Hewlett Packard Enterprise (HPE) has disclosed four high-severity vulnerabilities in its Aruba Networking Instant On devices that could allow attackers to access sensitive network information and disrupt operations. The security flaws, identified as CVE-2025-37165, CVE-2025-37166, CVE-2023-52340, and CVE-2022-48839, affect devices…
Category: Cyber Security News
Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting Providers
Threat actors linked to Chinese hosting infrastructure have established a massive network of over 18,000 active command-and-control servers across 48 different hosting providers in recent months. This widespread abuse highlights a serious issue in how malicious infrastructure can hide within…
Palo Alto Networks Firewall Vulnerability Allows Attacker to Trigger DoS Attacks
Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated attackers disrupt GlobalProtect gateways and portals. The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from…
Palo Alto Networks Firewall Vulnerability Allows Attackers to Trigger Denial of Service
Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated attackers disrupt GlobalProtect gateways and portals. The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from…
Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network
Microsoft released security updates on January 13, 2026, addressing a critical elevation of privilege vulnerability in SQL Server that enables authorized attackers to bypass authentication controls and gain elevated system privileges remotely. Tracked as CVE-2026-20803, the vulnerability stems from missing…
Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of Service
Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated attackers disrupt GlobalProtect gateways and portals. The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from…
Stealthy CastleLoader Malware Attacking US Government Agencies and Critical Infrastructure
A sophisticated malware loader known as CastleLoader has emerged as a critical threat to US government agencies and critical infrastructure organizations. First identified in early 2025, this stealthy malware has been used as the initial access point in coordinated attacks…
New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sessions via a phishing link without further interaction. Attackers initiate Reprompt by sending a…
Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems
DragonForce is the latest ransomware brand to move from noisy forum posts to full RaaS operations, targeting both Windows and VMware ESXi environments. First seen in December 2023 on BreachForums, the group advertises stolen data and uses a dark web…
North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign
North Korean threat actors have launched a sophisticated social engineering campaign targeting software developers through fake recruitment offers. The campaign, known as Contagious Interview, uses malicious repositories disguised as technical assessment projects to deploy a dual-layer malware system. Victims are…
VVS Stealer Attacking Discord Users to Exfiltrate Credentials and Tokens
Discord users are facing a growing threat from VVS Stealer, a Python-based information-stealing malware that targets sensitive account data, including credentials and tokens. This stealer was actively marketed on Telegram as early as April 2025, promoting its ability to steal…
Microsoft Warns Secure Boot May Be Bypassed as Windows UEFI Certificates Expire
Microsoft has addressed a critical security feature bypass vulnerability in Windows Secure Boot certificates, tracked as CVE-2026-21265, through its January 2026 Patch Tuesday updates. The flaw stems from expiring 2011-era certificates that underpin Secure Boot’s trust chain, potentially allowing attackers…
Threat Actors Targeting Ukraine’s Defense Forces with Charity-Themed Malware Campaign
Threat actors have launched a sophisticated malware campaign against members of Ukraine’s Defense Forces, exploiting charity operations as a cover for their attacks. Operating between October and December 2025, the attackers distributed PLUGGYAPE, a Python-based backdoor designed to compromise military…
Betterment Confirms that Hackers Gained Access to Internal Systems
A leading digital wealth management platform disclosed on January 9, 2026, that an unauthorized individual obtained access to its internal systems through a sophisticated social engineering attack. Enabling them to impersonate the company and distribute fraudulent cryptocurrency-related messages to a…
Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets
Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets unauthenticated attackers execute arbitrary code. Tracked as CVE-2025-64155, the issue stems from improper neutralization of special elements in…
Researchers Proposed Game-Theoretic AI for Guiding Attack and Defense
Researchers from Alias Robotics and Johannes Kepler University Linz have unveiled a groundbreaking approach to automated penetration testing that combines artificial intelligence with game theory. Led by Víctor Mayoral-Vilches, Mara Sanz-Gómez, Francesco Balassone, Stefan Rass, and their collaborators, the team…
AuraAudit – Open-Source Tool for Salesforce Aura Framework Misconfiguration Analysis
Mandiant has released AuraInspector, an open-source command-line tool that helps security defenders identify and audit access-control misconfigurations in the Salesforce Aura framework. The tool addresses a critical security gap in Salesforce Experience Cloud deployments, where misconfigurations frequently expose sensitive data,…
Elastic Patches Multiple Vulnerabilities That Enables Arbitrary File Theft and DoS Attacks
Elastic has released critical security updates addressing four significant vulnerabilities across its stack, including a high-severity flaw that permits arbitrary file disclosure through compromised connector configurations. The patches resolve issues affecting file handling, input validation, and resource allocation mechanisms in…
Spring CLI Tool Vulnerability Enables Command Execution on the Users Machine
A command injection vulnerability in the Spring CLI VSCode extension poses a security risk to developers still using the outdated tool. The flaw, tracked as CVE-2026-22718, enables attackers to execute arbitrary commands on affected machines, resulting in a medium-severity impact.…
New Android Bug Impacts Volume Buttons Functionality with “Select to Speak” Enabled
Google has identified a critical bug affecting Android devices where the volume buttons malfunction when the Select to Speak accessibility feature is enabled. The issue causes volume keys to adjust accessibility volume rather than media volume. It prevents photo capture…