Multi-Stage Phishing Campaign Targets Russia with Amnesia RAT and Ransomware
A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. “The attack begins…
Category: TheHackerNews
CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog
Ravie LakshmananJan 24, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware…
Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents
AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity…
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
Ravie LakshmananJan 24, 2026Malware / Critical Infrastructure The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the…
CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
Ravie LakshmananJan 23, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited…
Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
Ravie LakshmananJan 23, 2026Email Security / Endpoint Security Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate…
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
Ravie LakshmananJan 23, 2026Network Security / Vulnerability Fortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports…
TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order
Ravie LakshmananJan 23, 2026Regulatory Compliance / National Security TikTok on Friday officially announced that it formed a joint venture that will allow the hugely popular…
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector. “The campaign abused…
New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack
Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator in Southeast Asia in November…
Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access
Ravie LakshmananJan 22, 2026Vulnerability / Linux A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly…
Filling the Most Common Gaps in Google Workspace Security
The Hacker NewsJan 22, 2026Email Security / SaaS Security Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing…