Author: PulauWin

CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures

January 24, 2026 add comment
Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser... Read more »
Internet Security

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

January 24, 2026 add comment
Critical telnetd flaw CVE-2026-24061 (CVSS 9.8) affects all GNU InetUtils versions 1.9.3–2.7 and went unnoticed for nearly 11 years. A critical vulnerability, tracked as CVE-2026-24061 (CVSS score of 9.8),... Read more »

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

January 23, 2026 add comment
Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution. The most severe of the... Read more »
Security of TechRepublic

Data Leak Exposes 149M Logins, Including Gmail, Facebook

January 23, 2026 add comment
A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft. The post Data Leak Exposes 149M Logins, Including Gmail, Facebook appeared first on... Read more »
Internet Security

Fortinet warns of active FortiCloud SSO bypass affecting updated devices

January 23, 2026 add comment
Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even fully patched devices, similar to recent SSO flaws. Fortinet confirmed attacks bypass FortiCloud SSO on fully patched devices. Threat... Read more »
IT Security

US punts renewal of threat data sharing law to September

January 23, 2026 add comment
US lawmakers have extended the Cybersecurity Information Sharing Act of 2015 for another nine months, buying time to enact a replacement for the legislation. Read more »
Security of TechRepublic

Okta Uncovers Custom Phishing Kits Built for Vishing Callers

January 23, 2026 add comment
They can intercept user credentials while providing real-time context that helps attackers convince victims to approve MFA challenges during phone calls.. The post Okta Uncovers Custom Phishing Kits Built... Read more »
Help Net Security

Okta users under attack: Modern phishing kits are turbocharging vishing attacks

January 23, 2026 add comment
Threat actors who specialize in vishing (i.e., voice phishing) have started using phishing kits that can intercept targets’ login credentials while also allowing attackers to control the authentication flow... Read more »
Internet Security

U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

January 23, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog. The... Read more »
Help Net Security

1Password targets AI-driven phishing with built-in prevention

January 23, 2026 add comment
To help reduce phishing risk, 1Password added an extra layer of protection and began rolling out a phishing prevention feature designed to stop users before they share passwords with... Read more »
Subscribe to our Newsletter