China-Backed ‘PeckBirdy’ Takes Flight for Cross-Platform Attacks – Dark Reading
In two separate campaigns, attackers used the JScript C2 framework to target Chinese gambling websites and Asian government entities with new backdoors. – Read More
2026
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid – The Hacker News
The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology (OT)…
Neurodivergent students not disadvantaged in the SQE, report finds – Legal Cheek
Neurodivergent candidates outperform counterparts in SQE1 and SQE2 Candidates with neurodivergent conditions who sat the SQE with reasonable adjustments in place slightly outperformed their peers across all stages of the…
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution – The Hacker News
A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system.…
Surging Cyberattacks Boost Latin America to Riskiest Region – Dark Reading
The region is up against tactics like data-leak extortion, credential-stealing campaigns, edge-device exploitation, and attackers leveraging AI. – Read More
Brabners to launch London office – Legal Cheek
No word on City TCs just yet Liverpool-founded law firm Brabners has announced plans to expand into the capital, marking its fifth office in the UK. The new City office,…
Massives Datenleck bedroht rund 150 Millionen Benutzer – CSO Online
Die offengelegten Zugangsdaten stellen ein erhebliches Sicherheitsrisiko dar. Digineer Station – shutterstock.com Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor…
The January Orange Rag Is Here! – Legal IT Insider
Hi and welcome to the first Orange Rag of 2026, where we pick up on some of the most important themes of the month, including the shift of power from…
SRA issues ‘no win, no fee’ warning to counter poor behaviour – Legal Futures
The Solicitors Regulation Authority has issued a warning notice on the use of ‘no win, no fee’ agreements in high-volume consumer claims amid multiple concerns about their misuse. The post…
Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution – The Hacker News
Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the…
From Triage to Threat Hunts: How AI Accelerates SecOps – The Hacker News
If you work in security operations, the concept of the AI SOC agent is likely familiar. Early narratives promised total autonomy. Vendors seized on the idea of the “Autonomous SOC”…
Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet – CSO Online
Fortinet has disclosed a critical authentication bypass zero-day vulnerability affecting its FortiCloud single sign-on feature after the company took the emergency step of temporarily disabling the cloud authentication service globally…
Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks – The Hacker News
Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from…
Sicarii ransomware locks your data and throws away the keys – CSO Online
A newly observed Sicarii ransomware strain contains a critical encryption key handling defect that can leave encrypted data unrecoverable, even if a victim pays the ransom or uses a provided…
Why independence and specialism matter in PI insurance – Law Gazette – Features
Sponsored content. – Read More