Security News

'Damn Vulnerable' Training Apps Leave Vendors' Clouds Exposed

Hackers are already leveraging these over-permissioned programs to access the IT systems of major security vendors.

Webinar: How Smart MSSPs Using AI to Boost Margins with Half the Staff

Every managed security provider is chasing the same problem in 2026 — too many alerts, too few analysts, and clients demanding “CISO-level protection” at SMB budgets. The truth? Most MSSPs are running harder, not smarter. And it’s breaking their margins. That’s where the quiet revolution is happening: AI isn’t just writing reports or surfacing risks — it’s rebuilding how security services are

Automatic Script Execution In Visual Studio Code, (Wed, Jan 21st)

Visual Studio Code is a popular open-source code editor[1]. But it&#x27s much more than a simple editor, it&#x27s a complete development platform that supports many languages and it is available on multiple platforms. Used by developers worldwide, it&#x27s a juicy target for threat actors because it can be extended with extensions.

ISC Stormcast For Wednesday, January 21st, 2026 https://isc.sans.edu/podcastdetail/9774, (Wed, Jan 21st)

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a Python-based RAT.

Mass Spam Attacks Leverage Zendesk Instances

The CRM vendor advised ignoring or deleting suspicious emails and said the attacks were not tied to any breach or software vulnerability.

Kimwolf Botnet Lurking in Corporate, Govt. Networks

A new Internet-of-Things botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf's ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations, and new research reveals Kimwolf is surprisingly prevalent in government and corporate networks.

Vulnerabilities Threaten to Break Chainlit AI Framework

Familiar bugs in a popular open source framework for AI chatbots could give attackers dangerous powers in the cloud.

Google Gemini Flaw Turns Calendar Invites Into Attack Vector

The indirect prompt injection vulnerability allows an attacker to weaponize invites to circumvent Google's privacy controls and access private data.

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

Researchers found the popular model context protocol (MCP) servers, which are integral components of AI services, carry serious vulnerabilities.

Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th)

IDNs or “International Domain Names” have been with us for a while now (see RFC3490[1]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between:

ISC Stormcast For Tuesday, January 20th, 2026 https://isc.sans.edu/podcastdetail/9772, (Tue, Jan 20th)

ChatGPT Health Raises Big Security, Safety Concerns

ChatGPT Health promises robust data protection, but elements of the rollout raise big questions regarding user security and safety.

"How many states are there in the United States?", (Sun, Jan 18th)

I&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;ve seen many API requests for different LLMs in the honeypot logs.

Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union's Most Wanted and INTERPOL's Red Notice lists, authorities

Wireshark 4.6.3 Released, (Sat, Jan 17th)

Wireshark release 4.6.3 fixes 4 vulnerabilities and 9 bugs.

OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans

OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription globally. "You need to know that your data and conversations are protected and never sold to advertisers," OpenAI said. "And we need to keep a high bar and give

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses.

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. "The actor creates a malformed archive as an anti-analysis technique," Expel security researcher Aaron Walton said in a report shared with The Hacker News. "That is, many unarchiving tools

CISOs Rise to Prominence: Security Leaders Join the Executive Suite

Security professionals are moving up the executive ranks as enterprises face rising regulatory and compliance standards.