Privacy teams feel the strain as AI, breaches, and budgets collide
Privacy programs are under strain as organizations manage breach risk, new technology, and limited resources. A global study from ISACA shows that AI is gaining…
Month: January 2026
Apache bRPC Vulnerability Enables Remote Command Injection
A critical remote command-injection vulnerability has been discovered in Apache bRPC’s built-in heap profiler service, affecting all versions before 1.15.0 across all platforms. The vulnerability…
Critical AVEVA Software Flaws Allow Remote Code Execution With SYSTEM Privileges
AVEVA has disclosed seven critical and high-severity vulnerabilities in its Process Optimization software (formerly ROMeo) that could enable attackers to execute remote code with SYSTEM…
ChatGPT Go Launched for $8 USD/month With Support for Ads
OpenAI’s global rollout of its budget-friendly ChatGPT Go subscription at $8 USD monthly introduces significant data privacy and security considerations for cybersecurity professionals monitoring AI…
Letters | Prioritise scam victims’ well-being in fighting transnational cybercrime
Feel strongly about these letters, or any other aspects of the news? Share your views by emailing us your Letter to the Editor at [email protected]…
Google Gemini Privacy Controls Bypassed to Access Private Meeting Data Using Calendar Invite
A significant vulnerability within the Google ecosystem allowed attackers to bypass Google Calendar’s privacy controls using a standard calendar invitation. The discovery highlights a growing…
You can get ChatGPT’s $20 Plus subscription for free for a limited time
OpenAI is offering ChatGPT Plus, which costs $20 in the United States, for free, but the offer is valid for some accounts only, and it’s…
UK financial regulators exposing public to ‘potential serious harm’ due to AI positions
The UK public and the country’s finance system are “exposed to potential serious harm” because regulators in the financial sector are “not doing enough” to…
Fake ad blocker extension crashes the browser for ClickFix attacks
A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the browser in preparation for ClickFix attacks. The attacks were…
Threat Actors Weaponizing Visual Studio Code to Deploy a Multistage Malware
Threat actors are turning Visual Studio Code into an attack platform, using its rich extension ecosystem to slip multistage malware into developer workstations. The latest…
Remcos RAT Masquerade as VeraCrypt Installers Steals Users Login Credentials
A sophisticated malware campaign targeting South Korean users has emerged, distributing the Remcos remote access trojan (RAT) through deceptive installers disguised as legitimate VeraCrypt encryption…
SUBCO reveals first Australia-US direct undersea cable to go live late 2028
SUBCO will build a new undersea fibre cable linking Australia directly to the US within two years to meet an expected surge in demand for capacity…