Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Security

2445 tech articles in this category

  1. CSOonline ·
    Even as they become ever more stealthy with AI-driven tools, threat actors are not giving up on simple, tried-and-true phishing — because it still works. According to new research, attackers are still making mischief with PDFs, the old business standby, and are exploiting growing trust in services like Dropbox. Forcepoint’s X-Labs team has uncovered a multi-stage phishing campaign that exploits PDF files and Dropbox storage through a layered redirection attack. After clicking on what loo
    • 0 comments
    • 59 views
  2. CSOonline ·
    Microsoft has announced that the phase-out of NT LAN Manager (NTLM) is now transitioning to disabling the protocol by default, in an effort to increase security in Windows 11 and Windows Server. NTLM is a series of security protocols that were introduced in the 1990s, but since Kerberos became the default protocol in Windows 2000, its use has declined with each passing year. Still, many legacy enterprise systems still support or use NTLM, making them vulnerability to NTLM relay attacks,
    • 0 comments
    • 88 views
  3. Hacker News ·
    A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It's an extension to the OpenClaw project, a self-hosted artificial intelligence (AI) assistantView the full article
    • 0 comments
    • 70 views
  4. Hacker News ·
    A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link. The issue, which is tracked as CVE-2026-25253 (CVSS score: 8.8), has been addressed in version 2026.1.29 released on January 30, 2026. It has been described as a token exfiltration vulnerability that leads toView the full article
    • 0 comments
    • 53 views
  5. Krebs ·
    A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying — perhaps as much to contain the stolen data as to stop the escalating personal attacks. But a top SLSH expert warns that engaging at all beyond a “We
    • 0 comments
    • 57 views
  6. Hacker News ·
    Microsoft has announced a three-phase approach to phase out New Technology LAN Manager (NTLM) as part of its efforts to shift Windows environments toward stronger, Kerberos-based options. The development comes more than two years after the tech giant revealed its plans to deprecate the legacy technology, citing its susceptibility to weaknesses that could facilitate relay attacks and allow badView the full article
    • 0 comments
    • 71 views
  7. CSOonline ·
    FAMILY STOCK – shutterstock.com Unternehmen investieren Millionen von Dollar in Firewalls, Endpunktsicherheit oder Verschlüsselung. Doch eine einzige Person kann eine Katastrophe auslösen. Es reicht, wenn sie eine infizierte Datei herunterlädt oder auf einen betrügerischen Link klickt. Analysen zeigen: Zwischen 70 und 90 Prozent aller Sicherheitslücken entstehen, weil Menschen Fehler machen. Sie fallen auf Social Engineering herein oder nutzen riskante Dienste ohne Erlaubnis der IT. Zude
    • 0 comments
    • 50 views
  8. CSOonline ·
    FAMILY STOCK – shutterstock.com Unternehmen investieren Millionen von Dollar in Firewalls, Endpunktsicherheit oder Verschlüsselung. Doch eine einzige Person kann eine Katastrophe auslösen. Es reicht, wenn sie eine infizierte Datei herunterlädt oder auf einen betrügerischen Link klickt. Analysen zeigen: Zwischen 70 und 90 Prozent aller Sicherheitslücken entstehen, weil Menschen Fehler machen. Sie fallen auf Social Engineering herein oder nutzen riskante Dienste ohne Erlaubnis der IT. Zude
    • 0 comments
    • 48 views
  9. CSOonline ·
    The first time you’ll hear, “We’re always in incident mode,” it won’t be said with drama. It will be said the way you mention the weather. Grey again. Pager again. And that’s the problem. When a constant alarm becomes normal, your team stops asking the only question that matters. Why do we keep ending up here? You can buy more tools. You can hire more analysts. You can hang more dashboards. You’ll still end up sprinting after the last breach, the last misconfiguration, the last vendor su
    • 0 comments
    • 51 views
  10. CSOonline ·
    Security researchers at Point Wild have disclosed a new Windows malware campaign that uses a multi-stage infection chain to establish persistent, memory-resident access on compromised systems and steal sensitive data. The analysis found the malware relying on standard Windows components for execution and persistence, limiting the number of artifacts written to disk. The activity, analyzed by the company’s Lat61 team, involves a .NET-based, modular remote access trojan (Pulsar RAT) that suppo
    • 0 comments
    • 49 views
  11. Hacker News ·
    Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a single update, exploit, or mistake changes how we think about risk and protection. Every incident shows how defenders adapt — and how fast attackers try to stay ahead. This week’s recap brings you theView the full article
    • 0 comments
    • 107 views
  12. Hacker News ·
    For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done. The challenge is that many security tools add complexity and cost that most mid-market businessesView the full article
    • 0 comments
    • 80 views
  13. CSOonline ·
    Last month, while running a routine access audit on our Azure environment, I came across a service account called svc-dataloader-poc. It had not been touched in 793 days — two years of sitting dormant. When I checked its permissions, my stomach dropped: Owner-level access to three production subscriptions, including our customer database. The account had been spun up for a proof-of-concept migration that never went live. The contractor who created it left 18 months ago. Nobody knew it existed.
    • 0 comments
    • 55 views
  14. Hacker News ·
    The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update mechanism to redirect update traffic to malicious servers instead. "The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org," developer Don Ho said. "The compromise occurred at the hostingView the full article
    • 0 comments
    • 53 views
  15. CSOonline ·
    BMI/ Laurin Schmid Deutschland und Israel haben nach Angaben des Bundesinnenministeriums erstmals gemeinsam die Abwehr eines schweren Cyberangriffs trainiert. Die Übung mit dem Namen “Blue Horizon” war demnach der erste konkrete Schritt aus dem Cyber- und Sicherheitspakt, den Bundesinnenminister Alexander Dobrindt (CSU) und Israels Ministerpräsident Benjamin Netanjahu kürzlich vereinbart hatten. “Cyberdome” soll vor Angriffen schützen Der Pakt sieht unter anderem eine enge Vernetzung
    • 0 comments
    • 48 views
  16. CSOonline ·
    BMI/ Laurin Schmid Deutschland und Israel haben nach Angaben des Bundesinnenministeriums erstmals gemeinsam die Abwehr eines schweren Cyberangriffs trainiert. Die Übung mit dem Namen “Blue Horizon” war demnach der erste konkrete Schritt aus dem Cyber- und Sicherheitspakt, den Bundesinnenminister Alexander Dobrindt (CSU) und Israels Ministerpräsident Benjamin Netanjahu kürzlich vereinbart hatten. “Cyberdome” soll vor Angriffen schützen Der Pakt sieht unter anderem eine enge Vernetzung
    • 0 comments
    • 47 views
  17. CSOonline ·
    IT security was a critical element of retired US Col. Barry Hensley’s 24-year military career as an Army Signal Officer, as he was often responsible for the engineering and installation of “military networks, whether in garrison or in support of combat troops deployed.” “The pinnacle of my military career was working with an elite group of cyber forces with the ultimate mission to operate and defend the military’s global communications network,” Hensley tells CSO. “It was during this period
    • 0 comments
    • 47 views
  18. CSOonline ·
    Responsible disclosure is built on an assumption that “doing the right thing” will be met with timely action, fair treatment, and professional respect, if not a bounty award. Increasingly, that assumption is failing. And when it does, organizations alienate researchers and create regulatory, legal, and reputational risk. Over the past few years, security researchers have found themselves waiting months, sometimes more than a year, for companies to acknowledge responsibly disclosed vulnerabil
    • 0 comments
    • 54 views
  19. Hacker News ·
    The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer systems. "Malicious updates were distributed through eScan's legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterpriseView the full article
    • 0 comments
    • 45 views
  20. Hacker News ·
    Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer's resources to push malicious updates to downstream users. "On January 30, 2026, four established Open VSX extensions published by the oorzc author had malicious versions published to Open VSX that embed the GlassWormView the full article
    • 0 comments
    • 62 views
  21. CSOonline ·
    Gorodenkoff | shutterstock.com In den letzten Jahren hat künstliche Intelligenz (KI) ihre Tentakel über die globale Technologielandschaft ausgebreitet. Das verdeutlicht unter anderem auch der zunehmende Einsatz von Automatisierung und autonomen Technologien in diversen Branchen und Sektoren. Und während die Welt noch mit dem Impact der KI ringt, steht mit Quantencomputing bereits das “next big thing” in den Startlöchern. Das Aufeinandertreffen dieser beiden Technologien verspricht, der nächs
    • 0 comments
    • 103 views
  22. CSOonline ·
    View the full article
    • 0 comments
    • 55 views
  23. CSOonline ·
    View the full article
    • 0 comments
    • 59 views
  24. Hacker News ·
    A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses. The activity, observed by HarfangLab in January 2026, has been codenamed RedKitten. It's said to coincide with the nationwide unrest in Iran that began towards the end of 2025,View the full article
    • 0 comments
    • 95 views
  25. Hacker News ·
    Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters. The attacks leverage advanced voice phishing (aka vishing) and bogus credential harvesting sites mimicking targeted companies to gain unauthorized access to victimView the full article
    • 0 comments
    • 71 views
  26. Hacker News ·
    CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country. The incident took place on December 29, 2025. The agency has attributed the attacks toView the full article
    • 0 comments
    • 78 views
  27. CSOonline ·
    IT software company Ivanti released patches for its Endpoint Manager Mobile (EPMM) product to fix two new remote code execution vulnerabilities already under attack in the wild. “We are aware of a very limited number of customers whose solution has been exploited at the time of disclosure,” the company said in a security advisory that identifies the new flaws as CVE-2026-1281 and CVE-2026-1340. Both issues are described by Ivanti as code injection issues that can be exploited without aut
    • 0 comments
    • 64 views
  28. CSOonline ·
    If there’s one thing guaranteed to grab attention in the computer security world, it’s announcing yourself without fully explaining what it is you plan to do. This week, the Linux world got a taste of this enigmatic marketing ploy with the launch out of stealth of Berlin-based Linux security outfit Amutable. While its purpose is only vaguely defined in the launch announcement, nobody could accuse it of lacking ambition: it plans to bring “determinism and verifiable integrity to Linux sys
    • 0 comments
    • 64 views
  29. CSOonline ·
    Summit Art Creations – shutterstock.com Die Illusion der eigenen Sicherheitszone Viele Unternehmen investieren heute erhebliche Mittel, um ihre interne IT abzusichern. Firewalls, Monitoring, Incident-Response-Pläne und Awareness-Programme sind etabliert. Gleichzeitig wächst eine gefährliche Illusion: Die Annahme, dass sich Risiken innerhalb der eigenen Systemgrenzen kontrollieren lassen. Die Realität sieht anders aus. Moderne Geschäftsmodelle sind ohne externe IT-Dienstleister, Cloud-Ser
    • 0 comments
    • 54 views
  30. CSOonline ·
    Summit Art Creations – shutterstock.com Die Illusion der eigenen Sicherheitszone Viele Unternehmen investieren heute erhebliche Mittel, um ihre interne IT abzusichern. Firewalls, Monitoring, Incident-Response-Pläne und Awareness-Programme sind etabliert. Gleichzeitig wächst eine gefährliche Illusion: Die Annahme, dass sich Risiken innerhalb der eigenen Systemgrenzen kontrollieren lassen. Die Realität sieht anders aus. Moderne Geschäftsmodelle sind ohne externe IT-Dienstleister, Cloud-Ser
    • 0 comments
    • 56 views
  31. Hacker News ·
    Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the ChromeView the full article
    • 0 comments
    • 58 views
  32. CSOonline ·
    An Android malware campaign is reportedly abusing Hugging Face’s public hosting infrastructure to distribute a remote access trojan (RAT). The operation relies on social engineering, staged payload delivery, and abuse of Android permissions to achieve persistence over infected devices. According to Bitdefender Labs findings, the campaign begins with a seemingly legitimate Android application that acts as a dropper. Users encounter the lure through ads or pop-up prompts warning of fake infect
    • 0 comments
    • 55 views
  33. Hacker News ·
    Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale of the campaign is currentlyView the full article
    • 0 comments
    • 49 views
  34. Hacker News ·
    Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in the crimescape? Introduction: One view on the scattered fight against cybercrime The growing sophistication and diversification of cybercrime have compelled law enforcement agencies worldwide to respond through increasinglyView the full article
    • 0 comments
    • 61 views
  35. Hacker News ·
    A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday. Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft of trade secrets for taking over 2,000 documents containingView the full article
    • 0 comments
    • 70 views
  36. CSOonline ·
    There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts. Fortunately, plenty of great conferences are coming up in the months ahead. If keeping abreast of security trends and evolving threats is critical to your job — and we know it is — then attending some top-notch security conferences is on your must-do list for 2025
    • 0 comments
    • 88 views
  37. Hacker News ·
    SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-24423, carries a CVSS score of 9.3 out of 10.0. "SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub APIView the full article
    • 0 comments
    • 72 views
  38. CSOonline ·
    Cybersecurity guru Bruce Scheier is often quoted as saying, “People are the weakest link in the security chain.” No more accurate words have ever been spoken about cybersecurity. You can spend millions of dollars on firewalls, endpoint security tools, access controls, and data encryption, but one employee can cause a catastrophic security breach, simply by downloading a malicious file or clicking on a rogue link. Industry research indicates that 70% to 90% of breaches are the result of emplo
    • 0 comments
    • 62 views
  39. Hacker News ·
    Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog. The critical-severity vulnerabilities are listed below - CVE-2026-1281 (CVSS score:View the full article
    • 0 comments
    • 77 views
  40. CSOonline ·
    Shadow AI, the secret, unapproved use of AI by employees, isn’t going away. In fact, workers are getting more brazen, and their employers often don’t seem to care. In a new BlackFog survey, nearly half (49%) of workers admit to adopting AI tools without employer approval, many using free versions with which they are freely sharing sensitive enterprise data. But perhaps more alarmingly, a wide majority — 69% of presidents and C-suite members and 66% of directors and senior VPs — seem to b
    • 0 comments
    • 60 views
  41. CSOonline ·
    Notorious extortion group ShinyHunters released tens of GB of files it claims to have stolen from dating apps Hinge, Match, OkCupid and Bumble. While there is no official confirmation about how the companies were breached, researchers believe the group’s activities triggered a recent Okta advisory about a rise in voice-based social engineering attacks supported by automated phishing kits. The latest data leak that impacts dating services and apps come after the group had recently posted file
    • 0 comments
    • 68 views
  42. Hacker News ·
    A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial intelligence (AI) deployment has created a vast "unmanaged, publicly accessible layer of AI compute infrastructure" that spans 175,000 unique Ollama hosts across 130 countries. These systems, which span both cloud and residential networks across the world, operate outside theView the full article
    • 0 comments
    • 58 views
  43. CSOonline ·
    khunkornStudio – shutterstock.com Der State of Incident Response Report 2026 von Eye Security zeigt: Cyberangriffe auf Unternehmen erfolgen zunehmend unbemerkt und die Schäden entstehen innerhalb von Minuten. Demnach setzen die Angreifer inzwischen weniger darauf, Systeme zu hacken, sondern bestehende Zugänge ausnutzen. Identitätsbasierte Angriffe dominieren das Feld, wobei 97 Prozent dieser Vorfälle Passwörter betreffen. Der Missbrauch legitimer Konten ist eine Hauptursache für Cloud-Si
    • 0 comments
    • 315 views
  44. CSOonline ·
    khunkornStudio – shutterstock.com Der State of Incident Response Report 2026 von Eye Security zeigt: Cyberangriffe auf Unternehmen erfolgen zunehmend unbemerkt und die Schäden entstehen innerhalb von Minuten. Demnach setzen die Angreifer inzwischen weniger darauf, Systeme zu hacken, sondern bestehende Zugänge ausnutzen. Identitätsbasierte Angriffe dominieren das Feld, wobei 97 Prozent dieser Vorfälle Passwörter betreffen. Der Missbrauch legitimer Konten ist eine Hauptursache für Cloud-Si
    • 0 comments
    • 85 views
  45. Hacker News ·
    This week’s updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until they add up. The kind that affects systems people rely on every day. Many of the stories point to the same trend: familiar tools being used in unexpected ways. Security controls are being worked on. Trusted platforms turning into weak spots. What looks routine onView the full article
    • 0 comments
    • 70 views
  46. CSOonline ·
    Two critical sandbox escape flaws in the popular n8n workflow automation platform are allowing authenticated users to achieve remote code execution on affected instances. According to new JFrog findings, sandboxing safeguards meant to contain untrusted workflow logic can be bypassed, exposing enterprise automation environments to full host compromise. Enterprises that rely on n8n to orchestrate integrations, automate internal processes, and streamline cloud services and on-prem systems are a
    • 0 comments
    • 309 views
  47. Hacker News ·
    A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues that leave critical energy infrastructure vulnerable to cyber threats. The findings are based onView the full article
    • 0 comments
    • 67 views
  48. CSOonline ·
    The acting director of the US Cybersecurity and Infrastructure Security Agency uploaded sensitive government contracting documents to a public version of ChatGPT last summer, triggering automated security alerts and raising questions about AI governance at the agency responsible for defending federal networks and critical infrastructure. Madhu Gottumukkala, who has led CISA since May 2025, uploaded at least four documents marked “for official use only” to OpenAI’s ChatGPT platform between mi
    • 0 comments
    • 51 views
  49. Hacker News ·
    Beyond the direct impact of cyberattacks, enterprises suffer from a secondary but potentially even more costly risk: operational downtime, any amount of which translates into very real damage. That’s why for CISOs, it’s key to prioritize decisions that reduce dwell time and protect their company from risk.  Three strategic steps you can take this year for better results: 1. Focus on today'sView the full article
    • 0 comments
    • 75 views
  50. CSOonline ·
    According to a recent report by law firm DLA Piper, organizations are increasingly being reported for violations of the General Data Protection Regulation (GDPR). According to the study, the average number of daily reports has risen above 400 for the first time since the GDPR came into force across the EU on May 25, 2018. With 443 reports of violations per day, the number in 2025 was 22% higher than the previous year. However, the data does not allow for any definitive conclusions about
    • 0 comments
    • 57 views
  51. CSOonline ·
    The security community has offered broad support for the creation of an EU-hosted vulnerability database as a means of reducing dependence on US databases. However, some experts have expressed concerns that the potential fragmentation of security intelligence risks impeding rapid vulnerability identification and remediation. The Global Cybersecurity Vulnerability Enumeration database (GCVE.eu) aggregates vulnerability advisories from more than 25 public sources into a single, searchable
    • 0 comments
    • 51 views
  52. CSOonline ·
    Summit Art Creations – shutterstock.com Der Deutsche Städtetag hält den zur Abstimmung im Bundestag anstehenden Vorschlag der Koalition zum Schutz kritischer Infrastruktur für unzureichend. Der Entwurf von Union und SPD sieht für Unternehmen der kritischen Infrastruktur wie etwa große Energieversorger oder Verkehrsunternehmen strengere Verpflichtungen zum Schutz ihrer Anlagen vor. Vorgesehen sind neben Zugangsbeschränkungen und anderen praktischen Maßnahmen auch eine Pflicht zur Meldung sich
    • 0 comments
    • 43 views
  53. CSOonline ·
    Summit Art Creations – shutterstock.com Der Deutsche Städtetag hält den zur Abstimmung im Bundestag anstehenden Vorschlag der Koalition zum Schutz kritischer Infrastruktur für unzureichend. Der Entwurf von Union und SPD sieht für Unternehmen der kritischen Infrastruktur wie etwa große Energieversorger oder Verkehrsunternehmen strengere Verpflichtungen zum Schutz ihrer Anlagen vor. Vorgesehen sind neben Zugangsbeschränkungen und anderen praktischen Maßnahmen auch eine Pflicht zur Meldung sich
    • 0 comments
    • 42 views
  54. Hacker News ·
    SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution (RCE). The list of vulnerabilities is as follows - CVE-2025-40536 (CVSS score: 8.1) - A security control bypass vulnerability that could allow an unauthenticatedView the full article
    • 0 comments
    • 70 views
  55. Hacker News ·
    Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it described as one of the largest residential proxy networks in the world. To that end, the company said it took legal action to take down dozens of domains used to control devices and proxy traffic through them. As of writing, IPIDEA's website ("www.ipidea.io") is no longer accessible. ItView the full article
    • 0 comments
    • 49 views
  56. CSOonline ·
    For years, US cybersecurity guidance rested on a reassuring premise: New technologies introduce new wrinkles, but not fundamentally new problems. Artificial intelligence, according to that view, is still software, just faster, more complex, and more powerful. The controls that protect traditional systems, the thinking went, can largely be adapted to protect AI, too. That assumption surfaced at a recent National Institute of Standards and Technology (NIST) workshop on AI and cybersecurity.
    • 0 comments
    • 55 views
  57. CSOonline ·
    Sind IT-Mitarbeiter unzufrieden, kann das an schlechten Führungskräften oder an einer unzureichenden IT-Strategie liegen. Foto: fizkes – shutterstock.com Unternehmen können die für sie allgemein schlechte Lage am Arbeitsmarkt kaum beeinflussen. Doch sie können einige Faktoren vermeiden, die zu Kündigungen durch Mitarbeitende führen. Dazu gehört insbesondere eine schlechte Führung, die fähige Fachkräfte vergrault. Hier sind die 10 wichtigsten Anzeichen, an denen Unternehmen erkennen können, ob i
    • 0 comments
    • 138 views
  58. CSOonline ·
    SolarWinds is yet again disclosing security vulnerabilities in one of its widely-used products. The company has released updates to patch six critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk (WHD) IT software. These flaws could allow attackers to bypass authentication, perform remote code execution (RCE), and access certain functionality that should be gated. Of the six, four are rated “critical” (9.8 out of 10 on the CVE severity scale), while
    • 0 comments
    • 70 views
  59. CSOonline ·
    SolarWinds is yet again disclosing security vulnerabilities in one of its widely-used products. The company has released updates to patch six critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk (WHD) IT software. These flaws could allow attackers to bypass authentication, perform remote code execution (RCE), and access certain functionality that should be gated. Of the six, four are rated “critical” (9.8 out of 10 on the CVE severity scale), while
    • 0 comments
    • 47 views
  60. CSOonline ·
    For years, CSOs have worried about their IT infrastructure being used for unauthorized cryptomining. Now, say researchers, they’d better start worrying about crooks hijacking and reselling access to exposed corporate AI infrastructure. In a report released Wednesday, researchers at Pillar Security say they have discovered campaigns at scale going after exposed large language model (LLM) and MCP endpoints – for example, an AI-powered support chatbot on a website. “I think it’s alarming,”
    • 0 comments
    • 69 views
  61. CSOonline ·
    For years, CSOs have worried about their IT infrastructure being used for unauthorized cryptomining. Now, say researchers, they’d better start worrying about crooks hijacking and reselling access to exposed corporate AI infrastructure. In a report released Wednesday, researchers at Pillar Security say they have discovered campaigns at scale going after exposed large language model (LLM) and MCP endpoints – for example, an AI-powered support chatbot on a website. “I think it’s alarming,”
    • 0 comments
    • 43 views
  62. CSOonline ·
    A critical vulnerability has been patched in vm2, a widely used library for the Node.js JavaScript runtime that allows untrusted code to be executed inside a sandbox within the same process as trusted application code. The flaw allows for a sandbox escape, which is as serious as it gets for a software component whose primary goal is enforcing a security boundary between trusted and untrusted code. The vm2 library, which is listed as a dependency by almost 900 other packages on NPM and many p
    • 0 comments
    • 47 views
  63. Hacker News ·
    Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts. The extension, named "ClawdBot Agent - AI Coding Assistant" ("clawdbot.clawdbot-agent")View the full article
    • 0 comments
    • 55 views
  64. CSOonline ·
    Palo Alto Networks unveiled its Quantum-Safe Security solution at the company’s virtual Quantum-Safe Summit Tuesday. The solution is designed to help organizations prepare for the post-quantum era by addressing the transition from current cryptography to quantum-resistant algorithms without disrupting business. Among the platform’s key features is its continuous, real-time cryptographic visibility. Quantum-Safe acts as a central intelligence layer, collecting telemetry and logs from network
    • 0 comments
    • 54 views
  65. Hacker News ·
    The "coordinated" cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM. Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energyView the full article
    • 0 comments
    • 52 views
  66. Hacker News ·
    A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system. The vulnerability, tracked as CVE-2026-22709, carries a CVSS score of 9.8 out of 10.0 on the CVSS scoring system. "In vm2 for version 3.10.0, Promise.prototype.then Promise.prototype.catchView the full article
    • 0 comments
    • 39 views
  67. CSOonline ·
    Digineer Station – shutterstock.com Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor allem Nutzer großer Tech-und Streaming-Anbieter. Aber auch Finanzdienstleistungskonten, Krypto-Wallets oder Handelskonten, Bank- und Kreditkarten-Logins tauchten in den offengelegten Datensätzen auf. Benutzernamen, Passwörter und Login-URLs Laut Forschungsbericht enthält die Datenbank jedoch nicht nur Benutzernamen
    • 0 comments
    • 59 views
  68. CSOonline ·
    Digineer Station – shutterstock.com Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor allem Nutzer großer Tech-und Streaming-Anbieter. Aber auch Finanzdienstleistungskonten, Krypto-Wallets oder Handelskonten, Bank- und Kreditkarten-Logins tauchten in den offengelegten Datensätzen auf. Benutzernamen, Passwörter und Login-URLs Laut Forschungsbericht enthält die Datenbank jedoch nicht nur Benutzernamen
    • 0 comments
    • 55 views
  69. Hacker News ·
    Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the JFrog Security Research team, are listed below - CVE-2026-1470 (CVSS score: 9.9) - An eval injection vulnerability that could allow an authenticated user to bypass the ExpressionView the full article
    • 0 comments
    • 68 views
  70. Hacker News ·
    If you work in security operations, the concept of the AI SOC agent is likely familiar. Early narratives promised total autonomy. Vendors seized on the idea of the "Autonomous SOC" and suggested a future where algorithms replaced analysts. That future has not arrived. We have not seen mass layoffs or empty security operations centers. We have instead seen the emergence of a practical reality.View the full article
    • 0 comments
    • 72 views
  71. CSOonline ·
    Fortinet has disclosed a critical authentication bypass zero-day vulnerability affecting its FortiCloud single sign-on feature after the company took the emergency step of temporarily disabling the cloud authentication service globally to stop active exploitation. The US Cybersecurity and Infrastructure Security Agency added the vulnerability to its Known Exploited Vulnerabilities catalog the same day. The vulnerability, tracked as CVE-2026-24858, is the second critical FortiCloud SSO fl
    • 0 comments
    • 157 views
  72. Hacker News ·
    Threat actors with ties to China have been observed using an updated version of a backdoor called COOLCLIENT in cyber espionage attacks in 2025 to facilitate comprehensive data theft from infected endpoints. The activity has been attributed to Mustang Panda (aka Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon) with the intrusions primarily directed against government entities locatedView the full article
    • 0 comments
    • 63 views
  73. CSOonline ·
    A newly observed Sicarii ransomware strain contains a critical encryption key handling defect that can leave encrypted data unrecoverable, even if a victim pays the ransom or uses a provided decryptor. Analysts at the Halcyon Ransomware Research Center found that Sicarii generates fresh RSA key pairs for each execution and then discards the private key, leaving no recoverable key material for the encrypted systems. Organizations affected by this variant cannot rely on ransom negotiation
    • 0 comments
    • 54 views
  74. Hacker News ·
    When security teams discuss credential-related risk, the focus typically falls on threats such as phishing, malware, or ransomware. These attack methods continue to evolve and rightly command attention. However, one of the most persistent and underestimated risks to organizational security remains far more ordinary. Near-identical password reuse continues to slip past security controls, oftenView the full article
    • 0 comments
    • 59 views
  75. Hacker News ·
    Google on Tuesday revealed that multiple threat actors, including nation-state adversaries and financially motivated groups, are exploiting a now-patched critical security flaw in RARLAB WinRAR to establish initial access and deploy a diverse array of payloads. "Discovered and patched in July 2025, government-backed threat actors linked to Russia and China as well as financially motivatedView the full article
    • 0 comments
    • 86 views
  76. CSOonline ·
    Privileged access management (PAM) has always been about ensuring least privilege. But the nature of enterprise cybersecurity — on top of the complexity of system operations — has prompted far too many users to log in at the highest possible privilege and stay there, even when most of their tasks do not require it. One recent study put the percentage of end-users logging in at their highest level of privilege at 91%. Sanchit Vir Gogia, chief analyst at Greyhound Research, sees the widesp
    • 0 comments
    • 57 views
  77. Hacker News ·
    Cybersecurity researchers have discovered two malicious packages in the Python Package Index (PyPI) repository that masquerade as spellcheckers but contain functionality to deliver a remote access trojan (RAT). The packages, named spellcheckerpy and spellcheckpy, are no longer available for download, but not before they were collectively downloaded a little over 1,000 times. "Hidden inside theView the full article
    • 0 comments
    • 73 views
  78. CSOonline ·
    You make delegation decisions every day. Sometimes they look like management choices: who owns a workflow, which team runs a tool, how quickly something should ship. Other times, they barely register at all. You accept a default setting. You enable automation. You let a system act on your behalf because it saves time and seems low risk. What we tend not to account for is that we will often own the outcomes of those actions, even when they feel misaligned with our intent or unfair in hind
    • 0 comments
    • 48 views
  79. CSOonline ·
    Three decades ago, when Steve Katz became the world’s first CISO at Citicorp/Citigroup, he quickly realized that his role was more than solving problems with tech. Katz had to communicate well, meet with C-level executives, and do anything in his power to reduce risk. “The basic philosophy that I’ve had is data security, information security, information risk is a business risk issue, not a technology issue,” he said in an interview. Katz realized that effective CISOs need a blend of tec
    • 0 comments
    • 61 views
  80. CSOonline ·
    Roman Samborskyi | shutterstock.com Sie denken, Ihre Sicherheitsmaßnahmen können Sie langfristig vor Cyberangriffen schützen? Oder dass Ihr Unternehmen zu klein und damit uninteressant für Hacker ist? Egal, ob Sie dem Mittelstand angehören, an der Börse gelistet sind oder zu den kritischen Infrastrukturen gehören: Jedes Unternehmen hat Daten, die Cyberkriminelle stehlen möchten. Im Jahr 2025 wurden viele deutsche Unternehmen Opfer einer Cyberattacke. Die Folgen der Angriffe, die meist mi
    • 0 comments
    • 64 views
  81. Hacker News ·
    Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-24858 (CVSS score: 9.4), has been described as an authentication bypass related to FortiOS single sign-on (SSO). The flaw also affects FortiManager and FortiAnalyzer. The company said it'sView the full article
    • 0 comments
    • 84 views
  82. CSOonline ·
    AI-fueled attacks can transform an innocuous webpage into a customed phishing page. The attacks, revealed in a research from Palo Alto Networks’ Unit 42, are clever in how they combine various obfuscation techniques. The combination though can be lethal, difficult to discover, and represent yet another new offensive front in the use of AI by bad actors to compromise enterprise networks. The attack starts with an original and ordinary webpage then attackers add client-side API calls to LLMs t
    • 0 comments
    • 57 views
  83. CSOonline ·
    Microsoft is warning admins of an Office security bypass zero day vulnerability that can be triggered simply by a user opening a document. The flaw is currently being actively exploited. “The vulnerability is serious,” said Johannes Ullrich, dean of research at the SANS Institute. “The root cause is that Microsoft Office still supports the older OLE document format, which provides access to various OLE components. The effect is similar to what an attacker could do with Office Macros. But Off
    • 0 comments
    • 48 views
  84. Hacker News ·
    Meta on Tuesday announced it's adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks because of who they are and what they do. The feature, similar to Lockdown Mode in Apple iOS and Advanced Protection in Android, aims to protect individuals, such as journalists or public-facing figures, from sophisticated spyware by trading some functionality forView the full article
    • 0 comments
    • 69 views
  85. Hacker News ·
    Indian government entities have been targeted in two campaigns undertaken by a threat actor that operates in Pakistan using previously undocumented tradecraft. The campaigns have been codenamed Gopher Strike and Sheet Attack by Zscaler ThreatLabz, which identified them in September 2025. "While these campaigns share some similarities with the Pakistan-linked Advanced Persistent Threat (APT)View the full article
    • 0 comments
    • 70 views
  86. CSOonline ·
    alphaspirit.it – shutterstock.com Viele Sicherheitsverantwortliche glauben, dass ein Cybervorfall unvermeidlich ist – unklsar ist lediglich der Zeitpunkt. Diese Überzeugung spiegelt sich in der gängigen Redewendung wider, dass es nicht darum geht, „ob“, sondern „wann“ ein Angriff erfolgt. Eine wachsende Zahl von CISOs rechnet jedoch eher früher als später mit einem Vorfall: Im Voice of the CISO Report 2025 von Proofpoint gaben rund 76 Prozent der Befragten an, dass sie sich in den nächst
    • 0 comments
    • 49 views
  87. CSOonline ·
    alphaspirit.it – shutterstock.com Viele Sicherheitsverantwortliche glauben, dass ein Cybervorfall unvermeidlich ist – unklsar ist lediglich der Zeitpunkt. Diese Überzeugung spiegelt sich in der gängigen Redewendung wider, dass es nicht darum geht, „ob“, sondern „wann“ ein Angriff erfolgt. Eine wachsende Zahl von CISOs rechnet jedoch eher früher als später mit einem Vorfall: Im Voice of the CISO Report 2025 von Proofpoint gaben rund 76 Prozent der Befragten an, dass sie sich in den nächst
    • 0 comments
    • 45 views
  88. Hacker News ·
    Cybersecurity researchers have disclosed details of a new campaign that combines ClickFix-style fake CAPTCHAs with a signed Microsoft Application Virtualization (App-V) script to distribute an information stealer called Amatera. "Instead of launching PowerShell directly, the attacker uses this script to control how execution begins and to avoid more common, easily recognized execution paths,"View the full article
    • 0 comments
    • 43 views
  89. CSOonline ·
    The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory mapping post-quantum cryptography (PQC) standards to common enterprise hardware and software categories, giving CIOs and security teams an early reference for evaluating quantum-safe technology readiness. Issued in response to a June 6, 2025 executive order on strengthening federal cybersecurity, the advisory identifies classes of IT products that already use, or are transitioning toward, NIST-standardize
    • 0 comments
    • 36 views
  90. CSOonline ·
    AI is now everywhere within enterprises. Many CISOs I speak with feel stuck between wanting to move forward and not knowing where to begin. The fear of getting both security’s use of AI and securing AI within the organization wrong often stops their process before it begins. That said, unlike other big technology waves such as cloud, mobile and DevOps, we actually have a chance to put guardrails around AI before it becomes fully entrenched in every corner of the business. It’s a rare opportunity
    • 0 comments
    • 45 views
  91. Hacker News ·
    A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version of the Grist relational spreadsheet-database, that could result in remote code execution. The vulnerability, tracked as CVE-2026-24002 (CVSS score: 9.1), has been codenamed Cellbreak by Cyera Research Labs. "One malicious formula can turn a spreadsheet into a Remote Code Execution (RCE) beachhead,"View the full article
    • 0 comments
    • 46 views
  92. CSOonline ·
    Gartner has warned that the increasing volume of data generated by AI threatens the future reliability of large language models (LLMs). So much so, that it predicts that 50% of organizations will implement a zero-trust stance for data governance by 2028 due to the proliferation of unverified AI-generated data. According to data from a recent 2026 survey of CIOs and technology executives, 84% expect their companies to increase funding for generative AI. As organizations accelerate both th
    • 0 comments
    • 45 views
  93. Hacker News ·
    Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple environments. The flexible framework has been put to use against Chinese gambling industries and malicious activities targeting Asian government entities and private organizations, according to Trend MicroView the full article
    • 0 comments
    • 60 views
  94. Hacker News ·
    Microsoft on Monday issued out-of-band security patches for a high-severity Microsoft Office zero-day vulnerability exploited in attacks. The vulnerability, tracked as CVE-2026-21509, carries a CVSS score of 7.8 out of 10.0. It has been described as a security feature bypass in Microsoft Office. "Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorizedView the full article
    • 0 comments
    • 47 views
  95. CSOonline ·
    Many security leaders believe a cyberbreach is inevitable, with the timing being the only uncertainty. It’s a belief encapsulated in the common refrain that a breach is “not if, but when.” But a growing number of CISOs now expect an incident sooner than later: Some 76% said they feel at risk of experiencing a material cyberattack in the next 12 months, according to the Voice of the CISO Report released by security tech company Proofpoint in August 2025. That’s up from 70% the prior year.
    • 0 comments
    • 52 views
  96. CSOonline ·
    Gorodenkoff | shutterstock.com Cloud Security bleibt ein diffiziles Thema und die Tools, mit denen sie sich gewährleisten lässt, werden zunehmend komplexer und schwieriger zu durchschauen – auch dank der ungebrochenen Liebe der Branche zu Akronymen. Mit CNAPP kommt nun ein weiteres hinzu. CNAPP – Definition Die Abkürzung steht für Cloud-Native Application Protection Platform – und kombiniert die Funktionen von vier separaten Cloud-Security-Werkzeugen:    Cloud Infrastructure Ent
    • 0 comments
    • 69 views
  97. CSOonline ·
    Javascript developers should consider moving away from the npm and yarn platforms for distributing their work because newly-found holes allow threat actors to run malicious worm attacks like Shai-Hulud, says an Israeli researcher. The warning comes from Oren Yomtov of Koi Security, who blogged Monday of discovering six zero day vulnerabilities in several package managers that could allow hackers bypass defenses that had been recommended last November after Shai-Hulud roamed through npm and c
    • 0 comments
    • 47 views
  98. CSOonline ·
    On Dec. 29 and 30, the Polish electricity grid was subjected to a cyberattack that nearly knocked out power to hundreds of thousands of households. Security firm ESET has since conducted a closer examination of the attack and concluded that it was carried out by Sandworm, a group of hackers with strong ties to the Russian military intelligence service GRU. The attack used Dynowiper, a powerful malware that deletes all data on vulnerable computers. Sandworm is said to have carried out
    • 0 comments
    • 53 views
  99. Hacker News ·
    Cybersecurity researchers have discovered an ongoing campaign that's targeting Indian users with a multi-stage backdoor as part of a suspected cyber espionage campaign. The activity, per the eSentire Threat Response Unit (TRU), involves using phishing emails impersonating the Income Tax Department of India to trick victims into downloading a malicious archive, ultimately granting the threatView the full article
    • 0 comments
    • 55 views

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.