Internet Security

Emergency Microsoft update fixes in-the-wild Office zero-day

January 26, 2026 add comment
Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 2016–2024 and Microsoft 365 Apps. Microsoft released out-of-band security updates to address an actively exploited... Read more »

ShinyHunters claims 2 Million Crunchbase records; company confirms breach

January 26, 2026 add comment
Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyHunters claimed... Read more »

Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint

January 26, 2026 add comment
Microsoft warns of a multi-stage phishing and BEC campaign hitting energy firms, abusing SharePoint links and inbox rules to steal credentials. Microsoft reports an active multi-stage phishing campaign targeting... Read more »

North Korea–linked KONNI uses AI to build stealthy malware tooling

January 26, 2026 add comment
Check Point links an active phishing campaign to North Korea–aligned KONNI, targeting developers with fake blockchain project docs and using an AI-written PowerShell backdoor. Check Point Research uncovered an... Read more »

Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid

January 26, 2026 add comment
Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025. ESET linked a late-2025 cyberattack on Poland’s energy system to... Read more »

Nike is investigating a possible data breach, after WorldLeaks claims

January 25, 2026 add comment
Nike is investigating a possible cyber incident after the WorldLeaks group claimed it stole data from the company’s systems. Nike is probing a potential security breach after the WorldLeaks... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 81

January 25, 2026 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter UNO reverse card: stealing cookies from cookie stealers ... Read more »

Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION

January 25, 2026 add comment
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new... Read more »

Osiris ransomware emerges, leveraging BYOVD technique to kill security tools

January 24, 2026 add comment
Researchers identified a new Osiris ransomware used in a November 2025 attack, abusing the POORTRY driver via BYOVD to disable security tools. Symantec and Carbon Black researchers uncovered a... Read more »

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

January 24, 2026 add comment
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Broadcom VMware vCenter to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a... Read more »
Subscribe to our Newsletter