Your Digital Footprint Can Lead Right to Your Front Door
Jan 16, 2026The Hacker NewsPrivacy / Data Protection You lock your doors at night. You avoid sketchy phone calls. You’re careful about what you post…
Month: January 2026
Dutch researcher’s AI breakthrough tackles the structured data paradox
Organisations sit on vast quantities of structured data in relational databases and spreadsheets. It’s organised and searchable, yet when it comes to extracting insights, we…
China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug
China-linked APT UAT-9686 abused now patched maximum severity AsyncOS bug Pierluigi Paganini January 16, 2026 Cisco fixed a maximum severity AsyncOS flaw in Secure Email…
Cisco 0-Day RCE Secure Email Gateway Vulnerability Exploited in the Wild
Cisco has confirmed active exploitation of a critical zero-day remote code execution vulnerability in its Secure Email Gateway and Secure Email and Web Manager appliances.…
Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches
Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator…
Dutch police sell fake tickets to show how easily scams work
If you can’t beat them, copy them. That seems to be the thinking behind an unusual campaign by the Dutch police, who set up a…
Critical WhisperPair flaw lets hackers track, eavesdrop via Bluetooth audio devices
Security researchers have discovered a critical vulnerability in Google’s Fast Pair protocol that can allow attackers to hijack Bluetooth audio accessories, track users, and eavesdrop…
AWS Console Supply Chain Attack Enables GitHub Repository Hijacking
A newly reported supply chain attack targeting the Amazon Web Services (AWS) management console has raised alarms across the developer community. Cybersecurity researchers have discovered…
Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover
Actively exploited critical flaw in Modular DS WordPress plugin enables admin takeover Pierluigi Paganini January 16, 2026 A critical Modular DS WordPress flaw (CVE-2026-23550) is…
Cisco finally fixes AsyncOS zero-day exploited since November
Cisco has finally patched a maximum-severity Cisco AsyncOS zero-day exploited in attacks against Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances…
Zero-Click Exploit Chain Discovered Targeting Google Pixel 9 Devices
Security researchers at Google Project Zero have disclosed a complete zero-click exploit chain affecting Google Pixel 9 smartphones, chaining vulnerabilities in the Dolby audio decoder…
As AI raises the stakes, app modernization and security are becoming inseparable
Security leaders are under pressure to support AI programs that move from pilots into production. New Cloudflare research suggests that success depends less on experimentation…