Image generation paywalled on X after ministers and regulators start asking awkward questions Grok has yanked its image-generation toy out of the hands of most X users after the UK government openly weighed a ban over the AI feature that…
CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday said it’s retiring 10 emergency directives (Eds) that were issued between 2019 and 2024. The list of the directives now considered closed is as follows – ED 19-01: Mitigate DNS…
Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions
Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258, carries a CVSS score of…
China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at least 2022, targeting South Asia and Southeastern Europe. UAT-7290 primarily targets…
FBI Warns of North Korean QR Phishing Campaigns
The FBI says North Korea’s Kimsuky APT group is using QR codes in spear phishing campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Warns of North Korean QR Phishing Campaigns
Nvidia Requires Up-Front Payment For China H200 Orders
Nvidia reportedly requires Chinese customers ordering H200 chips to make full payment up-front, as it faces regulatory uncertainty This article has been indexed from Silicon UK Read the original article: Nvidia Requires Up-Front Payment For China H200 Orders
Credential stuffing: What it is and how to protect yourself
Reusing passwords may feel like a harmless shortcut – until a single breach opens the door to multiple accounts This article has been indexed from WeLiveSecurity Read the original article: Credential stuffing: What it is and how to protect yourself
EU Extends X Retention Order Over Sexualised Images
European Commission tells X to retain documents as it ensures social media platform is complying with EU law This article has been indexed from Silicon UK Read the original article: EU Extends X Retention Order Over Sexualised Images
New Ghost Tapped Attack Uses Your Android Device to Drain Your Bank Account
Chinese threat actors have developed a dangerous new way to steal money directly from bank accounts using specially crafted Android applications. Known as Ghost Tapped, these malicious apps exploit Near Field Communication (NFC) technology, the same wireless technology that powers…
Hackers Actively Exploiting AI Deployments – 91,000+ Attack Sessions Observed
Security researchers have identified over 91,000 attack sessions targeting AI infrastructure between October 2025 and January 2026, exposing systematic campaigns against large language model deployments. GreyNoise’s Ollama honeypot infrastructure captured 91,403 attack sessions during this period, revealing two distinct threat…
SmarterTools SmarterMail Vulnerability Enables Remote Code Execution Attack – PoC Released
A critical pre-authentication remote code execution vulnerability, identified as CVE-2025-52691, has been discovered in SmarterTools’ SmarterMail solution. The flaw received a maximum CVSS score of 10.0, indicating its severe nature and potential impact on affected systems. SmarterTools describes SmarterMail as…
Malicious Process Environment Block Manipulation, (Fri, Jan 9th)
Reverse engineers must have a good understanding of the environment where malware are executed (read: the operating system). In a previous diary, I talked about malicious code that could be executed when loading a DLL[1]. Today, I'll show you how…
China Said To Hack US Congress Email Systems
China-backed Salt Typhoon hacking group reportedly hacks email systems used by staff and aides of powerful Congressional committees This article has been indexed from Silicon UK Read the original article: China Said To Hack US Congress Email Systems
January 2026 Patch Tuesday forecast: And so it continues
Welcome to a new year of my Patch Tuesday forecast blog where I provide a summary of Microsoft and other vendor’s security patch activity (and reported issues) for the month, talk about some of the latest trends, processes, and evolution…
Microsoft enforces admin MFA, Cisco patches ISE, Illinois breaches self
Microsoft to enforce MFA for Microsoft 365 admin center sign-ins Cisco patches ISE security vulnerability after PoC release Illinois state agency breaches itself Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you’re unsure whether your security…
China Tells Companies To Halt Nvidia H200 Orders
Chinese officials tell some domestic companies to halt orders for Nvidia’s H200 chip, as they consider import rules This article has been indexed from Silicon UK Read the original article: China Tells Companies To Halt Nvidia H200 Orders
China Dominates Humanoid Robot Shipments
Robot companies from China account for vast majority of humanoid robot shipments in 2025, with large presence at CES This article has been indexed from Silicon UK Read the original article: China Dominates Humanoid Robot Shipments
IT Security News Hourly Summary 2026-01-09 09h : 1 posts
1 posts were published in the last hour 7:31 : Help desk read irrelevant script, so techies found and fixed their own problem
Help desk read irrelevant script, so techies found and fixed their own problem
As you should, when being told the only remedy is deleting everything and starting again On Call 2025 has ended and a new year is upon us, but The Register will continue opening Friday mornings with a fresh installment of…
Are criminal hacking organizations recruiting teenagers to do the dirty work?
Yes, they are. It has been confirmed that many of the popular hacking organizations that have been terrorizing the world over the last few years… The post Are criminal hacking organizations recruiting teenagers to do the dirty work? appeared first…
Product showcase: TrackerControl lets Android users see who’s tracking them
TrackerControl is an open-source Android application designed to give users visibility into and control over the hidden data within mobile apps. Many apps routinely communicate with third-party services that collect information about usage. TrackerControl makes this activity visible and allows…
How AI agents are turning security inside-out
AppSec teams have spent the last decade hardening externally facing applications, API security, software supply chain risk, CI/CD controls, and cloud-native attack paths. But a growing class of security threats is emerging from a largely underestimated and undefended source: internally…
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing
The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country. “As of 2025, Kimsuky actors have targeted think tanks,…
ICE Agent Who Reportedly Shot Renee Good Was a Firearms Trainer, per Testimony
Jonathan Ross told a federal court in December about his professional background, including “hundreds” of encounters with drivers during enforcement actions, according to testimony obtained by WIRED. This article has been indexed from Security Latest Read the original article: ICE…