security
46 articles tagged with "security"
Tech Feeds
Engineering Log: LL-298: Invalid Option Strikes Causing C (+2 more)
Building an autonomous AI trading system means things break. Here's what we discovered, fixed, and learned today. The Problem: See full details in lesson ll_298_invalid_strikes_call_legs_fail_jan23 Wh...
ICE Asks Companies About ‘Ad Tech and Big Data’ Tools It Could Use in Investigations
A new federal filing from ICE demonstrates how commercial tools are increasingly being considered by the government for law enforcement and surveillance.
Sandworm hackers linked to failed wiper attack on Poland’s energy systems
A cyberattack targeting Poland's power grid in late December 2025 has been linked to the Russian state-sponsored hacking group Sandworm, which attempted to deploy a new destructive data-wiping malware...
CISA confirms active exploitation of four enterprise software bugs
The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend too...
Exploited Zero-Day Flaw in Cisco UC Could Affect Millions
Mass scanning is underway for CVE-2026-20045, which Cisco tagged as critical because successful exploitation could lead to a complete system takeover.
Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft's Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers. [...]
Researchers broke every AI defense they tested. Here are 7 questions to ask vendors.
Security teams are buying AI defenses that don't work. Researchers from OpenAI, Anthropic, and Google DeepMind published findings in October 2025 that should stop every CISO mid-procurement. Their pap...
Researchers say Russian government hackers were behind attempted Poland power outage
Security researchers have attributed the attempted use of destructive /'wiper/' malware across Poland's energy infrastructure in late December to a Russian-backed hacking group known for causing power o...
Swipe, Plug-in, Pwned: Researchers Find New Ways to Hack Vehicles
Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers during the latest Pwn2Own contest at Automotive World 2026.
Curl ending bug bounty program after flood of AI slop reports
The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by lo...
Fortinet Firewalls Hit With Malicious Configuration Changes
Automated infections of potentially fully patched FortiGate devices are allowing threat actors to steal firewall configuration files.
Hacker who stole 120,000 bitcoins wants a second chance—and a security job
Crypto theft was /'the worst thing I had ever done./'
Okta SSO accounts targeted in vishing-based data theft attacks
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to ste...
Risky Chinese Electric Buses Spark Aussie Gov't Review
Deployed across Australia and Europe, China's electric buses are vulnerable to cybercriminals and sport a virtual kill switch the Chinese state could activate.
SmarterMail auth bypass flaw now exploited to hijack admin accounts
Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration tool that allows resetting admin passwords. [...]
Chainlit AI framework bugs let hackers breach cloud environments
Two high-severity vulnerabilities in Chainlit, a popular open-source framework for building conversational AI applications, allow reading any file on the server and leak sensitive information. [...]
Cisco fixes Unified Communications RCE zero day exploited in attacks
Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as CVE-2026-20045, that has been actively exploited as a zero-day in attacks. [...]
'Contagious Interview' Attack Now Delivers Backdoor Via VS Code
Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no other user interaction.
Millions of people imperiled through sign-in links sent by SMS
Even well-known services with millions of users are exposing sensitive data.
New Android malware uses AI to click on hidden browser ads
A new family of Android click-fraud trojans leverages TensorFlow machine learning models to automatically detect and interact with specific advertisement elements. [...]
Online retailer PcComponentes says data breach claims are fake
PcComponentes, a major technology retailer in Spain, has denied claims of a data breach on its systems impacting 16 million customers, but confirmed it suffered a credential stuffing attack. [...]
Phishing Campaign Zeroes in on LastPass Customers
The bait incudes plausible subject lines and credible messages, most likely thanks to attackers' use of large language models to craft them.
Zendesk ticket systems hijacked in massive global spam wave
People worldwide are being targeted by a massive spam wave originating from unsecured Zendesk support systems, with victims reporting receiving hundreds of emails with strange and sometimes alarming s...
A Google Gemini security flaw let hackers use calendar invites to steal private data
Another prompt injection variant was discovered and remedied.
ACF plugin bug gives hackers admin on 50,000 WordPress sites
A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be exploited remotely by unauthenticated attackers to obtain administrative permission...
AI-supported vulnerability triage with the GitHub Security Lab Taskflow Agent
Learn how we are using the newly released GitHub Security Lab Taskflow Agent to triage categories of vulnerabilities in GitHub Actions and JavaScript projects. The post AI-supported vulnerability tria...
VoidLink cloud malware shows clear signs of being AI-generated
The recently discovered cloud-focused VoidLink malware framework is believed to have been developed by a single person with the help of an artificial intelligence model. [...]
Fake ad blocker extension crashes the browser for ClickFix attacks
A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the browser in preparation for ClickFix attacks. [...]
New PDFSider Windows malware deployed on Fortune 100 firm's network
Ransomware attackers targeting a Fortune 100 company in the finance sector used a new malware strain, dubbed PDFSider, to deliver malicious payloads on Windows systems. [...]
You’re probably backing up your data the wrong way
Your data is backed up, but is it secure?
GHSA-GW32-9RMW-QWWW: Svelte SSR XSS: The Textarea Trap
Svelte SSR XSS: The Textarea Trap Vulnerability ID: GHSA-GW32-9RMW-QWWW CVSS Score: 8.4 Published: 2026-01-16 A high-severity Cross-Site Scripting (XSS) vulnerability exists in Svelte's Server-Side...
StealC hackers hacked as researchers hijack malware control panels
A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware allowed researchers to observe active sessions and gather intelligence on the att...
Gootloader now uses 1,000-part ZIP archives for stealthy delivery
The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection by concatenating up to 1,000 archives. [...]
Community-powered security with AI: an open source framework for security research
Announcing GitHub Security Lab Taskflow Agent, an open source and collaborative framework for security research with AI. The post Community-powered security with AI: an open source framework for secur...
How to Implement Google One Tap in React with Auth0 and FedCM
Learn to integrate Google One Tap in Auth0 with React using FedCM. Follow this guide for a seamless Auth0 Token Exchange with a Google ID Token.
New VoidLink malware framework targets Linux cloud servers
A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for mod...
Ukraine's army targeted in new charity-themed malware campaign
Officials of Ukraine's Defense Forces were targeted in a charity-themed campaign between October and December 2025 that delivered backdoor malware called PluggyApe. [...]
Tech Pulse – Weekly Tech Digest January 11, 2026
The article provides a comprehensive overview of key technological advancements showcased at CES 2026, highlighting significant developments in AI, quantum computing, and sustainability. It discusses innovations like autonomous AI agents, advanced GPUs, and breakthroughs in quantum networking, emphasizing their implications for future tech landscapes.
CISA retires 10 emergency cyber orders in rare bulk closure
CISA has retired 10 Emergency Directives, indicating that the required actions have been completed or are now included under Binding Operational Directive 22-01. This move reflects a significant update in the agency's approach to managing cybersecurity vulnerabilities, emphasizing timely patching and risk mitigation.
NodeJS 101 — Part 4 🔐 Authorization with JWT
This article provides a comprehensive tutorial on implementing JWT-based authentication in a Node.js application. It covers key concepts such as token creation, middleware for token verification, and best practices for securing routes, making it a valuable resource for developers looking to enhance their API security.
Why Detection Lost: Building Cryptographic Provenance for the Synthetic Media Crisis
The article discusses the urgent need for cryptographic provenance in combating deepfake threats, highlighting the CAP protocol that provides tamper-evident audit trails for AI-generated content. It emphasizes a paradigm shift from detection to verification, addressing legal challenges in AI copyright through innovative solutions.
Are Copilot prompt injection flaws vulnerabilities or AI limits?
The article discusses the debate surrounding prompt injection flaws in Microsoft's Copilot AI, highlighting differing perspectives between security researchers and Microsoft on whether these issues constitute vulnerabilities or inherent AI limitations. It emphasizes the implications of system prompt disclosure and the ongoing challenges in defining AI security risks.
How generative AI accelerates identity attacks against Active Directory
The article explores how generative AI enhances the efficiency of password attacks against Active Directory by utilizing advanced techniques such as pattern recognition and intelligent credential mutation. It emphasizes the need for organizations to adopt stronger password policies and awareness of compromised credentials to mitigate these AI-driven threats.
ClickFix attack uses fake Windows BSOD screens to push malware
The ClickFix attack employs social engineering tactics, using fake Windows BSOD screens to trick users into executing malware. By impersonating legitimate services like Booking.com, attackers exploit urgency to manipulate victims into running malicious commands, leading to remote access and data compromise.
Cloud file-sharing sites targeted for corporate data theft attacks
The article discusses a cyber threat actor, Zestix, who is selling corporate data stolen from various companies after breaching their cloud file-sharing platforms. It highlights the role of infostealer malware in credential theft and emphasizes the systemic security issues stemming from inadequate security practices among organizations.
US broadband provider Brightspeed investigates breach claims
Brightspeed is investigating claims of a data breach by the Crimson Collective, which allegedly compromised sensitive information of over 1 million customers. The incident highlights ongoing threats to ISPs and the importance of robust cybersecurity measures in protecting customer data.