ChatGPT Health is launching as a dedicated health-focused version of ChatGPT that combines personalized health data with stronger privacy and security controls to support not replace conversations with clinicians. The new experience isolates health chats, encrypts data with additional protections, and allows users to securely connect medical…
Cisco ISE Vulnerability Enables Access to Sensitive Data
Cisco has disclosed a new XML External Entity (XXE) vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could allow authenticated attackers with administrative access to read sensitive data from the underlying operating system.…
Trump Signals Possible Cyber Involvement in Caracas Power Loss During Maduro Extraction
President Donald Trump has strongly hinted that the United States used offensive cyber capabilities to help plunge Caracas into darkness during the operation to capture Venezuelan leader Nicolás Maduro an unusually public nod to U.S. cyber power. The blackout, which coincided with pre-dawn…
New DocuSign-Themed Phishing Scam Delivers Stealth Malware to Windows Devices
New research has uncovered a sophisticated phishing campaign that abuses DocuSign’s brand to deliver Vidar malware and infect Windows systems. The operation uses a realistic phishing site, a fake signed installer, access-code checks, and timebased execution barriers to evade both users and automated analysis. DocuSign-themed phishing…
New OAuth Attack Lets Hackers Bypass Microsoft Entra Authentication and Steal Keys
In a year-end tradition that has become all too familiar for cybersecurity defenders, researchers have uncovered a novel attack vector targeting Microsoft Entra ID that weaponizes legitimate OAuth 2.0 authentication flows to harvest privileged access tokens. The technique, dubbed “ConsentFix”…
Cisco ISE Flaw Lets Admins Access Restricted System Files
A Cisco ISE flaw lets authenticated admins access restricted system files, risking sensitive data exposure. The post Cisco ISE Flaw Lets Admins Access Restricted System Files appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read…
Hitachi Energy Asset Suite
View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Asset Suite product versions mentioned in this document below. This vulnerability can be exploited to carry out remote code execution (RCE) attack on the product.…
Illinois health department exposed over 700,000 residents’ personal data for years
The security lapse exposed personal information belonging to residents who received state benefits. This article has been indexed from Security News | TechCrunch Read the original article: Illinois health department exposed over 700,000 residents’ personal data for years
Become a CISSP with Fortinet’s ISC2-Approved NSE Training
Fortinet’s Training Institute is an ISC2 CPE Submitter, enabling CISSP holders to earn CPE credits through NSE courses, Fast Tracks, webinars, and more. This article has been indexed from Industry Trends & Insights Read the original article: Become a…
WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging
Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The campaign has been codenamed Boto Cor-de-Rosa by Acronis Threat Research Unit. “The…
GoBruteforcer Botnet Targets Linux Servers
The GoBruteforcer botnet has been observed targeting exposed Linux servers on services like FTP and MySQL This article has been indexed from www.infosecurity-magazine.com Read the original article: GoBruteforcer Botnet Targets Linux Servers
Microsoft Enforces Mandatory MFA for Microsoft 365 Admin Center Logins
Microsoft is ramping up security measures for its enterprise customers, mandating multi-factor authentication (MFA) for all users accessing the Microsoft 365 admin center. The policy takes full effect on February 9, 2026, building on a softer rollout that began in…
New Phishing Attack Impersonate as DocuSign Deploys Stealthy Malware on Windows Systems
A new phishing wave is abusing fake DocuSign notifications to drop stealthy malware on Windows systems. The emails copy real DocuSign branding and urge users to review a pending agreement, pushing them toward a link that claims to host the…
Hackers Launched 8.1 Million Attack Sessions to React2Shell Vulnerability
The React2Shell vulnerability (CVE-2025-55182) continues to face a relentless exploitation campaign, with threat actors launching more than 8.1 million attack sessions since its initial disclosure. According to GreyNoise Observation Grid data, daily attack volumes have stabilized at 300,000–400,000 sessions since…
ChatGPT Health – A Dedicated Space for Health Queries With Strong Privacy and Security
OpenAI has launched ChatGPT Health, a specialized platform that helps users securely manage their health information and receive intelligent support for wellness-related questions. With over 230 million people using ChatGPT weekly for health inquiries, the company recognized the need for a…
UAT-7290 Hackers Attacking Critical Infrastructure Entities in South Asia
A dangerous hacking group known as UAT-7290 has been actively attacking important telecommunications companies and critical infrastructure targets across South Asia since at least 2022. This advanced threat actor operates with clear signs of Chinese government connections and poses a…
UK Government Unveils New Cyber Action Plan
The UK government’s cyber action plan is by the government for the government, and has no advice for the private sector nor CNI. The post UK Government Unveils New Cyber Action Plan appeared first on SecurityWeek. This article has been…
New Zero-Click Attack Lets ChatGPT User Steal Data
Researchers at Radware discovered new prompt injection attacks in ChatGPT agentic features This article has been indexed from www.infosecurity-magazine.com Read the original article: New Zero-Click Attack Lets ChatGPT User Steal Data
IT Security News Hourly Summary 2026-01-08 18h : 27 posts
27 posts were published in the last hour 16:36 : Discord Controlled NodeCordRAT Steals Chrome Data via NPM Packages 16:36 : BBC Bitesize Launches Media Literacy Series To Help Teens Separate Fact From Fiction Online 16:36 : Real-time malware defense:…
Discord Controlled NodeCordRAT Steals Chrome Data via NPM Packages
Zscaler ThreatLabz identifies three malicious NPM packages mimicking Bitcoin libraries. The NodeCordRAT virus uses Discord commands to exfiltrate MetaMask data and Chrome passwords. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the…
BBC Bitesize Launches Media Literacy Series To Help Teens Separate Fact From Fiction Online
Critical thinking and media literacy are now seen as essential skills for young people, yet many schools lack the resources to teach them, according to new research with teachers, commissioned for BBC Bitesize. Over half of teachers say they need…
Real-time malware defense: Leveraging AWS Network Firewall active threat defense
Cyber threats are evolving faster than traditional security defense can respond; workloads with potential security issues are discovered by threat actors within 90 seconds, with exploitation attempts beginning within 3 minutes. Threat actors are quickly evolving their attack methodologies, resulting…
Moody’s forecasts growing AI threats, regulatory friction for 2026
The U.S. and the EU continue to pursue starkly different regulatory agendas, the research firm noted. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Moody’s forecasts growing AI threats, regulatory friction for 2026
Cisco Snort 3 Security Flaws Threaten Network Inspection
Cisco Snort 3 flaws allow unauthenticated attacks that disrupt inspection or leak sensitive data. The post Cisco Snort 3 Security Flaws Threaten Network Inspection appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…