Let’s Encrypt has made 6-day IP-based TLS certificates Generally Available
Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became available…
Author: Cybernoz
China-linked APT UAT-8837 targets North American critical infrastructure
China-linked APT UAT-8837 targets North American critical infrastructure Pierluigi Paganini January 17, 2026 Cisco Talos says a China-linked group, tracked as UAT-8837, has targeted North…
Why LinkedIn is a hunting ground for threat actors – and how to protect yourself
The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they…
Google Vertex AI Flaw Lets Low-Privilege Users Escalate to Service Agent Roles
Security researchers have discovered critical privilege escalation vulnerabilities in Google’s Vertex AI platform that allow attackers with minimal permissions to hijack high-privileged Service Agent accounts.…
Google’s Vertex AI Vulnerability Enables Low-Privileged Users to Gain Service Agent Roles
Google’s Vertex AI contains default configurations that allow low-privileged users to escalate privileges by hijacking Service Agent roles. XM Cyber researchers identified two attack vectors…
Python-powered Toolkit for Information Gathering and reconnaissance
Argus is a comprehensive Python-based toolkit designed for reconnaissance tasks in cybersecurity. The developers recently released version 2.0, expanding it to include 135 modules. This…
US Hackers Reportedly Caused a Blackout in Venezuela
Now The New York Times has cited unnamed US officials confirming that the blackout was in fact caused by a cyberattack, the first time the…
The Last Algorithm | Daniel Miessler
I just had a strange premonition that we’re about to get ASI-like outcomes from AI in 2026, but not from a new model. It’ll be…
OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans
Jan 17, 2026Ravie LakshmananArtificial Intelligence / Data Privacy OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in…
Critical XSS Vulnerabilities in Meta Conversion API Enable Zero-Click Account Takeover
Security researchers have uncovered two critical cross-site scripting (XSS) vulnerabilities in Meta’s Conversions API Gateway that could enable attackers to hijack Facebook accounts on a…
Researchers Gain Access to StealC Malware Command-and-Control Systems
Security researchers successfully exploited vulnerabilities in the StealC malware infrastructure, gaining access to operator control panels and exposing a threat actor’s identity through their own…
Researchers Breach StealC Infrastructure, Access Malware Control Panels
Criminal infrastructure often fails for the same reasons it succeeds: it is rushed, reused, and poorly secured. Security researchers recently demonstrated this vulnerability by exploiting…