2026

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution – The Hacker News

January 28, 2026

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system.…

Cyber Dark Reading

Surging Cyberattacks Boost Latin America to Riskiest Region – Dark Reading

January 28, 2026

The region is up against tactics like data-leak extortion, credential-stealing campaigns, edge-device exploitation, and attackers leveraging AI. – Read More

Legal Cheek Legal News

Brabners to launch London office – Legal Cheek

January 28, 2026

No word on City TCs just yet Liverpool-founded law firm Brabners has announced plans to expand into the capital, marking its fifth office in the UK. The new City office,…

CSO Online Cyber

Massives Datenleck bedroht rund 150 Millionen Benutzer – CSO Online

January 28, 2026

Die offengelegten Zugangsdaten stellen ein erhebliches Sicherheitsrisiko dar. Digineer Station – shutterstock.com Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor…

IT news Legal IT Insider

The January Orange Rag Is Here! – Legal IT Insider

January 28, 2026

Hi and welcome to the first Orange Rag of 2026, where we pick up on some of the most important themes of the month, including the shift of power from…

Legal Futures Legal News

SRA issues ‘no win, no fee’ warning to counter poor behaviour – Legal Futures

January 28, 2026

The Solicitors Regulation Authority has issued a warning notice on the use of ‘no win, no fee’ agreements in high-volume consumer claims amid multiple concerns about their misuse. The post…

Cyber Hacker News

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution – The Hacker News

January 28, 2026

Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the…

Cyber Hacker News

From Triage to Threat Hunts: How AI Accelerates SecOps – The Hacker News

January 28, 2026

If you work in security operations, the concept of the AI SOC agent is likely familiar. Early narratives promised total autonomy. Vendors seized on the idea of the “Autonomous SOC”…

CSO Online Cyber

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet – CSO Online

January 28, 2026

Fortinet has disclosed a critical authentication bypass zero-day vulnerability affecting its FortiCloud single sign-on feature after the company took the emergency step of temporarily disabling the cloud authentication service globally…

Cyber Hacker News

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks – The Hacker News

January 28, 2026

Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from…

CSO Online Cyber

Sicarii ransomware locks your data and throws away the keys – CSO Online

January 28, 2026

A newly observed Sicarii ransomware strain contains a critical encryption key handling defect that can leave encrypted data unrecoverable, even if a victim pays the ransom or uses a provided…

Law Gazette Legal News

Why independence and specialism matter in PI insurance – Law Gazette – Features

January 28, 2026

Password Reuse in Disguise: An Often-Missed Risky Workaround – The Hacker News

January 28, 2026

When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware, or ransomware. These attack methods continue to evolve and rightly command attention. However, one…

Cyber Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 – The Hacker News

January 28, 2026

Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and…

CSO Online Cyber

Always-on privileged access is pervasive — and fraught with risks – CSO Online

January 28, 2026

Privileged access management (PAM) has always been about ensuring least privilege. But the nature of enterprise cybersecurity — on top of the complexity of system operations — has prompted far…

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution – The Hacker News

Surging Cyberattacks Boost Latin America to Riskiest Region – Dark Reading

Brabners to launch London office – Legal Cheek

Massives Datenleck bedroht rund 150 Millionen Benutzer – CSO Online

The January Orange Rag Is Here! – Legal IT Insider

SRA issues ‘no win, no fee’ warning to counter poor behaviour – Legal Futures

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution – The Hacker News

From Triage to Threat Hunts: How AI Accelerates SecOps – The Hacker News

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet – CSO Online

Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks – The Hacker News

Sicarii ransomware locks your data and throws away the keys – CSO Online

Why independence and specialism matter in PI insurance – Law Gazette – Features

Password Reuse in Disguise: An Often-Missed Risky Workaround – The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088 – The Hacker News

Always-on privileged access is pervasive — and fraught with risks – CSO Online

You Missed

Microsoft turns up to its own fight with new Word Legal Agent – Legal IT Insider

If AI’s So Smart, Why Does It Keep Deleting Production Databases? – Dark Reading

Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks – The Hacker News

China-Linked Hackers Target Asian Governments, NATO State, Journalists, and Activists – The Hacker News