Internet Security

SolarWinds addressed four critical Web Help Desk flaws

January 29, 2026 add comment
SolarWinds patched six Web Help Desk vulnerabilities, including four critical flaws exploitable without authentication for RCE or auth bypass. SolarWinds released security updates to address six Web Help Desk... Read more »

Google targets IPIDEA in crackdown on global residential proxy networks

January 29, 2026 add comment
Google disrupted IPIDEA, a major residential proxy network that enrolled users’ devices via SDKs embedded in mobile and desktop apps. Google and partners disrupted the IPIDEA residential proxy network,... Read more »

Nation-state and criminal actors leverage WinRAR flaw in attacks

January 29, 2026 add comment
Multiple threat actors exploited a now-patched critical WinRAR flaw to gain initial access and deliver various malicious payloads. Google Threat Intelligence Group (GTIG) revealed that multiple threat actors, including... Read more »

OpenSSL issued security updates to fix 12 flaws, including Remote Code Execution

January 29, 2026 add comment
OpenSSL released security updates that address 12 flaws, including a high-severity remote code execution vulnerability. OpenSSL issued security updates fixing 12 vulnerabilities in the open-source cryptographic library, including a... Read more »

Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858)

January 28, 2026 add comment
Fortinet released fixes for a critical FortiOS SSO auth bypass (CVE-2026-24858) actively exploited, impacting FortiOS, FortiManager, and FortiAnalyzer. Fortinet started rolling out patches for a critical FortiOS flaw under... Read more »

PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun

January 28, 2026 add comment
Koi researchers found “PackageGate” flaws in NPM, PNPM, VLT, and Bun that let attackers perform supply chain attacks and run malicious code. Security firm Koi uncovered a set of... Read more »

WhatsApp rolls out Strict Account settings to strengthen protection for high-risk users

January 27, 2026 add comment
Meta announced new Strict Account Settings on WhatsApp to better protect high-risk users from advanced cyber attacks. Meta announced new Strict Account Settings on WhatsApp to enhance the security... Read more »

Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

January 27, 2026 add comment
Shadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw. Nonprofit security organization Shadowserver reported that over 6,000 SmarterMail servers are exposed... Read more »

U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

January 27, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security... Read more »

Amnesia RAT deployed in multi-stage phishing attacks against Russian users

January 27, 2026 add comment
A multi-stage phishing campaign targets users in Russia with ransomware and Amnesia RAT using fake business documents as lures. FortiGuard Labs researchers uncovered a multi-stage malware campaign mainly targeting... Read more »
Subscribe to our Newsletter