Google has rolled out a comprehensive update to Android’s theft protection capabilities, introducing stronger authentication safeguards and enhanced recovery tools designed to protect users before, during, and after theft attempts. The multi-layered defense system, announced on January 26, 2026, builds…
Category: Cyber Security News
eSkimming Attacks Fuelled with Persistent Threats, Evolving Tactics, and Unfinished Recovery
eSkimming attacks, commonly known as Magecart attacks, continue to plague e-commerce websites across the globe, stealing payment card data from unsuspecting customers at checkout. These malicious campaigns inject JavaScript code into compromised websites, capturing sensitive financial information as users complete…
Hackers Exploiting FreePBX Vulnerability to Deploy Webshell and Gain Control of Systems
A sophisticated attack campaign leveraging a critical FreePBX vulnerability to deploy a persistent webshell dubbed “EncystPHP,” enabling threat actors to gain complete administrative control over compromised VoIP systems. The campaign, launched in early December 2025, exploits CVE-2025-64328, a post-authentication command-injection…
Cal.com Broken Access Controls Exposes Millions of Bookings and Leads to Complete Account Takeover
Cal.com, an open-source scheduling platform that millions of people use to book meetings and manage their calendars, recently faced a serious security problem. The platform provides an alternative to tools like Calendly, offering features like calendar syncing, team scheduling, and…
Microsoft 365 Outlook Add-ins Weaponized to Exfiltrate Sensitive Email Data Without Leaving Traces
A significant architectural blind spot in the Microsoft 365 ecosystem that allows threat actors to exfiltrate sensitive email data without leaving forensic traces. Dubbed “Exfil Out&Look,” this attack technique leverages the Outlook add-in framework to intercept outgoing communications stealthily. Unlike…
Google Disrupted World’s Largest IPIDEA Residential Proxy Network
Google and its partners launched a major operation this week to shut down what security experts consider one of the world’s largest residential proxy networks: IPIDEA. The proxy service operates by routing internet traffic through millions of everyday consumer devices…
Critical IDIS IP Cameras One-Click Vulnerability Leads to full Compromise of Victim’s Computer
A severe security flaw in IDIS IP cameras has emerged, allowing attackers to gain complete control over a victim’s computer with just one click. The vulnerability, tracked as CVE-2025-12556, targets the IDIS Cloud Manager (ICM) Viewer, a Windows-based application used…
BlackIce – A Container Based Red Teaming Toolkit for AI Security Testing
Databricks has officially announced the release of BlackIce, an open-source, containerized toolkit designed to streamline AI security testing and Red Teaming. Originally introduced at CAMLIS Red 2025, BlackIce addresses the fragmentation and configuration challenges that security researchers often face when…
Threat Actors Using AI Generated Malicious Job Offers to Deploy PureRAT
A Vietnamese cybercrime group is using artificial intelligence to write malicious code in an ongoing phishing campaign that distributes the PureRAT malware through fake job opportunities. The campaign, initially detected in December 2025, represents a concerning evolution in threat actor…
eScan Antivirus Update Server Hacked to Push Malicious Update packages
A critical supply chain compromise affecting MicroWorld Technologies’ eScan antivirus product, wherein threat actors successfully hijacked the vendor’s legitimate update infrastructure to distribute malware. Discovered on January 20, 2026, by Morphisec, the attack utilized a trojanized update package to deploy…
Attackers Targeting Canadian Citizens by Exploiting Their Reliance on Digital Services
Attackers are increasingly targeting Canadian citizens by abusing their heavy dependence on online government and commercial services. From paying traffic fines and renewing licenses to tracking parcels and booking flights, people now expect these tasks to be quick and digital.…
Critical Solarwinds Web Vulnerability Allows Remote Code Execution and Security Bypass
Multiple critical vulnerabilities in SolarWinds Web Help Desk (WHD), culminating in unauthenticated remote code execution (RCE) via Java deserialization in CVE-2025-40551, were uncovered by Horizon3.ai researchers. These flaws chain static credentials, security bypasses, and deserialization weaknesses, affecting versions prior to…
Microsoft Exchange Online to Deprecate SMTP AUTH Basic Authentication for Tenants
Microsoft is preparing a major security shift for cloud email customers as Exchange Online moves toward deprecating SMTP AUTH Basic Authentication for all tenants. The change targets one of the oldest and weakest ways to sign in to email systems,…
New Semantic Chaining Jailbreak Attack Bypasses Grok 4 and Gemini Nano Security Filters
Following the recent Echo Chamber Multi-Turn Jailbreak, NeuralTrust researchers have disclosed Semantic Chaining, a potent vulnerability in the safety mechanisms of multimodal AI models like Grok 4 and Gemini Nano Banana Pro. This multi-stage prompting technique evades filters to produce…
Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence
Praetorian Inc. has publicly released Swarmer, a tool enabling low-privilege attackers to achieve stealthy Windows registry persistence by sidestepping Endpoint Detection and Response (EDR) monitoring. Deployed operationally since February 2025, Swarmer exploits mandatory user profiles and the obscure Offline Registry…
Top 10 Best Data Removal Services In 2026
In 2026, personal data is no longer just a privacy concern, it is a security vector. With the rise of AI-driven scraping and synthetic identity theft, your digital footprint is being harvested at an unprecedented scale. Data removal services have evolved from simple “opt-out” tools into…
CISA Chief Uploaded Sensitive Documents into Public ChatGPT
The acting director of the Cybersecurity and Infrastructure Security Agency (CISA) uploaded sensitive contracting documents marked “for official use only” into the public version of ChatGPT last summer, triggering multiple automated security alerts designed to prevent data exfiltration from federal…
Threat Actors Leverage Real Enterprise Email Threads to Deliver Phishing Links
In a sophisticated supply chain phishing attack, threat actors hijacked an ongoing email thread among C-suite executives discussing a document awaiting final approval. The intruder, posing as a legitimate participant, replied directly with a phishing link mimicking a Microsoft authentication…
Check Point Harmony SASE Windows Client Vulnerability Enables Privilege Escalation
A critical privilege-escalation vulnerability has been discovered in Check Point’s Harmony SASE (Secure Access Service Edge) Windows client software, affecting versions prior to 12.2. Tracked as CVE-2025-9142, the flaw allows local attackers to write or delete files outside the intended certificate working…
ZAP JavaScript Engine Memory Leak Issue Impacts Active Scan Usage
The ZAP (Zed Attack Proxy) project, a widely used open-source web application security scanner, has disclosed a critical memory leak in its JavaScript engine. This flaw, likely present for some time, now disrupts active scanning workflows following the introduction of…