to about 190,000 merchant representatives was improperly accessed and shared by employees over a three year period, highlighting ongoing concerns around internal data…
Personal and Health Information of 22.6 Million Aflac Clients Stolen in Cyberattack
At the start of 2026, a significant cybersecurity breach that was disclosed heightened awareness of digital vulnerabilities within the American insurance industry, after Aflac, one of the largest supplemental insurance providers in the country, confirmed that a sophisticated cyberattack,…
Microsoft Introduces Hardware-Accelerated BitLocker to Boost Windows 11 Security and Performance
Microsoft is updating Windows 11 with hardware-accelerated BitLocker to improve both data security and system performance. The change enhances full-disk encryption by shifting cryptographic work from the CPU to dedicated hardware components within modern processors, helping systems run more…
Google Testing ‘Contextual Suggestions’ Feature for Wider Android Rollout
Google is reportedly preparing to extend a smart assistance feature beyond its Pixel smartphones to the wider Android ecosystem. The functionality, referred to as Contextual Suggestions, closely resembles Magic Cue, a software feature currently limited to Google’s Pixel 10…
ChatGPT Health: A New Secure Space for Trusted Health and Medical Conversations
ChatGPT Health is launching as a dedicated health-focused version of ChatGPT that combines personalized health data with stronger privacy and security controls to support not replace conversations with clinicians. The new experience isolates health chats, encrypts data with additional protections, and allows users to securely connect medical…
Cisco ISE Vulnerability Enables Access to Sensitive Data
Cisco has disclosed a new XML External Entity (XXE) vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could allow authenticated attackers with administrative access to read sensitive data from the underlying operating system.…
Trump Signals Possible Cyber Involvement in Caracas Power Loss During Maduro Extraction
President Donald Trump has strongly hinted that the United States used offensive cyber capabilities to help plunge Caracas into darkness during the operation to capture Venezuelan leader Nicolás Maduro an unusually public nod to U.S. cyber power. The blackout, which coincided with pre-dawn…
New DocuSign-Themed Phishing Scam Delivers Stealth Malware to Windows Devices
New research has uncovered a sophisticated phishing campaign that abuses DocuSign’s brand to deliver Vidar malware and infect Windows systems. The operation uses a realistic phishing site, a fake signed installer, access-code checks, and timebased execution barriers to evade both users and automated analysis. DocuSign-themed phishing…
New OAuth Attack Lets Hackers Bypass Microsoft Entra Authentication and Steal Keys
In a year-end tradition that has become all too familiar for cybersecurity defenders, researchers have uncovered a novel attack vector targeting Microsoft Entra ID that weaponizes legitimate OAuth 2.0 authentication flows to harvest privileged access tokens. The technique, dubbed “ConsentFix”…
Cisco ISE Flaw Lets Admins Access Restricted System Files
A Cisco ISE flaw lets authenticated admins access restricted system files, risking sensitive data exposure. The post Cisco ISE Flaw Lets Admins Access Restricted System Files appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Hitachi Energy Asset Suite
View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Asset Suite product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution (RCE) attack on the product.…
Illinois health department exposed over 700,000 residents’ personal data for years
The security lapse exposed personal information belonging to residents who received state benefits. This article has been indexed from Security News | TechCrunch Read the original article: Illinois health department exposed over 700,000 residents’ personal data for years
Become a CISSP with Fortinet’s ISC2-Approved NSE Training
Fortinet’s Training Institute is an ISC2 CPE Submitter, enabling CISSP holders to earn CPE credits through NSE courses, Fast Tracks, webinars, and more. This article has been indexed from Industry Trends & Insights Read the original article: Become a…
WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging
Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The campaign has been codenamed Boto Cor-de-Rosa by Acronis Threat Research Unit. “The…
GoBruteforcer Botnet Targets Linux Servers
The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL This article has been indexed from www.infosecurity-magazine.com Read the original article: GoBruteforcer Botnet Targets Linux Servers
Microsoft Enforces Mandatory MFA for Microsoft 365 Admin Center Logins
Microsoft is ramping up security measures for its enterprise customers, mandating multi-factor authentication (MFA) for all users accessing the Microsoft 365 admin center. The policy takes full effect on February 9, 2026, building on a softer rollout that began in…
New Phishing Attack Impersonate as DocuSign Deploys Stealthy Malware on Windows Systems
A new phishing wave is abusing fake DocuSign notifications to drop stealthy malware on Windows systems. The emails copy real DocuSign branding and urge users to review a pending agreement, pushing them toward a link that claims to host the…
Hackers Launched 8.1 Million Attack Sessions to React2Shell Vulnerability
The React2Shell vulnerability (CVE-2025-55182) continues to face a relentless exploitation campaign, with threat actors launching more than 8.1 million attack sessions since its initial disclosure. According to GreyNoise Observation Grid data, daily attack volumes have stabilized at 300,000–400,000 sessions since…
ChatGPT Health – A Dedicated Space for Health Queries With Strong Privacy and Security
OpenAI has launched ChatGPT Health, a specialized platform that helps users securely manage their health information and receive intelligent support for wellness-related questions. With over 230 million people using ChatGPT weekly for health inquiries, the company recognized the need for a…
UAT-7290 Hackers Attacking Critical Infrastructure Entities in South Asia
A dangerous hacking group known as UAT-7290 has been actively attacking important telecommunications companies and critical infrastructure targets across South Asia since at least 2022. This advanced threat actor operates with clear signs of Chinese government connections and poses a…
UK Government Unveils New Cyber Action Plan
The UK government’s cyber action plan is by the government for the government, and has no advice for the private sector nor CNI. The post UK Government Unveils New Cyber Action Plan appeared first on SecurityWeek. This article has been…
New Zero-Click Attack Lets ChatGPT User Steal Data
Researchers at Radware discovered new prompt injection attacks in ChatGPT agentic features This article has been indexed from www.infosecurity-magazine.com Read the original article: New Zero-Click Attack Lets ChatGPT User Steal Data