Three-quarters of UK IT teams beset by outages due to missing alerts
Three-quarters of UK IT professionals say they had outages due to missing alerts in 2025, according to research from Splunk, published last year and being…
Author: Cybernoz
CISA releases Secure Connectivity Principles Checklist for Operational Technology Networks Connectivity
The Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have jointly released comprehensive guidance on Secure Connectivity Principles…
Revealed: Leaked Chats Expose the Daily Life of a Scam Compound’s Enslaved Workforce
Just before 8am one day last April, an office manager who went by the name Amani sent out a motivational message to his colleagues and…
Node.js 25.5.0 Released Update Root Certificates and New Command-Line Flags
Node.js version 25.5.0 was released on January 26, 2026, introducing significant developer-focused enhancements and security updates. The release prioritizes simplified application packaging through a new…
Amnesia RAT deployed in multi-stage phishing attacks against Russian users
Amnesia RAT deployed in multi-stage phishing attacks against Russian users Pierluigi Paganini January 27, 2026 A multi-stage phishing campaign targets users in Russia with ransomware…
Caminho Loader-as-a-Service Using Steganography to Conceal .NET Payloads within Image Files
Caminho Loader is a new Loader-as-a-Service threat that blends steganography, fileless execution, and cloud abuse to quietly deliver malware across several regions. First seen in…
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted being exploited in…
The need to build and protect UK digital sovereignty
Thank you for joining! Access your Pro+ Content below. 27 January 2026 Tech nationalism: The need to build and protect UK digital sovereignty Share this…
Critical Vulnerability in Python PLY Library Enables Remote Code Execution
A critical vulnerability has been identified in the PyPI-distributed version of PLY (Python Lex-Yacc) 3.11, allowing arbitrary code execution through unsafe deserialization of untrusted pickle…
When open science meets real-world cybersecurity
Scientific research environments are built for openness and collaboration, often prioritizing long-term discovery over traditional enterprise security. In this Help Net Security interview, Matthew Kwiatkowski,…
Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation
Ravie LakshmananJan 27, 2026Zero-Day / Vulnerability Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability,…
Canada Marks Data Privacy Week 2026 as Commissioner Pushes for Privacy by Design
As Data Privacy Week 2026 gets underway from January 26 to 30, Canada’s Privacy Commissioner Philippe Dufresne has renewed calls for stronger data protection practices,…