Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became available starting in early 2026, addressing long-standing issues in certificate security. Short-lived certificates last just 160…
Category: Cyber Security News
Google’s Vertex AI Vulnerability Enables Low-Privileged Users to Gain Service Agent Roles
Google’s Vertex AI contains default configurations that allow low-privileged users to escalate privileges by hijacking Service Agent roles. XM Cyber researchers identified two attack vectors in the Vertex AI Agent Engine and Ray on Vertex AI, which Google deemed “working…
Argus – Python-powered Toolkit for Information Gathering and Reconnaissance
Argus is a comprehensive Python-based toolkit designed for reconnaissance tasks in cybersecurity. The developers recently released version 2.0, expanding it to include 135 modules. This tool consolidates network analysis, web app scanning, and threat intelligence into one interface. Users access…
Researchers Gain Access to StealC Malware Command-and-Control Systems
Security researchers successfully exploited vulnerabilities in the StealC malware infrastructure, gaining access to operator control panels and exposing a threat actor’s identity through their own stolen session cookies. The breach highlights critical security failures in criminal operations built around credential…
Windows 11 PCs Fail to Shut Down After January Security Update
Microsoft’s January 13, 2026, security update for Windows 11 has triggered a frustrating bug: affected PCs refuse to shut down or hibernate, instead restarting. The issue is caused by KB5073455, which targets OS Build 22621.6491 on Windows 11 version 23H2.…
Cloudflare Acquired Open-source Web Framework Astro to Supercharge Development
Cloudflare has acquired the team behind Astro, the popular open-source web framework for building fast, content-driven sites. Announced on January 16, 2026, the deal brings The Astro Technology Company’s full-time employees under Cloudflare’s umbrella to accelerate Astro’s development. Cloudflare positions…
Cisco 0-Day RCE Secure Email Gateway Vulnerability Exploited in the Wild
Cisco has confirmed active exploitation of a critical zero-day remote code execution vulnerability in its Secure Email Gateway and Secure Email and Web Manager appliances. Tracked as CVE-2025-20393, the flaw allows unauthenticated attackers to execute arbitrary root-level commands via crafted…
Google Rolls Out Long-Awaited @gmail.com Email Change Feature for Users
Google is gradually rolling out the ability to change the @gmail.com email address associated with a Google Account to a new @gmail.com address. This feature, previously unavailable, addresses a common pain point for users who regret their original username choice…
New AWS Console Supply Chain Attack Lets Attackers Hijack AWS GitHub Repositories
A critical misconfiguration in AWS CodeBuild enabled unauthenticated attackers to seize control of key AWS-owned GitHub repositories, including the widely used AWS JavaScript SDK powering the AWS Console itself. This supply chain vulnerability threatened platform-wide compromise, potentially injecting malicious code…
Go 1.25.6 and 1.24.12 Patch Critical Vulnerabilities Lead to DoS and Memory Exhaustion Risks
The Go programming language team has rolled out emergency point releases, Go 1.25.6 and 1.24.12, to address six high-impact security flaws. These updates fix denial-of-service (DoS) vectors, arbitrary code execution risks, and TLS mishandlings that could expose developers to remote…
Promptware Kill Chain – Five-Step Kill Chain Model for Analyzing Cyberthreats
Large language models have become deeply integrated into everyday business operations, from customer service chatbots to autonomous agents managing calendars, executing code, and handling financial transactions. This rapid expansion has created a critical security blind spot. Researchers have identified that…
Hackers Abusing Legitimate Cloud and CDN Platforms to Host Phishing Kits
Threat actors are increasingly using trusted cloud and content delivery network platforms to host phishing kits, creating major detection challenges for security teams. Unlike traditional phishing campaigns that rely on newly registered suspicious domains, these attacks use legitimate infrastructure from…
Fortinet FortiSIEM Vulnerability CVE-2025-64155 Actively Exploited in Attacks
Fortinet FortiSIEM vulnerability CVE-2025-64155 is under active exploitation, as confirmed by Defused through their honeypot deployments. This critical OS command injection flaw enables unauthenticated remote code execution, posing severe risks to enterprise security monitoring systems. CVE-2025-64155 stems from improper neutralization…
MonetaStealer Malware Powered with AI Code Attacking macOS Users in the Wild
A new information-stealing malware named MonetaStealer has been discovered actively targeting macOS users through deceptive file disguises and social engineering tactics. Security researchers at Iru first identified this threat on January 6, 2026, when they found a suspicious Mach-O binary…
Turla’s Kazuar v3 Loader Leverages Event Tracing for Windows and Bypasses Antimalware Scan Interface
Turla, a sophisticated threat actor known for targeted cyber attacks, has deployed an upgraded version of its Kazuar v3 loader that introduces advanced evasion techniques designed to bypass modern security defenses. This latest iteration, discovered in January 2026, showcases a…
New Sicarii RaaS Operation Attacks Exposed RDP Services and Attempts to Exploit Fortinet Devices
In December 2025, a previously unknown ransomware-as-a-service operation named Sicarii emerged across underground platforms, introducing itself as an Israeli or Jewish affiliated group. The operation stands apart from typical financially motivated ransomware due to its explicit use of Hebrew language,…
Critical WordPress Plugin Vulnerability Exploited in the Wild to Gain Instant Admin Access
A critical unauthenticated privilege escalation vulnerability in the Modular DS WordPress plugin allows attackers to gain instant admin access, with exploitation confirmed in the wild. Affecting over 40,000 sites, the flaw in versions up to 2.5.1 has prompted urgent patches…
Firefox 147 Released With Fixes for 16 Vulnerabilities that Enable Arbitrary Code Execution
Mozilla released Firefox 147 on January 13, 2026, addressing 16 security vulnerabilities detailed in the Mozilla Foundation Security Advisory. The update patches critical issues across components such as graphics, JavaScript, and networking, addressing six high-impact flaws, including multiple sandbox escapes,…
Critical Cal.com Vulnerability Let Attackers Bypass Authentication and Hijack any User Account
A critical authentication bypass vulnerability in Cal.com’s scheduling platform enables attackers to hijack any user account by exploiting a flaw in the NextAuth JWT callback mechanism. Tracked as CVE-2026-23478, this vulnerability affects versions from 3.1.6 up to but not including…
Microsoft and Authorities Dismatles BEC Attack Chain Powered by RedVDS Fraud Engine
A joint operation led by Microsoft and international law enforcement has dismantled a business email compromise (BEC) attack chain powered by the RedVDS fraud engine. RedVDS operated as a low‑cost “cybercrime subscription” platform, giving criminals disposable virtual machines that looked…