Malware toolkit guarantees store approval for Chrome extensions
A suspected Russian malware-as-a-service operation has been selling a turnkey website-spoofing toolkit that promised to bypass Google’s Chrome Web Store security review, charging up to…
Month: January 2026
16 Malicious Chrome Extensions as ChatGPT Enhancements Steals ChatGPT Logins
Researchers have uncovered a significant security threat targeting ChatGPT users through deceptive browser extensions. A coordinated campaign involving 16 malicious Chrome extensions has been discovered,…
CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure…
Cyberattack On Delta Disrupts Security Services In Russia
A cyberattack on Delta, a Russian provider of alarm and security systems for homes, businesses, and vehicles, has disrupted operations and triggered widespread service outages,…
Gov faces Senate wrath over social media ban secrecy
Federal Communications Minister Anika Wells is facing a Senate challenge to her decision to block access to documents that could reveal what the government knew…
OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code
OpenSSL patched 12 vulnerabilities on January 27, 2026, including one high-severity flaw that could lead to remote code execution. Most issues cause denial-of-service attacks but…
Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions
A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require…
Audits for AI systems that keep changing
Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity…
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
Ravie LakshmananJan 28, 2026Network Security / Zero-Day Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active…
Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code
A critical sandbox escape vulnerability has been identified in vm2. This widely used Node.js library provides sandbox isolation for executing untrusted code. The flaw, tracked…
Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect
Google Threat Intelligence Group warned that a diverse and growing collection of attackers, including nation-state groups and financially motivated cybercriminals, are exploiting a path-traversal vulnerability…
OpenAI’s ChatGPT ad costs are on par with live NFL broadcasts
OpenAI plans to begin rolling out ads on ChatGPT in the United States if you have a free or $8 Go subscription, but the catch…