20,000 WordPress Sites Affected by Backdoor Vulnerability Allowing Malicious Admin User Creation
23
Jan
2026

20,000 WordPress Sites Affected by Backdoor Vulnerability Allowing Malicious Admin User Creation

A critical backdoor vulnerability has been discovered in the LA-Studio Element Kit for Elementor, a popular WordPress plugin used by…

Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems
23
Jan
2026

Threat Actors Exploit LNK Files to Deploy MoonPeak Malware on Windows Systems

A sophisticated three-stage malware attack campaign against Windows users in South Korea using specially crafted LNK (shortcut) files. The attack…

Fortinet fixed two critical flaws in FortiFone and FortiSIEM
23
Jan
2026

Fortinet warns of active FortiCloud SSO bypass affecting updated devices

Fortinet warns of active FortiCloud SSO bypass affecting updated devices Pierluigi Paganini January 23, 2026 Fortinet confirmed attacks are bypassing…

CISA confirms active exploitation of four enterprise software bugs
23
Jan
2026

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from…

Node.js Sets New Standard for HackerOne Reports, Demands Signal of 1.0 or Higher
23
Jan
2026

Node.js Sets New Standard for HackerOne Reports, Demands Signal of 1.0 or Higher

Node.js has implemented a new quality control measure on its HackerOne bug bounty program, requiring researchers to maintain a minimum…

Fake Captcha Ecosystem Exploits Trusted Web Infrastructure to Deliver Malware
23
Jan
2026

Fake Captcha Ecosystem Exploits Trusted Web Infrastructure to Deliver Malware

A new wave of web-based malware campaigns is using fake verification pages to trick users into installing dangerous software. These…

™
23
Jan
2026

Salt Security Expands “Universal Visibility” with Specialized API Security for Databricks and Rapid Edge Support for Netlify

Salt Security announced a major expansion of its platform’s connectivity fabric with two new strategic integrations: the Salt Databricks Connector and…

CISA Updates KEV Catalog with 4 Critical Vulnerabilities Following Ongoing Exploits
23
Jan
2026

CISA Updates KEV Catalog with 4 Critical Vulnerabilities Following Ongoing Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalogue with four critical security flaws…

Overcoming tech career barriers faced by underrepresented groups
23
Jan
2026

Overcoming tech career barriers faced by underrepresented groups

Conversations around diversity in the UK’s technology sector have evolved over the past decade, from a focus on increasing the…

Hackers exploit critical telnetd auth bypass flaw to get root
23
Jan
2026

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server…

New Windows Notepad and Paint Update Brings More Useful AI Features
23
Jan
2026

New Windows Notepad and Paint Update Brings More Useful AI Features

Artificial intelligence (AI) features have been added to Windows 11 Notepad and Paint for Canary and Dev Channel users, turning…

CBP Wants AI-Powered ‘Quantum Sensors’ for Finding Fentanyl in Cars
23
Jan
2026

CBP Wants AI-Powered ‘Quantum Sensors’ for Finding Fentanyl in Cars

United States Customs and Border Protection is paying General Dynamics to create a prototype of “quantum sensors” alongside a “database…