Nation-state and criminal actors leverage WinRAR flaw in attacks
Nation-state and criminal actors leverage WinRAR flaw in attacks Pierluigi Paganini January 29, 2026 Multiple threat actors exploited a now-patched critical WinRAR flaw to gain…
Latest Cybersecurity News — Page 504
View all →
Long-running North Korea threat group splits into 3 distinct operations
A North Korea-backed threat group operating since 2009 has splintered into three distinct groups with specialized malware and objectives, CrowdStrike said in a report released…
Threat Actors Using AI Generated Malicious Job Offers to Deploy PureRAT
A Vietnamese cybercrime group is using artificial intelligence to write malicious code in an ongoing phishing campaign that distributes the PureRAT malware through fake job…
Tosi Platform delivers unified connectivity, visibility, and security for OT at scale
Tosi customers worldwide gain access to the Tosi Platform, which unifies connectivity, visibility, and security across operational technology environments in every industry, regardless of size…
Nation-State Hackers Weaponize Patched WinRAR Flaw
Russian and Chinese espionage groups continue to exploit an N-day vulnerability (CVE-2025-8088) in WinRAR alongside financially motivated actors, all leveraging a path traversal vulnerability that…
Critical IDIS IP Cameras One-Click Vulnerability Leads to full Compromise of Victim’s Computer
A severe security flaw in IDIS IP cameras has emerged, allowing attackers to gain complete control over a victim’s computer with just one click. The…
Google agrees to pay $135 million over Android data harvesting claims
Google agrees to pay $135 million to settle a proposed class action lawsuit brought by Android smartphone users over alleged unauthorized cellular data transmissions. After…
SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass
Ravie LakshmananJan 29, 2026Vulnerability / Software Security SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical…
Microsoft Exchange Online to Deprecate SMTP AUTH Basic Authentication for Tenants
Microsoft is preparing a major security shift for cloud email customers as Exchange Online moves toward deprecating SMTP AUTH Basic Authentication for all tenants. The…
SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP!
SolarWinds has fixed six critical and high-severity vulnerabilities in its popular Web Help Desk (WHD) support ticketing and asset management solution, and is urging customers…
Bumble, Panera, CrunchBase & Match Hit By Cyberattacks
A new wave of cyberattacks has recently struck several prominent U.S. companies, including Bumble Inc., Panera Bread Co., Match Group Inc., and CrunchBase. Bumble Inc.,…
OpenSSL issued security updates to fix 12 flaws, including Remote Code Execution
OpenSSL issued security updates to fix 12 flaws, including Remote Code Execution Pierluigi Paganini January 29, 2026 OpenSSL released security updates that address 12 flaws,…