Fake AI Chrome Extensions Steal 900K Users’ Data – Dark Reading
Threat actors ripped off a legitimate AI-powered Chrome extension in order to harvest ChatGPT and DeepSeek data before sending it to a C2 server. – Read More
Cyber
ChatGPT’s Memory Feature Supercharges Prompt Injection – Dark Reading
The “ZombieAgent” exploit makes use of ChatGPT’s long-term memory and advanced capabilities. – Read More
The 2 faces of AI: How emerging models empower and endanger cybersecurity – CSO Online
In my long career of safeguarding digital assets, I’ve seen technology shifts come and go, but nothing compares to the disruptive force of AI and large language models (LLMs). AI…
WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging – The Hacker News
Cybersecurity researchers have disclosed details of a new campaign that uses WhatsApp as a distribution vector for a Windows banking trojan called Astaroth in attacks targeting Brazil. The campaign has…
Here’s What Cloud Security’s Future Holds for the Year Ahead – Dark Reading
Here are the top cloud security trends I’m seeing in my crystal ball for the New Year — particularly arming us for AI adoption. – Read More
China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes – The Hacker News
A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Southeastern Europe. The activity cluster, which has been active since at…
Cybersecurity at the edge: Securing rugged IoT in mission-critical environments – CSO Online
Edge computing is no longer a futuristic concept; it’s a reality shaping mission-critical operations across defense, utilities and public safety. Rugged IoT devices, engineered to withstand extreme conditions, are the…
Phishing-Angreifer setzen vermehrt auf E-Mail-Routing-Lücken – CSO Online
Angreifer missbrauchen falsch konfigurierte Richtlinien, um Phishing-E-Mails wie interne E-Mails aussehen zu lassen, Filter zu umgehen und Anmeldedaten zu stehlen. batjaket – shutterstock.com Das Threat Intelligence Team von Microsoft hat…
ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories – The Hacker News
The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn…
The State of Trusted Open Source – The Hacker News
Chainguard, the trusted source for open source, has a unique view into how modern organizations actually consume open source software and where they run into risk and operational burdens. Across…
NIS2-Umsetzung: Neues BSI-Portal geht an den Start – CSO Online
srcset=”https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?quality=50&strip=all 7500w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2026/01/shutterstock_2691920437.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Unternehmen können…
Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments – CSO Online
A now-fixed critical flaw in the jsPDF library could enable attackers to extract sensitive files from enterprise servers and embed them directly into generated PDF documents. Tracked as CVE-2025-68428, the…
Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release – The Hacker News
Cisco has released updates to address a medium-severity security flaw in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) with a public proof-of-concept (PoC) exploit. The vulnerability, tracked…
Researchers Uncover NodeCordRAT Hidden in npm Bitcoin-Themed Packages – The Hacker News
Cybersecurity researchers have discovered three malicious npm packages that are designed to deliver a previously undocumented malware called NodeCordRAT. The names of the packages, all of which were taken down…
Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances – The Hacker News
Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution. The list of vulnerabilities…