New Ghost Tapped Attack Uses Your Android Device to Drain Your Bank Account
Chinese threat actors have developed a dangerous new way to steal money directly from bank accounts using specially crafted Android applications. Known as Ghost Tapped,…
Month: January 2026
January 2026 Patch Tuesday forecast: And so it continues
Welcome to a new year of my Patch Tuesday forecast blog where I provide a summary of Microsoft and other vendor’s security patch activity (and…
Penetration Testing Explained: Meaning, Tools, Process
Web applications, databases, sub-domains, DNS configuration, and public_html are some of the online places where you can never allow a hacker in. If they do, sometimes forcefully, a full account takeover is just a matter…
SmarterTools SmarterMail Vulnerability Enables Remote Code Execution Attack
A critical pre-authentication remote code execution vulnerability, identified as CVE-2025-52691, has been discovered in SmarterTools’ SmarterMail solution. The flaw received a maximum CVSS score of…
Hackers Actively Exploiting AI Deployments
Security researchers have identified over 91,000 attack sessions targeting AI infrastructure between October 2025 and January 2026, exposing systematic campaigns against large language model deployments.…
Security teams are paying more attention to the energy cost of detection
Security teams spend a lot of time explaining why detection systems need more compute. Cloud bills rise, models retrain more often, and new analytics pipelines…
FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing
Jan 09, 2026Ravie LakshmananMobile Security / Email Security The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored…
Product showcase: TrackerControl lets Android users see who’s tracking them
TrackerControl is an open-source Android application designed to give users visibility into and control over the hidden data within mobile apps. Many apps routinely communicate…
Cisco Small Business Switches Face Global DNS Crash Outage
Network administrators worldwide reported widespread crashes in Cisco small business switches on January 8, 2026, triggered by fatal errors in the DNS client service. Devices…
Microsoft Mandates MFA for Microsoft 365 Admin Center Access
Microsoft is tightening security for its cloud customers by making multi-factor authentication mandatory for anyone accessing the Microsoft 365 admin center, effectively ending password-only logins for high-privilege admin portals. …
Wi-Fi evolution tightens focus on access control
Wi-Fi networks are taking on heavier workloads, more devices, and higher expectations from users who assume constant access everywhere. A new Wireless Broadband Alliance industry…
New “Ghost Tap” Attack Hijacks Android Phones to Drain Bank Accounts
Chinese threat actors are weaponizing NFC technology to steal funds from victims’ bank remotely accounts through sophisticated Android malware campaigns, with security researchers identifying at…