CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
28
Jan
2026

CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities

CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers…

28
Jan
2026

Cyberattack On Delta Disrupts Security Services In Russia

A cyberattack on Delta, a Russian provider of alarm and security systems for homes, businesses, and vehicles, has disrupted operations…

Gov faces Senate wrath over social media ban secrecy
28
Jan
2026

Gov faces Senate wrath over social media ban secrecy

Federal Communications Minister Anika Wells is facing a Senate challenge to her decision to block access to documents that could…

OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code
28
Jan
2026

OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code

OpenSSL patched 12 vulnerabilities on January 27, 2026, including one high-severity flaw that could lead to remote code execution. Most…

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions
28
Jan
2026

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions

A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect…

Audits for AI systems that keep changing
28
Jan
2026

Audits for AI systems that keep changing

Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago….

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
28
Jan
2026

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Ravie LakshmananJan 28, 2026Network Security / Zero-Day Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS…

Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code
28
Jan
2026

Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code

A critical sandbox escape vulnerability has been identified in vm2. This widely used Node.js library provides sandbox isolation for executing…

Matt Kapko
28
Jan
2026

Cybercriminals and nation-state groups are exploiting a six-month old WinRAR defect

Google Threat Intelligence Group warned that a diverse and growing collection of attackers, including nation-state groups and financially motivated cybercriminals,…

GPT
28
Jan
2026

OpenAI’s ChatGPT ad costs are on par with live NFL broadcasts

OpenAI plans to begin rolling out ads on ChatGPT in the United States if you have a free or $8…

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
28
Jan
2026

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted…

Fortinet
28
Jan
2026

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says…