Last week on Malwarebytes Labs: Stay safe! This article has been indexed from Malwarebytes Read the original article: A week in security (January 12 – January 18)
NSA dual-hat question, third-party report, GhostPoster extension continues
Cybercom-NSA leadership nominee to assess dual-hat role Two-thirds of third-party applications access sensitive data without justification, says report GhostPoster browser extensions up to 840,000 installs Huge thanks to our sponsor, Dropzone AI Here’s a security tip most vendors won’t tell…
UK Influencer To Pay Reduced Extradition Costs
TikTok influencer Harrison Sullivan will not have to pay £15,000 cost of jet police chartered to return him from Spain to the UK This article has been indexed from Silicon UK Read the original article: UK Influencer To Pay Reduced…
Argus: Python-Based Recon Toolkit Aims to Boost Security Intelligence
Security researchers and penetration testers gain a comprehensive open-source reconnaissance platform with the release of Argus v2.0, a Python-based information gathering toolkit that consolidates 135 specialised modules into a unified command-line interface. The toolkit addresses the growing complexity of modern…
Mandiant Publishes Rainbow Tables That Crack NTLMv1 Admin Passwords
Mandiant has publicly released comprehensive rainbow tables designed to crack Net-NTLMv1 authentication hashes, addressing a critical security gap that has persisted for over two decades, despite the protocol being deprecated and widely recognized as fundamentally insecure. The decision to release these tables…
ATM maintenance tech broke the bank by forgetting to return a key
Bank staff wore the blame for a silly security slip Who, Me? Welcome to another edition of “Who Me?”, The Register’s Monday column that shares your mistakes and celebrates your escapes.… This article has been indexed from The Register –…
Global tensions are pushing cyber activity toward dangerous territory
Cybersecurity is inseparable from geopolitics. Ongoing conflicts, sanctions, trade wars, geoeconomic rivalry, and technological competition have pushed state competition into cyberspace. States use cyber operations to exert pressure on rivals, enabling disruption without resorting to conventional weapons. Infrastructure vulnerabilities in…
SEON Identity Verification combines KYC checks with real-time fraud intelligence
SEON has unveiled the launch of its AI-powered Identity Verification solution, bringing ID verification, liveness detection and proof of address checks into its unified risk platform. SEON’s solution is built on more than 900 real-time fraud signals, helping organizations assess…
IT Security News Hourly Summary 2026-01-19 09h : 5 posts
5 posts were published in the last hour 7:32 : BodySnatcher – New Vulnerability Allows Attacker to Impersonate Any ServiceNow User 7:32 : New Kerberos Relay Attack Uses DNS CNAME to Bypass Mitigations – PoC Released 7:32 : Review: AI…
BodySnatcher – New Vulnerability Allows Attacker to Impersonate Any ServiceNow User
A critical vulnerability in ServiceNow’s Virtual Agent API and the Now Assist AI Agents application has been discovered, allowing unauthenticated attackers to impersonate any user and execute privileged AI agents remotely. Security researcher Aaron Costello from AppOmni disclosed the flaw,…
New Kerberos Relay Attack Uses DNS CNAME to Bypass Mitigations – PoC Released
A critical flaw in Windows Kerberos authentication that significantly expands the attack surface for credential relay attacks in Active Directory environments. By abusing how Windows clients handle DNS CNAME responses during Kerberos service ticket requests, attackers can coerce systems into…
Review: AI Strategy and Security
AI Strategy and Security is a guide for organizations planning enterprise AI programs. The book targets technology leaders, security professionals, and executives responsible for strategy, governance, and operational execution. It treats AI adoption as an organizational discipline that spans planning,…
Rubrik introduces Security Cloud Sovereign for data sovereignty and regulatory compliance
Rubrik announced Rubrik Security Cloud Sovereign, an offering that gives global organizations control over their data to support national security and operational continuity. Rubrik Security Cloud Sovereign gives customers the ability to maintain control over where data resides and who…
Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations
Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations.…
Can hackers eavesdrop and track people via Bluetooth audio devices?
Yes, they can. A flaw discovered by cyber researchers last year allowed hackers to eavesdrop. And it also allowed them to track people using regular… The post Can hackers eavesdrop and track people via Bluetooth audio devices? appeared first on…
Researchers Hijack Hacker Domain Using Name Server Delegation
Security researchers from Infoblox have successfully intercepted millions of malicious push notification advertisements by exploiting a DNS misconfiguration technique known as “lame nameserver delegation,” gaining complete visibility into a large-scale affiliate advertising operation without directly compromising any systems. The researchers…
New “BodySnatcher” Flaw Allows Full ServiceNow User Impersonation
Security researcher has disclosed a critical vulnerability in ServiceNow’s Virtual Agent API and Now Assist AI Agents application, tracked as CVE-2025-12420. Dubbed “BodySnatcher,” this flaw enables unauthenticated attackers to impersonate any ServiceNow user using only their email address, bypassing multi-factor…
Bytebase: Open-source database DevOps tool
Bytebase is a DevOps platform for managing database schema and data changes through a structured workflow. It provides a central place for teams to submit change requests, run reviews, and track executions across environments. The open-source edition is designed for…
Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
Microsoft’s January 2026 security update has disrupted enterprise Remote Desktop infrastructure, triggering widespread credential prompt failures that prevent users from accessing Azure Virtual Desktop and Windows 365 environments. The problematic patch KB5074109, released January 13, 2026, introduced an authentication regression affecting Windows 11 versions…
Threat Actors Abuse Browser Extensions to Deliver Fake Warning Messages
Threat intelligence researchers at Huntress have uncovered a sophisticated browser extension campaign orchestrated by the KongTuke threat actor group, featuring a malicious ad blocker impersonating the legitimate uBlock Origin Lite extension. The campaign weaponizes fake browser crash warnings to trick…
A new European standard outlines security requirements for AI
The European Telecommunications Standards Institute (ETSI) has released a new European Standard that addresses a growing concern for security teams working with AI. The standard, ETSI EN 304 223, sets baseline cybersecurity requirements for AI models and systems intended for…
New Kerberos Relay Technique Exploits DNS CNAMEs to Bypass Existing Defenses
A critical vulnerability in Windows Kerberos authentication that enables attackers to conduct credential-relay attacks by exploiting DNS CNAME records. Tracked as CVE-2026-20929, this flaw allows threat actors to force victims into requesting Kerberos service tickets for attacker-controlled systems, facilitating lateral…
When the Olympics connect everything, attackers pay attention
Global sporting events bring a surge of network traffic, new systems, and short term partnerships. That mix draws attention from cyber threat actors who see opportunity in scale and distraction. A new Palo Alto Networks threat study on the Milan…
Cisco Patches Async OS Bug
Critical Security Flaws Patched by Cisco and Fortinet Amidst Recent Cyber Threats In this episode of Cybersecurity Today, host David Chipley covers several pressing cybersecurity issues. Cisco has patched a maximum severity zero-day vulnerability in its Async OS software, which…