Microsoft patches Office zero-day vulnerability Indian users targeted by Blackmoon Konni targets blockchain developers Huge thanks to our episode sponsor, Conveyor True story, an infosec team had to give customers MapQuest style directions just to navigate their Trust Center. …
EU Probes X Over Grok Images
EU opens new investigation into X, formerly Twitter, after millions of AI-generated sexualised images flood network This article has been indexed from Silicon UK Read the original article: EU Probes X Over Grok Images
HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns
Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer. This article has been indexed from Securelist Read the original…
Threat Actors Using Fake Notepad++ and 7-zip Websites to Deploy Remote Monitoring Tools
Cybercriminals are increasingly distributing malicious Remote Monitoring and Management (RMM) tools through fake websites that mimic popular software download pages. These deceptive sites impersonate legitimate utilities like Notepad++ and 7-Zip, tricking users into installing remote access tools such as LogMeIn…
IT Security News Hourly Summary 2026-01-27 09h : 5 posts
5 posts were published in the last hour 7:32 : Dormakaba flaws allow to access major organizations’ doors 7:31 : When open science meets real-world cybersecurity 7:31 : Logitech introduces two Rally AI Cameras designed for large spaces 7:31 :…
Dormakaba flaws allow to access major organizations’ doors
Researchers found over 20 flaws in Dormakaba access systems that could let attackers remotely unlock doors at major organizations. Researchers from SEC Consult discovered and fixed more than 20 security flaws in Dormakaba physical access control systems. The experts uncovered…
When open science meets real-world cybersecurity
Scientific research environments are built for openness and collaboration, often prioritizing long-term discovery over traditional enterprise security. In this Help Net Security interview, Matthew Kwiatkowski, CISO at Fermilab, America’s particle physics and accelerator laboratory, discusses where cybersecurity blind spots emerge,…
Logitech introduces two Rally AI Cameras designed for large spaces
Logitech announced Rally AI Camera and Rally AI Camera Pro, conference cameras that pack new AI-powered video intelligence into a nearly-invisible aesthetic for large spaces. Rally AI Cameras bring new intelligence, automation into larger, more complex rooms Logitech is merging…
Descope introduces dedicated identity infrastructure for AI agents and MCP ecosystems
Descope has updated its Agentic Identity Hub to provide MCP developers and AI agent builders with standards-based identity infrastructure for their AI systems. Organizations can now use Descope to manage AI agents as first-class identities alongside human users, add OAuth…
Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities
January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity advisories exposing critical flaws across SAP, Microsoft, and Atlassian, the very platforms that run finance systems, identity layers, developer pipelines, and collaboration…
Waiting for AI superintelligence? Don’t hold your breath
AI’s impact on systems, security, and decision-making is already permanent. Superintelligence, often referred to as artificial superintelligence (ASI), describes a theoretical stage in which AI capability exceeds human cognitive performance across domains. Whether current systems are progressing toward cybersecurity superintelligence…
AI’s appetite for data is testing enterprise guardrails
Privacy programs are taking on more operational responsibility across the enterprise. A new Cisco global benchmark study shows expanding mandates, rising investment, and sustained pressure around data quality, accountability, and cross-border data management tied to AI systems. Privacy programs grow…
Ivanti expands Neurons platform with agentic AI and autonomous endpoint management
Ivanti announced AI advancements to the Ivanti Neurons platform, introducing solutions that transform how IT and security teams harness AI-driven intelligence to achieve impactful business outcomes. These features include agentic AI capabilities for Ivanti Neurons for IT Service Management (ITSM),…
Cybersecurity jobs available right now: January 27, 2026
CISO micro1 | USA | Remote – View job details As a CISO, you will define the enterprise security vision and implement a zero-trust architecture across systems and data pipelines. You will secure AI Labs environments, oversee identity and access…
New Lawsuit Claims that Meta Can Read All the WhatsApp Users Messages
A new class-action lawsuit accuses Meta Platforms of misleading billions of WhatsApp users by claiming their messages are protected by unbreakable end-to-end encryption. Filed in the San Francisco federal court, the suit alleges the company secretly stores, analyzes, and grants…
Microsoft Office Zero-day Vulnerability Actively Exploited in Attacks
Microsoft released emergency out-of-band security updates on January 26, 2026, to address CVE-2026-21509, a zero-day security feature bypass vulnerability in Microsoft Office that attackers are actively exploiting. The flaw, rated “Important” with a CVSS v3.1 base score of 7.8, relies…
Clawdbot-Style Agentic Assistants: What Your SOC Should Monitor, Triage, and Contain
What SOC teams need to monitor, triage, and contain when clawdbot-like agentic AI assistants. Includes detection signals, triage questions, and a containment playbook. The post Clawdbot-Style Agentic Assistants: What Your SOC Should Monitor, Triage, and Contain appeared first on D3…
Initial Stages of Romance Scams [Guest Diary], (Tue, Jan 27th)
[This is a Guest Diary by Fares Azhari, an ISC intern as part of the SANS.edu BACS program] This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Initial Stages of Romance Scams [Guest…
SoundCloud – 29,815,722 breached accounts
In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform. The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users. The impacted data included 30M unique…
ISC Stormcast For Tuesday, January 27th, 2026 https://isc.sans.edu/podcastdetail/9782, (Tue, Jan 27th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Tuesday, January 27th, 2026…
IT Security News Hourly Summary 2026-01-27 03h : 2 posts
2 posts were published in the last hour 1:31 : The 7 Essential Elements of a Compliance Framework You Need to Know 1:31 : Clawdbot Is What Happens When AI Gets Root Access: A Security Expert’s Take on Silicon Valley’s…
The 7 Essential Elements of a Compliance Framework You Need to Know
Key Takeaways Regulatory expectations continue to expand. Oversight bodies increasingly look beyond documentation to how organizations manage compliance risk in practice. In this environment, compliance functions best when supported by a structured framework. While industries and jurisdictions vary, effective, high-quality…
Clawdbot Is What Happens When AI Gets Root Access: A Security Expert’s Take on Silicon Valley’s Hottest AI Agent
Clawdbot is the viral AI assistant everyone’s installing—but giving AI agents full system access raises critical security questions. After scaling identity systems to 1B+ users, here’s my take on why machine identity management matters more than ever in the age…
Who Operates the Badbox 2.0 Botnet?
The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software…