Insights from the new OAuth phishing attack
In December, the Push Security research team discovered and blocked a brand new attack technique that we coined ConsentFix. This technique merged ClickFix-style social engineering…
Author: Cybernoz
SpyCloud Launches Supply Chain Identity Protection
Austin, TX / USA, January 14th, 2026, CyberNewsWire New monitoring capability delivers unprecedented visibility into vendor identity exposures, moving enterprises and government agencies from static…
Hacker Claims Full Breach of Russia’s Max Messenger, Threatens Public Leak – Hackread – Cybersecurity News, Data Breaches, AI, and More
A hacker using the alias CamelliaBtw has claimed responsibility for a major data breach involving Max Messenger, according to a post published yesterday on the…
VVS Stealer Attacking Discord Users to Exfiltrate Credentials and Tokens
Discord users are facing a growing threat from VVS Stealer, a Python-based information-stealing malware that targets sensitive account data, including credentials and tokens. This stealer…
Rapid AI Adoption Causes Major Cyber Risk Visibility Gaps – Hackread – Cybersecurity News, Data Breaches, AI, and More
As software supply chains become longer and more interconnected, enterprises have become well aware of the need to protect themselves against third-party vulnerabilities. However, the…
Webinar: Beyond the Quadrant: An Analyst’s Guide to Evaluating Email Security in 2026
Join former Gartner analyst Ravisha Chugh and Abnormal’s Director of Product Marketing, Lane Billings, on January 20th for an exclusive insider look at how email…
Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware
Security experts have disclosed details of an active malware campaign that’s exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares…
Reprompt attack let hackers hijack Microsoft Copilot sessions
Researchers identified an attack method dubbed “Reprompt” that could allow attackers to infiltrate a user’s Microsoft Copilot session and issue commands to exfiltrate sensitive data.…
Open-Source Tool for Salesforce Aura Framework Misconfiguration Analysis
Mandiant has released AuraInspector, an open-source command-line tool that helps security defenders identify and audit access-control misconfigurations in the Salesforce Aura framework. The tool addresses…
115 Vulnerabilities Fixed – Hackread – Cybersecurity News, Data Breaches, AI, and More
Microsoft has released its first Patch Tuesday of 2026, delivering a massive wave of security fixes to protect users from various digital threats. This month,…
AI-Powered Deepfake Scams Are A Pain In The Wallet
With the democratization of artificial intelligence (AI) technology, deepfakes are becoming a popular tool among cybercriminals with which to scam consumers, businesses and even institutions, out of…
Your information is on the dark web. What happens next?
If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what…