The FTC is seeking a $10 million settlement over allegations that children’s privacy laws were violated through the mislabeling of kid-focused YouTube videos. This article has been indexed from Malwarebytes Read the original article: Disney fined $10m for mislabeling kids’…
Crypto wallet shop Ledger confirms customer data lifted in Global-e snafu
Order and contact details accessed via ecommerce partner, and phishing has begun Blockchain security biz Ledger says customer information was accessed in a breach at its ecommerce payment partner Global-e, and is warning that other brands using the platform may…
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death (BSoD) errors in attacks targeting the European hospitality sector. The end goal of…
UK Launches New Cyber Unit to Bolster Defences Against Cyber Threats
UK government’s new Cyber Action plan looks to provide more ‘hands-on’ support for protecting against and responding to security incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Launches New Cyber Unit to Bolster Defences Against…
How to Avoid Phishing Incidents in 2026: A CISO Guide
Phishing in 2026 is harder to detect and verify. Learn how CISOs can speed up investigations, reduce noise, and respond with confidence. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original…
Dozens of Major Data Breaches Linked to Single Threat Actor
The initial access broker (IAB) relies on credentials exfiltrated using information stealers to hack organizations. The post Dozens of Major Data Breaches Linked to Single Threat Actor appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
What is Identity Dark Matter?
The Invisible Half of the Identity Universe Identity used to live in one place – an LDAP directory, an HR system, a single IAM portal. Not anymore. Today, identity is fragmented across SaaS, on-prem, IaaS, PaaS, home-grown, and shadow applications.…
Threat Actors Leverage Commodity Loader to Attack Organizations in Targeted Email Campaigns
Cybersecurity threat researchers have uncovered a highly sophisticated malware campaign leveraging a commodity loader being shared across multiple threat actor groups. The operation targets manufacturing and government organizations across Italy, Finland, and Saudi Arabia with precision-engineered attacks designed to extract…
Fake WordPress Domain Renewal Email Targeting Admins to Steal Credit Card Data
A deceptive phishing campaign is actively targeting WordPress administrators with convincing fake domain renewal notices designed to steal credit card information and two-factor authentication codes. The emails, masquerading as legitimate WordPress.com renewal reminders, redirect unsuspecting victims to a fraudulent payment…
New macOS TCC Bypass Vulnerability Allow Attackers to Access Sensitive User Data
A critical security vulnerability in macOS has been discovered that enables attackers to completely bypass Transparency, Consent, and Control (TCC) protections. Apple’s primary defense mechanism for preventing unauthorized access to sensitive user data is the use of the microphone, camera,…
New Critical n8n Vulnerability Allow Attackers to Execute Arbitrary Commands
A critical vulnerability has been discovered in n8n, the popular open-source workflow automation platform, enabling authenticated attackers to execute arbitrary commands on host systems. The vulnerability, tracked as CVE-2025-68668, has been assigned a severe CVSS score of 9.9 out of…
NordVPN Denies Breach After Hacker Leaks Data
The VPN company has conducted an investigation after a threat actor claimed to have hacked its systems. The post NordVPN Denies Breach After Hacker Leaks Data appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Report: Increase Usage of Generative AI Services Creates Cybersecurity Challenge
Ray Canzanese said that increased reliance on managed corporate accounts should provide cybersecurity teams with more visibility. The post Report: Increase Usage of Generative AI Services Creates Cybersecurity Challenge appeared first on Security Boulevard. This article has been indexed from…
Jaguar Land Rover’s Q3 Sales Crash Amid Cyber-Attack Fallout
JLR’s wholesale sales plunged 43% and retail drops 25% in the third quarter of 2025 following the 2025 cyber-attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Jaguar Land Rover’s Q3 Sales Crash Amid Cyber-Attack Fallout
Judge Says Amazon Must Face Covid Price-Gouging Lawsuit
District judge in Amazon hometown Seattle throws out company’s motion to dismiss case, calling its arguments ‘unpersuasive’ This article has been indexed from Silicon UK Read the original article: Judge Says Amazon Must Face Covid Price-Gouging Lawsuit
New VVS Stealer Malware Targets Discord Users via Fake System Errors
Palo Alto Networks’ new report reveals VVS Stealer uses Discord Injection and fake error messages to steal tokens and MFA codes. Protect your account from this new Python-based threat. This article has been indexed from Hackread – Cybersecurity News, Data…
CISA Expands KEV Catalog with 1,484 New Vulnerabilities as Active Exploitation Surges 20% in 2025
The United States Cybersecurity and Infrastructure Security Agency (CISA) has significantly expanded its Known Exploited Vulnerabilities (KEV) Catalog to 1,484 vulnerabilities as of December 2025, marking a critical milestone in the federal government’s efforts to combat actively exploited security flaws.…
UK splashes £210M on cyber plan to stop Whitehall getting pwnd
Central government will supposedly be as secure as energy facilities and datacenters under new proposals The UK today launches its Government Cyber Action Plan, committing £210 million ($282 million) to strengthen defenses across digital public services and hold itself to…
Students bag extended Christmas break after cyber hit on school IT
Phones, email, and core systems knocked out at Higham Lane in Nuneaton Students at a school in Warwickshire, England, have scored an extended Christmas break after a cyberattack crippled its IT systems, forcing classrooms to close and staff to summon…
IT Security News Hourly Summary 2026-01-06 12h : 1 posts
1 posts were published in the last hour 10:31 : Intel Launches Next-Gen ‘Panther Lake’ Chips At CES
Intel Launches Next-Gen ‘Panther Lake’ Chips At CES
Intel launches next-generation chips based on Panther Lake platform, first to use cutting-edge 18A manufacturing tech This article has been indexed from Silicon UK Read the original article: Intel Launches Next-Gen ‘Panther Lake’ Chips At CES
Amsterdam Court To Hear Nexperia Arguments
Amsterdam commercial court to hear arguments on 14 January on whether it should investigate alleged mismanagement, amid tensions This article has been indexed from Silicon UK Read the original article: Amsterdam Court To Hear Nexperia Arguments
Why Business Structure Matters for Cybersecurity Compliance in Remote-First Companies
Remote-first companies are no longer an exception. What began as a temporary response to global disruption has evolved into a long-term operating model for startups, scaleups, and even established enterprises. Distributed teams, cloud-based tools, and borderless hiring have unlocked flexibility…
New ClickFix Attack Uses Fake Windows BSOD Screens to Trick Users into Executing Malicious Code
A sophisticated malware campaign called PHALTBLYX has emerged, combining social engineering deception with advanced evasion techniques to compromise hospitality sector organizations. The attack chain begins with phishing emails impersonating Booking.com, featuring urgent reservation cancellation alerts with large financial charges displayed…