China-linked hackers exploited Sitecore zero-day for initial access
An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure systems in North America, gaining…
Month: January 2026
Windows 11 PCs Fail to Shut Down After January Security Update
Microsoft’s January 13, 2026, security update for Windows 11 has triggered a frustrating bug: affected PCs refuse to shut down or hibernate, instead restarting. The…
Go 1.26 Released With Fixes for Multiple Vulnerabilities Causing Memory Exhaustion
The Go development team has released Go versions 1.25.6 and 1.24.12, addressing six critical security vulnerabilities that could enable denial-of-service attacks, arbitrary code execution, and…
Critical flaw in Fortinet FortiSIEM targeted in exploitation threat
A critical flaw in Fortinet FortiSIEM is under exploitation from threat groups, just days after release of a proof of concept. The vulnerability, tracked as…
Cloudflare Acquired Open-source Web Framework Astro to Supercharge Development
Cloudflare has acquired the team behind Astro, the popular open-source web framework for building fast, content-driven sites. Announced on January 16, 2026, the deal brings…
UAT-8837 Launches Targeted Attacks to Steal Sensitive Organizational Data
UAT-8837, a China-nexus advanced persistent threat (APT) actor, is conducting sustained campaigns against critical infrastructure sectors across North America. The group, assessed with medium confidence…
U.S. and allies collaborate on operational technology security guidance
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. In an attempt to help critical infrastructure…
Federal court dismisses Trump DOJ lawsuit seeking California voter data
A federal court has thrown out a lawsuit brought by the Trump administration attempting to force the state of California to turn over sensitive voter…
Verizon starts issuing $20 credits after nationwide outage
Verizon has begun sending text messages with instructions on how to redeem a $20 account credit for last week’s nationwide wireless outage. The message states…
NSA Publishes New Guidelines for Implementing a Zero Trust Security Model
The National Security Agency has published the first two products in its Zero Trust Implementation Guidelines series, offering organizations practical recommendations for adopting Zero Trust security models. …
How 2 Missing Characters Nearly Compromised AWS – Hackread – Cybersecurity News, Data Breaches, AI, and More
A massive security hole that could have given hackers total control over Amazon Web Services (AWS) was recently fixed before anyone could actually use it…
Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts
Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like…