Internet Security

Trend Micro fixed a remote code execution in Apex Central

January 9, 2026 add comment
Trend Micro fixed three Apex Central flaws discovered by Tenable that could allow remote code execution or denial-of-service attacks. Trend Micro patched three flaws (CVE-2025-69258, CVE-2025-69259, CVE-2025-69260) in its Apex Central... Read more »

Iran cuts Internet nationwide amid deadly protest crackdown

January 9, 2026 add comment
Iran shut down the internet as protests spread nationwide. Dozens were killed in a violent crackdown amid soaring inflation and a collapsing currency. Iran has shut down the internet... Read more »

China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware

January 9, 2026 add comment
China-linked UAT-7290 has targeted South Asia and Southeastern Europe since 2022, conducting espionage and deploying RushDrop, DriveSwitch, and SilentRaid. China-linked threat actor UAT-7290 has conducted espionage attacks since at... Read more »

Chinese-speaking hackers exploited ESXi zero-days long before disclosure

January 9, 2026 add comment
Chinese-speaking attackers used a hacked SonicWall VPN to deploy ESXi zero-days that were likely exploited over a year before public disclosure. Chinese-speaking attackers were seen abusing a hacked SonicWall... Read more »

Astaroth banking Trojan spreads in Brazil via WhatsApp worm

January 8, 2026 add comment
A WhatsApp worm spread the Astaroth banking trojan across Brazil by automatically sending malicious messages to victims’ contacts. Astaroth, a long-running Brazilian banking malware, has evolved in a new... Read more »

Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability

January 8, 2026 add comment
Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed. Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), in Identity... Read more »

U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog

January 8, 2026 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added HPE... Read more »

China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns

January 8, 2026 add comment
Taiwan says China-linked cyberattacks on its energy sector rose tenfold in 2025, hitting critical infrastructure across nine sectors, with total incidents up 6%. Taiwan reports China-linked cyberattacks on its... Read more »

Ni8mare flaw gives unauthenticated control of n8n instances

January 7, 2026 add comment
A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers uncovered a maximum severity n8n vulnerability, tracked as CVE-2026-21858 (CVSS... Read more »

Misconfigured email routing enables internal-spoofed phishing

January 7, 2026 add comment
Attackers exploit misconfigured email routing to spoof internal emails, using PhaaS platforms like Tycoon2FA to steal credentials. Attackers exploit misconfigured email routing and spoof protections to send phishing emails... Read more »
Subscribe to our Newsletter