A significant Metasploit Framework update (version 6.4.111) featuring seven new exploit modules that target critical vulnerabilities across widely deployed enterprise systems. This release demonstrates the…
PostMessage vulnerabilities arise when developers fail to properly validate message origins or sanitize content within cross-origin communication handlers. As modern web applications increasingly rely on…
A security researcher has published detailed evidence showing that some Instagram private profiles returned links to user photos to unauthenticated visitors. Instagram’s private account feature…
A vulnerability affecting the Mitsubishi Electric Iconics Suite, a widely deployed supervisory control and data acquisition (SCADA) system used across industrial sectors, including automotive, energy,…
In a final blow to one of the dark web’s most successful money-laundering operations, the United States government has officially gained ownership of over $400…
A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting…
As the standoff between the United States government and Minnesota continues this week over immigration enforcement operations that have essentially occupied the Twin Cities and…
Cyberattacks Disrupt Communications at Wind, Solar, and Heat Facilities in Poland Pierluigi Paganini January 31, 2026 CERT Polska said cyberattacks hit 30+ wind and solar…
In January 2026, two Americans were killed in the act of watching Immigration and Customs Enforcement operations in Minneapolis. Renee Nicole Good was acting as…
AutoPentestX, an open-source automated penetration testing toolkit for Linux systems, enables comprehensive security assessments from a single command. Developed by Gowtham Darkseid and released in…
Ravie LakshmananJan 31, 2026Social Engineering / SaaS Security Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with…
A medium-severity vulnerability in the Iconics Suite SCADA system that could allow attackers to trigger denial-of-service conditions on critical industrial control systems. The flaw, tracked…
