The company will use the investment to accelerate platform adoption and expansion into the federal market. The post Torq Raises $140 Million at $1.2 Billion Valuation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Researchers Uncover Service Providers Fueling Industrial-Scale Pig Butchering Fraud
Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across…
BreachForums database leaked, Instagram breach worries, UK government exempts self
BreachForums hacking forum database leaked exposing 324,000 accounts Instagram breach exposes user data, creates password reset panic UK government exempts self from flagship cyber law Thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026…
IT Security News Hourly Summary 2026-01-12 09h : 10 posts
10 posts were published in the last hour 8:3 : Alleged Scam Boss Arrives In China After Cambodia Arrest 8:2 : Fake Employee Performance Reports Deliver Guloader Malware 7:32 : Hacking Group “Everest” Allegedly Claims Nissan Motor Breach 7:32 :…
Alleged Scam Boss Arrives In China After Cambodia Arrest
Chen Zhi, alleged leader of massive online scamming operation, shown hooded and in handcuffs after Cambodia arrest This article has been indexed from Silicon UK Read the original article: Alleged Scam Boss Arrives In China After Cambodia Arrest
Fake Employee Performance Reports Deliver Guloader Malware
Organizations are being warned about a new phishing campaign that weaponizes fake employee performance reports to deploy the Guloader malware and ultimately install Remcos RAT on compromised systems. In the observed cases, threat actors send phishing emails that purport to…
Hacking Group “Everest” Allegedly Claims Nissan Motor Breach
The Everest hacking group has allegedly claimed responsibility for a major cyberattack on Nissan Motor Co., Ltd., one of Japan’s leading automotive manufacturers. According to threat intelligence reports observed on January 10, 2026, the cybercriminal organization claims to have exfiltrated…
X Suspended Twitter Account for Violation of Rules
X has suspended the iconic @twitter handle on its platform, replacing its profile with a standard notice stating the account violates rules. Screenshots of the suspension screen began circulating widely late last week, igniting discussions about the platform’s rebranding efforts.…
Critical Zlib Vulnerability Let Attackers Trigger Buffer Overflow by Invoking untgz
A severe global buffer overflow vulnerability has been discovered in the zlib untgz utility version 1.3.1.2. Allowing attackers to corrupt memory and potentially execute malicious code through specially crafted command-line input. The security flaw resides in the TGZfname() function of…
Everest Hacking Group Allegedly Claims Breach of Nissan Motors
Everest hacking group has allegedly claimed a major breach of Nissan Motor Co., Ltd., raising fresh concerns about data security at large automotive manufacturers. According to early reports, the cybercrime group says it exfiltrated around 900 GB of sensitive data…
Critical InputPlumber Vulnerabilities Allows UI Input Injection and Denial-of-Service
Critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, could allow attackers to inject UI inputs and cause denial-of-service conditions on affected systems. The SUSE researchers tracked as CVE-2025-66005 and CVE-2025-14338, which affect InputPlumber versions before v0.69.0 and stem from…
Rethinking OT security for project heavy shipyards
In this Help Net Security interview, Hans Quivooij, CISO at Damen Shipyards Group, discusses securing OT and ICS in the shipyard. He outlines how project-based operations, rotating contractors, and temporary systems expand the threat surface and complicate access control. Quivooij…
Critical InputPlumber Flaw Enables UI Input Injection and Denial-of-Service
Security researchers have discovered critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, that could allow attackers to inject keystrokes, leak sensitive information, and cause denial-of-service conditions. The flaws, tracked as CVE-2025-66005 and CVE-2025-14338, affect InputPlumber versions…
pfSense: Open-source firewall and routing platform
Firewalls, VPN access, and traffic rules need steady attention, often with limited budgets and staff. In that context, the open source pfSense Community Edition (CE) continues to show up in production environments, supported by a long-standing user community. pfSense CE…
New Research Uncovers 28 Unique IP Addresses and 85 Domains Hosting Carding Markets
A recent investigation has exposed the technical foundation of underground carding operations, revealing 28 unique IP addresses and 85 domains actively hosting illegal marketplaces where stolen credit card data is bought and sold. These platforms operate as sophisticated e-commerce sites…
Researchers Uncover 28 Unique IPs and 85 Domains Hosting Carding Markets
Between July and December 2025, cybersecurity firm Team Cymru conducted an extensive analysis of carding infrastructure, revealing a sophisticated network comprising 28 unique IP addresses and 85 domains that actively host illicit carding markets and forums. The research employed technical…
17.5 Million Instagram Account “Leak” – What’s Really Happening?
Cyber Security analysts at Malwarebytes and Have I Been Pwned suggest this data was actually “scraped”—harvested via an… The post 17.5 Million Instagram Account “Leak” – What’s Really Happening? appeared first on Hackers Online Club. This article has been indexed…
EU’s Chat Control could put government monitoring inside robots
Cybersecurity debates around surveillance usually stay inside screens. A new academic study argues that this boundary no longer holds when communication laws extend into robots that speak, listen, and move among people. Researchers Neziha Akalin and Alberto Giaretta examine the…
What security teams can learn from torrent metadata
Security teams often spend time sorting through logs and alerts that point to activity happening outside corporate networks. Torrent traffic shows up in investigations tied to policy violations, insider risk, and criminal activity. A new research paper looks at that…
EDRStartupHinder: Blocks Antivirus & EDR at Windows 11 25H2 Startup (Defender Included)
A cybersecurity researcher has unveiled EDRStartupHinder, a proof-of-concept tool that prevents antivirus and endpoint detection and response (EDR) solutions from launching during Windows startup, including Microsoft Defender on Windows 11 25H2. The technique exploits Windows Bindlink API functionality through the bindflt.sys…
Critical zlib Flaw Let Attackers Can Trigger a Buffer Overflow via untgz
A severe buffer overflow vulnerability has been discovered in the zlib untgz utility, affecting version 1.3.1.2, allowing attackers to trigger memory corruption via maliciously crafted command-line arguments. The vulnerability resides in the TGZfname() function, where an unbounded strcpy() call copies…
New “Penguin” Platform Sells Pig-Butchering Kits, PII, and Stolen Accounts
The industrialization of pig butchering scams has reached a critical tipping point. A sprawling Pig Butchering-as-a-Service (PBaaS) economy has emerged across Southeast Asia, offering turnkey scam platforms, stolen identities, pre-registered SIM cards, mobile applications, payment infrastructure, and shell company formation services.…
Enshittification is ruining everything online (Lock and Code S07E01)
This week on the Lock and Code podcast, we speak with Cory Doctor about enshittification and its dangerous impact online and off. This article has been indexed from Malwarebytes Read the original article: Enshittification is ruining everything online (Lock and…
Downtime pushes resilience planning into security operations
CISOs describe a shift in how they define success. New research from Absolute Security shows broad agreement that resilience outweighs security goals centered on prevention alone. Security leaders increasingly define their role around keeping the business operating through disruption. The…