Phishers Exploit Office 365 Users Who Let Their Guard Down – Dark Reading
Microsoft said that Office 365 tenants with weak configurations and who don’t have strict anti-spoofing protection enabled are especially vulnerable. – Read More
2026
Critical RCE flaw allows full takeover of n8n AI workflow platform – CSO Online
Researchers have released details about a critical vulnerability that was silently patched in n8n, a platform used by many companies to build LLM-powered agents and automated workflows. The flaw can…
Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches – The Hacker News
A cybercrime gang known as Black Cat has been attributed to a search engine optimization (SEO) poisoning campaign that employs fraudulent sites advertising popular software to trick users into downloading…
Lack of MFA is Common Thread in Vast Cloud Credential Heist – Dark Reading
An emerging threat actor that goes by “Zestix” used an assortment of infostealers to obtain credentials and breach file-sharing instances of approximately 50 enterprises. – Read More
Bug in Open WebUI macht Kostenlos-Tool zur Backdoor – CSO Online
Der Schweregrad des Bugs in Open WebUI wird als hoch eingestuft. Wirestock Creators- shutterstock.com Sicherheitsforschende von Cato Networks haben eine Schwachstelle in Open WebUI, einem selbstgehosteten Enterprise Interface für Large…
Neue Ransomware-Bedrohung zielt auf deutsche Unternehmen – CSO Online
Der Ransomware-Dienst Ransomhouse nutzt jetzt eine komplexe Dual-Schlüssel-Verschlüsselung und automatisierte Angriffe auf VMware ESXi. Suttipun – shutterstock.com Sicherheitsexperten haben kürzlich festgestellt, dass die Ransomware-Gruppe Jolly Scorpius ihren RaaS-(Ransomware as a…
How to eliminate IT blind spots in the modern, AI-driven enterprise – CSO Online
The more organizations lean on artificial intelligence (AI), spread workloads across different environments, and tie systems together, the harder it becomes for traditional security practices to present a complete picture…
Litera’s agentic AI drives 10x user growth in 3 months since launching – Legal Futures
Litera, a global leader in legal AI technology, has announced a record-breaking year for AI adoption among law firms and corporate legal customers worldwide. The post Litera’s agentic AI drives…
Navigating partnership conflict in law firms – 10 top tips to prevent disputes – Legal Futures
Oliver Andrews of Brabners shares ten top tips for preventing partnership disputes — alongside guidance on recognising the warning signs and responding effectively if conflict does arise. The post Navigating…
Cyberattacks Likely Part of Military Operation in Venezuela – Dark Reading
Cyber’s role in the US raid on Venezuela remains a question, though President Trump alluded to “certain expertise” in shutting down the power grid in Caracas. – Read More
DDoSia Powers Affiliate-Driven Hacktivist Attacks – Dark Reading
Pro-Russian group NoName057(16) uses a custom denial-of-service tool to mobilize volunteers and disrupt government, media, and institutional sites tied to Ukraine and the West. – Read More
Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control – The Hacker News
Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible…
The Government Cyber Action Plan: strengthening resilience across the UK – NCSC Blog
With GCAP, the UK government is taking decisive steps towards a safer, more resilient future. – Read More
Thomson Reuters’ State of the US Legal Market report – Record profits and increasingly unstable ground – Legal IT Insider
The US legal market in 2025 celebrated record profits while standing on increasingly unstable ground, Thomson Reuters’ 2026 state of the market report out today (7 January) finds. The average…
Webinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators – The Hacker News
Security teams are still catching malware. The problem is what they’re not catching. More attacks today don’t arrive as files. They don’t drop binaries. They don’t trigger classic alerts. Instead,…