The cybersecurity landscape has undergone a fundamental shift in recent years, as the definition of insider threats continues to evolve. For decades, organizations focused their security efforts on detecting disgruntled employees or negligent contractors who might compromise sensitive data. Today,…
Tag: Cyber Security News
CISA Warns of Gogs Path Traversal Vulnerability Exploited in Attacks
A critical warning about a path traversal vulnerability in Gogs, a self-hosted Git service, that is being actively exploited in the wild. The vulnerability, tracked as CVE-2025-8110, was added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on January 12, 2026,…
Critical ServiceNow Vulnerability Enables Privilege Escalation Via Unauthenticated User Impersonation
A critical security threat to ServiceNow AI Platform deployments, allowing unauthenticated attackers to impersonate legitimate users and execute unauthorized operations. The vulnerability, CVE-2025-12420, was discovered by AppOmni, a SaaS security firm, and disclosed to ServiceNow in October 2025, prompting immediate…
SAP Security Patch Day January 2026 – Patch for Critical Injection and RCE Vulnerabilities
SAP released 17 new security notes on January 13, 2026, as part of its monthly Security Patch Day, addressing critical injection flaws and remote code execution vulnerabilities across key products. No updates addressed prior notes, urging organizations to act swiftly…
AsyncRAT Leveraging Cloudflare’s Free-Tier Services to Mask Malicious Activities and Detection
A recent AsyncRAT campaign is using Cloudflare’s free tier services and TryCloudflare tunnels to hide remote access activity inside normal looking cloud traffic. In these attacks, threat actors send phishing emails that link to a Dropbox hosted ZIP archive named…
100,000+ n8n Instances Exposed to Internet Vulnerable to RCE Attacks
A critical vulnerability affecting the popular n8n workflow automation platform has put over 100,000 internet-exposed instances at severe risk. Security researchers from The Shadowserver Foundation discovered that 105,753 unique n8n instances are vulnerable to remote code execution (RCE) attacks through…
Hackers Leverage Browser-in-the-browser Tactic to Trick Facebook Users and Steal Logins
Facebook users are increasingly becoming targets of a sophisticated phishing technique that bypasses conventional security measures. With over three billion active users on the platform, Facebook represents an attractive target for attackers seeking to compromise accounts and harvest personal credentials.…
New Angular Vulnerability Enables an Attacker to Execute Malicious Payload
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in Angular’s Template Compiler, affecting multiple versions of both @angular/compiler and @angular/core packages. Tracked as CVE-2026-22610, this vulnerability allows attackers to bypass Angular’s built-in security protections and execute arbitrary JavaScript code…
Malicious Chrome Extension Steals Wallet Login Credentials and Enables Automated Trading
A malicious Chrome extension called MEXC API Automator is abusing trust in browser add-ons to steal cryptocurrency trading access from MEXC users. Posed as a tool that helps automate trading and API key creation, it quietly takes control of newly…
Multiple Hikvision Vulnerabilities Let Attackers Cause Device Malfunction Using Crafted Packets
Hikvision, a leading provider of surveillance and access control systems, faces serious security risks from two newly disclosed stack overflow vulnerabilities. These flaws, tracked as CVE-2025-66176 and CVE-2025-66177, allow attackers on the same local area network (LAN) to trigger device…
Telegram Exposes Real Users IP Addresses, Bypassing Proxies on Android and iOS in 1-click
A stealthy flaw in Telegram’s mobile clients that lets attackers unmask users’ real IP addresses with a single click, even those hiding behind proxies. Dubbed a “one-click IP leak,” the vulnerability turns seemingly innocuous username links into potent tracking weapons.…
Hackers Infiltrated n8n’s Community Node Ecosystem With a Weaponized npm Package
Attackers have successfully infiltrated n8n’s community node ecosystem using a malicious npm package disguised as a legitimate Google Ads integration tool. The attack reveals a critical vulnerability in how workflow automation platforms handle third-party integrations and user credentials. The malicious…
Google Integrating Gemini With Gmail With New features
Google announced Monday it’s integrating its Gemini AI model into Gmail, introducing features that transform the email service into a proactive personal assistant for its 3 billion users. The company is launching AI Overviews, a feature that synthesizes long email threads…
YARA-X 1.11.0 Released With a New Hash Function Warnings
VirusTotal has released YARA-X version 1.11.0, introducing an important new feature designed to improve rule reliability and reduce false negatives in malware detection. The latest update introduces hash-function warnings that help security researchers catch common mistakes when writing YARA detection rules.…
InvisibleJS Tool Hides Executable ES Modules in Empty Files Using Zero-Width Steganography
InvisibleJS, a new open-source tool that conceals JavaScript code using invisible zero-width Unicode characters, raises alarms about potential misuse in malware campaigns. InvisibleJS, hosted on GitHub by developer With alias oscarmine, employs steganography to embed source code into seemingly blank…
10 Best Network Security Providers for Healthcare Industry in 2026
The surge in Electronic Health Records (EHRs), telemedicine, and interconnected medical devices has forged a intricate healthcare ecosystem ripe for cyber exploitation. Robust network security solutions are non-negotiable to shield sensitive patient data from advanced threats. Healthcare-focused providers deliver multi-layered…
India Continues to Be the Top Target for Mobile Attacks with 38% Increase in Threats
India faces an unprecedented surge in mobile malware attacks, with a staggering 38% increase in threats compared to the previous year, according to the latest findings from the Zscaler ThreatLabz 2025 Mobile, IoT, and OT Threat Report. The country has…
Web3 Developer Environments Targeted by Social Engineering Campaign Leveraging Fake Interview Software
The cybersecurity landscape is experiencing a major shift in how attackers operate. Threat actors have moved away from traditional hunting methods like phishing emails and cold outreach. Instead, they are now creating sophisticated traps designed to make high-value targets walk…
Critical Apache Struts 2 Vulnerability Allow Attackers to Steal Sensitive Data
A critical XML external entity (XXE) injection vulnerability has been discovered in Apache Struts 2, potentially exposing millions of applications to data theft and server compromise. The vulnerability, tracked as CVE-2025-68493, affects multiple versions of the widely used framework and requires…
Threat actors Allegedly Claim Discord Dataset Containing 78,541,207 Files
Threat actor HawkSec claims to be auctioning a Discord dataset comprising 78,541,207 files. The collection, organized into messages, voice sessions, actions, and servers, stems from an abandoned OSINT/CSINT project spanning several months. HawkSec promoted the dataset in their Discord server,…