Hot stuff

WinRAR vulnerability still a go-to tool for hackers, Mandiant warns

WinRAR vulnerability still a go-to tool for hackers, Mandiant warns 2026-01-28 at 17:02 By Zeljka Zorz State-sponsored hackers and financially motivated attackers continue leveraging a critical WinRAR vulnerability (CVE-2025-8088) that’s been fixed over half a year ago. CVE-2025-8088 is a path traversal vulnerability that can be exploited via maliciously crafted RAR archives. “The exploit chain […]

WinRAR vulnerability still a go-to tool for hackers, Mandiant warns Read More »

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom 2026-01-28 at 08:15 By Help Net Security Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom Read More »

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) 2026-01-28 at 02:21 By Zeljka Zorz Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked out

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) Read More »

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses 2026-01-27 at 17:17 By Zeljka Zorz A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get the Amatera Stealer

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses Read More »

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509) 2026-01-27 at 11:22 By Zeljka Zorz Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in the wild in zero-day attacks. Users and admins are advised to review the associated

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509) Read More »

Poland repels data-wiping malware attack on energy systems

Poland repels data-wiping malware attack on energy systems 2026-01-26 at 14:37 By Zeljka Zorz Suspected Russian cyber attackers tried to take down parts of Poland’s energy infrastructure with new data-wiping malware – and failed. According to information shared by the Polish government earlier this month, the attacks happened on 29 and 30 December 2025, and

Poland repels data-wiping malware attack on energy systems Read More »

Inside Microsoft’s veteran-to-tech workforce pipeline

Inside Microsoft’s veteran-to-tech workforce pipeline 2026-01-26 at 12:12 By Zeljka Zorz The technology workforce is changing, and military veterans are increasingly being recognized as one of the industry’s most valuable and dependable talent pools. In this Help Net Security interview, Chris Cortez, Vice President of Military Affairs at Microsoft and longtime leader of the Microsoft

Inside Microsoft’s veteran-to-tech workforce pipeline Read More »

Okta users under attack: Modern phishing kits are turbocharging vishing attacks

Okta users under attack: Modern phishing kits are turbocharging vishing attacks 2026-01-23 at 15:31 By Zeljka Zorz Threat actors who specialize in vishing (i.e., voice phishing) have started using phishing kits that can intercept targets’ login credentials while also allowing attackers to control the authentication flow in a targeted user’s browser in real-time. At least

Okta users under attack: Modern phishing kits are turbocharging vishing attacks Read More »

Energy sector orgs targeted with AiTM phishing campaign

Energy sector orgs targeted with AiTM phishing campaign 2026-01-22 at 15:19 By Zeljka Zorz Organizations in the energy sector are being targeted with phishing emails aimed at compromising enterprise accounts, Microsoft warns. The attack campaign The attacks started with phishing emails with “NEW PROPOSAL – NDA” in the subject line, coming from a compromised email

Energy sector orgs targeted with AiTM phishing campaign Read More »

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? 2026-01-21 at 22:22 By Zeljka Zorz CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? Read More »

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) 2026-01-21 at 20:57 By Zeljka Zorz Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the wild, the company announced on Wednesday via a security advisory. About CVE-2026-20045 CVE-2026-20045 is

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) Read More »

RansomHub claims alleged breach of Apple partner Luxshare

RansomHub claims alleged breach of Apple partner Luxshare 2026-01-21 at 14:34 By Zeljka Zorz Chinese electronic manufacturer and Apple partner Luxshare Precision Industry has allegedly been breached by affiliates of the RansomHub ransomware-as-a-service outfit. Luxshare is one of the primary assemblers of Apple’s wireless earbuds, iPhones, and Vision Pro devices, as well as a producer

RansomHub claims alleged breach of Apple partner Luxshare Read More »

Linux users targeted by crypto thieves via hijacked apps on Snap Store

Linux users targeted by crypto thieves via hijacked apps on Snap Store 2026-01-21 at 12:17 By Zeljka Zorz Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical developer Alan Pope warned. SnapScope web app identifies malicious snaps (Source:

Linux users targeted by crypto thieves via hijacked apps on Snap Store Read More »

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever 2026-01-21 at 07:34 By Help Net Security Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is how findings are handled after the testing concludes. The method of reporting,

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever Read More »

Initial access broker pleads guilty to selling access to 50 corporate networks

Initial access broker pleads guilty to selling access to 50 corporate networks 2026-01-20 at 15:43 By Zeljka Zorz A 40-year-old Jordanian man has admitted to selling unauthorized access to computer networks of at least 50 companies, the US Attorney’s Office of the District of New Jersey has announced. Feras Khalil Ahmad Albashiti has pleaded guilty

Initial access broker pleads guilty to selling access to 50 corporate networks Read More »

Confusion and fear send people to Reddit for cybersecurity advice

Confusion and fear send people to Reddit for cybersecurity advice 2026-01-20 at 09:00 By Sinisa Markovic A strange charge appears on a bank account. An email claims a package is on the way. A social media account stops accepting a password that worked yesterday. When these moments hit, many people do the same thing. They

Confusion and fear send people to Reddit for cybersecurity advice Read More »

Fake browser crash alerts turn Chrome extension into enterprise backdoor

Fake browser crash alerts turn Chrome extension into enterprise backdoor 2026-01-19 at 17:21 By Zeljka Zorz Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user

Fake browser crash alerts turn Chrome extension into enterprise backdoor Read More »

Global tensions are pushing cyber activity toward dangerous territory

Global tensions are pushing cyber activity toward dangerous territory 2026-01-19 at 09:48 By Sinisa Markovic Cybersecurity is inseparable from geopolitics. Ongoing conflicts, sanctions, trade wars, geoeconomic rivalry, and technological competition have pushed state competition into cyberspace. States use cyber operations to exert pressure on rivals, enabling disruption without resorting to conventional weapons. Infrastructure vulnerabilities in

Global tensions are pushing cyber activity toward dangerous territory Read More »

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393) 2026-01-16 at 17:05 By Zeljka Zorz Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the devices’ AsyncOS that has been exploited as a zero-day by suspected Chinese attackers since at

Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393) Read More »

Sensitive data of Eurail, Interrail travelers compromised in data breach

Sensitive data of Eurail, Interrail travelers compromised in data breach 2026-01-15 at 17:04 By Zeljka Zorz A data breach at the Netherlands-based company that sells Eurail (Interrail) train passes resulted in the compromise of personal and sensitive information belonging to an as-yet unknown number of travelers. What data was accessed? Eurail B.V. operates on behalf

Sensitive data of Eurail, Interrail travelers compromised in data breach Read More »

Scroll to Top