Aggregator

The North Korean threat group is using a new PowerShell backdoor to compromise development environments and target cryptocurrency holdings, according to researchers.

Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers. The extensions, which have 1.5 million combined installs and are still available for download from the official Visual Studio

一项研究发现，Google AI Overviews 回答健康问题时引用 YouTube 的次数超过了任何医学网站。Google 曾表示，AI Overviews 生成的摘要是可靠的，会引用权威医疗机构如疾控中心（CDC）等作为信息来源。SE Ranking 研究人员分析了柏林地区逾 5 万次健康查询结果，发现最主要的信息源是 YouTube。YouTube 占到总引用次数的 4.43%，没有医疗机构或医学机构的引用接近这一比例。在总共 465,823 次引用中，YouTube 高达 20,621 次。 Google 对此表示，研究使用了德语进行搜索，因此其结果并不能推广到其它地区。

Anduril поставит более 600 ударных дронов Bolt-M Корпусу морской пехоты США.

A major cyberattack that nearly cut electricity to half-a-million people in Poland last year was reportedly carried out by the Russia-linked hacking group Sandworm, which likely attempted to knock out systems using wiper malware.

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils telnetd server. [...]

Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyHunters claimed to steal over 2 million personal records from its systems. The group leaked a 402 MB compressed archive on their website due to a failed extortion […]

Currently trending CVE - Hype Score: 3 - Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

2026 年 1 月 ，一款酝酿 14 年的产品亮相 :NexPhone，既能运行安卓 16，按需启动 Lin

A major accounting firm in the Netherlands has reportedly become the latest victim of Nova, an active ransomware operation. The breach was discovered and indexed by ransomware live on January 23, 2026, with the estimated attack date coinciding with the discovery date. The attackers claim to have exfiltrated sensitive data and have issued a 10-day […]

The post Nova Ransomware Allegedly Claiming Breach of KPMG Netherlands appeared first on Cyber Security News.

Apple has released a new version of its AirTag tracking accessory that extends its connectivity range and improves how items are located. The updated AirTag uses a second-generation Ultra Wideband chip, similar to the chip in the iPhone 17 lineup, to increase the distance at which Precision Finding can guide users to a lost item. Apple said the device can guide a user from up to 50 percent farther away than the previous model using … More →

The post Apple updates AirTag with expanded range and improved findability appeared first on Help Net Security.

A vulnerability classified as critical has been found in iJason-Liu Books_Manager up to 298ba736387ca37810466349af13a0fdf828e99c. This vulnerability affects unknown code of the file controllers/books_center/upload_bookCover.php. Performing a manipulation of the argument book_cover results in unrestricted upload. This vulnerability was named CVE-2026-1445. The attack may be initiated remotely. In addition, an exploit is available. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

Okta misconfigurations can quietly weaken identity security as SaaS environments evolve. Nudge Security shows six Okta security settings teams often overlook and how to fix them. [...]

Fortra researchers have discovered a new SEO poisoning operation known as “HaxorSEO”

A vulnerability described as problematic has been identified in iJason-Liu Books_Manager up to 298ba736387ca37810466349af13a0fdf828e99c. This affects an unknown part of the file controllers/books_center/add_book_check.php. Such manipulation of the argument mark leads to cross site scripting. This vulnerability is uniquely identified as CVE-2026-1444. The attack can be launched remotely. Moreover, an exploit is present. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

A critical authentication bypass vulnerability in the telnetd component of GNU Inetutils has exposed approximately 800,000 internet-accessible Telnet instances to unauthenticated remote code execution (RCE). Tracked as CVE-2026-24061 with a CVSS score of 9.8, the flaw allows attackers to gain root-level access without valid credentials, posing a severe risk to exposed infrastructure worldwide. Vulnerability Details […]

The post 800K+ Telnet Servers Exposed to RCE Attacks – PoC Released appeared first on Cyber Security News.

Submit #736971 / VDB-342874

Police seized devices and cryptocurrency in multiple raids aimed at an alleged assassins-for-hire platform, Romanian authorities said.

The European Commission has opened a new formal investigation into X under the Digital Services Act over risks linked to the deployment of its AI tool Grok in the EU. Regulators are examining whether X properly assessed and mitigated risks tied to the spread of illegal content following Grok’s introduction on the platform. The content under scrutiny includes manipulated sexually explicit images and material that may amount to child sexual abuse content. The Commission states … More →

The post EU opens new investigation into Grok on X appeared first on Help Net Security.

Специалисты восстановили форматы BIOS по «отпечаткам пальцев» и открытым данным.