Critical jsPDF flaw lets hackers steal secrets via generated PDFs
The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from…
Month: January 2026
Windows Packer pkr_mtsi Powers Widespread Malvertising Campaigns with Multiple Malware
A custom Windows packer dubbed pkr_mtsi is fueling large-scale malvertising and SEO‑poisoning campaigns that deliver a broad range of information‑stealing and remote‑access malware, according to new research.…
ChatGPT is losing market share as Google Gemini gains ground
New data suggests that ChatGPT is losing its market share to Gemini on the web. It’s unclear if Gemini is also gaining ground in the…
Critical n8n Vulnerability Allows Authenticated Remote Code Execution
A critical security vulnerability has been discovered in n8n, the popular workflow automation tool, potentially allowing authenticated attackers to execute arbitrary code on the host…
Infostealers And Lack Of MFA Led To Dozens Of Major Breaches
Infostealer infections compounded by a lack of multi-factor authentication (MFA) have resulted in dozens of breaches at major global companies and calls for greater MFA…
China asks tech firms to halt orders for Nvidia’s H200 chips
Beijing has asked some Chinese tech companies to halt orders for Nvidia’s H200 chips this week, and is expected to mandate domestic artificial intelligence chip…
Hackers Using Malicious QR Codes for Phishing via HTML Table
Threat actors are continuing to refine “quishing” phishing delivered through QR codes by shifting from traditional image-based payloads to “imageless” QR codes rendered directly in…
DTA warns against permanent bans of IT services firms
The Digital Transformation Agency has warned against “permanent” bans of IT suppliers and services firms for “unethical conduct”, in part because it could block departments…
Is Your Company Selling Or Storytelling?
07 Jan Cybersecurity CEO: Is Your Company Selling Or Storytelling? Posted at 14:10h in Blogs by Taylor Fox Lessons learned from WSJ, Microsoft, CrowdStrike, and…
Threat Intel on Vibe Hacking & HackGPT
Right now, across dark web forums, Telegram channels, and underground marketplaces, hackers are talking about artificial intelligence – but not in the way most people…
Chinese Hackers Deploy NFC-enabled Android Malware to Steal Payment Data
Chinese threat actors have launched a sophisticated campaign using NFC-enabled Android malware called Ghost Tap to intercept and steal financial information from victims worldwide. The…
Black Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software Searches
Jan 07, 2026Ravie LakshmananCybercrime / Software Security A cybercrime gang known as Black Cat has been attributed to a search engine optimization (SEO) poisoning campaign…