A malicious VS Code extension has surfaced in the digital threat landscape, targeting developers who rely on coding tools daily. Discovered on January 27, 2026, the fake “ClawdBot Agent” extension presented itself as a legitimate AI-powered assistant, but it concealed…
Threat Actors Leverage Google Search Ads for ‘Mac Cleaner’ to Direct Users to Malicious Websites
Cybercriminals are taking advantage of Google Search Ads to trick Mac users into visiting fake websites that promise to clean their computers. These sponsored ads appear when users search for common terms like “mac cleaner” or “clear cache macos,” making…
Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS
Threat researchers have uncovered an actively serving command and control server hosting a complete deployment of the BYOB framework following the discovery of an exposed open directory. The server, located at IP address 38[.]255[.]43[.]60 on port 8081, was found distributing…
Common Cloud Migration Security Mistakes (and How to Avoid Them)
Common cloud migration security mistakes explained, from weak access controls to misconfigurations, plus practical steps organisations can take to avoid risk. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original article:…
ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers Killed
WIRED asked an active military officer to break down immigration enforcement actions in Minneapolis and elsewhere. This article has been indexed from Security Latest Read the original article: ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers…
Salt Security Brings “Plain English” Clarity to API Security
Salt Security has unveiled a suite of new intelligent analysis features designed to solve the critical “Context Crisis” in application security. Headlined by Salt AI API Summaries, the release introduces a GenAI-powered engine that explains the purpose, data flow and…
New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data
The 2026 Microsoft Data Security Index explores one of the most pressing questions facing organizations today: How can we harness the power of generative while safeguarding sensitive data? The post New Microsoft Data Security Index report explores secure AI adoption…
Op Bizarre Bazaar: New LLMjacking Campaign Targets Unprotected Models
Pillar Security Research has discovered Operation Bizarre Bazaar, a massive cyberattack campaign led by a hacker known as Hecker. Between December 2025 and January 2026, over 35,000 sessions were recorded targeting AI systems to steal compute power and resell access…
Rockwell Automation ControlLogix
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. The following versions of Rockwell Automation ControlLogix are affected: ControlLogix Redundancy Enhanced Module Catalog 1756-RM2 Firmware vers:all/* (CVE-2025-14027) ControlLogix Redundancy Enhanced Module Catalog…
Rockwell Automation ArmorStart LT
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. The following versions of Rockwell Automation ArmorStart LT are affected: ArmorStart LT 290D <=V2.002 (CVE-2025-9464, CVE-2025-9465, CVE-2025-9466, CVE-2025-9278, CVE-2025-9279, CVE-2025-9280, CVE-2025-9281, CVE-2025-9282, CVE-2025-9283)…
KiloView Encoder Series
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to create or delete administrator accounts, granting full administrative control. The following versions of KiloView Encoder Series are affected: Encoder Series E1 hardware Version 1.4 4.7.2516 (CVE-2026-1453)…
TA584 Actors Leveraging ClickFix Social Engineering to Deliver Tsundere Bot Malware
A sophisticated cybercriminal group known as TA584 has expanded its attack toolkit by deploying a new malware called Tsundere Bot through deceptive social engineering tactics. This threat actor, tracked as an initial access broker, has significantly intensified operations throughout 2025,…
31.4 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record
The Aisuru/Kimwolf botnet unleashed the largest publicly disclosed distributed denial-of-service (DDoS) attack in history, peaking at an unprecedented 31.4 terabits per second (Tbps). The massive attack, dubbed “The Night Before Christmas” campaign, targeted Cloudflare’s infrastructure and customers with hyper-volumetric attacks…
Essential E-Signature Solutions for Cybersecurity in 2026
E-signatures are now part of your security posture. In 2026, most organizations sign contracts, approvals, onboarding packets, and financial documents electronically. That increases exposure to account takeover, identity theft, document tampering, and audit gaps—especially when teams rely on weak methods…
Matanbuchus Malware Downloader Evading AV Detections by Changing Components
Matanbuchus is once again drawing attention in the cybersecurity community as it quietly returns to the threat landscape with refined tactics and better tools to avoid detection. This malware, known for its role as a stealthy downloader, is actively being…
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 19, 2026 to January 25, 2026)
📢 Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find…
Google Disrupts Major Residential Proxy Network IPIDEA
Google disrupted the IPIDEA network, a major residential proxy service used to hide cybercriminal activity. The post Google Disrupts Major Residential Proxy Network IPIDEA appeared first on eSecurity Planet. This article has been indexed from eSecurity Planet Read the original…
Davos Reflections on AI, Security, and Responsibility
I just came away reflecting on the conversations around AI, cybersecurity, and the global economy at the World Economic Forum in Davos, and one thing feels clear. We are no longer talking about future disruption. We are living inside it.…
The Security Debt We Pretend Isn’t There
Season 5, EP 01: Unpacking RTO fallout, endpoint sprawl, tooling fatigue, junior workforce erosion The post The Security Debt We Pretend Isn’t There appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…
Google Disrupts Extensive Residential Proxy Networks
Google has taken coordinated action against the massive IPIDEA residential proxy network, enhancing customer protections and disrupting cybercrime operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Disrupts Extensive Residential Proxy Networks
IT Security News Hourly Summary 2026-01-29 18h : 14 posts
14 posts were published in the last hour 17:3 : To stop crims, Google starts dismantling residential proxy network they use to hide 17:3 : An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a…
To stop crims, Google starts dismantling residential proxy network they use to hide
The Chocolate Factory strikes again, targeting the infrastructure attackers use to stay anonymous Crims love to make it look like their traffic is actually coming from legit homes and businesses, and they do so by using residential proxy networks. Now,…
An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a Gmail Account
AI chat toy company Bondu left its web console almost entirely unprotected. Researchers who accessed it found nearly all the conversations children had had with the company’s stuffed animals. This article has been indexed from Security Latest Read the original…
AV vendor goes to war with security shop over update server scare
eScan lawyers up after Morphisec claimed ‘critical supply-chain compromise’ A spat has erupted between antivirus vendor eScan and threat intelligence outfit Morphisec over who spotted an update server incident that disrupted some eScan customers earlier this month.… This article has…