Cyber Security News

A high-severity vulnerability in Windows Admin Center’s Azure Single Sign-On implementation has exposed Azure virtual machines and Arc-connected systems to unauthorized access across entire tenants. Cymulate Research Labs discovered the flaw, now tracked as CVE-2026-20965, which demonstrates how improper token validation can collapse security boundaries between individual machines and complete Azure environments. Microsoft patched the […]

The post Azure Identity Token Vulnerability Enables Tenant-Wide Compromise in Windows Admin Center appeared first on Cyber Security News.

Cloudflare, the San Francisco-based cybersecurity and internet infrastructure giant, has acquired Human Native, a UK-based AI data marketplace. The deal aims to empower content creators with control over their data in the generative AI era, addressing rising tensions around web scraping and bot traffic. Human Native specializes in converting unstructured multimedia videos, articles, and more […]

The post Cloudflare Acquires Human Native to Strengthen AI Data Security appeared first on Cyber Security News.

Silver Spring, Maryland, January 15th, 2026, CyberNewsWire Aembit today announced the agenda and speaker lineup for NHIcon 2026: The Rise of Agentic AI Security, a virtual conference scheduled for Jan. 27. The second-annual event will examine the technical, operational, and security challenges emerging as agentic artificial intelligence systems enter enterprise environments. NHIcon 2026 will feature […]

The post Aembit Announces Agenda and Speaker Lineup for NHIcon 2026 on Agentic AI Security appeared first on Cyber Security News.

Critical security updates addressing CVE-2026-20824, a protection mechanism failure in Windows Remote Assistance that permits attackers to circumvent the Mark of the Web (MOTW) defense system. The vulnerability was disclosed on January 13, 2026, and affects multiple Windows platforms spanning from Windows 10 through Windows Server 2025. CVE-2026-20824 represents a security feature bypass vulnerability with […]

The post Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features appeared first on Cyber Security News.

A new information-stealing malware named MonetaStealer has been discovered actively targeting macOS users through deceptive file disguises and social engineering tactics. Security researchers at Iru first identified this threat on January 6, 2026, when they found a suspicious Mach-O binary masquerading as a Windows executable file named Portfolio_Review.exe. The malware represents a growing concern for […]

The post MonetaStealer Malware Powered with AI Code Attacking macOS Users in the Wild appeared first on Cyber Security News.

A joint operation led by Microsoft and international law enforcement has dismantled a business email compromise (BEC) attack chain powered by the RedVDS fraud engine. RedVDS operated as a low‑cost “cybercrime subscription” platform, giving criminals disposable virtual machines that looked like normal Windows systems on the internet. Using these rented hosts, threat actors sent huge […]

The post Microsoft and Authorities Dismatles BEC Attack Chain Powered by RedVDS Fraud Engine appeared first on Cyber Security News.

A critical authentication bypass vulnerability in Cal.com’s scheduling platform enables attackers to hijack any user account by exploiting a flaw in the NextAuth JWT callback mechanism. Tracked as CVE-2026-23478, this vulnerability affects versions from 3.1.6 up to but not including 6.0.7, with patches available in version 6.0.7 and later. The vulnerability resides in a custom […]

The post Critical Cal.com Vulnerability Let Attackers Bypass Authentication and Hijack any User Account appeared first on Cyber Security News.

Mozilla released Firefox 147 on January 13, 2026, addressing 16 security vulnerabilities detailed in the Mozilla Foundation Security Advisory. The update patches critical issues across components such as graphics, JavaScript, and networking, addressing six high-impact flaws, including multiple sandbox escapes, that could enable arbitrary code execution if exploited. These fixes also apply to Firefox ESR […]

The post Firefox 147 Released With Fixes for 16 Vulnerabilities that Enable Arbitrary Code Execution appeared first on Cyber Security News.

A critical unauthenticated privilege escalation vulnerability in the Modular DS WordPress plugin allows attackers to gain instant admin access, with exploitation confirmed in the wild. Affecting over 40,000 sites, the flaw in versions up to 2.5.1 has prompted urgent patches and mitigations from Patchstack and the vendor. Modular DS, developed by modulards.com, enables remote management […]

The post Critical WordPress Plugin Vulnerability Exploited in the Wild to Gain Instant Admin Access appeared first on Cyber Security News.

Hewlett Packard Enterprise (HPE) has disclosed four high-severity vulnerabilities in its Aruba Networking Instant On devices that could allow attackers to access sensitive network information and disrupt operations. The security flaws, identified as CVE-2025-37165, CVE-2025-37166, CVE-2023-52340, and CVE-2022-48839, affect devices running software version 3.3.1.0 and earlier. Vulnerability Details and Risk Assessment The most critical vulnerability, […]

The post HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information appeared first on Cyber Security News.

Threat actors linked to Chinese hosting infrastructure have established a massive network of over 18,000 active command-and-control servers across 48 different hosting providers in recent months. This widespread abuse highlights a serious issue in how malicious infrastructure can hide within trusted networks and cloud services. Traditional threat hunting methods that focus on individual IP addresses […]

The post Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting Providers appeared first on Cyber Security News.

Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated attackers disrupt GlobalProtect gateways and portals. The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from improper checks for unusual conditions that force firewalls into maintenance mode after repeated exploitation attempts. […]

The post Palo Alto Networks Firewall Vulnerability Allows Attacker to Trigger DoS Attacks appeared first on Cyber Security News.

Microsoft released security updates on January 13, 2026, addressing a critical elevation of privilege vulnerability in SQL Server that enables authorized attackers to bypass authentication controls and gain elevated system privileges remotely. Tracked as CVE-2026-20803, the vulnerability stems from missing authentication mechanisms for critical functions within the database engine. The flaw affects multiple SQL Server […]

The post Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network appeared first on Cyber Security News.

A sophisticated malware loader known as CastleLoader has emerged as a critical threat to US government agencies and critical infrastructure organizations. First identified in early 2025, this stealthy malware has been used as the initial access point in coordinated attacks targeting multiple sectors including federal agencies, IT firms, logistics companies, and essential infrastructure providers across […]

The post Stealthy CastleLoader Malware Attacking US Government Agencies and Critical Infrastructure appeared first on Cyber Security News.

DragonForce is the latest ransomware brand to move from noisy forum posts to full RaaS operations, targeting both Windows and VMware ESXi environments. First seen in December 2023 on BreachForums, the group advertises stolen data and uses a dark web blog to pressure victims. The early leak post revealed the new cartel-style operation. The group […]

The post Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems appeared first on Cyber Security News.

A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sessions via a phishing link without further interaction.​ Attackers initiate Reprompt by sending a phishing email with a legitimate Copilot URL containing a malicious ‘q’ parameter, which auto-executes a […]

The post New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data appeared first on Cyber Security News.

North Korean threat actors have launched a sophisticated social engineering campaign targeting software developers through fake recruitment offers. The campaign, known as Contagious Interview, uses malicious repositories disguised as technical assessment projects to deploy a dual-layer malware system. Victims are lured through LinkedIn messages from fake recruiters claiming to represent organizations like Meta2140, then directed […]

The post North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign appeared first on Cyber Security News.

Austin, TX / USA, January 14th, 2026, CyberNewsWire New monitoring capability delivers unprecedented visibility into vendor identity exposures, moving enterprises and government agencies from static risk scoring to protecting against actual identity threats.  SpyCloud, the leader in identity threat protection, today announced the launch of its Supply Chain Threat Protection solution, an advanced layer of […]

The post SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats appeared first on Cyber Security News.

Large language models are changing how ransomware crews plan and run their attacks. Instead of inventing new kinds of malware, LLMs are speeding up every step of the existing ransomware lifecycle, from recon to extortion. Crews can now write fluent phishing lures, localize ransom notes, and triage stolen data in many languages in minutes, not […]

The post LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual Reach appeared first on Cyber Security News.

New York, NY, January 14th, 2026, CyberNewsWire Leading secrets security platform sees accelerated adoption across Fortune 500, with 60% of new customers choosing multi-year commitments. GitGuardian, the leading secrets and Non-Human Identity security platform, today announced record growth in ARR and customer expansion throughout 2025, reinforcing its position as the enterprise standard for protecting code, […]

The post GitGuardian Closes 2025 with Strong Enterprise Momentum, Protecting Millions of Developers Worldwide appeared first on Cyber Security News.