Author: PulauWin

The Hacker News

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

January 7, 2026 add comment
Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have been sent... Read more »
Security of TechRepublic

Critical macOS Flaw Lets Attackers Bypass Apple Privacy Controls Without Consent

January 7, 2026 add comment
A newly disclosed macOS vulnerability bypasses Apple’s TCC privacy controls, allowing silent access to files, microphone data, and user activity. The post Critical macOS Flaw Lets Attackers Bypass Apple... Read more »
Internet Security

Misconfigured email routing enables internal-spoofed phishing

January 7, 2026 add comment
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails... Read more »
Security of TechRepublic

UK Launches £210M Cyber Action Plan

January 7, 2026 add comment
At the heart of this plan sits a new Government Cyber Unit, designed to coordinate the UK’s scattered cybersecurity efforts into a unified force. The post UK Launches £210M... Read more »
Help Net Security

UK announces grand plan to secure online public services

January 7, 2026 add comment
The UK has announced a new Government Cyber Action Plan aimed at making online public services more secure and resilient, and has allocated £210 million (approximately $283 million) to... Read more »
The Hacker News

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

January 7, 2026 add comment
The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. “This organization... Read more »
Internet Security

Veeam resolves CVSS 9.0 RCE flaw and other security issues

January 7, 2026 add comment
Veeam patched a critical RCE flaw in Backup & Replication, CVE-2025-59470, rated CVSS 9.0, along with other vulnerabilities. Veeam released patches for multiple Backup & Replication flaws, including a... Read more »
Help Net Security

Debian seeks volunteers to rebuild its data protection team

January 7, 2026 add comment
The Debian Project is asking for volunteers to step in after its Data Protection Team became inactive. All three members of the team stepped down at the same time,... Read more »
Help Net Security

Fake Booking.com emails and BSODs used to infect hospitality staff

January 7, 2026 add comment
Suspected Russian attackers are targeting the hospitality sector with fake Booking.com emails and a fake “Blue Screen of Death” to deliver the DCRat malware. The malware delivery campaign starts... Read more »
Internet Security

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

January 7, 2026 add comment
Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2026-0625... Read more »
Subscribe to our Newsletter