All Recent Posts

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

January 7, 2026 add comment
The Chinese hacking group known as Mustang Panda (aka HoneyMyte) has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a... Read more »
Help Net Security

When AI agents interact, risk can emerge without warning

January 7, 2026 add comment
System level risks can arise when AI agents interact over time, according to new research that examines how collective behavior forms inside multi agent systems. The study finds that... Read more »
Help Net Security

What European security teams are struggling to operationalize

January 7, 2026 add comment
European security and compliance teams spend a lot of time talking about regulation. A new forecast report from Kiteworks suggests the harder problem sits elsewhere. According to the report,... Read more »
Help Net Security

Gen AI data violations more than double

January 7, 2026 add comment
Security teams track activity that moves well beyond traditional SaaS platforms, with employees interacting daily with generative AI tools, personal cloud services, and automated systems that exchange data without... Read more »
Help Net Security

Identity security planning for 2026 is shifting under pressure

January 7, 2026 add comment
Identity security planning is becoming more focused on scale, governance, and operational strain, according to the Identity Security Outlook 2026 report. The ManageEngine research draws on responses from 515... Read more »
The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

January 7, 2026 add comment
A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The vulnerability, tracked... Read more »
Internet Security

CERT/CC warns of critical, unfixed vulnerability in TOTOLINK EX200

January 6, 2026 add comment
CERT/CC disclosed an unpatched flaw in the TOTOLINK EX200 that allows a remote authenticated attacker to fully compromise the device. CERT/CC warns of an unpatched vulnerability, tracked as CVE-2025-65606,... Read more »
Internet Security

Google fixes critical Dolby Decoder bug in Android January update

January 6, 2026 add comment
Android’s January 2026 update fixes CVE-2025-54957, a critical Dolby audio decoder flaw discovered by Google researchers in October 2025. A critical Dolby audio decoder vulnerability, tracked as CVE-2025-54957, was... Read more »

Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors

January 6, 2026 add comment
In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub,... Read more »
Internet Security

Resecurity Went on the Cyber Offensive – When ‘Shiny Objects’ trick ‘Shiny Hunters’

January 6, 2026 add comment
Resecurity released 105 pages with 1,000+ messages tied to hacker John Erin Binns, detailing contacts with an unnamed woman in Turkey and an associate called “S.M.” Resecurity released 105... Read more »
Subscribe to our Newsletter