View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to remotely control other users’ smart home devices, intercept sensitive data, and hijack sessions. The following versions of YoSmart YoLink Smart Hub are affected: YoSmart server (CVE-2025-59449, CVE-2025-59451)…
HoneyTrap – A New LLM Defense Framework to Counter Jailbreak Attacks
Large language models have become essential tools across industries, from healthcare to creative services, revolutionizing how humans interact with artificial intelligence. However, this rapid expansion has exposed significant security vulnerabilities. Jailbreak attacks—sophisticated techniques designed to bypass safety mechanisms—pose an escalating…
Multi-Stage Windows Malware Invokes PowerShell Downloader Using Text-based Payloads Using Remote Host
Security researchers have identified a sophisticated multi-stage Windows malware campaign called SHADOW#REACTOR that represents a significant evolution in delivery mechanisms for remote access tools. The campaign demonstrates how threat actors combine traditional scripting techniques with modern obfuscation methods to bypass…
8000+ SmarterMail Hosts Vulnerable to RCE Attack – PoC Exploit Released
Over 8,000 internet-exposed SmarterMail servers remain vulnerable to a critical remote code execution flaw tracked as CVE-2025-52691, according to scans conducted on January 12, 2026. Security researchers identified 8,001 unique IP addresses likely affected out of 18,783 exposed instances, with…
Cyber Insights 2026: External Attack Surface Management
AI will assist companies in finding their external attack surface, but it will also assist bad actors in locating and attacking the weak points. The post Cyber Insights 2026: External Attack Surface Management appeared first on SecurityWeek. This article has…
Man Sentenced to Seven Years for Hacking Port IT Systems to Enable Drug Imports
A Dutch appeals court has sentenced a 44-year-old man to seven years in prison for his involvement in cyber intrusions targeting major European ports and for using those breaches to support drug trafficking operations. The ruling was issued by…
n8n Supply Chain Attack Exploits Community Nodes In Google Ads Integration to Steal Tokens
Hackers were found uploading a set of eight packages on the npm registry that pretended as integrations attacking the n8n workflow automation platform to steal developers’ OAuth credentials. About the exploit The package is called “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit”, it copies Google Ads…
FBI Flags Kimsuky’s Role in Sophisticated Quishing Attacks
A new warning from the US Federal Bureau of Investigation indicates that spearphishing tactics are being advanced by a cyber espionage group linked to North Korea known as Kimsuky, also known as APT43, in recent months. As the threat…
Anthropic Launches “Claude for Healthcare” to Help Users Better Understand Medical Records
Anthropic has joined the growing list of artificial intelligence companies expanding into digital health, announcing a new set of tools that enable users of its Claude platform to make sense of their personal health data. The initiative, titled Claude…
CISA Flags Actively Exploited Gogs Vulnerability With No Patch
A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Flags Actively Exploited Gogs Vulnerability With No Patch
IT Security News Hourly Summary 2026-01-13 18h : 5 posts
5 posts were published in the last hour 16:33 : Dutch court convicts hacker who exploited port networks for drug trafficking 16:33 : BreachForums Data Leak Raises Fresh Questions Over Credibility 16:32 : Data broker fined after selling Alzheimer’s patient…
Dutch court convicts hacker who exploited port networks for drug trafficking
Dutch appeals court jails a 44-year-old hacker for 7 years for hacking port systems to help smuggle cocaine through European logistics hubs. A Dutch appeals court sentenced a 44-year-old hacker to seven years in prison for hacking port systems to…
BreachForums Data Leak Raises Fresh Questions Over Credibility
BreachForums, one of the most well-known English-language cybercrime forums, has reportedly suffered a data breach, exposing user information after the site was taken offline once again. As reported by The Register, a database linked to the forum was leaked online,…
Data broker fined after selling Alzheimer’s patient info and millions of sensitive profiles
A data broker was fined by California regulators for selling sensitive data on Alzheimer’s patients and millions of others. This article has been indexed from Malwarebytes Read the original article: Data broker fined after selling Alzheimer’s patient info and millions…
Healthcare sector breaches double as shadow AI, vendor risks proliferate
A new report paints a picture of a sector with limited confidence in its defensive capabilities. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Healthcare sector breaches double as shadow AI, vendor risks…
Majority of hedge funds boosted cybersecurity spending in 2025
About half of firms suffered a breach, and a large percentage cited third-party risks. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Majority of hedge funds boosted cybersecurity spending in 2025
Red-Teaming BrowseSafe Exposes AI Browser Guardrail Gaps
Red-team testing shows encoded prompt injections can bypass BrowseSafe guardrails. The post Red-Teaming BrowseSafe Exposes AI Browser Guardrail Gaps appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original article: Red-Teaming BrowseSafe Exposes AI…
SHADOW#REACTOR Campaign Uses Text-Only Staging to Deploy Remcos RAT
SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: SHADOW#REACTOR Campaign Uses Text-Only Staging to Deploy Remcos RAT
AI-Powered Crypto Scams Drive Record $17B Losses in 2025
Research by Chainalysis reveals that AI-powered impersonation tactics have exploded by an unprecedented 1,400% year-over-year. The post AI-Powered Crypto Scams Drive Record $17B Losses in 2025 appeared first on TechRepublic. This article has been indexed from Security Archives – TechRepublic…
Android Banking Malware deVixor Actively Targeting Users with Ransomware Capabilities
A sophisticated Android banking threat has emerged in the threat landscape, posing serious risks to mobile users across certain regions. The malware, known as deVixor, represents a significant evolution in Android-based attacks, combining financial data theft, device control, and extortion…
Critical OpenSSH Vulnerability Exposes Moxa Ethernet Switches to Remote Code Execution
Moxa has issued a critical security advisory regarding CVE-2023-38408, a severe vulnerability in OpenSSH affecting multiple Ethernet switch models. The flaw, with a CVSS 3.1 score of 9.8, allows unauthenticated remote attackers to execute arbitrary code on vulnerable devices without…
Anthropic Unveils “Claude for Healthcare” to Help Users Understand Medical Records
Anthropic has launched Claude for Healthcare, a new set of tools designed to help doctors, insurance companies, and patients use artificial intelligence for medical purposes while meeting strict privacy regulations. The announcement represents a significant expansion of Claude’s capabilities in…
When the Marketing Graph Becomes the Target Map
Ad tech platforms likely know more about your executives than your security team does… and that information is available to anyone willing to pay for it. A recent investigation by Wired revealed that Google’s ad service hosted audience segments tied…
Google Issues Urgent Privacy Warning for 1.5 Billion Photos Users
Google has issued a critical privacy alert for its 1.5 billion Google Photos users following accusations of using personal images to train AI models without consent. The controversy erupted from privacy-focused rival Proton, which speculated that Google’s advanced Nano…