Eurail recently confirmed a data breach involving customer information following notification emails sent to affected travelers this week. This article has been indexed from CyberMaterial Read the original article: Eurail Breach Exposes Passenger Info
Jordanian Man Admits Selling Network Access
A Jordanian man living in Georgia recently pleaded guilty in federal court to operating as a cybercriminal access broker. This article has been indexed from CyberMaterial Read the original article: Jordanian Man Admits Selling Network Access
Ghana Arrests Nigerians Over Cybercrime
Ghanaian authorities have apprehended nine Nigerian nationals in Accra following a multi-agency crackdown on organized cybercrime operations across several residential areas. This article has been indexed from CyberMaterial Read the original article: Ghana Arrests Nigerians Over Cybercrime
EN, SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
LLMs in the SOC (Part 1) | Why Benchmarks Fail Security Operations Teams
LLM cybersecurity benchmarks fail to measure what defenders need: faster detection, reduced containment time, and better decisions under pressure. This article has been indexed from SentinelLabs – We are hunters, reversers, exploit developers, and tinkerers shedding light on the world…
AI framework flaws put enterprise clouds at risk of takeover
Update Chainlit to the latest version ASAP Two “easy-to-exploit” vulnerabilities in the popular open-source AI framework Chainlit put major enterprises’ cloud environments at risk of leaking data or even full takeover, according to cyber-threat exposure startup Zafran.… This article has…
Cisco Secure Email Appliance RCE Exploited in Attacks
Cisco says attackers are actively exploiting CVE-2025-20393, a critical RCE flaw in Secure Email appliances. The post Cisco Secure Email Appliance RCE Exploited in Attacks appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
AWS Console Supply Chain Flaw Could Have Enabled GitHub Repo Hijacks
Wiz says an AWS CodeBuild flaw could have enabled GitHub repo hijacks, though AWS reports no impact. The post AWS Console Supply Chain Flaw Could Have Enabled GitHub Repo Hijacks appeared first on eSecurity Planet. This article has been indexed…
Raaga Data Breach Exposes 10.2 Million User Records
Indian music streaming platform Raaga suffered a significant data breach in December 2025, compromising the personal information of 10.2 million users. The stolen database was subsequently offered for sale on a prominent underground hacking forum, raising serious concerns about user…
Open Source Firewall OPNsense 25.7.11 Released With Host Discovery Service
The popular open-source firewall and routing platform built on FreeBSD, released version 25.7.11 on January 15, 2026, bringing significant improvements, including a new host discovery service designed to enhance network management capabilities. The release marks an essential incremental update that…
TP-Link Vulnerability Allows Authentication Bypass Via Password Recovery Feature
A critical authentication vulnerability affecting TP-Link’s VIGI surveillance camera lineup has been disclosed, enabling attackers on local networks to reset administrative credentials without authorization. Tracked as CVE-2026-0629, the flaw resides in the camera’s web interface password recovery function and carries…
Could ChatGPT Convince You to Buy Something?
Eighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AI’s development hadn’t consolidated under a small number of big tech firms. Nor had it capitalized on consumer attention, surveilling users…
Resecurity Breach Claims Exposed as Honeypot Deception
The hackers, who claimed to represent the “Scattered Lapsus$ Hunters” (SLH) group, believed they successfully compromised Resecurity, a cybersecurity firm based in the United States, by exfiltrating their data. Resecurity disputed this by saying they were only able to…
Generative AI for Cybersecurity and Privacy
An in-depth exploration of how generative AI is transforming cyber defense, privacy protection, and digital resilience. This article has been indexed from CyberMaterial Read the original article: Generative AI for Cybersecurity and Privacy
RedHunt-OS
A Linux based threat hunting and DFIR operating system built for blue team operations and adversary detection. This article has been indexed from CyberMaterial Read the original article: RedHunt-OS
IT Security News Hourly Summary 2026-01-20 15h : 14 posts
14 posts were published in the last hour 13:37 : Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info 13:37 : Apache Airflow Flaws Expose Sensitive Workflow Data to Potential Attackers 13:37 : Gootloader Malware With Low Detection…
Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info
As emotional computing applications proliferate, the security threats they face require frameworks beyond traditional approaches. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article: Hackathon Projects Show AI Wellness Apps…
Apache Airflow Flaws Expose Sensitive Workflow Data to Potential Attackers
Apache Airflow has patched two separate credential-exposure vulnerabilities in versions before 3.1.6. The flaws could allow attackers to extract sensitive authentication data embedded in proxy configurations and templated workflow fields through log files and the web UI, potentially compromising network infrastructure and…
Gootloader Malware With Low Detection Rate Evades Most Security Tools
Gootloader malware has resurfaced, employing sophisticated evasion techniques to exploit malformed ZIP archives and obfuscation mechanisms to bypass security detection systems. The Gootloader malware campaign, tracked as a partnership between Storm-0494 and Vanilla Tempest, has returned in late 2025 with…
Raaga Confirms Major Data Breach Exposing Personal Information of 10.2Million Users
Indian music streaming platform Raaga has become the latest victim of a significant cybersecurity incident after sensitive user data was posted for sale on a popular hacking forum in December 2025. The breach has exposed personal information from over 10 million users,…
Initial access broker pleads guilty to selling access to 50 corporate networks
A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New Jersey has announced. Feras Khalil Ahmad Albashiti has pleaded guilty last Thursday to…
Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
Cybersecurity researchers have disclosed details of a malware campaign that’s targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem. “The malware is designed to exfiltrate sensitive information,…
The Hidden Risk of Orphan Accounts
The Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go – but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles. The…
Linkedin Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs
Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages This article has been indexed from www.infosecurity-magazine.com Read the original article: Linkedin Phishing Campaign Exploits Open-Source Pen Testing Tool to Compromise Business Execs
Police Bust Thai Based Voice Phishing Ring
Authorities in Seoul recently dismantled a Thailand-based voice phishing organization responsible for stealing approximately 7 billion won from dozens of victims. This article has been indexed from CyberMaterial Read the original article: Police Bust Thai Based Voice Phishing Ring