Linux users targeted by crypto thieves via hijacked apps on Snap Store
Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former…
Author: Cybernoz
Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs
Ravie LakshmananJan 21, 2026Vulnerability / Artificial Intelligence Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to…
Hackers Extensively Abuses Visual Studio Code to Execute Malicious Payloads on Victim System
Threat actors linked to North Korea have continued to expand their attack capabilities by weaponizing Microsoft Visual Studio Code, one of the world’s most popular…
cside targets hidden website privacy violations with Privacy Watch
cside announced the launch of Privacy Watch. The platform prevents website privacy violations on the client-side, a risk surface that is traditionally unmonitored. To help…
VoidLink shows how one developer used AI to build a powerful Linux malware
VoidLink shows how one developer used AI to build a powerful Linux malware Pierluigi Paganini January 21, 2026 VoidLink is a cloud-focused Linux malware, likely…
Critical GNU InetUtils Vulnerability Allows Unauthenticated Root Access Via “-f root”
A critical remote authentication bypass vulnerability has been disclosed in GNU InetUtils affecting the telnetd server component. The flaw, reported by a security researcher on…
Threat Actors Exploit LinkedIn for RAT Delivery in Enterprise Networks
A sophisticated phishing campaign exploiting LinkedIn private messages has been identified, delivering remote access trojans (RATs) through a combination of DLL sideloading techniques and weaponized…
Google Chrome 144 Update Patches High-Severity V8 Vulnerability
A new Stable-channel release of Chrome version 144 addresses a high-severity vulnerability in the V8 JavaScript engine. The update, version 144.0.7559.96/.97 for Windows and Mac…
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The…
CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution
Ravie LakshmananJan 21, 2026Open Source / Vulnerability A security vulnerability has been disclosed in the popular binary-parser npm library that, if successfully exploited, could result…
EU Launches GCVE, A Decentralized Vulnerability Database
Europe’s long-running conversation about digital autonomy quietly crossed a milestone with the launch of a new public vulnerability platform. The EU Vulnerability Database, created under…
Russian-Aligned Hacktivist Groups Active In UK
The UK’s National Cyber Security Centre (NCSC) has issued a fresh alert warning that Russian-aligned hacktivist groups continue to target British organisations with disruptive cyberattacks.…