The 2026 Microsoft Data Security Index explores one of the most pressing questions facing organizations today: How can we harness the power of generative while safeguarding sensitive data? The post New Microsoft Data Security Index report explores secure AI adoption…
Op Bizarre Bazaar: New LLMjacking Campaign Targets Unprotected Models
Pillar Security Research has discovered Operation Bizarre Bazaar, a massive cyberattack campaign led by a hacker known as Hecker. Between December 2025 and January 2026, over 35,000 sessions were recorded targeting AI systems to steal compute power and resell access…
Rockwell Automation ControlLogix
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. The following versions of Rockwell Automation ControlLogix are affected: ControlLogix Redundancy Enhanced Module Catalog 1756-RM2 Firmware vers:all/* (CVE-2025-14027) ControlLogix Redundancy Enhanced Module Catalog…
Rockwell Automation ArmorStart LT
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. The following versions of Rockwell Automation ArmorStart LT are affected: ArmorStart LT 290D <=V2.002 (CVE-2025-9464, CVE-2025-9465, CVE-2025-9466, CVE-2025-9278, CVE-2025-9279, CVE-2025-9280, CVE-2025-9281, CVE-2025-9282, CVE-2025-9283)…
KiloView Encoder Series
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to create or delete administrator accounts, granting full administrative control. The following versions of KiloView Encoder Series are affected: Encoder Series E1 hardware Version 1.4 4.7.2516 (CVE-2026-1453)…
TA584 Actors Leveraging ClickFix Social Engineering to Deliver Tsundere Bot Malware
A sophisticated cybercriminal group known as TA584 has expanded its attack toolkit by deploying a new malware called Tsundere Bot through deceptive social engineering tactics. This threat actor, tracked as an initial access broker, has significantly intensified operations throughout 2025,…
31.4 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record
The Aisuru/Kimwolf botnet unleashed the largest publicly disclosed distributed denial-of-service (DDoS) attack in history, peaking at an unprecedented 31.4 terabits per second (Tbps). The massive attack, dubbed “The Night Before Christmas” campaign, targeted Cloudflare’s infrastructure and customers with hyper-volumetric attacks…
Essential E-Signature Solutions for Cybersecurity in 2026
E-signatures are now part of your security posture. In 2026, most organizations sign contracts, approvals, onboarding packets, and financial documents electronically. That increases exposure to account takeover, identity theft, document tampering, and audit gaps—especially when teams rely on weak methods…
Matanbuchus Malware Downloader Evading AV Detections by Changing Components
Matanbuchus is once again drawing attention in the cybersecurity community as it quietly returns to the threat landscape with refined tactics and better tools to avoid detection. This malware, known for its role as a stealthy downloader, is actively being…
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 19, 2026 to January 25, 2026)
📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…
Google Disrupts Major Residential Proxy Network IPIDEA
Google disrupted the IPIDEA network, a major residential proxy service used to hide cybercriminal activity. The post Google Disrupts Major Residential Proxy Network IPIDEA appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Davos Reflections on AI, Security, and Responsibility
I just came away reflecting on the conversations around AI, cybersecurity, and the global economy at the World Economic Forum in Davos, and one thing feels clear. We are no longer talking about future disruption. We are living inside it.…
The Security Debt We Pretend Isn’t There
Season 5, EP 01: Unpacking RTO fallout, endpoint sprawl, tooling fatigue, junior workforce erosion The post The Security Debt We Pretend Isn’t There appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…
Google Disrupts Extensive Residential Proxy Networks
Google has taken coordinated action against the massive IPIDEA residential proxy network, enhancing customer protections and disrupting cybercrime operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Disrupts Extensive Residential Proxy Networks
IT Security News Hourly Summary 2026-01-29 18h : 14 posts
14 posts were published in the last hour 17:3 : To stop crims, Google starts dismantling residential proxy network they use to hide 17:3 : An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a…
To stop crims, Google starts dismantling residential proxy network they use to hide
The Chocolate Factory strikes again, targeting the infrastructure attackers use to stay anonymous Crims love to make it look like their traffic is actually coming from legit homes and businesses, and they do so by using residential proxy networks. Now,…
An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a Gmail Account
AI chat toy company Bondu left its web console almost entirely unprotected. Researchers who accessed it found nearly all the conversations children had had with the company’s stuffed animals. This article has been indexed from Security Latest Read the original…
AV vendor goes to war with security shop over update server scare
eScan lawyers up after Morphisec claimed ‘critical supply-chain compromise’ A spat has erupted between antivirus vendor eScan and threat intelligence outfit Morphisec over who spotted an update server incident that disrupted some eScan customers earlier this month.… This article has…
Employment Fraud & Hiring Risk: When Access Becomes Risk
Nisos Employment Fraud & Hiring Risk: When Access Becomes Risk Hiring has long been treated as an administrative function. Once a candidate clears background checks and completes onboarding, trust is assumed… The post Employment Fraud & Hiring Risk: When Access…
Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve Cybersecurity
The FBI outlines ten actions which organizations can take to defend networks against cybercriminal and nation-state threats This article has been indexed from www.infosecurity-magazine.com Read the original article: Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve…
CISA, security researchers warn FortiCloud SSO flaw is under attack
The exploitation activity comes weeks after a similar authentication bypass vulnerability was found. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: CISA, security researchers warn FortiCloud SSO flaw is under attack
Google targets IPIDEA in crackdown on global residential proxy networks
Google disrupted IPIDEA, a major residential proxy network that enrolled users’ devices via SDKs embedded in mobile and desktop apps. Google and partners disrupted the IPIDEA residential proxy network, used by many threat actors, via legal domain takedowns, intelligence sharing…
CISA Warns of FortiCloud SSO Authentication Bypass Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical authentication bypass vulnerability in multiple Fortinet products, actively exploited in the wild. Tracked as CVE-2026-24858, the flaw allows attackers with a FortiCloud account to hijack…
Google Announces Android Theft Protection Feature to Make Your Device Harder Target for Hackers
Google has rolled out a comprehensive update to Android’s theft protection capabilities, introducing stronger authentication safeguards and enhanced recovery tools designed to protect users before, during, and after theft attempts. The multi-layered defense system, announced on January 26, 2026, builds…