DOGE May Have Misused Social Security Data, DOJ Admits
Law enforcement authorities in the United States have for years circumvented the US Constitution’s Fourth Amendment by purchasing data on US residents that would otherwise…
Month: January 2026
Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. “The attack begins…
U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 24, 2026 The U.S. Cybersecurity and…
Sandworm behind cyberattack on Poland’s power grid in late 2025
The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper 23 Jan 2026 • , 1 min. read In late 2025,…
Microsoft Teams to Share your Location With Your Employer Soon Based on Wi-Fi Network
Microsoft is preparing to deploy a significant, potentially controversial update to Microsoft Teams that automatically detects and displays a user’s physical work location based on…
CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog
Ravie LakshmananJan 24, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware…
Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents
AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity…
Microsoft Launches Open-Source WinApp CLI to Streamline Windows App Development
Microsoft has unveiled the public preview of WinApp CLI (winapp), a new open-source command-line tool designed to simplify Windows app development for developers using diverse…
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
Ravie LakshmananJan 24, 2026Malware / Critical Infrastructure The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the…
Threat Actors Leverage SharePoint Services in Sophisticated AiTM Phishing Campaign
Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations through SharePoint file-sharing abuse. The multi-stage attack compromised multiple user…
Microsoft Launches Open-Source WinApp CLI to Streamline Windows App Development
Microsoft has unveiled the public preview of WinApp CLI (winapp), a new open-source command-line tool designed to simplify Windows app development for developers using diverse…
Hackers Exploiting telnetd Vulnerability for Root Access
Active exploitation of a critical authentication bypass vulnerability in the GNU InetUtils telnetd server (CVE-2026-24061) has been observed in the wild, allowing unauthenticated attackers to…