Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025. The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: APTs, Cybercriminals Widely Exploiting…
Author: IT Security News Bot
US Charges 31 More Defendants in Massive ATM Hacking Probe
A total of 87 individuals, mostly Venezuelan nationals, have been charged for their role in the ATM jackpotting scheme. The post US Charges 31 More Defendants in Massive ATM Hacking Probe appeared first on SecurityWeek. This article has been indexed…
Fortinet expands FortiCNAPP with network, data, and runtime-aware risk prioritization
Fortinet announced new enhancements to FortiCNAPP that help organizations better understand and prioritize cloud risk beyond what many CNAPP solutions offer. By correlating cloud configuration, identity exposure, vulnerabilities, network enforcement, data sensitivity, and runtime behavior within a single workflow, FortiCNAPP…
Cloudbrink adds AI innovations to its platform to protect agents, apps, and data
Cloudbrink has expanded security and performance benefits for AI agents and online AI services. The new AI capabilities are available on the same platform as Cloudbrink’s secure connectivity, allowing companies to secure users, apps, and AI in a more unified…
TikTok Settles California Social Media Lawsuit
TikTok settles lawsuit alleging addictive design, mental harms only hours before jury selection, as case proceeds against Google, Meta This article has been indexed from Silicon UK Read the original article: TikTok Settles California Social Media Lawsuit
Volante’s Multi-cloud Resiliency Service keeps payments running during cloud outages
Volante Technologies announced the launch of its Multi-cloud Resiliency Service, engineered to keep financial institutions’ payment operations running seamlessly during major cloud provider outages. Built on Volante’s cloud-native payments platform, the service provides cross-cloud continuity, eliminating single-cloud/provider dependency for the…
Yubico extends hardware passkey deployment options
Yubico announced a significant expansion of YubiKey as a Service, introducing new capabilities that make modern organizations more agile and cyber resilient. With new Self-Service Ordering of YubiKeys enabled through a more streamlined Customer Portal, organizations can deliver phishing-resistance company-wide.…
Teleport’s Agentic Identity Framework protects AI agents in production environments
Teleport has unveiled the Teleport Agentic Identity Framework, an AI-centered framework that provides organizations with a roadmap for securely deploying agentic AI across production cloud and on-premises environments. The framework will evolve alongside the industry and community needs, defining the…
TikTok US Denies Widespread Reports Of Censorship
New US TikTok operator denies widespread claims that content critical of administration is being censored, blaming data centre outage This article has been indexed from Silicon UK Read the original article: TikTok US Denies Widespread Reports Of Censorship
Drowning in spam or scam emails? Here’s probably why
Has your inbox recently been deluged with unwanted and even outright malicious messages? Here are 10 possible reasons – and how to stem the tide. This article has been indexed from WeLiveSecurity Read the original article: Drowning in spam or…
Fortinet Patches Exploited FortiCloud SSO Authentication Bypass
Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts. The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems
Indurex was founded by Jalal Bouhdada, who previously led industrial cybersecurity company Applied Risk. The post Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
WhatsApp rolls out new security feature to protect users from sophisticated attacks
To add an extra layer of protection to its end-to-end encryption, WhatsApp has begun rolling out a new privacy and security feature called Strict Account Settings. It is designed to help users protect their accounts from sophisticated cyberattacks. “We think…
Pondurance RansomSnare blocks file encryption and data exfiltration
Pondurance launched RansomSnare, a new module for its MDR service that halts ransomware attacks at the moment the malicious process attempts to encrypt files and prevents threat actors from exfiltrating sensitive data. RansomSnare is a next-generation ransomware prevention capability that…
US cyber chief uploaded sensitive files into public ChatGPT, Vibe-coded ‘Sicarii’ ransomware can’t be decrypted, WhatsApp account feature combats spyware
US cyber chief uploaded sensitive files into public ChatGPT Vibe-coded ‘Sicarii’ ransomware can’t be decrypted WhatsApp account feature combats spyware Huge thanks to our episode sponsor, Conveyor Ever dream of giving customers instant answers to their security questions without ever…
Report Of High-Level UK China Hack Questioned
Commentators question Telegraph report that China-backed hacking group targeted mobile phones of senior UK officials for several years This article has been indexed from Silicon UK Read the original article: Report Of High-Level UK China Hack Questioned
Critical OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code
OpenSSL patched 12 vulnerabilities on January 27, 2026, including one high-severity flaw that could lead to remote code execution. Most issues cause denial-of-service attacks but highlight risks in parsing untrusted data. The most serious issue, CVE-2025-15467, hits CMS AuthEnvelopedData parsing…
Fortinet Disables FortiCloud SSO Following 0-day Vulnerability Exploited in the Wild
Fortinet temporarily disabled its FortiCloud Single Sign-On (SSO) service after confirming active exploitation of a zero-day authentication bypass vulnerability in multiple products. The issue, tracked as FG-IR-26-060, allows attackers with a malicious FortiCloud account to log into devices registered to…
16 Malicious Chrome Extensions as ChatGPT Enhancements Steals ChatGPT Logins
Researchers have uncovered a significant security threat targeting ChatGPT users through deceptive browser extensions. A coordinated campaign involving 16 malicious Chrome extensions has been discovered, all designed to appear as legitimate productivity tools and ChatGPT enhancement applications. These malware extensions…
IT Security News Hourly Summary 2026-01-28 09h : 7 posts
7 posts were published in the last hour 8:5 : HoneyMyte Hacker Group Updates CoolClient Malware to Deploy Browser Login Data Stealer 8:4 : WhatsApp New Strict Account Settings Option to Protect Your Account from Hackers 8:4 : High-Severity Remote…