Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Security

2445 tech articles in this category

  1. CSOonline ·
    Digineer Station – shutterstock.com In einer vernetzten Geschäftswelt stehen Unternehmen vor beispiellosen Cybersicherheits-Herausforderungen. Laut dem IBM Cost of a Data Breach Report 2024 betragen die durchschnittlichen Kosten eines durch Phishing verursachten Datenlecks etwa 4,88 Millionen Dollar. Nach Branchenschätzungen werden täglich etwa 3,4 Milliarden Phishing-E-Mails verschickt. Gleichzeitig wächst die globale Datenhändlerbranche auf geschätzte 280 Milliarden Dollar im Jahr 2024. Di
    • 0 comments
    • 97 views
  2. CSOonline ·
    Digineer Station – shutterstock.com In einer vernetzten Geschäftswelt stehen Unternehmen vor beispiellosen Cybersicherheits-Herausforderungen. Laut dem IBM Cost of a Data Breach Report 2024 betragen die durchschnittlichen Kosten eines durch Phishing verursachten Datenlecks etwa 4,88 Millionen Dollar. Nach Branchenschätzungen werden täglich etwa 3,4 Milliarden Phishing-E-Mails verschickt. Gleichzeitig wächst die globale Datenhändlerbranche auf geschätzte 280 Milliarden Dollar im Jahr 2024. Di
    • 0 comments
    • 90 views
  3. CSOonline ·
    Digineer Station – shutterstock.com In einer vernetzten Geschäftswelt stehen Unternehmen vor beispiellosen Cybersicherheits-Herausforderungen. Laut dem IBM Cost of a Data Breach Report 2024 betragen die durchschnittlichen Kosten eines durch Phishing verursachten Datenlecks etwa 4,88 Millionen Dollar. Nach Branchenschätzungen werden täglich etwa 3,4 Milliarden Phishing-E-Mails verschickt. Gleichzeitig wächst die globale Datenhändlerbranche auf geschätzte 280 Milliarden Dollar im Jahr 2024. Di
    • 0 comments
    • 93 views
  4. Krebs ·
    The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they’d compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people behind Badbox 2.0, and thanks to bragging by the Kimwolf botmasters we may now have a much clearer idea about that. Ou
    • 0 comments
    • 71 views
  5. Hacker News ·
    Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor covert functionality to siphon developer data to China-based servers. The extensions, which have 1.5 million combined installs and are still available for download from the official Visual StudioView the full article
    • 0 comments
    • 73 views
  6. CSOonline ·
    Microsoft gave Windows users’ BitLocker encryption keys for to US law enforcement officers, providing access to encrypted data, according to a news report. The US Federal Bureau of Investigation approached Microsoft with a search warrant in early 2025, seeking keys to unlock encrypted data stored on three laptops in a case of alleged fraud involving the COVID unemployment assistance program in Guam. As the keys were stored on a Microsoft server, Microsoft adhered to the legal order and hande
    • 0 comments
    • 40 views
  7. CSOonline ·
    Outlook users have reported difficulties with Microsoft’s January Patch Tuesday updates, forcing Microsoft, once again, to patch some of its patches. Users reported that, after applying the January 13 Windows updates, some applications became unresponsive or encountered unexpected errors when opening files from or saving files to cloud-based storage such as OneDrive or Dropbox. In particular, certain Microsoft Outlook configurations with the PST file containing a users’ messages stored on On
    • 0 comments
    • 69 views
  8. Hacker News ·
    If there’s a constant in cybersecurity, it’s that adversaries are always innovating. The rise of offensive AI is transforming attack strategies and making them harder to detect. Google’s Threat Intelligence Group, recently reported on adversaries using Large Language Models (LLMs) to both conceal code and generate malicious scripts on the fly, letting malware shape-shift in real-time to evadeView the full article
    • 0 comments
    • 52 views
  9. Hacker News ·
    The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector. The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary's expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, CheckView the full article
    • 0 comments
    • 55 views
  10. CSOonline ·
    hotocosmos1 – shutterstock.com Die Bundesregierung will auf Cyberangriffe künftig offensiver reagieren. “Wir werden zurückschlagen, auch im Ausland. Wir werden Angreifer stören und ihre Infrastruktur zerstören”, sagte Bundesinnenminister Alexander Dobrindt (CSU) der «Süddeutschen Zeitung». Deutschland werde die Schwelle für solche Schritte niedrig ansetzen. Verantwortlich für solche Gegenschläge sollen laut Dobrindt Geheimdienste und das Bundeskriminalamt gemeinsam sein. Um die Arbeit de
    • 0 comments
    • 318 views
  11. CSOonline ·
    Last year was defined by AI hype, new attack models, and intensifying global tensions. As 2026 begins, security teams are asking what the next phase will look like. Will AI continue to accelerate risk, or will controls and governance finally catch up? CSO spoke to 10 security leaders about their predictions and aspirations for 2026. Governance scrambles to keep pace with AI As AI becomes deeply embedded in day-to-day business operations, security leaders are being pushed to scale gov
    • 0 comments
    • 50 views
  12. CSOonline ·
    Last year was defined by AI hype, new attack models, and intensifying global tensions. As 2026 begins, security teams are asking what the next phase will look like. Will AI continue to accelerate risk, or will controls and governance finally catch up? CSO spoke to 10 security leaders about their predictions and aspirations for 2026. Governance scrambles to keep pace with AI As AI becomes deeply embedded in day-to-day business operations, security leaders are being pushed to scale gov
    • 0 comments
    • 40 views
  13. Hacker News ·
    A new multi-stage phishing campaign has been observed targeting users in Russia with ransomware and a remote access trojan called Amnesia RAT. "The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign," Fortinet FortiGuard Labs researcher Cara Lin said in a technical breakdown published this week. "These documents andView the full article
    • 0 comments
    • 64 views
  14. Hacker News ·
    The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the "largest cyber attack" targeting Poland's power system in the last week of December 2025. The attack was unsuccessful, the country's energy minister, Milosz Motyka, said last week. "The command of the cyberspace forces has diagnosed in the last days of the year the strongest attack onView the full article
    • 0 comments
    • 60 views
  15. Hacker News ·
    AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity beyond human speed across the enterprise. Then comes the moment every security team eventually hits: “Wait… who approved this?” Unlike users or applications, AI agents are often deployed quickly, shared broadly,View the full article
    • 0 comments
    • 53 views
  16. Hacker News ·
    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in theView the full article
    • 0 comments
    • 77 views
  17. CSOonline ·
    Fortinet has confirmed that a new attack campaign observed recently against customer devices is exploiting an unpatched issue to bypass authentication. The new attacks are different from a previous campaign seen in December that targeted two vulnerabilities related to FortiCloud single sign-on (SSO) authentication. “Recently, a small number of customers reported unexpected login activity occurring on their devices, which appeared very similar to the previous issue,” the Fortinet product secu
    • 0 comments
    • 73 views
  18. CSOonline ·
    Cybercriminals have built structured criminal groups with an organizational model similar to that of a legitimate business. “Cybercrime has become industrialized, a return on investment (ROI)-oriented economy, focused on speed and monetization,” according to Martin Zugec, Bitdefender’s director of technical solutions. Zugec explains that this modus operandi of cybercriminal groups is characterized by a high degree of specialization, which includes initial access brokers or ransomware-as-a-se
    • 0 comments
    • 54 views
  19. CSOonline ·
    We’re proud to share that NETSCOUT has been recognized for industry-leading excellence in network detection and response (NDR). This acknowledgment, from Quadrant Knowledge Solutions’ 2025 SPARK Matrix™ for NDR, highlights what our customers already know: NETSCOUT delivers unmatched visibility, precision, and forensic depth across the world’s most complex digital ecosystems. Below are the strengths that set us apart and continue to define our leadership. The visibility gap no one wants t
    • 0 comments
    • 53 views
  20. CSOonline ·
    In today’s digital landscape, encrypted traffic is the norm—not the exception. While encryption such as Transport Layer Security (TLS) 1.3 protects user privacy and data integrity, it also presents a growing challenge for security teams: How do you defend against threats hidden inside encrypted traffic without overwhelming your systems? The challenge of encrypted DDoS attacks Threat actors are always looking for ways to circumvent modern defenses, and one of the most popular distributed
    • 0 comments
    • 52 views
  21. Hacker News ·
    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows - CVE-2025-68645 (CVSS score: 8.8) - A PHP remote file inclusion vulnerability in Synacor Zimbra Collaboration Suite (ZCS) that could allow aView the full article
    • 0 comments
    • 69 views
  22. CSOonline ·
    VGMT Die Geschäftsstelle sowie die Mobilitätszentrale der Verkehrsgesellschaft Main-Tauber (VGMT) sind derzeit geschlossen und weder telefonisch noch per E-Mail erreichbar. Wie die Organisation kürzlich mitteilte, steckt eine Cyberattacke dahinter. Demnach haben die Täter die Server und Daten des Unternehmens verschlüsselt. Ob Daten gestohlen wurden, ist bisher unklar. Der Mitteilung zufolge sind die Ermittlungen in dem Fall noch nicht abgeschlossen. Weitere Details zu dem Angriff gibt e
    • 0 comments
    • 41 views
  23. CSOonline ·
    VGMT Die Geschäftsstelle sowie die Mobilitätszentrale der Verkehrsgesellschaft Main-Tauber (VGMT) sind derzeit geschlossen und weder telefonisch noch per E-Mail erreichbar. Wie die Organisation kürzlich mitteilte, steckt eine Cyberattacke dahinter. Demnach haben die Täter die Server und Daten des Unternehmens verschlüsselt. Ob Daten gestohlen wurden, ist bisher unklar. Der Mitteilung zufolge sind die Ermittlungen in dem Fall noch nicht abgeschlossen. Weitere Details zu dem Angriff gibt e
    • 0 comments
    • 39 views
  24. Hacker News ·
    Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. "In the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the time of the attack, which suggested a newView the full article
    • 0 comments
    • 43 views
  25. CSOonline ·
    Andrii Yalanskyi – shutterstock.com Was wäre, wenn das größte Sicherheitsrisiko Ihrer Organisation bereits einen Mitarbeitendenausweis besitzt, legitim angemeldet ist und genau weiß, wie interne Prozesse funktionieren? Diese Frage ist unbequem, aber sie markiert den Ausgangspunkt für eine längst überfällige Auseinandersetzung mit Insider-Bedrohungen. Insider Threats – der blinde Fleck Ob auf Fachkonferenzen oder in unternehmensinternen Meetings: Wenn über Sicherheitsrisiken gesproc
    • 0 comments
    • 92 views
  26. CSOonline ·
    Andrii Yalanskyi – shutterstock.com Was wäre, wenn das größte Sicherheitsrisiko Ihrer Organisation bereits einen Mitarbeitendenausweis besitzt, legitim angemeldet ist und genau weiß, wie interne Prozesse funktionieren? Diese Frage ist unbequem, aber sie markiert den Ausgangspunkt für eine längst überfällige Auseinandersetzung mit Insider-Bedrohungen. Insider Threats – der blinde Fleck Ob auf Fachkonferenzen oder in unternehmensinternen Meetings: Wenn über Sicherheitsrisiken gesproc
    • 0 comments
    • 94 views
  27. Hacker News ·
    TikTok on Friday officially announced that it formed a joint venture that will allow the hugely popular video-sharing application to continue operating in the U.S. The new venture, named TikTok USDS Joint Venture LLC, has been established in compliance with the Executive Order signed by U.S. President Donald Trump in September 2025, the platform said. The new deal will see TikTok's ChineseView the full article
    • 0 comments
    • 46 views
  28. Hacker News ·
    Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software for persistent remote access to compromised hosts. "Instead of deploying custom viruses, attackers are bypassing security perimeters by weaponizing the necessary IT tools that administrators trust," KnowBe4 ThreatView the full article
    • 0 comments
    • 65 views
  29. Hacker News ·
    Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector. "The campaign abused SharePoint file‑sharing services to deliver phishing payloads and relied on inbox rule creation to maintain persistence and evade user awareness," the Microsoft Defender Security Research Team said.View the full article
    • 0 comments
    • 45 views
  30. CSOonline ·
    Lesen Sie, worauf es bei der Zusammenarbeit zwischen Ihrem IT-Security- und Engineering-Team ankommt. Foto: Lipik Stock Media – shutterstock.com Security-Teams bestehen in erster Linie aus Mitarbeitern, die für den Betrieb und die Einhaltung von Vorschriften und Richtlinien zuständig sind. IT-Sicherheitstechnik-Teams, neudeutsch Security-Engineering-Teams, hingegen sind Konstrukteure. Sie entwickeln Dienste, automatisieren Prozesse und optimieren Bereitstellungen, um das zentrale IT-Sicherheits
    • 0 comments
    • 55 views
  31. CSOonline ·
    Twelve US companies hit by the INC ransomware group were able to recover encrypted data after a cybersecurity firm discovered the cloud storage infrastructure where the gang stockpiled what it stole. Researchers at Florida-based Cyber Centaurs said Thursday they took advantage of a lapse in operational security by the gang: They found artifacts left behind by Restic, an legitimate open source backup utility the gang uses to encrypt and exfiltrate victim data into cloud storage environments i
    • 0 comments
    • 51 views
  32. CSOonline ·
    Computers with Telnet open are in immediate danger of being compromised due to a critical vulnerability that allows attackers to bypass authentication. The Telnet remote access protocol has long been superseded by the more secure and encrypted SSH, but many IoT and embedded devices have continued to ship with Telnet exposed on the LAN interface for debugging purposes over the years. Making things worse, the vulnerability, now tracked as CVE-2026-24061, is trivial to exploit remotely, and
    • 0 comments
    • 72 views
  33. Hacker News ·
    Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator in Southeast Asia in November 2025. The attack leveraged a malicious driver called POORTRY as part of a known technique referred to as bring your own vulnerable driver (BYOVD) to disarm security software, the Symantec and Carbon Black Threat HunterView the full article
    • 0 comments
    • 49 views
  34. Hacker News ·
    A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11 years. The vulnerability, tracked as CVE-2026-24061, is rated 9.8 out of 10.0 on the CVSS scoring system. It affects all versions of GNU InetUtils from version 1.9.3 up to and including version 2.7. "Telnetd in GNU Inetutils through 2.7 allows remote authentication bypassView the full article
    • 0 comments
    • 57 views
  35. Hacker News ·
    Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted workflows were enough to open doors without forcing them. What stands out is how little friction attackers now need. Some activity focused on quiet reach and coverage, others on timing and reuse. The emphasisView the full article
    • 0 comments
    • 71 views
  36. CSOonline ·
    Spanish online electronics retailer PcComponentes has denied a hacker’s claims to have stolen data on its customers. Hackrisk.io, a strategic cyber threat intelligence platform developed and maintained by Hackmanac, reported that a malicious actor using the alias ‘daghetiaw’ claimed to have hacked the e-commerce company, adding that it was attempting to verify the claim. According to Hackrisk.io, the hacker allegedly stole data relating to 16.3 million people, including tax identificati
    • 0 comments
    • 46 views
  37. CSOonline ·
    fadfebrian – shutterstock.com Der Regensburger IT-Dienstleister Conceptnet informiert derzeit auf seiner Internetseite über eine technische Störung, die durch einen Ransomware-Angriff verursacht wurde. Berichten zufolge haben sich die Täter um den 13. Januar 2026 Zugriff auf die IT-Infrastruktur des Unternehmens verschafft. „Dabei wurden zentrale Systeme – darunter Web- und E-Mail-Server – verschlüsselt“, erklärt das Unternehmen. Wiederherstellung der Systeme dauert an Der Angriff se
    • 0 comments
    • 50 views
  38. CSOonline ·
    Cisco has released patches for a critical remote code execution vulnerability in its unified communications products that attackers are actively exploiting. The US Cybersecurity and Infrastructure Security Agency has added the flaw to its Known Exploited Vulnerabilities catalog, confirming the exploitation. Cisco disclosed CVE-2026-20045 along with patches for Unified Communications Manager, Unity Connection, and Webex Calling Dedicated Instance. The company assigned the vulnerability a “Cri
    • 0 comments
    • 323 views
  39. CSOonline ·
    Cisco has released patches for a critical remote code execution vulnerability in its unified communications products that attackers are actively exploiting. The US Cybersecurity and Infrastructure Security Agency has added the flaw to its Known Exploited Vulnerabilities catalog, confirming the exploitation. Cisco disclosed CVE-2026-20045 along with patches for Unified Communications Manager, Unity Connection, and Webex Calling Dedicated Instance. The company assigned the vulnerability a “Cri
    • 0 comments
    • 92 views
  40. CSOonline ·
    VoidLink, the high-impact Linux malware framework disclosed last week, is back under scrutiny for claims that the bulk of its development was done by artificial intelligence (AI). According to the follow-up analysis from Check Point Research (CPR), which first disclosed VoidLink, the malware was not merely assisted by AI tooling but was largely planned, structured, and written through AI-driven processes. “CPR believes a new era of AI-generated malware has begun,” the researchers said in
    • 0 comments
    • 43 views
  41. Hacker News ·
    Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience. In these environments, the security team is the helpdesk, the compliance expert, and the incident response team all rolled into one. Securing the cloud office in this scenario is all aboutView the full article
    • 0 comments
    • 47 views
  42. Hacker News ·
    A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts. The package, named sympy-dev, mimics SymPy, replicating the latter's project description verbatim in an attempt to deceive unsuspecting users into thinking that they areView the full article
    • 0 comments
    • 79 views
  43. Hacker News ·
    A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch. The vulnerability, which currently does not have a CVE identifier, is tracked by watchTowr Labs as WT-2026-0001. It was patched by SmarterTools on January 15, 2026, with Build 9511, following responsible disclosure by the exposure managementView the full article
    • 0 comments
    • 71 views
  44. CSOonline ·
    IB Photography – shutterstock.com Im Jahr 2010 war Office 365 eine einfache Suite mit Office-Anwendungen und zusätzlicher E-Mail-Funktion. Das hat sich 15 Jahre später mit Microsoft 365 geändert: Die Suite ist ein wesentliches Element in den Bereichen Kommunikation, Zusammenarbeit und Sicherheit. Dienste wie Entra, Intune, Exchange, Defender, Teams und SharePoint verfügen über Tausende von Konfigurationsdetails, die dafür sorgen, dass Unternehmen reibungslos und sicher laufen. Wenn diese ver
    • 0 comments
    • 83 views
  45. CSOonline ·
    IB Photography – shutterstock.com Im Jahr 2010 war Office 365 eine einfache Suite mit Office-Anwendungen und zusätzlicher E-Mail-Funktion. Das hat sich 15 Jahre später mit Microsoft 365 geändert: Die Suite ist ein wesentliches Element in den Bereichen Kommunikation, Zusammenarbeit und Sicherheit. Dienste wie Entra, Intune, Exchange, Defender, Teams und SharePoint verfügen über Tausende von Konfigurationsdetails, die dafür sorgen, dass Unternehmen reibungslos und sicher laufen. Wenn diese ver
    • 0 comments
    • 85 views
  46. CISOmag ·
    CISO Middle East Summit – Doha, Qatar | 22nd January 2026 The CISO Middle East Summit 2026, taking place on 22nd January in Doha, Qatar, stands as one of the region’s most anticipated gatherings for cybersecurity leaders, innovators, and policymakers. Under the theme “Digital Freedom & Resilience: The Pillars of Qatar’s Cyber Vision 2030,” the summit will unite key decision-makers from government, critical infrastructure, and enterprise sectors to shape the future of cybersecurity in the Mi
    • 0 comments
    • 69 views
  47. CSOonline ·
    CISO’s are increasingly turning to AI-enabled security technologies to augment their organizations’ cyber defense and extend the capabilities of their teams. According to Foundry’s latest Security Priorities Study, 73% of security decision-makers are now more likely to consider a security solution that uses artificial intelligence, up from 59% the year prior. CISOs plan to leverage AI in a range of security functions, including malware detection, threat detection, anomaly detection, real
    • 0 comments
    • 47 views
  48. CSOonline ·
    Lately, the Curl code library has been receiving a lot of AI-generated reports from users hoping to receive financial compensation from the tool’s bug bounty program. Going through all the reports has taken up so many resources that Curl has decided to eliminate compensation for bug hunters altogether. “AI slop and generally bad reports have only increased even more recently, so we have to make an attempt to slow down the river so as not to drown,” Curl’s chief administrator Daniel Stenb
    • 0 comments
    • 53 views
  49. CISOmag ·
    WAM Morocco 2026 is organised by KAOUN International (a subsidiary of Dubai World Trade Centre) and proudly in association with GITEX Africa. The debut event is set to be the continent’s largest tech and start-up event in advanced manufacturing and future mobility. WAM Morocco will take place under the auspices of the Moroccan Ministry of Industry and Trade from 20 – 22 January 2026 at Foire Internationale de Casablanca, Morocco. Expected to draw over 350 exhibitors and more than 20,000 high-le
    • 0 comments
    • 77 views
  50. Hacker News ·
    Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious activity" that involves unauthorized firewall configuration changes on Fortinet FortiGate devices. The activity, it said, commenced on January 15, 2026, adding it shares similarities with a December 2025 campaign in which malicious SSO logins on FortiGate appliances were recorded against the admin account fromView the full article
    • 0 comments
    • 72 views
  51. Hacker News ·
    Cisco has released fresh patches to address what it described as a "critical" security vulnerability impacting multiple Unified Communications (CM) products and Webex Calling Dedicated Instance that it has been actively exploited as a zero-day in the wild. The vulnerability, CVE-2026-20045 (CVSS score: 8.2), could permit an unauthenticated remote attacker to execute arbitrary commands on theView the full article
    • 0 comments
    • 62 views
  52. CSOonline ·
    A critical two-factor authentication bypass vulnerability in the Community and Enterprise editions of the GitLab application development platform has to be patched immediately, say experts. The hole is one of five vulnerabilities patched Wednesday as part of new versions of GitLab. Three are ranked High in severity, including the 2FA bypass issue, while the other two are ranked Medium in severity. GitLab says the 2FA hole, CVE-2026-0723, if exploited on an unpatched system, could allow a
    • 0 comments
    • 44 views
  53. CSOonline ·
    Internal testing, product demonstrations, and security training are critical practices in cybersecurity, giving defenders and everyday users the tools and wherewithal to prevent and respond to enterprise threats. However, according to new research from Pentera Labs, when left in default or misconfigured states, these “test” and “demo” environments are yet another entry point for attackers — and the issue even affects leading security companies and Fortune 500 companies that should know bette
    • 0 comments
    • 52 views
  54. CSOonline ·
    In July 2025, Ingram Micros suffered devastating consequences from a ransomware in which the IT distributor’s logistics were paralyzed for a week. It has now emerged that sensitive data was also leaked. As Ingram Micro confirmed in a mandatory filing with US authorities, more than 42,000 people are affected. The perpetrators reportedly obtained information from current and former employees as well as job applicants. In addition to basic personal data such as names and contact information
    • 0 comments
    • 47 views
  55. CSOonline ·
    Oracle has handed security teams their first big patching workload of the year, with its latest quarterly update containing a hefty 337 security fixes across its product range, including 27 rated critical. This imposing number of patches won’t surprise anyone whose job it is to look after Oracle products; in 2025 the company averaged 344 per update, so 337 is in line with this. The first job with large updates like this is working out where to start and what to prioritize. That usually m
    • 0 comments
    • 54 views
  56. Hacker News ·
    As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial intelligence (AI), cryptocurrency, financial services, IT services, marketing, and software development sectors in Europe, South Asia, the Middle East, and Central America. The new findingsView the full article
    • 0 comments
    • 75 views
  57. Hacker News ·
    Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution. The most severe of the lot is a critical security flaw impacting Zoom Node Multimedia Routers (MMRs) that could permit a meeting participant to conduct remote code execution attacks. The vulnerability, tracked as CVE-2026-22844View the full article
    • 0 comments
    • 83 views
  58. CSOonline ·
    The European Commission has presented a new cybersecurity package to strengthen the European Union’s resilience to increasing cyber and hybrid attacks from state and criminal actors. The key is to reduce risks from high-risk suppliers outside the EU, especially in critical infrastructure such as mobile networks, through a common and risk-based framework. The Commission’s news release did not mention any specific suppliers targeted by the measures. The move should make it possible to redu
    • 0 comments
    • 73 views
  59. compuquip ·
    Across this series, we’ve looked at how threat detection evolves when AI becomes part of SOC operations from anomaly detection, to triage, to detection engineering. The final challenge is not design. It’s operation. Deploying AI-driven detection is relatively easy. Sustaining it across analysts, shifts, environments, and time is where most SOCs struggle.   At scale, AI becomes an operational dependency. And dependencies require ownership. View the full article
    • 0 comments
    • 77 views
  60. CSOonline ·
    Threat actors behind the long-running Contagious Interview campaign were seen expanding from traditional social-engineering lures to the abuse of Microsoft Visual Studio Code (VS Code) as an execution and persistence mechanism. According to new findings from Jamf Threat Labs, the actors are embedding malicious logic directly into VS Code project configurations, allowing code to execute as soon as a victim opens a repository and grants it “trust”. Rather than relying on standalone malware
    • 0 comments
    • 47 views
  61. Hacker News ·
    Every managed security provider is chasing the same problem in 2026 — too many alerts, too few analysts, and clients demanding “CISO-level protection” at SMB budgets. The truth? Most MSSPs are running harder, not smarter. And it’s breaking their margins. That’s where the quiet revolution is happening: AI isn’t just writing reports or surfacing risks — it’s rebuilding how security services areView the full article
    • 0 comments
    • 69 views
  62. CSOonline ·
    JHVEPhoto | shutterstock.com Im Juli 2025 sorgte ein Ransomware-Angriff für verheerende Folgen bei Ingram Micro: Die Logistik des IT-Distributors wurde eine Woche lahmgelegt – davon betroffen war nicht nur der Hauptsitz in den USA, sondern auch der Standort in Deutschland. Nun hat sich herausgestellt, dass dabei auch sensible Daten abgeflossen sind. Wie Ingram Micro in einer Pflichtmitteilung an US-Behörden bestätigt, sind davon mehr als 42.000 Personen betroffen. Die Täter sind demnach
    • 0 comments
    • 346 views
  63. CSOonline ·
    The common vulnerability scoring system (CVSS) has long served as the industry’s default for assessing vulnerability severity. It has become one of the few “sources of truth” for cybersecurity professionals. And, you know the drill. A new CVE drops; it gets a CVSS score; teams rush to patch the items with the biggest numbers. It all feels logical, scientific — even objective. But in practice, it often fails us. In the cases of Equifax, SolarWinds and Log4Shell, a similar pattern has
    • 0 comments
    • 49 views
  64. Hacker News ·
    Gartner® doesn’t create new categories lightly. Generally speaking, a new acronym only emerges when the industry's collective "to-do list" has become mathematically impossible to complete. And so it seems that the introduction of the Exposure Assessment Platforms (EAP) category is a formal admission that traditional Vulnerability Management (VM) is no longer a viable way to secure a modernView the full article
    • 0 comments
    • 73 views
  65. Hacker News ·
    Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization. Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API keys and steal sensitive files, orView the full article
    • 0 comments
    • 72 views
  66. CSOonline ·
    Jacek Wojnarowski – shutterstock.com Die EU-Kommission will umstrittene Anbieter von Netzwerktechnik künftig in Deutschland und anderen EU-Staaten verbieten können. Bei dem Vorschlag dürfte es insbesondere um chinesische Technologiefirmen wie Huawei und ZTE gehen. Hintergrund ist die Sorge vor Sabotage und Spionage durch Drittstaaten.  Mit einer entsprechenden Rechtsgrundlage soll die EU-Kommission in letzter Instanz untersagen können, Technik besonders risikobehafteter ausländischer Unt
    • 0 comments
    • 52 views
  67. CSOonline ·
    Jacek Wojnarowski – shutterstock.com Die EU-Kommission will umstrittene Anbieter von Netzwerktechnik künftig in Deutschland und anderen EU-Staaten verbieten können. Bei dem Vorschlag dürfte es insbesondere um chinesische Technologiefirmen wie Huawei und ZTE gehen. Hintergrund ist die Sorge vor Sabotage und Spionage durch Drittstaaten.  Mit einer entsprechenden Rechtsgrundlage soll die EU-Kommission in letzter Instanz untersagen können, Technik besonders risikobehafteter ausländischer Unt
    • 0 comments
    • 55 views
  68. Hacker News ·
    The recently discovered sophisticated Linux malware framework known as VoidLink is assessed to have been developed by a single person with assistance from an artificial intelligence (AI) model. That's according to new findings from Check Point Research, which identified operational security blunders by malware's author that provided clues to its developmental origins. The latest insight makesView the full article
    • 0 comments
    • 67 views
  69. CSOonline ·
    Increased reliance on IT service providers, digital tools, and third-party software is greatly expanding the enterprise attack surface, with noteworthy cyberattacks over the past year underscoring this fact.  In October 2025, Marks & Spencer terminated its longtime helpdesk deal with outsourcing giant Tata Consultancy Services following a cyberattack that cost the British retailer an estimated £300 million and temporarily shut down its online business. In August, a Chinese threat gro
    • 0 comments
    • 70 views
  70. Hacker News ·
    LastPass is alerting users to a new active phishing campaign that's impersonating the password management service, which aims to trick users into giving up their master passwords. The campaign, which began on or around January 19, 2026, involves sending phishing emails claiming upcoming maintenance and urging them to create a local backup of their password vaults in the next 24 hours. TheView the full article
    • 0 comments
    • 77 views
  71. CSOonline ·
    From a certain age, many people regularly visit their doctor for check-ups. In this way, risks and dangers can be identified early and appropriate measures taken. The same applies to cybersecurity: Regular risk assessments help security teams identify vulnerabilities and areas for improvement. Unfortunately, such assessments are not carried out universally. Advantages of a cyber risk assessment CISOs benefit from the following advantages when they integrate cybersecurity risk assessm
    • 0 comments
    • 48 views
  72. Hacker News ·
    A security vulnerability has been disclosed in the popular binary-parser npm library that, if successfully exploited, could result in the execution of arbitrary JavaScript. The vulnerability, tracked as CVE-2026-1245 (CVSS score: N/A), affects all versions of the module prior to version 2.3.0, which addresses the issue. Patches for the flaw were released on November 26, 2025. Binary-parser is aView the full article
    • 0 comments
    • 74 views
  73. CSOonline ·
    Third Party Risk Management hilft Unternehmen, das Risiko von Compliance-Verstößen zu vermeiden. Foto: Diyajyoti – shutterstock.com In Zeiten der Digitalisierung ist es für Unternehmen unerlässlich, auf die Unterstützung von Drittanbietern zurückzugreifen. Sei es im Bereich der IT-Infrastruktur oder bei der Datenverarbeitung – externe Dienstleister helfen dabei, Geschäftsprozesse effektiver und effizienter zu gestalten. Doch mit der Zusammenarbeit mit Dritten geht auch ein Risiko einher. Untern
    • 0 comments
    • 53 views
  74. CSOonline ·
    Threat actors could use prompt injection attacks to take advantage of three vulnerabilities in Anthropic’s official Git MCP server and cause mayhem with AI systems. This alert comes from researchers at Israel-based Cyata, which urges infosec leaders to make sure corporate developers using the official GIT MCP server update to the latest version as soon as possible. The risk is that an attacker could run unapproved code or tamper with a large language model (LLM), compromising its output.
    • 0 comments
    • 57 views
  75. CSOonline ·
    Threat actors could use prompt injection attacks to take advantage of three vulnerabilities in Anthropic’s official Git MCP server and cause mayhem with AI systems. This alert comes from researchers at Israel-based Cyata, which urges infosec leaders to make sure corporate developers using the official GIT MCP server update to the latest version as soon as possible. The risk is that an attacker could run unapproved code or tamper with a large language model (LLM), compromising its output.
    • 0 comments
    • 47 views
  76. CSOonline ·
    Two vulnerabilities in popular AI development framework Chainlit could enable attackers to read arbitrary files and database content from servers. If left unpatched, the flaws could allow attackers to leak API keys and other secret tokens to facilitate lateral movement inside the organization’s infrastructure. “These vulnerabilities can be triggered with no user interaction,” researchers from security firm Zafran said in a report on the Chainlit flaws. “Zafran confirmed the vulnerabilities i
    • 0 comments
    • 54 views
  77. CSOonline ·
    Airlock Digital, a leader in proactive application control and endpoint security, announced the release of The Total Economic Impact (TEI) of Airlock Digital, an independent study commissioned by Airlock Digital and conducted by Forrester Consulting. The study demonstrates a significant 224% return on investment (ROI) and a $3.8 million net present value (NPV) over three years for organizations adopting Airlock Digital’s allowlisting approach. These findings underline both the financial and secu
    • 0 comments
    • 52 views
  78. Hacker News ·
    The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints. The latest finding demonstrates continued evolution of the new tactic that was first discovered in December 2025, Jamf Threat Labs said. "This activity involvedView the full article
    • 0 comments
    • 61 views
  79. Krebs ·
    A new Internet-of-Things (IoT) botnet called Kimwolf has spread to more than 2 million devices, forcing infected systems to participate in massive distributed denial-of-service (DDoS) attacks and to relay other malicious and abusive Internet traffic. Kimwolf’s ability to scan the local networks of compromised systems for other IoT devices to infect makes it a sobering threat to organizations, and new research reveals Kimwolf is surprisingly prevalent in government and corporate networks. Image:
    • 0 comments
    • 83 views
  80. CSOonline ·
    T. Schneider – shutterstock.com Forscher des Security-Anbieters Socket haben eine koordinierte Kampagne entdeckt, die auf bösartigen Chrome-Add-ons basiert. Die Angreifer haben die Abwehrmechanismen des Chrome Web Stores umgangen und Erweiterungen als Produktivitätswerkzeuge beworben. „Die Erweiterungen arbeiten zusammen, um Authentifizierungs-Token zu stehlen, Incident-Response-Funktionen zu blockieren und durch Session-Hijacking die vollständige Übernahme von Konten zu ermöglichen“, er
    • 0 comments
    • 330 views
  81. CSOonline ·
    T. Schneider – shutterstock.com Forscher des Security-Anbieters Socket haben eine koordinierte Kampagne entdeckt, die auf bösartigen Chrome-Add-ons basiert. Die Angreifer haben die Abwehrmechanismen des Chrome Web Stores umgangen und Erweiterungen als Produktivitätswerkzeuge beworben. „Die Erweiterungen arbeiten zusammen, um Authentifizierungs-Token zu stehlen, Incident-Response-Funktionen zu blockieren und durch Session-Hijacking die vollständige Übernahme von Konten zu ermöglichen“, er
    • 0 comments
    • 333 views
  82. Hacker News ·
    A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions. "These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI assistant reads (a malicious README,View the full article
    • 0 comments
    • 67 views
  83. Hacker News ·
    Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT). The activity delivers "weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script," ReliaQuest said in a report shared withView the full article
    • 0 comments
    • 57 views
  84. Hacker News ·
    The Problem: The Identities Left Behind As organizations grow and evolve, employees, contractors, services, and systems come and go - but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles. The reason they persist isn’t negligence - it’s fragmentation.  Traditional IAM and IGA systems are designedView the full article
    • 0 comments
    • 60 views
  85. Hacker News ·
    Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem. "The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developerView the full article
    • 0 comments
    • 54 views
  86. CSOonline ·
    Security researchers have uncovered a malicious browser extension campaign, dubbed CrashFix, that deliberately crashes victims’ browsers and then uses the resulting confusion to trick users into running attacker-supplied commands. The activity, attributed to a threat cluster Huntress calls KongTuke, involves a fake Chrome extension posing as an ad-blocking tool but ultimately delivering a novel malware payload. The extension, which Huntress identified as NexShield-Advanced Web Protection, w
    • 0 comments
    • 59 views
  87. Hacker News ·
    Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers.  "The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*)," the web infrastructureView the full article
    • 0 comments
    • 60 views
  88. Hacker News ·
    Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed? To find out, Intruder’s research team looked at what traditional vulnerability scanners actually cover and built a new secrets detection method to address gaps in existing approaches.  Applying this at scale by scanning 5 million applications revealed overView the full article
    • 0 comments
    • 60 views
  89. CSOonline ·
    A newly disclosed weakness in Google’s Gemini shows how attackers could exploit routine calendar invitations to influence the model’s behavior, underscoring emerging security risks as enterprises embed generative AI into everyday productivity and decision-making workflows. The vulnerability was identified by application security firm Miggo. In its report, Miggo’s head of research, Liad Eliyahu, said Gemini parses the full context of a user’s calendar events, including titles, times, attendee
    • 0 comments
    • 52 views
  90. CSOonline ·
    For a long time, cybersecurity was pretty straightforward: Guard the edges, and everything inside should be fine. Firewalls, DMZs, VPNs — these were the go-to tools. Back then, it worked. Apps lived in data centers, and everyone showed up at the office. But that world disappeared before most companies even noticed. Remote work, cloud adoption and distributed applications slowly dissolved the network edge. And attackers took advantage of that gap long before defenders adapted. Verizon’s annua
    • 0 comments
    • 70 views
  91. CSOonline ·
    MirasWonderland – shutterstock.com Mit einem gefälschten Video des bekannten Unternehmers Reinhold Würth versuchen Betrüger derzeit, Nutzer im Internet zu dubiosen Geldanlagen zu verleiten. In dem täuschend echt wirkenden Clip lädt eine mutmaßlich mit Hilfe von Künstlicher Intelligen (KI) generierte Version des Milliardärs zu einem vermeintlich exklusiven Investment ein. Im Hintergrund sieht man ein Regal mit Produkten des Handelskonzerns. Das Versprechen: Schnelle Gewinne schon bei geringen
    • 0 comments
    • 333 views
  92. CSOonline ·
    A free, publicly accessible database for IT security vulnerabilities, the db.gcve.eu, has been created by GCVE (Global Cybersecurity Vulnerability Enumeration). The aim is to end dependence on US databases and strengthen digital sovereignty in Europe. The initiative came together after a brief scare over the possible discontinuation of the Common Vulnerabilities and Exposures (CVE) program in 2025. The risk got many concerned forcing the cybersecurity industry to start thinking of alternativ
    • 0 comments
    • 71 views
  93. Hacker News ·
    A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operations, according to new findings from Elliptic. The blockchain intelligence company said Tudou Guarantee has effectively ceased transactions through its public Telegram groups following a period of significant growth. The marketplace is estimated to have processedView the full article
    • 0 comments
    • 65 views
  94. CSOonline ·
    Web browsers have long been the security sinkhole of enterprise infrastructure. While email is often cited as the most common entry point, malware often enters via the browser and is more difficult to prevent. Phishing, drive-by attacks, ransomware, SQL injections, man-in-the-middle (MitM), and other exploits all take advantage of the browser’s creaky user interface and huge attack surface, and the gullibility of most end users. It is this last item — humans — that is the problem, and we nee
    • 0 comments
    • 96 views
  95. CSOonline ·
    Enterprises using Intune mobile application management (MAM) beware: Your apps won’t run soon if you haven’t planned ahead. Microsoft is updating its Intune MAM to support new security requirements starting January 19 or “soon after”, requiring that all iOS-wrapped apps, iOS SDK-integrated apps, and the Intune Company Portal for Android be updated to the latest Intune versions to keep them secure and running. This means that enterprises that haven’t updated to the latest versions will be
    • 0 comments
    • 66 views
  96. CSOonline ·
    Google’s Mandiant security division has come up with an unusual tactic to persuade organizations to stop using the aged and hugely insecure NTLMv1 authentication protocol: publish a data lookup that makes cracking NTLMv1 credentials trivial for attackers. The intention, Mandiant explained, is to draw attention to the fact that, despite decades of evidence that NTLMv1 (NT LAN Manager version 1) is insecure, organizations continue to use it. Anyone can use Mandiant’s Net-NTLMv1 pre-computed ra
    • 0 comments
    • 68 views
  97. Hacker News ·
    Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar as a data extraction mechanism. The vulnerability, Miggo Security's Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar's privacy controls by hiding a dormantView the full article
    • 0 comments
    • 54 views
  98. CSOonline ·
    Summit Art Creations – shutterstock.com Mit db.gcve.eu stellt die GCVE-Initiative (Global Cybersecurity Vulnerability Enumeration) ab sofort eine kostenfreie, öffentlich zugängliche Datenbank für IT-Sicherheitslücken bereit. Ziel ist es, die Abhängigkeit von US-Datenbanken zu beenden und die digitale Souveränität in Europa zu stärken. GCVE-Datenbank soll Schwachstellenmeldung erleichtern Die Plattform führt Informationen aus verschiedenen öffentlichen Ressourcen zusammen. Dazu zählen
    • 0 comments
    • 67 views
  99. Hacker News ·
    In cybersecurity, the line between a normal update and a serious incident keeps getting thinner. Systems that once felt reliable are now under pressure from constant change. New AI tools, connected devices, and automated systems quietly create more ways in, often faster than security teams can react. This week’s stories show how easily a small mistake or hidden service can turn into a realView the full article
    • 0 comments
    • 342 views

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.