WorldLeaks Extortion Group Claims It Stole 1.4TB of Nike Data
The sportswear brand is investigating an alleged breach of its network that exposed some 188,347 files of highly sensitive corporate data.
Aggregator
WorldLeaks Extortion Group Claims It Stole 1.4TB of Nike Data
2 months 3 weeks ago
The sportswear brand is investigating an alleged breach of its network that exposed some 188,347 files of highly sensitive corporate data.
Elizabeth Montalbano, Contributing Writer
Critical sandbox escape flaw found in popular vm2 NodeJS library
2 months 3 weeks ago
A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. [...]
Bill Toulas
Величайший промах Томаса Эдисона: учёный создал графен ещё в 1879 году, но принял его за сажу
2 months 3 weeks ago
Оказывается, суперматериал XXI века варился еще в викторианских котлах.
US charges 31 more suspects linked to ATM malware attacks
2 months 3 weeks ago
A Nebraska federal grand jury charged 31 additional defendants for their involvement in an ATM jackpotting operation allegedly orchestrated by members of the Venezuelan gang Tren de Aragua. [...]
Sergiu Gatlan
G_Wagon npm Package Attacking Users to Exfiltrates Browser Credentials using Obfuscated Payload
2 months 3 weeks ago
On January 23rd, 2026, security researchers discovered a dangerous npm package named ansi-universal-ui that disguised itself as a legitimate user interface component library. The deceptive package description claimed to offer a lightweight UI system for modern web applications. However, beneath this innocent facade lay G_Wagon, a highly sophisticated multi-stage information stealer designed to harvest sensitive […]
The post G_Wagon npm Package Attacking Users to Exfiltrates Browser Credentials using Obfuscated Payload appeared first on Cyber Security News.
Tushar Subhra Dutta
Dozens more are charged in Ploutus ATM jackpotting conspiracy
2 months 3 weeks ago
The Justice Department has said that between February 2024 and December 2025, the gang stole at least $5.4 million from at least 63 ATMs, most of which belonged to credit unions.
New Zealand E-commerce Store CMS Admin Access Allegedly for Sale with Active Payment Redirect
2 months 3 weeks ago
New Zealand E-commerce Store CMS Admin Access Allegedly for Sale with Active Payment Redirect
Dark Web Informer
Это не баг, это JScript. Почему ваш антивирус бесполезен против новых китайских закладок
2 months 3 weeks ago
Путь к данным государственной важности оказался гораздо короче, чем предполагали аналитики.
Pear
2 months 3 weeks ago
You must login to view this content
cohenido
GENESIS
2 months 3 weeks ago
You must login to view this content
cohenido
Hackers Using Teams to Deliver Malicious Content Posing as Microsoft Services
2 months 3 weeks ago
A sophisticated phishing campaign has been identified in which threat actors are abusing legitimate Microsoft Teams functionality to distribute malicious content that appears to originate from trusted Microsoft services. By leveraging the platform’s “Invite a Guest” feature and crafting deceptive team names, attackers are bypassing traditional email security controls to deliver fraudulent billing notifications directly […]
The post Hackers Using Teams to Deliver Malicious Content Posing as Microsoft Services appeared first on Cyber Security News.
Guru Baran
Canva, Atlassian, Epic Games Among the 100+ Enterprises Targeted by ShinyHunters Group
2 months 3 weeks ago
A major identity-theft operation is now targeting over 100 high-value organizations across multiple industries. The threat comes from SLSH, a dangerous alliance combining the tactics of Scattered Spider, LAPSUS$, and ShinyHunters. Unlike typical automated attacks, this campaign uses real people calling your employees while simultaneously running fake login pages that look exactly like your company’s […]
The post Canva, Atlassian, Epic Games Among the 100+ Enterprises Targeted by ShinyHunters Group appeared first on Cyber Security News.
Tushar Subhra Dutta
Webinar | Seeing the Why: How Agentic AI Brings Context and Confidence to Compliance and Security Decisions
2 months 3 weeks ago
Webinar | Seeing the Why: How Agentic AI Brings Context and Confidence to Compliance and Security Decisions
2 months 3 weeks ago
Unauthorized RDP Access to Spanish Business Services Organization Allegedly for Sale with Domain Admin Privileges
2 months 3 weeks ago
Unauthorized RDP Access to Spanish Business Services Organization Allegedly for Sale with Domain Admin Privileges
Dark Web Informer
PeckBirdy Framework Tied to China-Aligned Cyber Campaigns
2 months 3 weeks ago
PeckBirdy command-and-control framework targeting gambling, government sectors in Asia since 2023 has been linked to China-aligned APTs
SecWiki News 2026-01-27 Review
2 months 3 weeks ago
今日暂未更新资讯~
更多最新文章,请访问SecWiki
更多最新文章,请访问SecWiki
【资料】开源情报(OSINT)2025现状
2 months 3 weeks ago
《2025年开源情报(OSINT)现状报告》由Blackdot Solutions发布,基于对全球131名调查人员的调查,深入分析了OSINT在各行业的应用现状、面临的挑战、培训情况、工具使用以及人工智能(AI)对未来的影响。
Attackers Exploiting React2Shell Vulnerability to Attack IT Sectors
2 months 3 weeks ago
Threat actors have started targeting companies in the insurance, e-commerce, and IT sectors through a critical vulnerability tracked as CVE-2025-55182, commonly known as React2Shell. This flaw exists in the Flight protocol that handles client-server communication for React Server Components, allowing attackers to run unauthorized code on vulnerable servers. The vulnerability originates from insecure deserialization, where […]
The post Attackers Exploiting React2Shell Vulnerability to Attack IT Sectors appeared first on Cyber Security News.
Tushar Subhra Dutta