Skip to content
View in the app

A better way to browse. Learn more.

hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Security

2445 tech articles in this category

  1. Hacker News ·
    Just a few years ago, the cloud was touted as the “magic pill” for any cyber threat or performance issue. Many were lured by the “always-on” dream, trading granular control for the convenience of managed services. In recent years, many of us have learned (often the hard way) that public cloud service providers are not immune to attacks and SaaS downtime, hiding behind the Shared ResponsibilityView the full article
    • 0 comments
    • 62 views
  2. CSOonline ·
    A coordinated campaign of malicious browser add-ons has bypassed Chrome Web Store’s defenses, weaponizing extensions advertised as productivity tools to steal corporate session tokens and attempt full account takeover. “The extensions work in concert to steal authentication tokens, block incident response capabilities, enable complete account takeover through session hijacking,” researchers wrote in a blog post, revealing a campaign targeted at widely used HR and ERP platforms. The threa
    • 0 comments
    • 54 views
  3. Hacker News ·
    A team of academics from the CISPA Helmholtz Center for Information Security in Germany has disclosed the details of a new hardware vulnerability affecting AMD processors. The security flaw, codenamed StackWarp, can allow bad actors with privileged control over a host server to run malicious code within confidential virtual machines (CVMs), undermining the integrity guarantees provided by AMDView the full article
    • 0 comments
    • 53 views
  4. CSOonline ·
    Python-Libraries sind mit manipulierten Metadaten in KI-Modellen infiziert und können beim Laden Schadcode ausgeführen. Agus_Gatam – shutterstock NeMo, Uni2TS und FlexTok, Python-Bibliotheken für Künstliche Intelligenz (KI) und Machine Learning (ML), die in Hugging-Face-Modellen verwendet werden, haben gravierende Schwächen. Wie Forschende von Palo Alto Networks‘ Unit 42 herausgefunden haben, können Kriminelle diese nutzen, um Schadcode in Metadaten zu verstecken. Einmal eingeschleust, wird
    • 0 comments
    • 332 views
  5. CSOonline ·
    Python-Libraries sind mit manipulierten Metadaten in KI-Modellen infiziert und können beim Laden Schadcode ausgeführen. Agus_Gatam – shutterstock NeMo, Uni2TS und FlexTok, Python-Bibliotheken für Künstliche Intelligenz (KI) und Machine Learning (ML), die in Hugging-Face-Modellen verwendet werden, haben gravierende Schwächen. Wie Forschende von Palo Alto Networks‘ Unit 42 herausgefunden haben, können Kriminelle diese nutzen, um Schadcode in Metadaten zu verstecken. Einmal eingeschleust, wird
    • 0 comments
    • 87 views
  6. CSOonline ·
    Here’s what nobody admits: Your firewall isn’t the problem. Your SIEM isn’t the problem. That shiny new EDR tool you just bought? Also, not the problem. The problem is Steve from accounting, who uses “Password123” because he can’t be bothered to remember anything more complex. The problem is your CISO, who talks about zero trust but still approves exceptions for the CEO’s personal devices. The problem is the unspoken rule that security slows things down, so everyone ends up finding workaroun
    • 0 comments
    • 60 views
  7. CSOonline ·
    zimmytws – shutterstock.com Die Behörden gehen gegen Akteure der Ransomware-Gruppierung Black Basta vor. Dabei wurden Wohnräume in der Ukraine durchsucht und Beweismittel gesichert. Gegen den mutmaßlichen Kopf der Gruppierung wird mit Haftbefehl gefahndet, wie das Bundeskriminalamt (BKA) in Wiesbaden und die Zentralstelle zur Bekämpfung der Internetkriminalität (ZIT) bei der Generalstaatsanwaltschaft Frankfurt berichteten.  Bei Black Basta handele es sich um eine der aktivsten Ransomware
    • 0 comments
    • 58 views
  8. CSOonline ·
    zimmytws – shutterstock.com Die Behörden gehen gegen Akteure der Ransomware-Gruppierung Black Basta vor. Dabei wurden Wohnräume in der Ukraine durchsucht und Beweismittel gesichert. Gegen den mutmaßlichen Kopf der Gruppierung wird mit Haftbefehl gefahndet, wie das Bundeskriminalamt (BKA) in Wiesbaden und die Zentralstelle zur Bekämpfung der Internetkriminalität (ZIT) bei der Generalstaatsanwaltschaft Frankfurt berichteten.  Bei Black Basta handele es sich um eine der aktivsten Ransomware
    • 0 comments
    • 69 views
  9. Hacker News ·
    Cybersecurity researchers have disclosed details of an ongoing campaign dubbed KongTuke that used a malicious Google Chrome extension masquerading as an ad blocker to deliberately crash the web browser and trick victims into running arbitrary commands using ClickFix-like lures to deliver a previously undocumented remote access trojan (RAT) dubbed ModeloRAT. This new escalation of ClickFix hasView the full article
    • 0 comments
    • 58 views
  10. CSOonline ·
    Rona Michele Spiegel’s journey to cybersecurity might seem unconventional to some: She studied the arts. But as someone who grew up when computers first appeared and everyone wanted to experiment with them, she did a lot of multimedia work. She was always interested in technology and discussed with art colleagues about where the world was going regarding electronic “stuff.” “I was doing musical work. I was doing all sorts of what we would call multidisciplinary art. And I played around a lot
    • 0 comments
    • 61 views
  11. CSOonline ·
    As 2026 finds CISOs’ battle against relentless cyberattackers escalating once again, strong and carefully planned cybersecurity projects are the best way to stay a step ahead of attackers and prevent them from gaining the upper hand. From data governance to zero trust, here are several essential cybersecurity projects every CISO should consider adopting in the year ahead. 1. Transforming identity access for the AI era As AI and automation evolve, managing not only employee access but
    • 0 comments
    • 61 views
  12. CSOonline ·
    Many software and SaaS companies are building AI agents into their products, but these features can expand the attack surface of those platforms, especially when rushed to market. A privilege escalation vulnerability revealed last week in ServiceNow’s platform is the latest example of how AI agents capable of executing highly privileged tasks can be abused in unintended ways. The vulnerability, dubbed BodySnatcher by researchers from security firm AppOmni who found it, impacts the Now Assist
    • 0 comments
    • 73 views
  13. Hacker News ·
    Cybersecurity researchers have disclosed a cross-site scripting (XSS) vulnerability in the web-based control panel used by operators of the StealC information stealer, allowing them to gather crucial insights on one of the threat actors using the malware in their operations. "By exploiting it, we were able to collect system fingerprints, monitor active sessions, and – in a twist that willView the full article
    • 0 comments
    • 59 views
  14. CSOonline ·
    In my recent conversation with CISOs across Southeast Asia, they shared with me a pragmatic view of 2026. Attackers are shifting tactics, AI is amplifying both risk and response, and IT-OT boundaries are blurring. Three priorities stand out to me, hardening cloud and AI infrastructure, treating identity as the active perimeter, and operationalizing resilience as capability and, in select sectors – as a service. Cloud and AI become high‑value targets Multi‑cloud adoption and sprawling Saa
    • 0 comments
    • 53 views
  15. Hacker News ·
    Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union's Most Wanted and INTERPOL's Red Notice lists, authoritiesView the full article
    • 0 comments
    • 54 views
  16. Hacker News ·
    OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription globally. "You need to know that your data and conversations are protected and never sold to advertisers," OpenAI said. "And we need to keep a high bar and giveView the full article
    • 0 comments
    • 60 views
  17. CSOonline ·
    A new Top 10 Cybersecurity Innovators profile by AppGuard has been released, spotlighting growing concerns over AI-enhanced malware. AI makes malware even more difficult to detect. Worse, they use AI to assess, adapt, and move faster than any cyber stack can keep up. The report advocates for a fundamental change in approach, highlighting the limitations of reactive security measures. Rather than constantly adding or changing detection layers of cyber stacks, the profile emphasizes the import
    • 0 comments
    • 70 views
  18. CSOonline ·
    Better late than never. Cisco this week patched a ‘critical’ zero-day flaw in the company’s email security and management gateways that has hung over customers’ heads since December. Tracked as CVE-2025-20393, the vulnerability affects Cisco’s AsyncOS Software running on the physical or virtual Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) products. The issue is serious, allowing an attacker to take over an appliance with root privileges when the Spam Quarantine feat
    • 0 comments
    • 56 views
  19. Hacker News ·
    The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. "The actor creates a malformed archive as an anti-analysis technique," Expel security researcher Aaron Walton said in a report shared with The Hacker News. "That is, many unarchiving toolsView the full article
    • 0 comments
    • 58 views
  20. CSOonline ·
    The finding of fresh privilege-escalation vulnerabilities in Google’s Vertex AI is a stark reminder to CISOs that managing AI service agents is a task unlike any that they have encountered before. XM Cyber reported two different issues with Vertex AI on Thursday, in which default configurations allow low-privileged users to pivot into higher-privileged Service Agent roles. But, it said, Google told it the system is just working as intended. “The OWASP Agentic Top 10 just codified identit
    • 0 comments
    • 55 views
  21. Hacker News ·
    Cybersecurity researchers have discovered five new malicious Google Chrome web browser extensions that masquerade as human resources (HR) and enterprise resource planning (ERP) platforms like Workday, NetSuite, and SuccessFactors to take control of victim accounts. "The extensions work in concert to steal authentication tokens, block incident response capabilities, and enable complete accountView the full article
    • 0 comments
    • 56 views
  22. CSOonline ·
    Security researchers have confirmed active exploitation of a maximum-severity privilege escalation flaw in the widely used Modular DS plugin, a tool used to monitor, update, and manage multiple WordPress sites from a single console. The bug, tracked as CVE-2026-23550, was assigned a CVSS score of 10.0 for its ability to enable an unauthenticated attacker to gain full admin access on thousands of vulnerable sites. Disclosed by the WordPress security company, Patchstack, the flaw affects M
    • 0 comments
    • 46 views
  23. CSOonline ·
    Security researchers have confirmed active exploitation of a maximum-severity privilege escalation flaw in the widely used Modular DS plugin, a tool used to monitor, update, and manage multiple WordPress sites from a single console. The bug, tracked as CVE-2026-23550, was assigned a CVSS score of 10.0 for its ability to enable an unauthenticated attacker to gain full admin access on thousands of vulnerable sites. Disclosed by the WordPress security company, Patchstack, the flaw affects M
    • 0 comments
    • 54 views
  24. CSOonline ·
    Summit Art Creations – shutterstock.com Auch in diesem Jahr spielt das Thema Cybersicherheit eine wichtige Rolle auf dem Weltwirtschaftsforum (WEF) in Davos. So prognostiziert etwa der Global Cybersecurity Outlook 2026, dass Cyberrisiken durch Fortschritte in der künstlichen Intelligenz (KI), die zunehmende geopolitische Fragmentierung und die Komplexität der Lieferketten verschärft werden. Der Bericht knüpft damit den Schlussforderungen des WEF im vergangenen Jahr an, wonach eine Reihe
    • 0 comments
    • 53 views
  25. CSOonline ·
    Summit Art Creations – shutterstock.com Auch in diesem Jahr spielt das Thema Cybersicherheit eine wichtige Rolle auf dem Weltwirtschaftsforum (WEF) in Davos. So prognostiziert etwa der Global Cybersecurity Outlook 2026, dass Cyberrisiken durch Fortschritte in der künstlichen Intelligenz (KI), die zunehmende geopolitische Fragmentierung und die Komplexität der Lieferketten verschärft werden. Der Bericht knüpft damit den Schlussforderungen des WEF im vergangenen Jahr an, wonach eine Reihe
    • 0 comments
    • 58 views
  26. Hacker News ·
    You lock your doors at night. You avoid sketchy phone calls. You’re careful about what you post on social media. But what about the information about you that’s already out there—without your permission? Your name. Home address. Phone number. Past jobs. Family members. Old usernames. It’s all still online, and it’s a lot easier to find than you think. The hidden safety threat lurking online MostView the full article
    • 0 comments
    • 52 views
  27. Hacker News ·
    Security experts have disclosed details of a new campaign that has targeted U.S. government and policy entities using politically themed lures to deliver a backdoor known as LOTUSLITE. The targeted malware campaign leverages decoys related to the recent geopolitical developments between the U.S. and Venezuela to distribute a ZIP archive ("US now deciding what's next for Venezuela.zip")View the full article
    • 0 comments
    • 57 views
  28. Hacker News ·
    A threat actor likely aligned with China has been observed targeting critical infrastructure sectors in North America since at least last year. Cisco Talos, which is tracking the activity under the name UAT-8837, assessed it to be a China-nexus advanced persistent threat (APT) actor with medium confidence based on tactical overlaps with other campaigns mounted by threat actors from the region.View the full article
    • 0 comments
    • 60 views
  29. CSOonline ·
    Economic pressures, AI-driven job displacement, and relentless organizational churn are driving insider risk to its highest level in years. Workforce instability erodes loyalty and heightens grievances. The accelerating deployment of powerful new tools, such as AI agents, amplifies the threats from within, both human and machine. In 2025, according to RationalFX and other job trackers, the global technology sector saw roughly 245,000 layoffs announced across hundreds of companies. These figu
    • 0 comments
    • 95 views
  30. Hacker News ·
    Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly a month after the company disclosed that it had been exploited as a zero-day by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686. The vulnerability, tracked as CVE-2025-20393 (CVSSView the full article
    • 0 comments
    • 59 views
  31. CSOonline ·
    mikeledray | shutterstock.com Vor seinen MAGA- und DOGE-Eskapaden wurde Elon Musk in erster Linie als visionärer Entrepreneur wahrgenommen. Damals, im Jahr 2010, ließ er den Mitarbeitern seines Raumfahrtunternehmens SpaceX ein Memo zukommen. Darin kritisierte er den übermäßigen, internen Gebrauch von Abkürzungen in gewohnt ausdrucksstarkem Stil: “Bei SpaceX gibt es eine schleichende Tendenz, erfundene Akronyme zu nutzen. Geschieht das exzessiv, wird die Kommunikation erheblich beeinträchtigt
    • 0 comments
    • 307 views
  32. CSOonline ·
    mikeledray | shutterstock.com Vor seinen MAGA- und DOGE-Eskapaden wurde Elon Musk in erster Linie als visionärer Entrepreneur wahrgenommen. Damals, im Jahr 2010, ließ er den Mitarbeitern seines Raumfahrtunternehmens SpaceX ein Memo zukommen. Darin kritisierte er den übermäßigen, internen Gebrauch von Abkürzungen in gewohnt ausdrucksstarkem Stil: “Bei SpaceX gibt es eine schleichende Tendenz, erfundene Akronyme zu nutzen. Geschieht das exzessiv, wird die Kommunikation erheblich beeinträchtigt
    • 0 comments
    • 96 views
  33. CSOonline ·
    AI copilots are incredibly intelligent and useful — but they can also be naive, gullible, and even dumb at times. A new one-click attack flow discovered by Varonis Threat Labs researchers underscores this fact. ‘Reprompt,’ as they’ve dubbed it, is a three-step attack chain that completely bypasses security controls after an initial LLM prompt, giving attackers invisible, undetectable, unlimited access. “AI assistants have become trusted companions where we share sensitive information, se
    • 0 comments
    • 61 views
  34. CSOonline ·
    Palo Alto Networks has issued patches for its PAN-OS firewall platform after a researcher uncovered a high-severity vulnerability which could be exploited by attackers to cause a denial-of-service (DoS). The flaw, identified as CVE-2026-0227 with a CVSS 7.7 (‘high’) severity rating, affects customers running PAN-OS NGFW (Next-Generation Firewall) or Prisma Access configurations with the company’s GlobalProtect remote access gateway or portal enabled. Unpatched, this would make it possibl
    • 0 comments
    • 59 views
  35. CSOonline ·
    An AWS misconfiguration in its code building service could have led to a massive number of compromised key AWS GitHub code repositories and applications, say researchers at Wiz who discovered the problem. The vulnerability stemmed from a subtle flaw in how the repositories’ AWS CodeBuild CI (continuous integration) pipelines handled build triggers. “Just two missing characters in a regex filter allowed unauthenticated attackers to infiltrate the build environment and leak privileged credenti
    • 0 comments
    • 49 views
  36. CSOonline ·
    Utrecht-based Eurail BV has acknowledged that customer information has been involved in a cybersecurity incident. According to an official statement, an unauthorized person gained access to the company’s customer database. The following data may be affected: Identification data: First name, last name, date of birth, gender Contact details: Email address, home address, telephone number Passport details: Passport number, country of issue and expiry date No evidence of data mi
    • 0 comments
    • 63 views
  37. Hacker News ·
    A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible disclosure onView the full article
    • 0 comments
    • 60 views
  38. Hacker News ·
    A maximum-severity security flaw in a WordPress plugin called Modular DS has come under active exploitation in the wild, according to Patchstack. The vulnerability, tracked as CVE-2026-23550 (CVSS score: 10.0), has been described as a case of unauthenticated privilege escalation impacting all versions of the plugin prior to and including 2.5.1. It has been patched in version 2.5.2. The pluginView the full article
    • 0 comments
    • 48 views
  39. Hacker News ·
    Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence (AI) chatbots like Microsoft Copilot in a single click, while bypassing enterprise security controls entirely. "Only a single click on a legitimate Microsoft link is required to compromise victims," Varonis securityView the full article
    • 0 comments
    • 46 views
  40. Hacker News ·
    The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere. This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in. Read on to catch up before the next wave hits. Unauthenticated RCE risk Security Flaw in RedisView the full article
    • 0 comments
    • 51 views
  41. CSOonline ·
    Rasmus Lindkvist – shutterstock.com Der Interrail-Pass ermöglicht seit mehr als fünfzig Jahren günstige Bahnfahrten quer durch Europa. Hinter dem Pauschalangebot steht die Eurail B.V. mit Sitz im niederländischen Utrecht. Der Anbieter räumt nun ein, dass es zu einem Sicherheitsvorfall gekommen ist. Wie in einer offiziellen Mitteilung erklärt wird, hat sich eine unbefugte Person Zugriff auf die Kundendatenbank des Unternehmens verschafft. Folgende Daten können betroffen sein: Identit
    • 0 comments
    • 49 views
  42. Hacker News ·
    As AI copilots and assistants become embedded in daily work, security teams are still focused on protecting the models themselves. But recent incidents suggest the bigger risk lies elsewhere: in the workflows that surround those models. Two Chrome extensions posing as AI helpers were recently caught stealing ChatGPT and DeepSeek chat data from over 900,000 users. Separately, researchersView the full article
    • 0 comments
    • 47 views
  43. CSOonline ·
    A critical command injection issue in Fortinet FortiSIEM has been disclosed along with public exploit code, and researchers claim attackers could have been remotely achieving unauthenticated root access to the SIEM platform for nearly three years. The flaw belongs to a class of weakness in FortiSIEM, going back to 2023 and 2024. Tracked as CVE-2025-64155, the vulnerability affects the phMonitor service, an internal FortiSIEM component that runs elevated privileges and plays a central role in
    • 0 comments
    • 366 views
  44. Hacker News ·
    It’s 2026, yet many SOCs are still operating the way they did years ago, using tools and processes designed for a very different threat landscape. Given the growth in volumes and complexity of cyber threats, outdated practices no longer fully support analysts’ needs, staggering investigations and incident response. Below are four limiting habits that may be preventing your SOC from evolving atView the full article
    • 0 comments
    • 67 views
  45. Hacker News ·
    Microsoft on Wednesday announced that it has taken a "coordinated legal action" in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses. The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that has allowed it to confiscate the maliciousView the full article
    • 0 comments
    • 55 views
  46. CSOonline ·
    shihabsarkar – shutterstock.com In einer konzertierten Aktion haben Strafverfolgungsbehörden in Deutschland, den USA und Großbritannien zusammen mit Microsoft den globalen Cyberkriminalitätsdienst RedVDS zerschlagen. Das bestätigten die Zentralstelle für Internet- und Computerkriminalität (ZIT) bei der Generalstaatsanwaltschaft in Frankfurt sowie das Landeskriminalamt Brandenburg in einer gemeinsamen Erklärung. Die Strafverfolgungsbehörden aus Deutschland waren maßgeblich an den Ermittlu
    • 0 comments
    • 61 views
  47. CSOonline ·
    shihabsarkar – shutterstock.com In einer konzertierten Aktion haben Strafverfolgungsbehörden in Deutschland, den USA und Großbritannien zusammen mit Microsoft den globalen Cyberkriminalitätsdienst RedVDS zerschlagen. Das bestätigten die Zentralstelle für Internet- und Computerkriminalität (ZIT) bei der Generalstaatsanwaltschaft in Frankfurt sowie das Landeskriminalamt Brandenburg in einer gemeinsamen Erklärung. Die Strafverfolgungsbehörden aus Deutschland waren maßgeblich an den Ermittlu
    • 0 comments
    • 53 views
  48. Hacker News ·
    Palo Alto Networks has released security updates for a high-severity security flaw impacting GlobalProtect Gateway and Portal, for which it said there exists a proof-of-concept (PoC) exploit. The vulnerability, tracked as CVE-2026-0227 (CVSS score: 7.7), has been described as a denial-of-service (DoS) condition impacting GlobalProtect PAN-OS software arising as a result of an improper check forView the full article
    • 0 comments
    • 43 views
  49. CSOonline ·
    A massive surge in attacks on the npm ecosystem over the past year reveals a stark shift in the software supply‑chain threat landscape. What once amounted to sloppy typosquatting attempts has evolved into coordinated, credential-driven intrusions targeting maintainers, CI pipelines, and the trusted automation that underpins modern development. For security leaders, these aren’t niche developer mishaps anymore — they’re a direct pathway into production systems, cloud infrastructure, and m
    • 0 comments
    • 62 views
  50. CSOonline ·
    AI fuzzing definition AI fuzzing has expanded beyond machine learning to use generative AI and other advanced techniquesto find vulnerabilities in an application or system. Fuzzing has been around for a while, but it’s been too hard to do and hasn’t gained much traction with enterprises. Adding AI promises to make the tools easier to use and more flexible. How fuzzing works In 2019, AI meant machine learning, and it was emerging as a new technique for generating test cases. The way t
    • 0 comments
    • 60 views
  51. CSOonline ·
    Ransomware attacks remain among the most common attack methods. As recent analyses show, cyber gangs are increasingly threatening their victims with reporting violations of regulations such as the GDPR to supervisory authorities. Researchers at the security provider Akamai have observed an increasing trend in this tactic over the past two years. As an example, the security vendor points to ransomware group Anubis. Its members reportedly focus primarily on industries with high compliance risk
    • 0 comments
    • 47 views
  52. CSOonline ·
    Researchers have uncovered a new sophisticated and modular malware framework designed to operate stealthily inside Linux systems and containers. The framework seems to have been designed by Chinese developers with in-depth knowledge of Linux internals and was created to be used against cloud servers. “The framework, internally referred to by its original developers as VoidLink, is a cloud-first implant written in Zig and designed to operate in modern infrastructure,” researchers from securit
    • 0 comments
    • 57 views
  53. CSOonline ·
    Popular vibe coding platforms consistently generate insecure code in response to common programming prompts, including creating vulnerabilities rated as ‘critical,’ new testing has found. Security startup Tenzai’s top-line conclusion: the tools are good at avoiding security flaws that can be solved in a generic way, but struggle where what distinguishes safe from dangerous depends on context. The assessment, which it conducted in December 2025, compared five of the best-known vibe coding
    • 0 comments
    • 57 views
  54. CSOonline ·
    The near-total internet blackout imposed by the Iranian government starting January 8, reportedly due to a crackdown on protesters, may offer a rare opportunity to SOC staffers and other cybersecurity analysts, briefly allowing all government traffic sources to be identified and digitally fingerprinted, a massive help in tracking Iranian state actors. Among global malicious state actors, Iran is near the top, behind China, Russia and North Korea, which suggests that this kind of intel on Ira
    • 0 comments
    • 68 views
  55. Hacker News ·
    The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times, capable of directing enslaved devices to participate in distributed denial-of-service (DDoS)View the full article
    • 0 comments
    • 57 views
  56. Hacker News ·
    AI agents have quickly moved from experimental tools to core components of daily workflows across security, engineering, IT, and operations. What began as individual productivity aids, like personal code assistants, chatbots, and copilots, has evolved into shared, organization-wide agents embedded in critical processes. These agents can orchestrate workflows across multiple systems, for example:View the full article
    • 0 comments
    • 57 views
  57. Hacker News ·
    Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. "Attackers achieve evasion by pairing a malicious libcares-2.dll with any signed version of the legitimate ahost.exe (View the full article
    • 0 comments
    • 56 views
  58. CSOonline ·
    SpyCloud, the leader in identity threat protection, today announced the launch of its Supply Chain Threat Protection solution, an advanced layer of defense that expands identity threat protection across the extended workforce, including organizations’ entire vendor ecosystems. Unlike traditional third-party risk management platforms that rely on external surface indicators and static scoring, SpyCloud Supply Chain Threat Protection provides timely access to identity threats derived from billions
    • 0 comments
    • 62 views
  59. CSOonline ·
    CrowdStrike has agreed to acquire Israel-based Seraphic Security, a browser runtime security company, to extend its Falcon platform to browser-native enterprise security. Expected to close by April, the acquisition will allow CrowdStrike to integrate Seraphic’s browser-native protection with its Falcon endpoint telemetry and threat intelligence capabilities. The move comes just days after CrowdStrike announced plans to acquire SGNL, a continuous identity authorization company. Browser as
    • 0 comments
    • 53 views
  60. Hacker News ·
    Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system. "An improper neutralization of special elements used in an OS command ('OS commandView the full article
    • 0 comments
    • 53 views
  61. Hacker News ·
    Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024.  Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%). Download theView the full article
    • 0 comments
    • 44 views
  62. CSOonline ·
    rame435 – shutterstock.com In der Stadt Halle (Saale) ist es am Samstag (10. Januar) zu einem Fehlalarm gekommen. Gegen 22 Uhr heulten alle betriebsfähigen Sirenen auf, begleitet von einer englischsprachigen Durchsage: “Active shooter. Lockdown now” (Bewaffneter Angreifer aktiv. Sofortiger Lockdown). Wie die Stadtverwaltung mitteilte, handelt es sich bei der Ursache nach aktuellen Kenntnissen höchstwahrscheinlich um einen Cyberangriff. Wie Oberbürgermeister Alexander Vogt und Tobias Tesc
    • 0 comments
    • 162 views
  63. CSOonline ·
    rame435 – shutterstock.com In der Stadt Halle (Saale) ist es am Samstag (10. Januar) zu einem Fehlalarm gekommen. Gegen 22 Uhr heulten alle betriebsfähigen Sirenen auf, begleitet von einer englischsprachigen Durchsage: “Active shooter. Lockdown now” (Bewaffneter Angreifer aktiv. Sofortiger Lockdown). Wie die Stadtverwaltung mitteilte, handelt es sich bei der Ursache nach aktuellen Kenntnissen höchstwahrscheinlich um einen Cyberangriff. Wie Oberbürgermeister Alexander Vogt und Tobias Tesc
    • 0 comments
    • 163 views
  64. CSOonline ·
    The White House’s March 2025 Executive Order (EO) on “Achieving Efficiency Through State and Local Preparedness” raised an issue of utmost importance for national security and our critical infrastructure. As noted in the order, “federal policy must rightly recognize that preparedness is most effectively owned and managed at the state, local and even individual levels, supported by a competent, accessible and efficient federal government.” Despite claims from various cybersecurity leaders
    • 0 comments
    • 52 views
  65. Hacker News ·
    Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote codeView the full article
    • 0 comments
    • 45 views
  66. CSOonline ·
    Nathakorn Tedsaard – shutterstock.com Künstliche Intelligenz (KI) hat sich nach Einschätzung der Allianz zu einem der größten globalen Geschäftsrisiken für Unternehmen entwickelt. Im neuen “Risikobarometer” des Unternehmensversicherers Allianz Commercial ist die KI vom zehnten auf den zweiten Platz hinter dem langjährigen Spitzenreiter Cyberkriminalität emporgeschossen. Beides steht in Zusammenhang: Kriminelle Hacker nutzen demnach in wachsendem Umfang KI für ihre Attacken. Doch kann die
    • 0 comments
    • 99 views
  67. CSOonline ·
    Nathakorn Tedsaard – shutterstock.com Künstliche Intelligenz (KI) hat sich nach Einschätzung der Allianz zu einem der größten globalen Geschäftsrisiken für Unternehmen entwickelt. Im neuen “Risikobarometer” des Unternehmensversicherers Allianz Commercial ist die KI vom zehnten auf den zweiten Platz hinter dem langjährigen Spitzenreiter Cyberkriminalität emporgeschossen. Beides steht in Zusammenhang: Kriminelle Hacker nutzen demnach in wachsendem Umfang KI für ihre Attacken. Doch kann die
    • 0 comments
    • 92 views
  68. Hacker News ·
    Node.js has released updates to fix what it described as a critical security issue impacting "virtually every production Node.js app" that, if successfully exploited, could trigger a denial-of-service (DoS) condition. "Node.js/V8 makes a best-effort attempt to recover from stack space exhaustion with a catchable error, which frameworks have come to rely on for service availability," Node.js'sView the full article
    • 0 comments
    • 52 views
  69. CSOonline ·
    The White House moved to restart an urgent stalled priority by renominating well-regarded Coast Guard and Energy Department cyber veteran Sean Plankey as CISA director. Experts say the step offers some relief but does not go far enough to resolve the broader congressional inaction still straining the nation’s cyber defenses. Some have faulted the White House for a lack of engagement in cyber issues and their advancement through Congress, while others say congressional dysfunction is the larg
    • 0 comments
    • 47 views
  70. Hacker News ·
    The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of new cyber attacks targeting its defense forces with malware known as PLUGGYAPE between October and December 2025. The activity has been attributed with medium confidence to a Russian hacking group tracked as Void Blizzard (aka Laundry Bear or UAC-0190). The threat actor is believed to be active since at leastView the full article
    • 0 comments
    • 47 views
  71. CSOonline ·
    Cybersicherheit zu messen, ist kein Kinderspiel. Foto: Ultraskrip – shutterstock.com Eine wichtige Säule jedes ausgereiften Cyberrisk-Programms ist die Fähigkeit, die Performance der IT-Security und registrierte Bedrohungen zu messen, zu analysieren und zu melden. Die Cybersecurity zu messen, ist allerdings kein leichtes Unterfangen: Einerseits, weil sich viele Führungskräfte ohne entsprechenden Background schwer tun, IT-Risiken zu verstehen. Andererseits verstricken sich Sicherheitsprofis auch
    • 0 comments
    • 53 views
  72. CSOonline ·
    Eight critical vulnerabilities and an actively exploited zero day highlight Microsoft’s first Patch Tuesday announcements for 2026. Most of the higher scoring vulnerabilities impact Office products, with two holes in SharePoint scoring an 8.8 on the CVSS scale. “Last year’s abuse of SharePoint by Chinese APTs to deploy ToolShell against organizations should serve as a warning that SharePoint- and Office-related vulnerabilities can quickly become popular with threat actors,” noted Nick Ca
    • 0 comments
    • 86 views
  73. CSOonline ·
    Cybersecurity risk will accelerate this year, fueled by advances in AI, deepening geopolitical fragmentation and the complexity of supply chains, the World Economic Forum (WEF) says in its annual Global Cybersecurity Outlook. The way to combat it, however, isn’t new, the report adds. “Ultimately, strengthening collective cyber resilience has become both an economic and a societal imperative. Cybersecurity is a frontier where collaboration remains not only possible, but powerful — a reminder
    • 0 comments
    • 62 views
  74. Hacker News ·
    Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay. "Enterprise organizations that are clients of these payment providers are the most likely to be impacted," Silent Push said in a report published today.View the full article
    • 0 comments
    • 50 views
  75. Hacker News ·
    Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that's capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform. The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is stillView the full article
    • 0 comments
    • 50 views
  76. CSOonline ·
    Digitala World – shutterstock.com Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an die Aufsichtsbehörden zu melden. So haben Forscher des Security-Anbieters Akamai bereits in den vergangenen zwei Jahren einen zunehmenden Trend bei dieser Taktik beobachtet. Als Beispiel verweisen die Sicherheitsspezialisten auf die Ransomware-Gruppe Anub
    • 0 comments
    • 157 views
  77. CSOonline ·
    Digitala World – shutterstock.com Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an die Aufsichtsbehörden zu melden. So haben Forscher des Security-Anbieters Akamai bereits in den vergangenen zwei Jahren einen zunehmenden Trend bei dieser Taktik beobachtet. Als Beispiel verweisen die Sicherheitsspezialisten auf die Ransomware-Gruppe Anub
    • 0 comments
    • 67 views
  78. compuquip ·
    Detection engineering has never been about writing perfect rules. It has always been about managing tradeoffs coverage versus noise, speed versus accuracy, flexibility versus maintainability. As AI becomes embedded in SOC workflows, those tradeoffs don’t disappear. They change. In an AI-enabled SOC, detection engineering is no longer about forcing logic to answer a single question - is this malicious or not? Instead, it’s about designing detections that produce clean, meaningful signals th
    • 0 comments
    • 61 views
  79. Hacker News ·
    AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks. Behind every agentic workflow sits a layer few organizations are actively securing: Machine ControlView the full article
    • 0 comments
    • 58 views
  80. CSOonline ·
    A high-severity flaw in Broadcom WiFi chipset software can allow an attacker within radio range to completely knock wireless networks offline by sending a single malicious frame, forcing routers to be manually rebooted before connectivity can be restored. The flaw, uncovered by the Cybersecurity Research Center (CyRC) at Black Duck during fuzz testing of 802.11 protocol implementations, affects 5GHz wireless networks and causes all connected clients, including guest networks, to be disconnec
    • 0 comments
    • 44 views
  81. Hacker News ·
    Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that's specifically designed for long-term, stealthy access to Linux-based cloud environments According to a new report from Check Point Research, the cloud-native Linux malware framework comprises an array of custom loaders, implants, rootkits, and modularView the full article
    • 0 comments
    • 47 views
  82. Hacker News ·
    Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about "new" threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures. But looking around, it seems like the most effective attacks in 2025 are pretty much the same as they were in 2015. Attackers are exploiting the same entry points thatView the full article
    • 0 comments
    • 47 views
  83. Hacker News ·
    ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user. The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0 "This issue [...] could enable an unauthenticated user to impersonate another user andView the full article
    • 0 comments
    • 50 views
  84. CSOonline ·
    I have stared at enough scanner dashboards to recognize the pattern. SAST flags theoretical flaws that never execute. DAST shrugs because the route to the vulnerable function is blocked. SCA floods the zone with CVEs that never touch a hot path. MAST scolds my mobile app for secrets I retired last quarter. These tools are still essential, yet they now form a baseline rather than a destination. The next chapter is not another “silver bullet” product; it is a shift toward posture, provenance and p
    • 0 comments
    • 74 views
  85. Hacker News ·
    Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. "The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes aView the full article
    • 0 comments
    • 49 views
  86. Hacker News ·
    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a high-severity security flaw impacting Gogs by adding it to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability, tracked as CVE-2025-8110 (CVSS score: 8.7), relates to a case of path traversal in the repository file editor that could result in code execution. "Gogs PathView the full article
    • 0 comments
    • 45 views
  87. CSOonline ·
    Venture capital may be flowing to trendy AI security startups, but battle-tested CISOs seem to be sticking with tried-and-true, name-brand technology partners for their AI-enabled security needs. That’s the key takeaway from CSO’s 2025 Security Priorities Study, which collected responses from more than 640 senior security executives from across the globe. When asked to rank leaders in AI-powered security, the largest and most well-known security vendors topped CISOs’ lists. The criteria
    • 0 comments
    • 53 views
  88. CSOonline ·
    Prominent crime forum BreachForums has suffered a new and possibly fatal blow to its reputation after the revelation that a database of thousands of criminals using it was stolen months ago. News of the breach emerged publicly on January 9 when a zip archive containing a MySQL database of 323,986 BreachForums users appeared on shinyhunte[.]rs, a domain reportedly unconnected to the infamous extortion group of the same name. According to Have I Been Pwned, the data breach happened last Au
    • 0 comments
    • 62 views
  89. Hacker News ·
    Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers' OAuth credentials. One such package, named "n8n-nodes-hfgjf-irtuinvcm-lasdqewriit," mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and thenView the full article
    • 0 comments
    • 48 views
  90. CSOonline ·
    FAMArtPhotography – shutterstock.com Heutige Anwendungen basieren auf zahlreichen Komponenten, von denen jede zusammen mit den Entwicklungsumgebungen selbst eine Angriffsfläche darstellt. Unabhängig davon, ob Unternehmen Code intern entwickeln oder sich auf Drittanbieter verlassen, sollten CISOs, Sicherheitsexperten und Entwickler der Software-Supply-Chain besondere Aufmerksamkeit schenken. Zu den Risiken zählen zum Beispiel React2Shell, Shai-Hulud oder XZ Utils, alles Schwachstellen in
    • 0 comments
    • 47 views
  91. CSOonline ·
    FAMArtPhotography – shutterstock.com Heutige Anwendungen basieren auf zahlreichen Komponenten, von denen jede zusammen mit den Entwicklungsumgebungen selbst eine Angriffsfläche darstellt. Unabhängig davon, ob Unternehmen Code intern entwickeln oder sich auf Drittanbieter verlassen, sollten CISOs, Sicherheitsexperten und Entwickler der Software-Supply-Chain besondere Aufmerksamkeit schenken. Zu den Risiken zählen zum Beispiel React2Shell, Shai-Hulud oder XZ Utils, alles Schwachstellen in
    • 0 comments
    • 46 views
  92. Hacker News ·
    This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry points once basic safeguards were ignored. Attackers didn’t need novel tricks. They used what was already exposed and moved in without resistance. Scale amplified the damage. A single weak configuration rippled out to millions. A repeatable flaw worked again andView the full article
    • 0 comments
    • 163 views
  93. CSOonline ·
    Threat actors were spotted weaponizing the n8n automation ecosystem this week, slipping malicious npm packages into its marketplace of community-maintained nodes. The deceptive packages, disguised as legitimate integrations like Google Ads connectors, lured developers into connecting OAuth and API keys, enabling attackers to extract sensitive tokens and credentials through a seemingly routine workflow execution. According to Endor Labs, which discovered the campaign, the attack represent
    • 0 comments
    • 59 views
  94. Hacker News ·
    A new wave of GoBruteforcer attacks has targeted databases of cryptocurrency and blockchain projects to co-opt them into a botnet that's capable of brute-forcing user passwords for services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux servers. "The current wave of campaigns is driven by two factors: the mass reuse of AI-generated server deployment examples that propagate commonView the full article
    • 0 comments
    • 55 views
  95. CSOonline ·
    Iran-linked advanced persistent threat group MuddyWater has deployed a Rust-based implant in an ongoing espionage campaign targeting organizations in Israel and other Middle Eastern countries, according to CloudSEK. CloudSEK’s TRIAD team said it identified the spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities across the Middle East. The campaign uses icon spoofing and malicious Word documents to deliver RustyWater, which the researchers described as “a R
    • 0 comments
    • 58 views
  96. Hacker News ·
    Anthropic has become the latest Artificial intelligence (AI) company to announce a new suite of features that allows users of its Claude platform to better understand their health information. Under an initiative called Claude for Healthcare, the company said U.S. subscribers of Claude Pro and Max plans can opt to give Claude secure access to their lab results and health records by connecting toView the full article
    • 0 comments
    • 50 views
  97. CSOonline ·
    ekavector – shutterstock.com Angesichts der wachsenden Gefahr von Angriffen will die Bundesrepublik ihre Zusammenarbeit mit Israel im Sicherheitsbereich ausbauen. Ziel sei mehr Schutz für Deutschland, sagte Bundesinnenminister Alexander Dobrindt (CSU) bei einem Besuch in Israel. Er unterzeichnete zusammen mit dem israelischen Ministerpräsidenten Benjamin Netanjahu einen Cyber- und Sicherheitspakt.  Konkret geht es unter anderem um eine enge Vernetzung der Sicherheitsbehörden beider Lände
    • 0 comments
    • 91 views
  98. CSOonline ·
    ekavector – shutterstock.com Angesichts der wachsenden Gefahr von Angriffen will die Bundesrepublik ihre Zusammenarbeit mit Israel im Sicherheitsbereich ausbauen. Ziel sei mehr Schutz für Deutschland, sagte Bundesinnenminister Alexander Dobrindt (CSU) bei einem Besuch in Israel. Er unterzeichnete zusammen mit dem israelischen Ministerpräsidenten Benjamin Netanjahu einen Cyber- und Sicherheitspakt.  Konkret geht es unter anderem um eine enge Vernetzung der Sicherheitsbehörden beider Lände
    • 0 comments
    • 90 views
  99. Hacker News ·
    Cybersecurity researchers have shed light on two service providers that supply online criminal networks with the necessary tools and infrastructure to fuel the pig butchering-as-a-service (PBaaS) economy. At least since 2016, Chinese-speaking criminal groups have erected industrial-scale scam centers across Southeast Asia, creating special economic zones that are devoted to fraudulent investmentView the full article
    • 0 comments
    • 43 views

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.