People across many organizations now have access to AI tools, and usage keeps spreading. Some groups rely on AI during regular work, others treat it as an occasional helper. That gap between access and routine use sits at the center…
One-time SMS links that never expire are exposing personal data for years
Online services often treat one-time links sent by text message as low-risk conveniences. A new study shows that these links can expose large amounts of personal data for years. Malicious URLs continue to shift from email to SMS According to…
Agentic AI edges closer to everyday production use
Many security and operations teams now spend less time asking whether agentic AI belongs in production and more time working out how to run it safely at scale. A new Dynatrace research report looks at how large organizations are moving…
Microsoft introduces winapp, an open-source CLI for building Windows apps
Microsoft has released winapp, a new command line interface aimed at simplifying the process of building Windows applications. The open-source tool targets developers who rely on terminal based workflows and want a consistent way to create, configure, and manage Windows…
11 Year Old LInux Bug Allows Root Access
Fortinet Firewall Breached, Hidden Linux Vulnerability & Ransomware Boss Pleads Guilty | Cybersecurity Today In this episode of Cybersecurity Today, host David Shipley discusses the latest breach involving Fortinet FortiGate firewalls, an 11-year-old critical Linux vulnerability that was recently discovered,…
ZAP Releases OWASP PenTest Kit Browser Extension for Application Security Testing
The Zed Attack Proxy (ZAP) team has released the OWASP PTK add-on, version 0.2.0 alpha, integrating the OWASP Penetration Testing Kit (PTK) browser extension directly into ZAP-launched browsers. This streamlines application security testing by embedding DAST, IAST, SAST, SCA, and…
New infosec products of the week: January 23, 2026
Here’s a look at the most interesting products from the past week, featuring releases from cside, Obsidian Security, Rubrik, SEON, and Vectra AI. cside targets hidden website privacy violations with Privacy Watch cside announced the launch of Privacy Watch. The…
ISC Stormcast For Friday, January 23rd, 2026 https://isc.sans.edu/podcastdetail/9778, (Fri, Jan 23rd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, January 23rd, 2026…
Crims hit the easy button for Scattered-Spider style helpdesk scams
Teach a crook to phish… Criminals can more easily pull off social engineering scams and other forms of identity fraud thanks to custom voice-phishing kits being sold on dark web forums and messaging platforms.… This article has been indexed from…
How do AI secrets ensure cloud security?
What Role Do AI Secrets Play in Ensuring Cloud Security? Where digital threats loom larger than ever, how do organizations navigate complex cloud security? The answer lies in effectively managing AI secrets. This approach ensures that machine identities, an often…
What makes AI in cybersecurity reliable?
Are Non-Human Identities the Missing Link in Cybersecurity AI Reliability? Cybersecurity is an evolving field, constantly adapting to new threats and vulnerabilities. But have you considered how Non-Human Identities (NHIs) are shaping cybersecurity, especially regarding AI reliability? NHIs, essentially machine…
Why invest in advanced NHIs management?
How Do Non-Human Identities Revolutionize Cloud Security? What are Non-Human Identities (NHIs), and why do they hold the key to revolutionizing cloud security for organizations across various industries? Understanding Non-Human Identities and Their Importance Safeguarding sensitive data requires more than…
How to scale NHIs safely and efficiently?
Is Your Organization Ready to Scale NHIs Safely and Efficiently? Scaling Non-Human Identities (NHIs) is a complex endeavor, particularly in dynamic industries such as financial services, healthcare, and technology-driven sectors that rely heavily on cloud computing. Where NHIs serve as…
IT Security News Hourly Summary 2026-01-23 00h : 1 posts
1 posts were published in the last hour 22:55 : IT Security News Daily Summary 2026-01-22
IT Security News Daily Summary 2026-01-22
161 posts were published in the last hour 22:2 : 18 enterprise email security best practices for 2026 22:2 : Microsoft 365 hit by outage, preventing access to emails and files 21:13 : Views on AI & the Anthropic Report…
18 enterprise email security best practices for 2026
<p>Email security best practices haven’t changed much over the years: Use strong passwords, block spam, don’t trust offers that seem too good to be true and verify requests — even from known entities.</p> <p>These longstanding practices, however, have not stopped…
Microsoft 365 hit by outage, preventing access to emails and files
An hours-long outage is preventing Microsoft’s enterprise customers from accessing their inboxes, files, and video meetings. This article has been indexed from Security News | TechCrunch Read the original article: Microsoft 365 hit by outage, preventing access to emails and…
Views on AI & the Anthropic Report
There’s been a lot of chatter over the use of AI in various fields, and because it’s my professional focus, I’m most interested in how it’s used in cybersecurity. Now, that doesn’t mean that I’m not aware of how it’s…
NDSS 2025 – Rethinking Trust In Forge-Based Git Security
Session 9D: Github + OSN Security Authors, Creators & Presenters: Aditya Sirish A Yelgundhalli (New York University), Patrick Zielinski (New York University), Reza Curtmola (New Jersey Institute of Technology), Justin Cappos (New York University) PAPER Rethinking Trust In Forge-Based Git…
Ring is adding a new content verification feature to videos
Ring says the new feature will identify if video edits have been made, even if they’re minor. This article has been indexed from Security News | TechCrunch Read the original article: Ring is adding a new content verification feature to…
Machine learning–powered Android Trojans bypass script-based Ad Click detection
A new Android click-fraud trojan family uses TensorFlow ML to visually detect and tap ads, bypassing traditional script-based click techniques. Researchers at cybersecurity firm Dr.Web discovered a new Android click-fraud trojan family that uses TensorFlow.js ML models to visually detect…
New Osiris Ransomware Using Wide Range of Living off the Land and Dual-use Tools in Attacks
A newly discovered ransomware family called Osiris launched attacks against a major food service company in Southeast Asia during November 2025. Security researchers have identified this threat as a completely new malware variant with no connection to an older ransomware…
IT Security News Hourly Summary 2026-01-22 21h : 10 posts
10 posts were published in the last hour 20:2 : Analysis of Single Sign-On Abuse on FortiOS 20:2 : Why AI Is Making Attack Surface Management Mandatory 19:34 : Analysis of Single Sign On (SSO) abuse on FortiOS 19:34 :…
Analysis of Single Sign-On Abuse on FortiOS
Fortinet is proactively communicating to customers to share analysis regarding single sign-on (SSO) abuse on FortiOS. This article has been indexed from PSIRT Blog Read the original article: Analysis of Single Sign-On Abuse on FortiOS