When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware,…
Technology
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
Ravie LakshmananJan 28, 2026Network Security / Zero-Day Fortinet has begun releasing security updates to address a…
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Ravie LakshmananJan 27, 2026Web Security / Malware Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework…
Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas
Ravie LakshmananJan 27, 2026Vulnerability / Cloud Security A critical security flaw has been disclosed in Grist‑Core,…
Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities
Ravie LakshmananJan 27, 2026Threat Intelligence / Cyber Espionage Indian government entities have been targeted in two…
WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware
Ravie LakshmananJan 27, 2026Mobile Security / Spyware Meta on Tuesday announced it’s adding Strict Account Settings…
Samsung’s TriFold phone will cost $2,899 in the US
Samsung announced on Tuesday that its Galaxy Z TriFold smartphone will go on sale January 30…
ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services
Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a…
Prioritization, Validation, and Outcomes That Matter
The Hacker NewsJan 27, 2026Attack Surface Management / Cyber Risk Cybersecurity teams increasingly want to move…
Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation
Ravie LakshmananJan 27, 2026Zero-Day / Vulnerability Microsoft on Monday issued out-of-band security patches for a high-severity…