Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user install…
Canadian Investment Watchdog Breach
The Canadian Investment Regulatory Organization recently announced that a sophisticated phishing attack in August 2025 led to a data breach affecting 750,000 people. This article has been indexed from CyberMaterial Read the original article: Canadian Investment Watchdog Breach
Ransomware Disrupts Kyowon Operations
The South Korean conglomerate Kyowon Group is currently investigating a significant ransomware attack that has disrupted its operations and potentially compromised the personal information of millions of customers. This article has been indexed from CyberMaterial Read the original article: Ransomware…
Ukraine Germany Target Black Basta
Ukrainian and German authorities have identified two key suspects linked to the Black Basta ransomware group and issued an international warrant for its Russian leader. This article has been indexed from CyberMaterial Read the original article: Ukraine Germany Target Black…
Tennessee Man Hacks Supreme Court System
Nicholas Moore, a 24-year-old from Tennessee, pleaded guilty on Friday to hacking the U.S. This article has been indexed from CyberMaterial Read the original article: Tennessee Man Hacks Supreme Court System
China Tests Quantum Cyber Weapons
The Chinese military has disclosed that it is developing and testing over ten quantum cyberwarfare tools designed to extract intelligence from public cyberspace during active missions. This article has been indexed from CyberMaterial Read the original article: China Tests Quantum…
Google Gemini AI Tricked Into Leaking Calendar Data via Meeting Invites
Cybersecurity researchers at Miggo Security found a flaw in Google Gemini that uses calendar invites to steal private data. Learn how this silent attack bypasses security. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and…
Remcos RAT Campaign Uses Trojanized VeraCrypt Installers to Steal Credentials
AhnLab Security Intelligence Center (ASEC) has identified an active Remcos RAT campaign targeting users in South Korea. The malware is being spread through multiple channels. It often masquerades as VeraCrypt utilities or tools used within illegal online gambling ecosystems. Once…
Acting CISA Director Pushed to Remove Agency CIO
The drama at the Cybersecurity and Infrastructure Security Agency is not helpful when it needs to focus on defending networks and infrastructure. The post Acting CISA Director Pushed to Remove Agency CIO appeared first on TechRepublic. This article has been…
Don’t underestimate pro-Russia hacktivists, warns UK’s cyber crew
They’re not the most sophisticated, but even simple attacks can lead to costly consequences The UK’s National Cyber Security Centre (NCSC) is once again warning that pro-Russia hacktivists are a threat to critical services operators.… This article has been indexed…
‘SolyxImmortal’ Information Stealer Emerges
The information stealer abuses legitimate APIs and libraries to exfiltrate data to Discord webhooks. The post ‘SolyxImmortal’ Information Stealer Emerges appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ‘SolyxImmortal’ Information Stealer Emerges
Jordanian Admits in US Court to Selling Access to 50 Enterprise Networks
Operating as an access broker, the defendant sold unauthorized access to compromised networks to an undercover agent. The post Jordanian Admits in US Court to Selling Access to 50 Enterprise Networks appeared first on SecurityWeek. This article has been indexed…
⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More
In cybersecurity, the line between a normal update and a serious incident keeps getting thinner. Systems that once felt reliable are now under pressure from constant change. New AI tools, connected devices, and automated systems quietly create more ways in,…
Beyond the Algorithm
A critical examination of AI through the lenses of security, privacy, ethics, and governance. This article has been indexed from CyberMaterial Read the original article: Beyond the Algorithm
IT Security News Hourly Summary 2026-01-19 15h : 14 posts
14 posts were published in the last hour 13:32 : Cybercriminals Impersonate Malwarebytes to Steal User Credentials 13:32 : Windows SMB Client Vulnerability Exposes Organizations to Full Active Directory Compromise 13:32 : CIRO Confirms Data Breach Impacting 750,000 Canadian Investors…
Cybercriminals Impersonate Malwarebytes to Steal User Credentials
As part of an ongoing effort to highlight active and technically interesting intrusions, a new “Flash Hunting Findings” investigation has uncovered a short but well‑structured malware campaign impersonating MalwareBytes to deliver infostealers and steal user logins and crypto‑wallet data. The…
Windows SMB Client Vulnerability Exposes Organizations to Full Active Directory Compromise
A severe vulnerability in Windows Server Message Block (SMB) client authentication has emerged as a critical threat to Active Directory environments. CVE-2025-33073, a logical flaw in NTLM reflection handling, enables authenticated attackers to escalate to SYSTEM-level privileges and compromise domain controllers, potentially…
CIRO Confirms Data Breach Impacting 750,000 Canadian Investors
The Canadian Investment Regulatory Organization (CIRO) has officially confirmed a significant data breach affecting approximately 750,000 Canadian investors, stemming from a sophisticated phishing attack initially detected in August 2025. The organization publicly disclosed the incident on January 14, 2026, following a comprehensive…
Unmasked by Leaks: The Hidden Backbone of a Ransomware Operation
The leaks tied to the BlackBasta ransomware group and Russian hosting company Media Land pulled back the curtain on something defenders rarely get to see: the internal machinery and people behind a major ransomware operation. In February 2025, an unknown…
Pulsar RAT Abuses Memory-Only Execution and HVNC for Stealthy Remote Takeover
Pulsar RAT, an advanced evolution of the open-source Quasar RAT, is actively targeting Windows systems with enhanced stealth capabilities and fileless execution techniques. This modular remote access trojan combines memory-only loading, hidden virtual network computing (HVNC), and cryptocurrency wallet clipping to establish persistent backdoor…
Copilot, Code, and CI/CD: Securing AI-Generated Code in DevOps Pipelines
Three months ago, I watched a senior engineer at a Series B startup ship an authentication bypass to production. Not because he was incompetent — he’d been writing secure code since Django was considered cutting-edge. He shipped it because GitHub…
Windows 11 shutdown bug forces Microsoft into out-of-band damage control
Ships emergency update to fix a Patch Tuesday misfire that prevented systems from switching off Microsoft has rushed out an out-of-band Windows 11 update after January’s Patch Tuesday broke something as fundamental as turning PCs off.… This article has been…
Cyber Insights 2026: Information Sharing
Information sharing is necessary for efficient cybersecurity, and is widespread; but never quite perfect in practice. The post Cyber Insights 2026: Information Sharing appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cyber Insights…
Digital Minimalism
A philosophy for using technology with intention, clarity, and restraint in an always-connected world. This article has been indexed from CyberMaterial Read the original article: Digital Minimalism