Cyber Security News

Google has issued its January 2026 Android Security Bulletin, urging users to update to the 2026-01-05 patch level or later to mitigate a critical vulnerability in Dolby components. The standout issue, CVE-2025-54957, targets the Dolby Digital Plus (DD+) codec and could enable out-of-bounds memory writes on affected Android devices. At the heart of this flaw […]

The post Critical Dolby Codec Vulnerability Exposes Android Devices to Code Execution Attacks appeared first on Cyber Security News.

NordVPN has firmly rejected claims of a data breach after a threat actor surfaced alleged stolen data on a dark web breach forum, purporting to expose the VPN provider’s Salesforce development server. The incident, first spotted on January 4, underscores the rising tide of unsubstantiated leak claims in underground forums, where actors often peddle fabricated […]

The post NordVPN Denies Data Breach Following Threat Actor Claim on Dark Web appeared first on Cyber Security News.

Microsoft’s aggressive push to integrate artificial intelligence features into Windows 11 has prompted developers to create the RemoveWindowsAI project. An open-source tool designed to remove or disable unwanted AI components from the operating system. RemoveWindowsAI is a community-driven utility available on GitHub that gives users granular control over AI features in Windows 11. The tool […]

The post New Tool to Remove Copilot, Recall and Other AI Tools From Windows 11 appeared first on Cyber Security News.

As we head into 2026, the cybersecurity landscape is evolving in ways that actually favor the defenders. The threat trends we’re seeing aren’t just challenges. They are catalysts pushing SOCs to become smarter, more efficient, and more aligned with business goals than ever before.  Forward-thinking leaders are already embracing advanced threat intelligence to turn potential headaches into strategic advantages. Solutions like ANY.RUN’s Threat Intelligence Feeds, powered […]

The post How Threat Intelligence Will Change Cybersecurity in 2026 appeared first on Cyber Security News.

The holiday season has brought with it a surge in sophisticated phishing attacks that combine two dangerous tactics: credential harvesting through spoofed Docusign notifications and identity theft through fake loan application forms. These coordinated campaigns exploit the seasonal chaos of overloaded inboxes and financial stress that peaks during Christmas and the New Year period. Threat […]

The post Christmas Phishing Surge Chains Docusign Spoofing with Identity Theft Questionnaires appeared first on Cyber Security News.

A dangerous malware campaign has emerged across Central and Eastern Europe, causing widespread concern among cybersecurity professionals and organizations. CloudEyE, a Malware-as-a-Service downloader and cryptor, has rapidly gained traction among threat actors seeking to distribute other harmful malware payloads. In the second half of 2025, security researchers detected this threat at an alarming scale, marking […]

The post CloudEyE MaaS Downloader and Cryptor Infects 100,000+ Users Worldwide appeared first on Cyber Security News.

A critical vulnerability has been discovered in n8n, the popular open-source workflow automation platform, enabling authenticated attackers to execute arbitrary commands on host systems. The vulnerability, tracked as CVE-2025-68668, has been assigned a severe CVSS score of 9.9 out of 10, underscoring its high severity.​ The security weakness stems from a sandbox-bypass issue in n8n’s Python […]

The post New Critical n8n Vulnerability Allow Attackers to Execute Arbitrary Commands appeared first on Cyber Security News.

A critical security vulnerability in macOS has been discovered that enables attackers to completely bypass Transparency, Consent, and Control (TCC) protections. Apple’s primary defense mechanism for preventing unauthorized access to sensitive user data is the use of the microphone, camera, and documents. The vulnerability, tracked as CVE-2025-43530, exploits a flaw in the VoiceOver screen reader framework […]

The post New macOS TCC Bypass Vulnerability Allow Attackers to Access Sensitive User Data appeared first on Cyber Security News.

A sophisticated malware campaign called PHALTBLYX has emerged, combining social engineering deception with advanced evasion techniques to compromise hospitality sector organizations. The attack chain begins with phishing emails impersonating Booking.com, featuring urgent reservation cancellation alerts with large financial charges displayed in euros. These messages direct victims to fake Booking.com websites that appear visually identical to […]

The post New ClickFix Attack Uses Fake Windows BSOD Screens to Trick Users into Executing Malicious Code appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a dangerous new phishing campaign that tricks users into surrendering their credentials by impersonating legitimate Google support and notifications. The attack combines vishing (voice phishing), spoofed domains, and Google’s own trusted infrastructure to achieve exceptional success rates against organizations worldwide. The attack employs a multi-layered social engineering approach. Threat actors initiate […]

The post New Sophisticated Phishing Attack Mimic as Google Support to Steal Logins appeared first on Cyber Security News.

A threat actor operating under the moniker “RedTeam” has begun advertising a new brute-force attack tool, “Brutus,” designed to target Fortinet services, according to recent dark web intelligence. The tool is priced at $1,500, signaling growing interest in automated credential-stuffing attacks against enterprise infrastructure. Brutus is engineered to attack multiple remote access protocols, making it […]

The post Threat Actors Allegedly Promoting New ‘Brutus’ Brute-Force Tool Targeting Fortinet Services appeared first on Cyber Security News.

Endpoint management has become essential for modern IT, securing and optimizing devices across hybrid and remote environments. With distributed workforces expanding, demand for robust endpoint management tools reaches new heights in 2026. This guide ranks the top 20 endpoint management tools for 2026, detailing specs, standout features, compelling reasons to choose each, and ideal deployment […]

The post Top 20 Best Endpoint Management Tools – 2026 appeared first on Cyber Security News.

Dozens of major global enterprises have been breached through a surprisingly simple yet devastating attack vector: stolen credentials extracted from infostealer malware. A threat actor operating under the nickname “Zestix” and his alias “Sentap” has been systematically accessing corporate cloud storage platforms, including ShareFile, Nextcloud, and OwnCloud, belonging to approximately 50 international organizations. The breaches […]

The post Threat Actors Hacked Global Companies via Leaked Cloud Credentials from Infostealer Infections appeared first on Cyber Security News.

Cybercriminals have shifted their approach to infiltration. Rather than launching quick attacks, they now work silently within networks, stealing important information, and waiting weeks or months before striking. This is exactly what happened in a recent attack discovered by Morphisec Threat Labs targeting a major U.S. real estate company. This was not a common phishing […]

The post Stealthy Tuoni C2 Malware Targets Major U.S. Real Estate Firm with AI-Enhanced Tactics appeared first on Cyber Security News.

Ransomware file decryptors are critical for victims reclaiming encrypted data without funding attackers, leveraging leaked keys, algorithmic flaws, or offline cracking techniques. The No More Ransom initiative backed by law enforcement, vendors, and researchers hosts 170+ free tools covering 150+ strains as of 2025, from legacy LockBit variants to new RansomHub and BlackCat evolutions. Key […]

The post 10 Best Ransomware File Decryptor Tools – 2026 appeared first on Cyber Security News.

The notorious Scattered Lapsus$ Hunters threat group has returned to active operations after a period of silence following their high-profile supply chain attack targeting Salesforce third-party integrations, including Gainsight and Salesloft. Recent activity observed across underground Telegram channels and credential-trading forums shows the collective has rebuilt its operational structure and launched an aggressive recruitment campaign […]

The post Scattered Lapsus$ Hunters Resurface with New RaaS Platform ‘ShinySp1d3r’ and Aggressive Insider Recruitment appeared first on Cyber Security News.

If you’re evaluating cybersecurity solutions in 2026, it’s easy to feel overwhelmed by the sheer number of options available. Cyberattacks are not only more frequent than ever, but also increasingly sophisticated. At the same time, countless security vendors claim to offer comprehensive protection for your business, its data, and its customers often with similar messaging […]

The post Top 5 Best Cybersecurity Companies Leading The Industry Right Now in 2026 appeared first on Cyber Security News.

Blockchain intelligence firm TRM Labs has traced over $35 million in stolen cryptocurrency to the 2022 LastPass breach, revealing a sophisticated Russian cybercriminal laundering operation that remains active into 2025. In 2022, hackers breached LastPass and stole encrypted password vaults containing the credentials of roughly 30 million users worldwide. Although the vaults were encrypted, attackers […]

The post $35M Cryptocurrency Theft Linked to LastPass Password Manager DataBreach appeared first on Cyber Security News.

WhatsApp’s multi-device encryption protocol has long leaked metadata, allowing attackers to fingerprint users’ device operating systems, aiding targeted malware delivery. Recent research highlights partial fixes by Meta, but transparency issues persist. Meta’s WhatsApp, with over 3 billion monthly active users, uses end-to-end encryption (E2EE) for message security; however, its multi-device feature reveals device information. In […]

The post WhatsApp Vulnerabilities Leaks User’s Metadata Including Device’s Operating System appeared first on Cyber Security News.

Google has announced that Gmail will discontinue support for two key features regarding third-party email accounts. Starting in January 2026, the platform will drop support for “Gmailify” and the widely utilized “Check mail from other accounts” feature via POP3 fetching. For over a decade, power users have relied on Gmail not just as an email […]

The post Gmail to Discontinue POP3 Mail Fetching for External Email Accounts appeared first on Cyber Security News.