Category: CyberSecurityNews

HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information
15
Jan
2026

HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information

Hewlett Packard Enterprise (HPE) has disclosed four high-severity vulnerabilities in its Aruba Networking Instant On devices that could allow attackers…

Share: X : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive InformationFacebook : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive InformationLinkedin : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive InformationReddit : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive InformationTelegram : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive InformationWhatsApp : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive InformationEmail : HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information
Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting Providers
15
Jan
2026

Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting Providers

Threat actors linked to Chinese hosting infrastructure have established a massive network of over 18,000 active command-and-control servers across 48…

Share: X : Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting ProvidersFacebook : Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting ProvidersLinkedin : Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting ProvidersReddit : Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting ProvidersTelegram : Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting ProvidersWhatsApp : Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting ProvidersEmail : Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting Providers
Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of Service
15
Jan
2026

Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of Service

Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated…

Share: X : Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of ServiceFacebook : Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of ServiceLinkedin : Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of ServiceReddit : Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of ServiceTelegram : Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of ServiceWhatsApp : Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of ServiceEmail : Palo Alto Networks Firewall Vulnerability Allows Unauthenticated Attackers to Trigger Denial of Service
Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network
15
Jan
2026

Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network

Microsoft released security updates on January 13, 2026, addressing a critical elevation of privilege vulnerability in SQL Server that enables…

Share: X : Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a NetworkFacebook : Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a NetworkLinkedin : Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a NetworkReddit : Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a NetworkTelegram : Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a NetworkWhatsApp : Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a NetworkEmail : Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network
Stealthy CastleLoader Malware Attacking US-Based Government Entities
15
Jan
2026

Stealthy CastleLoader Malware Attacking US-Based Government Entities

A sophisticated malware loader known as CastleLoader has emerged as a critical threat to US government agencies and critical infrastructure…

Share: X : Stealthy CastleLoader Malware Attacking US-Based Government EntitiesFacebook : Stealthy CastleLoader Malware Attacking US-Based Government EntitiesLinkedin : Stealthy CastleLoader Malware Attacking US-Based Government EntitiesReddit : Stealthy CastleLoader Malware Attacking US-Based Government EntitiesTelegram : Stealthy CastleLoader Malware Attacking US-Based Government EntitiesWhatsApp : Stealthy CastleLoader Malware Attacking US-Based Government EntitiesEmail : Stealthy CastleLoader Malware Attacking US-Based Government Entities
As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  
14
Jan
2026

As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  

Panorays has just dropped the latest edition of its annual CISO Survey for Third-Party Cyber Risk Management, and it contains some major wakeup…

Share: X : As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  Facebook : As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  Linkedin : As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  Reddit : As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  Telegram : As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  WhatsApp : As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  Email : As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization  
Critical FortiSIEM Vulnerability Enable Full RCE and Root Compromise
14
Jan
2026

Critical FortiSIEM Vulnerability Enable Full RCE and Root Compromise

In August 2025, Fortinet issued an advisory for CVE-2025-25256, an OS command injection vulnerability (CWE-78) in FortiSIEM that exposed the…

Share: X : Critical FortiSIEM Vulnerability Enable Full RCE and Root CompromiseFacebook : Critical FortiSIEM Vulnerability Enable Full RCE and Root CompromiseLinkedin : Critical FortiSIEM Vulnerability Enable Full RCE and Root CompromiseReddit : Critical FortiSIEM Vulnerability Enable Full RCE and Root CompromiseTelegram : Critical FortiSIEM Vulnerability Enable Full RCE and Root CompromiseWhatsApp : Critical FortiSIEM Vulnerability Enable Full RCE and Root CompromiseEmail : Critical FortiSIEM Vulnerability Enable Full RCE and Root Compromise
GitGuardian Ends 2025 with Strong Enterprise Momentum
14
Jan
2026

GitGuardian Ends 2025 with Strong Enterprise Momentum

New York, NY, January 14th, 2026, CyberNewsWire Leading secrets security platform sees accelerated adoption across Fortune 500, with 60% of…

Share: X : GitGuardian Ends 2025 with Strong Enterprise MomentumFacebook : GitGuardian Ends 2025 with Strong Enterprise MomentumLinkedin : GitGuardian Ends 2025 with Strong Enterprise MomentumReddit : GitGuardian Ends 2025 with Strong Enterprise MomentumTelegram : GitGuardian Ends 2025 with Strong Enterprise MomentumWhatsApp : GitGuardian Ends 2025 with Strong Enterprise MomentumEmail : GitGuardian Ends 2025 with Strong Enterprise Momentum
Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems
14
Jan
2026

Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems

DragonForce is the latest ransomware brand to move from noisy forum posts to full RaaS operations, targeting both Windows and…

Share: X : Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows SystemsFacebook : Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows SystemsLinkedin : Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows SystemsReddit : Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows SystemsTelegram : Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows SystemsWhatsApp : Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows SystemsEmail : Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems
New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
14
Jan
2026

New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data

A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now…

Share: X : New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive DataFacebook : New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive DataLinkedin : New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive DataReddit : New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive DataTelegram : New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive DataWhatsApp : New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive DataEmail : New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data
LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual Reach
14
Jan
2026

LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual Reach

Large language models are changing how ransomware crews plan and run their attacks. Instead of inventing new kinds of malware,…

Share: X : LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual ReachFacebook : LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual ReachLinkedin : LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual ReachReddit : LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual ReachTelegram : LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual ReachWhatsApp : LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual ReachEmail : LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual Reach
North Korean Hackers use Code Abuse Tactics for 'Contagious Interview' Campaign
14
Jan
2026

North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign

North Korean threat actors have launched a sophisticated social engineering campaign targeting software developers through fake recruitment offers. The campaign,…

Share: X : North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ CampaignFacebook : North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ CampaignLinkedin : North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ CampaignReddit : North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ CampaignTelegram : North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ CampaignWhatsApp : North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ CampaignEmail : North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign