Paid tools that “strip” clothes from photos have been available on the darker corners of the internet for years. Elon Musk’s X is now removing barriers to entry—and making the results public. This article has been indexed from Security Latest…
Category: EN
Millions of Android Powered TVs and Streaming Devices Infected by Kimwolf Botnet
Synthient discovers over 2 million Android TV boxes and smart TVs hijacked by the Kimwolf botnet. Learn how hackers are using home devices to launch DDoS attacks and how you can protect your home network. This article has been indexed…
CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200
CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device. CERT/CC warns of an unpatched vulnerability, tracked as CVE-2025-65606, in the TOTOLINK EX200 range extender that lets a remote authenticated…
Brightspeed investigates breach as crims post stolen data for sale
Crimson Collective claims ‘sophisticated attack’ that allows them to ‘disconnect every user from their mobile service’ Internet service provider Brightspeed confirmed that it’s investigating criminals’ claims that they stole more than a million customers’ records and have listed them for…
RondoDox Botnet Operators Set React2Shell Flaw in Their Sights
The operators behind the highly adaptable RondoDox botnet campaign that kicked off in late March have proven to be ready to embrace the latest attack trends. Most recently, in December they began targeting Next.js servers that are vulnerable to the…
Columbia Weather Systems MicroServer
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to redirect the SSH connection to an attacker controlled device, gain admin access to the web portal, and gain limited shell access. The following versions of Columbia Weather…
Ransomware trends, statistics and facts in 2026
<p>Ransomware continues to receive attention at the highest levels of government and business — and for good reasons. It has affected people’s ability to access healthcare, put gas in their vehicles, buy groceries and protect their identities.</p> <p>The <a href=”https://www.techtarget.com/searchsecurity/tip/How-to-calculate-the-cost-of-a-data-breach”>financial…
Founder of spyware maker pcTattletale pleads guilty to hacking and advertising surveillance software
Bryan Fleming, the founder of hacked stalkerware company pcTattletale, pleaded guilty to federal charges linked to the running of his now-defunct Michigan-based spyware company. This article has been indexed from Security News | TechCrunch Read the original article: Founder of…
Bitfinex Hack Mastermind Behind $10 Billion Theft Gets Early Release
Ilya Lichtenstein, the man behind the massive 2016 Bitfinex Bitcoin theft, has been released early from prison. Read how the First Step Act and a trail of Walmart gift cards led to this major update in one of the world’s…
Flare Researchers Analyze SafePay Ransomware Leak Data
Flare researchers analyzed SafePay leak data, showing how the group targets regulated SMBs to maximize pressure. The post Flare Researchers Analyze SafePay Ransomware Leak Data appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the…
Google fixes critical Dolby Decoder bug in Android January update
Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was addressed in the January 2026 Android security update. Google fixed the…
Phishing actors exploit complex routing and misconfigurations to spoof domains
Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, crafted to appear as internally sent messages. The post Phishing actors exploit complex routing and misconfigurations to spoof domains appeared first on Microsoft Security…
Sedgwick confirms Data Breach Following TridentLocker Ransomware Gang Claim
Sedgwick has confirmed a cybersecurity incident at its government-focused subsidiary after the TridentLocker ransomware gang claimed responsibility for stealing 3.4 gigabytes of data. The breach highlights ongoing risks to federal contractors handling sensitive U.S. agency data. Claims administration giant Sedgwick…
2026-01-06: SmartApeSG CAPTCHA page uses ClickFix technique for Remcos RAT
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2026-01-06: SmartApeSG CAPTCHA page uses ClickFix technique for Remcos…
WordPress Admins Targeted by Renewal Email Phishing Scam
A phishing campaign targeting WordPress admins uses fake renewal emails to steal credit card data and 2FA codes in real time. The post WordPress Admins Targeted by Renewal Email Phishing Scam appeared first on eSecurity Planet. This article has been…
Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services
Announcing Microsoft Defender Experts Suite, a integrated set of expert-led services that helps security teams keep pace with modern cyberattacks. The post Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services appeared first on Microsoft Security Blog.…
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control. The names of the extensions, which collectively have…
Critical Dolby Codec Vulnerability Exposes Android Devices to Code Execution Attacks
Google has issued its January 2026 Android Security Bulletin, urging users to update to the 2026-01-05 patch level or later to mitigate a critical vulnerability in Dolby components. The standout issue, CVE-2025-54957, targets the Dolby Digital Plus (DD+) codec and…
Critical AdonisJS Vulnerability Allow Remote Attacker to Write Files On Server
A critical path traversal vulnerability in AdonisJS has been discovered that could allow remote attackers to write arbitrary files to server filesystems, potentially leading to complete system compromise. The vulnerability, tracked as CVE-2026-21440, affects the bodyparser module of the popular TypeScript-first…
Judge Demands OpenAI to Release 20 Million Anonymized ChatGPT Chats in AI Copyright Dispute
A federal judge in New York has ordered OpenAI to provide 20 million anonymized user logs from ChatGPT to the plaintiffs in a major copyright lawsuit involving AI. The judge made this decision despite OpenAI’s privacy concerns, upholding an earlier…