In December 2025, the Iranian-linked hacking group Handala claimed to have fully compromised the mobile devices of two prominent Israeli political figures. However, detailed analysis by Kela cyber intelligence researchers revealed a more limited scope—the breaches targeted Telegram accounts specifically,…
10,000+ Fortinet Firewalls Still Exposed to 5-year Old MFA Bypass Vulnerability
Over 10,000 Fortinet firewalls worldwide remain vulnerable to CVE-2020-12812, a multi-factor authentication (MFA) bypass flaw disclosed over five and a half years ago. Shadowserver recently added the issue to its daily Vulnerable HTTP Report, highlighting persistent exposure amid active exploitation…
5 UC and collaboration trends reshaping the market in 2026
<p>If 2024 was the year generative AI arrived, then 2025 was the year of the AI agent. Almost every vendor in the unified communications and collaboration (UCC) space released an AI-powered agent, beginning the march toward agentic AI to give…
The Kimwolf Botnet is Stalking Your Local Network
The story you are reading is a series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a broader awareness of the threat. The…
Best of 2025: NIST Launches Updated Incident Response Guide
The National Institute of Standards and Technology (NIST) has released a long-awaited update to its incident response guidance: Special Publication 800-61 Revision 3 (SP 800-61r3). This new version, titled “Incident Response Recommendations and Considerations for Cybersecurity Risk Management,” aligns closely…
Antivirus vs Identity Protection Software: What to Choose and How?
Users often put digital security into a single category and confuse identity protection with antivirus, assuming both work the same. But they are not. Before you buy one, it is important to understand the difference between the two. This blog…
Amazon Links Five-Year Cloud Cyber Campaign to Russia’s Sandworm Group
Amazon is talking about a hacking problem that has been going on for a long time. This problem was targeting customers who use cloud services in countries. Amazon says that a group called Sandworm, which is linked to Russias…
IT Security News Hourly Summary 2026-01-02 15h : 8 posts
8 posts were published in the last hour 14:2 : RondoDoX Botnet Abuses React2Shell Vulnerability for Malware Deployment 14:2 : Cognizant Faces Multiple US Class-Action Lawsuits After TriZetto Data Breach 14:2 : Hacker Group Claims Responsibility for Alleged Tokyo FM…
RondoDoX Botnet Abuses React2Shell Vulnerability for Malware Deployment
CloudSEK has uncovered a sustained nine-month campaign by the RondoDoX botnet operation, revealing rapid exploitation of emerging vulnerabilities including the critical React2Shell vulnerability. Analysis of exposed command-and-control logs spanning March through December 2025 demonstrates how threat actors swiftly adapted attack…
Cognizant Faces Multiple US Class-Action Lawsuits After TriZetto Data Breach
Cognizant Technology Solutions is facing a wave of legal challenges in the United States following a significant data breach at its subsidiary, TriZetto Provider Solutions (TPS). The IT services giant has been hit with at least three class-action lawsuits alleging…
Hacker Group Claims Responsibility for Alleged Tokyo FM Broadcasting Breach
A threat actor operating under the alias “victim” has claimed responsibility for a significant data breach targeting Tokyo FM Broadcasting Co., Ltd., a central radio broadcasting station in Japan. The alleged intrusion, which was observed on January 1, 2025, reportedly…
Google Tasks Feature Exploited in New Sophisticated Phishing Campaign
Over 3,000 organisations, predominantly in manufacturing, fell victim to a sophisticated phishing campaign in December 2025 that leveraged Google’s own application infrastructure to bypass enterprise email security controls. Attackers sent deceptive messages from noreply-application-integration@google.com, marking a critical shift in how threat…
Handala Hackers Breach Telegram Accounts Linked to Israeli Officials
In December 2025, the Iran-linked hacking group known as Handala escalated its influence operations against Israel’s political establishment by publishing material it claimed was pulled from the fully “compromised” mobile devices of two high-profile officials. A technical review by threat…
Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia
The threat actor known as Transparent Tribe has been attributed to a fresh set of attacks targeting Indian governmental, academic, and strategic entities with a remote access trojan (RAT) that grants them persistent control over compromised hosts. “The campaign employs…
Potential Wallet Phishing Campaign Targets Cardano Users via ‘Eternl Desktop’ Announcement
A sophisticated phishing campaign is currently circulating within the Cardano community, posing significant risks to users seeking to download the newly announced Eternl Desktop application. The attack leverages a professionally crafted email claiming to promote a legitimate wallet solution designed…
RondoDoX Botnet Weaponizing a Critical React2Shell Vulnerability to Deploy Malware
A sophisticated threat group has intensified its campaign against organizations by leveraging the latest vulnerabilities in web applications and Internet of Things (IoT) devices. The RondoDoX botnet, tracked through exposed command-and-control logs spanning nine months from March to December 2025,…
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails posing as legitimate Google messages. Check Point researchers have revealed a phishing campaign that abuses Google Cloud Application Integration to send emails impersonating legitimate Google messages. The…
Flock Exposes Its AI-Enabled Surveillance Cameras
404 Media has the story: Unlike many of Flock’s cameras, which are designed to capture license plates as people drive by, Flock’s Condor cameras are pan-tilt-zoom (PTZ) cameras designed to record and track people, not vehicles. Condor cameras can be…
LockBit takedown architect gets New Year award from King Charles
Gavin Webb orchestrated Operation Cronos as it pulled off the legendary disruption sting A senior British crimefighter has been awarded one of the country’s highest tributes for public service for his role in the 2024 LockBit ransomware takedown.… This article…
Two US Cybersecurity Pros Plead Guilty Over Ransomware Attacks
Ryan Goldberg and Kevin Martin have admitted being affiliates of the BlackCat/Alphv ransomware group. The post Two US Cybersecurity Pros Plead Guilty Over Ransomware Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
The ROI Problem in Attack Surface Management
Attack Surface Management (ASM) tools promise reduced risk. What they usually deliver is more information. Security teams deploy ASM, asset inventories grow, alerts start flowing, and dashboards fill up. There is visible activity and measurable output. But when leadership asks…
CISA Warns of WHILL Model C2 Wheelchairs Vulnerability Let Attackers Take Control of Product
A critical security advisory warned of severe vulnerabilities in WHILL electric wheelchairs that could allow attackers to hijack the devices via Bluetooth remotely. The alert affects two popular models used worldwide: the WHILL Model C2 Electric Wheelchair and Model F…
Cognizant Hit With Multiple US Class-Action Lawsuits Following TriZetto Data Breach
Cognizant Technology Solutions is facing multiple class-action lawsuits following a significant data breach at TriZetto Provider Solutions (TPS), its healthcare claims processing subsidiary. The lawsuits, filed in federal courts in New Jersey and Missouri, allege that the company failed to…
Threat Actors Testing Modified and Highly Obfuscated Version of Shai Hulud Strain
Cybersecurity researchers have identified a new variant of the Shai Hulud malware that reveals important insights into how threat actors are evolving their attack strategies. The malware, first observed in recent security analysis, demonstrates significant changes from its original version,…