CISA Adds 5 Enterprise Software Flaws To KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five enterprise software flaws to its Known Exploited Vulnerabilities (KEV) Catalog in an 18-hour span.…
Author: Cybernoz
149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online – Hackread – Cybersecurity News, Data Breaches, AI, and More
149 million stolen usernames and passwords for TikTok, Disney+, Netflix, Roblox, and crypto wallets were found online without any security authentication. Learn about the latest…
US punts renewal of threat data sharing law to September
The United States’ Cybersecurity Information Sharing Act of 2015 – CISA 2015 – which came within a hair’s breadth of lapsing for good at the…
Microsoft Introduces Brand Impersonation Protection Warning for Teams Calls
Microsoft is launching a new security feature designed to protect Teams users from fraudulent external callers impersonating trusted organizations. The Brand Impersonation Protection for Teams…
MacSync macOS Infostealer Exploits ClickFix-style Attack to Trick Users with Single Terminal Command
A sophisticated macOS infostealer campaign that leverages deceptive ClickFix-style social engineering to distribute MacSync, a Malware-as-a-Service (MaaS) credential-stealing tool targeting cryptocurrency users. The attack chain begins…
Malicious AI extensions on VSCode Marketplace steal developer data
Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are advertised as AI-based…
Threat Actors Weaponizes LNK File to Deploy MoonPeak Malware Attacking Windows Systems
A new malware campaign targeting Windows users has emerged, using deceptive LNK shortcut files to distribute MoonPeak, a dangerous remote access trojan. This malware, which…
76 Zero-Day Vulnerabilities Exposed at Pwn2Own Automotive 2026 by Hackers
The final day of Pwn2Own Automotive 2026 brought the world’s elite security researchers to the finish line with a spectacular display of hacking prowess. Over…
20,000 WordPress Sites Affected by Backdoor Vulnerability Allowing Malicious Admin User Creation
A critical backdoor vulnerability has been discovered in the LA-Studio Element Kit for Elementor, a popular WordPress plugin used by more than 20,000 active sites.…
Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems
A sophisticated three-stage malware attack campaign against Windows users in South Korea using specially crafted LNK (shortcut) files. The attack begins with a deceptive LNK…
Fortinet warns of active FortiCloud SSO bypass affecting updated devices
Fortinet warns of active FortiCloud SSO bypass affecting updated devices Pierluigi Paganini January 23, 2026 Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even…
CISA confirms active exploitation of four enterprise software bugs
The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite…