Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot…
Technology
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
Ravie LakshmananJan 28, 2026Critical Infrastructure / Threat Intelligence The “coordinated” cyber attack targeting multiple sites across…
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Ravie LakshmananJan 28, 2026Vulnerability / Open Source A critical sandbox escape vulnerability has been disclosed in…
Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution
Ravie LakshmananJan 28, 2026Vulnerability / Workflow Automation Cybersecurity researchers have disclosed two new security flaws in…
Password Reuse in Disguise: An Often-Missed Risky Workaround
When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware,…
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
Ravie LakshmananJan 28, 2026Network Security / Zero-Day Fortinet has begun releasing security updates to address a…
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Ravie LakshmananJan 27, 2026Web Security / Malware Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework…
Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas
Ravie LakshmananJan 27, 2026Vulnerability / Cloud Security A critical security flaw has been disclosed in Grist‑Core,…
Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities
Ravie LakshmananJan 27, 2026Threat Intelligence / Cyber Espionage Indian government entities have been targeted in two…
WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware
Ravie LakshmananJan 27, 2026Mobile Security / Spyware Meta on Tuesday announced it’s adding Strict Account Settings…