Apache Airflow Flaws Expose Sensitive Workflow Data to Potential Attackers
20
Jan
2026

Apache Airflow Flaws Expose Sensitive Workflow Data to Potential Attackers

Apache Airflow has patched two separate credential-exposure vulnerabilities in versions before 3.1.6.   The flaws could allow attackers to extract sensitive…

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
20
Jan
2026

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Ravie LakshmananJan 20, 2026Vulnerability / Artificial Intelligence A set of three security vulnerabilities has been disclosed in mcp-server-git, the official…

WordPress Plugin Vulnerability Exposes 100,000+ Sites to Privilege Escalation Attacks
20
Jan
2026

WordPress Plugin Vulnerability Exposes 100,000+ Sites to Privilege Escalation Attacks

A critical security flaw in the popular Advanced Custom Fields: Extended WordPress plugin has put more than 100,000 websites at…

Gootloader Malware With Low Detection Rate Evades Most Security Tools
20
Jan
2026

Gootloader Malware With Low Detection Rate Evades Most Security Tools

Gootloader malware has resurfaced, employing sophisticated evasion techniques to exploit malformed ZIP archives and obfuscation mechanisms to bypass security detection…

Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info
20
Jan
2026

Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info – Hackread – Cybersecurity News, Data Breaches, AI, and More

The 2023 Cerebral breach exposed 3.1 million users’ sensitive mental health information, not through sophisticated attacks, but through marketing pixels…

Mastercard CEO Michael Miebach On Cybersecurity at World Economic Forum
20
Jan
2026

Mastercard CEO Michael Miebach On Cybersecurity at World Economic Forum

“Cybersecurity is the foundation for our digital world. It is at the heart of trust and will allow society to…

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
20
Jan
2026

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Ravie LakshmananJan 20, 2026Cloud Security / Developer Security Cybersecurity researchers have disclosed details of a malware campaign that’s targeting software…

20
Jan
2026

Google Gemini Calendar Exploit Via Prompt Injection

Security teams have spent decades hardening software against malicious input, yet a recent vulnerability involving Google Gemini demonstrates how those…

report-ad-banner
20
Jan
2026

Cloudflare Zero-Day Allowed WAF Bypass Via ACME Path

A critical zero-day vulnerability in Cloudflare exposed a fundamental weakness in how security exceptions are handled at scale. The flaw…

Alert fatigue
20
Jan
2026

Why execs don’t buy SOC teams the tools they need

Security teams are expected to detect and respond to attacks in real time—but often with tools they didn’t choose and…

TP-Link Vulnerability Allows Authentication Bypass Via Password Recovery Feature
20
Jan
2026

TP-Link Vulnerability Allows Authentication Bypass Via Password Recovery Feature

A critical authentication vulnerability affecting TP-Link’s VIGI surveillance camera lineup has been disclosed, enabling attackers on local networks to reset…

Raaga Confirms Major Data Breach Exposing Personal Information of 10.2Million Users
20
Jan
2026

Raaga Confirms Major Data Breach Exposing Personal Information of 10.2Million Users

Indian music streaming platform Raaga has become the latest victim of a significant cybersecurity incident after sensitive user data was posted for…