25729
🗞 The finest daily news on cybersecurity and privacy. 🔔 Daily releases. 💻 Is your online life secure? 📩 lalilolalo.dev@gmail.com
📔 Remcos RAT Expands Real-Time Surveillance Capabilities 📔New Remcos RAT variant enhances realtime surveillance and evasion techniques to compromise Windows.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Industrial Control System Vulnerabilities Hit Record Highs 📔Forescout paper reveals ICS advisories hit a record 508 in 2025.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🦅 The Week in Vulnerabilities: SolarWinds, Ivanti, and Critical ICS Exposure 🦅 Cyble Research Intelligence Labs CRIL tracked 1,158 vulnerabilities last week. Of these, 251 vulnerabilities already have publicly available ProofofConcept PoC exploits, significantly increasing the likelihood of realworld attacks. A total of 94 vulnerabilities were rated critical under CVSS v3.1, while 43 were rated critical under CVSS v4.0. In parallel, CISA issued 15 ICS advisories covering 87 vulnerabilities affecting industrial environments. These vulnerabilities impacted vendors including Siemens, Yokogawa, AVEVA, Hitachi Energy, ZLAN, ZOLL, and Airleader. Additionally, 8 vulnerabilities were added to CISAs Known Exploited Vulnerabilities KEV catalog, reflecting confirmed exploitation in the wild. The Weeks Top Vulnerabilities CVE202540554 SolarWinds Web Help Des...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
🖋️ From Exposure to Exploitation: How AI Collapses Your Response Window 🖋️Weve all seen this before a developer deploys a new cloud workload and grants overly broad permissions just to keep the sprint moving. An engineer generates a "temporary" API key for testing and forgets to revoke it. In the past, these were minor operational risks, debts youd eventually pay down during a slower cycle. In 2026, Eventually is Now But today, within minutes, AIpowered.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Flaws in Popular Software Development App Extensions Allow Data Exfiltration 📔Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users 🖋️Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that's designed to facilitate device takeover DTO attacks for financial theft. The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications. "This new threat, while.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🌊 From Ambiguous Alert to Fileless Attack: A Banking Security Breach Prevented 🌊See how human expertise identified malicious ViewState code injection hiding in IIS memory before data was compromised. The post From Ambiguous Alert to Fileless Attack A Banking Security Breach Prevented appeared first on UnderDefense.
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
📔 Chinese APT Group Exploits Dell Zero-Day for Two Years 📔Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 AI Assistants Used as Covert Command-and-Control Relays 📔AIs like Grok and Microsoft Copilot can be exploited as covert C2 channels for malware communication.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update 🖋️The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows CVE20262441 CVSS score 8.8 A useafterfree vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ 3 Ways to Start Your Intelligent Workflow Program 🖋️Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isnt enough. 88 of AI proofsofconcept never make it to production, even though 70 of workers cite freeing time for highvalue work as the primary AI automation motivation. Real impact comes.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability 🖋️In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state of continuous atmospheric instability AIdriven threats that adapt in real time, expanding.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution 🖋️Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE20262329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stackbased buffer overflow that could result in remote code.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware 🖋️Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing protests to conduct information theft and longterm espionage. The Acronis Threat Research Unit TRU said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan RAT and.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 Microsoft: Critical Windows Admin Center Flaw Allows Privilege Escalation 🦿A highseverity Windows Admin Center vulnerability CVE202626119 could allow privilege escalation in enterprise environments. Heres what to know and how to mitigate risk. The post Microsoft Critical Windows Admin Center Flaw Allows Privilege Escalation appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🖋️ ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories 🖋️The cyber threat space doesnt pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries often all at the same time. Some developments are headlinelevel. Others sit in the background but carry longterm impact. Together, they shape how defenders need to think about exposure, response, and preparedness right now.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📢 Starkiller: Cyber experts issue warning over new phishing kit that proxies real login pages 📢The Starkiller package comes monthly framework updates and documentation, meaning no technical ability is needed.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📔 Starkiller: New ‘Commercial-Grade’ Phishing Kit Bypasses MFA 📔A new cybercriminal toolkit uses proxies to mimic popular online services and represents a significant escalation in phishing infrastructure, warn researchers at Abnormal.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📢 Using AI to generate passwords is a terrible idea, experts warn 📢Researchers have warned the use of AIgenerated passwords puts users and businesses at risk.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🦅 India’s AI Revolution: Why This Is India’s Most Significant Moment 🦅 By Beenu Arora, CoFounder and CEO, Cyble I believe we're witnessing the most significant event India has ever experienced. The nation stands at the cusp of a major global shift, and I want to share why I'm so bullish about India's role in the AI revolutionand the critical security challenges we must address together. India Right Place, Right Time No country will prosper without making significant changes in their AI capabilities. India is uniquely positioned to lead this transformation. We've already pioneered the entire FinTech ecosystem, processing payments for more than half a billion people globally. This foundation puts India at the perfect intersection of technological capability and market opportunity to ride the AI wave. httpswww.youtube.comwatch?v9WVlAzrhN0k ...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
📔 Researchers Reveal Six New OpenClaw Vulnerabilities 📔Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🌊 Business Development Representative for Channels 🌊The post Business Development Representative for Channels appeared first on UnderDefense.
📖 Read more.
🔗 Via "UnderDefense"
----------
👁️ Seen on @cibsecurity
📔 Record Number of Ransomware Victims and Groups in 2025 📔Searchlight Cyber reports a 30 annual increase in ransomware victim numbers in 2025.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📔 Cryptojacking Campaign Exploits Driver to Boost Monero Mining 📔Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware 🖋️Notepad has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design that aims to make the update process "robust and effectively unexploitable." This includes verification.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 🖋️A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zeroday by a suspected Chinanexus threat cluster dubbed UNC6201 since mid2024, according to a new report from Google Mandiant and Google Threat Intelligence Group GTIG. The activity involves the exploitation of CVE202622769 CVSS score 10.0, a case of hardcoded credentials.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs 🖋️Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code VS Code extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist’s Phone in Police Custody 🖋️New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident's phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto's Munk School of Global Affairs Public.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 Substack Breach May Have Leaked Nearly 700,000 User Details Online 🦿Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online. The post Substack Breach May Have Leaked Nearly 700,000 User Details Online appeared first on TechRepublic.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📢 Ransomware protection for all: How consumption-based subscription models can lower the entry point for cyber resilience 📢Consumptionbased immutable backup makes enterprisegrade ransomware resilience affordable to all.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity