News

Google agrees to pay $135 million over Android data harvesting claims

Android, Don't miss, Google, lawsuit, mobile devices, News, Privacy, smartphones /

Google agrees to pay $135 million over Android data harvesting claims 2026-01-29 at 12:13 By Sinisa Markovic Google agrees to pay $135 million to settle a proposed class action lawsuit brought by Android smartphone users over alleged unauthorized cellular data transmissions. After fees and administrative costs are deducted, the remaining settlement funds would be divided […]

Google agrees to pay $135 million over Android data harvesting claims Read More »

Samsung tackles shoulder surfing on Galaxy devices

mobile devices, mobile security, News, Privacy, Samsung, smartphones /

Samsung tackles shoulder surfing on Galaxy devices 2026-01-29 at 12:13 By Sinisa Markovic Our phones hold our most personal details, and we use them everywhere. On the bus, in elevators, and while waiting in line, screens are often visible to people nearby. The closer phones align with daily habits, the more persistent privacy concerns become.

Samsung tackles shoulder surfing on Galaxy devices Read More »

SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP!

Don't miss, Horizon3.ai, Hot stuff, MSP, News, security update, SMBs, SolarWinds, vulnerability, WatchTowr /

SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP! 2026-01-29 at 11:34 By Zeljka Zorz SolarWinds has fixed six critical and high-severity vulnerabilities in its popular Web Help Desk (WHD) support ticketing and asset management solution, and is urging customers to upgrade to v2026.1 as soon as possible. The vulnerabilities The WHD vulnerabilities fixed

SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP! Read More »

Open-source malware zeroes in on developer environments

cybersecurity, Don't miss, Malware, News, open source, report, Sonatype, vulnerability management /

Open-source malware zeroes in on developer environments 2026-01-29 at 08:36 By Anamarija Pogorelec Open source malware activity during 2025 concentrated on a single objective: executing code inside developer environments, according to Sonatype. The focus reflected a broader shift in supply chain attacks away from end users and toward the tools, machines, and pipelines used to

Open-source malware zeroes in on developer environments Read More »

Hottest cybersecurity open-source tools of the month: January 2026

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: January 2026 2026-01-29 at 08:06 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. OpenAEV: Open-source adversarial exposure validation platform OpenAEV is an open source platform designed to plan, run, and review cyber adversary simulation campaigns

Hottest cybersecurity open-source tools of the month: January 2026 Read More »

A practical take on cyber resilience for CISOs

CISO, cyber resilience, cyber risk, cybersecurity, Don't miss, News, strategy, tips, Video /

A practical take on cyber resilience for CISOs 2026-01-29 at 08:06 By Help Net Security In this Help Net Security video, Shebani Baweja, CISO for Consumer, Private, Wealth & Business Banking at Standard Chartered, explains how security leaders should think about cyber resilience. She outlines why preparation for extreme events matters as much as day

A practical take on cyber resilience for CISOs Read More »

What motivates hackers and what makes them walk away

Artificial Intelligence, Bugcrowd, cybersecurity, hacker, News, report /

What motivates hackers and what makes them walk away 2026-01-29 at 07:02 By Anamarija Pogorelec Most hackers spend more time learning, testing, and comparing notes than breaking into systems. The work often happens alone or in small groups, shaped by curiosity, persistence, and a habit of examining how systems behave. Bugcrowd examined who these security

What motivates hackers and what makes them walk away Read More »

A fake romance turns into an Android spyware infection

cybercrime, ESET, Malware, News, romance scams, scams /

A fake romance turns into an Android spyware infection 2026-01-29 at 02:20 By Anamarija Pogorelec ESET researchers have identified an Android spyware campaign that uses romance scam tactics to target individuals in Pakistan. The operation relies on a malicious app disguised as a chat service that routes conversations through WhatsApp. Behind the romance lure, the

A fake romance turns into an Android spyware infection Read More »

OPNsense 26.1 brings updates to open-source firewall management

cybersecurity, Don't miss, firewall, News, open source, software, Threat Intelligence /

OPNsense 26.1 brings updates to open-source firewall management 2026-01-29 at 01:17 By Anamarija Pogorelec OPNsense, the open-source firewall and network security platform, reached version 26.1, adding a range of updates affecting management, traffic visibility, automation interfaces, and core services. Changes in firewall management and APIs Version 26.1, code-named Witty Woodpecker, introduces revisions to the firewall

OPNsense 26.1 brings updates to open-source firewall management Read More »

LevelBlue Named a Major Player in the IDC MarketScape: Worldwide Managed SSE Services 2025

Managed Security Services, News, Spotlights /

LevelBlue Named a Major Player in the IDC MarketScape: Worldwide Managed SSE Services 2025 2026-01-28 at 17:02 By LevelBlue has been recognized as a Major Player in the IDC MarketScape: Worldwide Managed Security Service Edge Services 2025 Vendor Assessment (IDC #US52992425 September 2025). This article is an excerpt from LevelBlue Blog View Original Source

LevelBlue Named a Major Player in the IDC MarketScape: Worldwide Managed SSE Services 2025 Read More »

WinRAR vulnerability still a go-to tool for hackers, Mandiant warns

APT, BI.ZONE, cybercrime, Don't miss, exploit, Hot stuff, Malware, Mandiant, News, WinRAR /

WinRAR vulnerability still a go-to tool for hackers, Mandiant warns 2026-01-28 at 17:02 By Zeljka Zorz State-sponsored hackers and financially motivated attackers continue leveraging a critical WinRAR vulnerability (CVE-2025-8088) that’s been fixed over half a year ago. CVE-2025-8088 is a path traversal vulnerability that can be exploited via maliciously crafted RAR archives. “The exploit chain

WinRAR vulnerability still a go-to tool for hackers, Mandiant warns Read More »

n8n adds Chat Hub to centralize AI access inside automation workflows

agentic AI, automation, n8n, News /

n8n adds Chat Hub to centralize AI access inside automation workflows 2026-01-28 at 12:32 By Anamarija Pogorelec Teams using automation platforms are starting to treat conversational AI as another operational interface. That change is reflected in a new feature from n8n, which has introduced a built-in Chat Hub designed to let users interact with AI

n8n adds Chat Hub to centralize AI access inside automation workflows Read More »

French government abandons Zoom and Microsoft Teams over security concerns

EU, France, News, video conferencing /

French government abandons Zoom and Microsoft Teams over security concerns 2026-01-28 at 12:28 By Sinisa Markovic France intends to phase out non-European videoconferencing platforms such as Zoom and Microsoft Teams from its public administration, opting instead for a nationally developed solution due to security considerations. Ending the use of paid software licenses is expected to

French government abandons Zoom and Microsoft Teams over security concerns Read More »

Android just got smarter at stopping snatch-and-run phone thefts

Android, Google, mobile security, News, theft /

Android just got smarter at stopping snatch-and-run phone thefts 2026-01-28 at 09:48 By Sinisa Markovic Google announced updates to the Android theft protection features that expand existing safeguards and make stolen devices harder to use. These updates are available on Android 16 and later. One update builds on Failed Authentication Lock, a feature introduced in

Android just got smarter at stopping snatch-and-run phone thefts Read More »

CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities

CERT, cybersecurity, Don't miss, firmware, GitHub, News, open source, scanning, software /

CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities 2026-01-28 at 09:10 By Sinisa Markovic CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of Unified Extensible Firmware Interface (UEFI) software and identify classes of vulnerabilities that

CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities Read More »

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions

browser, Chrome, cybersecurity, Data Protection, Incogni, News, Privacy, report, risk /

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions 2026-01-28 at 08:15 By Anamarija Pogorelec A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require a high level of browser access. The research was conducted by

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions Read More »

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom

CISO, cybersecurity, Don't miss, GitGuardian, Hot stuff, News, remediation, telecommunications /

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom 2026-01-28 at 08:15 By Help Net Security Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom Read More »

Audits for AI systems that keep changing

Artificial Intelligence, framework, News, standards /

Audits for AI systems that keep changing 2026-01-28 at 07:28 By Anamarija Pogorelec Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity assessment specification (ETSI TS 104 008) describes a different approach, where conformity is evaluated through recurring measurement

Audits for AI systems that keep changing Read More »

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

0-day, Don't miss, firewall, Fortinet, FortiOS, Hot stuff, News, SSO, vulnerability /

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) 2026-01-28 at 02:21 By Zeljka Zorz Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked out

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) Read More »

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses

Blackpoint Cyber, Don't miss, enterprise, Hot stuff, Malware, News, PowerShell, Windows, Windows Server /

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses 2026-01-27 at 17:17 By Zeljka Zorz A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get the Amatera Stealer

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses Read More »

Scroll to Top