🚨 Alert — GitHub Desktop & GitHub projects have critical vulnerabilities that can expose your credentials to attackers.

🔑 CVE-2024-53263 – Git LFS leaks credentials via crafted URLs.
⚡ CVE-2024-50338 – GitHub CLI sends tokens to attacker-controlled hosts.

Attackers can use this to gain unauthorized access to your private repositories.

🔗 Read full details: https://thehackernews.com/2025/01/github-desktop-vulnerability-risks.html

🛑 Urgent: Apple has released a software update to patch a zero-day vulnerability (CVE-2025-24085) actively exploited in the wild, affecting iPhones, iPads, Macs, Apple TVs, and more.

This flaw could allow malicious apps to escalate privileges and take control of your device.

👉 Read: https://thehackernews.com/2025/01/apple-patches-actively-exploited-zero.html

🚨 DeepSeek, an AI startup that became insanely popular overnight, is disrupting OpenAI’s dominance.

However, the company is now facing cyberattacks, forcing it to temporarily pause new signups to protect its services.

Explore the full story: https://thehackernews.com/2025/01/top-rated-chinese-ai-app-deepseek.html

🚨 UPDATE: PoC Released for CVE-2024-55591, a vulnerability in the jsconsole functionality that could allow attackers to add a new administrative account.

Nearly 45,000 hosts remain vulnerable as of January 27, 2025.

Read: https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html

🛑 Three Russian GRU officers are sanctioned for carrying out malicious cyber activities against Estonia.

Breach affected Estonia’s Foreign Affairs, Economic Affairs, and Health Ministries.

👉 Read more on the full story: https://thehackernews.com/2025/01/eu-sanctions-3-russian-nationals-for.html

🔑 Is Your Password Hash Secure Enough? Modern attackers use GPU-powered tools to crack even long, complex passwords protected by weak algorithms.

Don’t leave your passwords exposed. Discover how to defeat password-cracking tools and protect your accounts: https://thehackernews.com/2025/01/how-long-does-it-take-hackers-to-crack.html

🚨 ALERT: Cybercriminals are hijacking ESXi systems to tunnel traffic and remain hidden on networks for extended periods.

Native tools like SSH allow attackers to blend in with legitimate traffic, bypassing detection and making it nearly impossible to spot them.

Read: https://thehackernews.com/2025/01/ransomware-targets-esxi-systems-via.html

The #1 threat to technical work at scale is poor communication.

A study conducted by Harvard University, the Carnegie Foundation, and Stanford Research Center found that 85% of job success comes from soft skills (such as people skills), whereas only 15% stems from hard skills (such as technical capabilities).

Soft skills can distinguish you to help preserve or even further your career, but if they’re not developed, they can create a ceiling over your growth.

Whether sharing status updates on a virtual standup meeting or delivering a keynote tech talk at an in-person conference, how you communicate your work can either fuel its growth or snuff out its success.

If you’re looking to improve your communication and presentation skills, look no further than the new book, Luminary: Master the Art and Science of Storytelling for Technical Professionals.

Learn more about the book and how it can help you and your work advance here: https://thn.news/storytelling-technical-professionals

⚔️ Prepare for battle. Defend your network. Master your craft.

At SANS live training events, you'll:
✅ Train with cybersecurity legends
✅ Get hands-on with real-world threats
✅ Build your future with certifications

🎯 Find your next event: 👉 https://thn.news/sans-training-tel

#SANSLiveTraining #SANS

🚨 Cybersecurity experts discovered a flaw in a popular travel service that let hackers hijack accounts with a simple click.

Attackers could impersonate victims, book travel, and even use loyalty points!

Learn how: https://thehackernews.com/2025/01/oauth-redirect-flaw-in-airline-travel.html

⚠️ A new phishing email campaign is taking over Poland & Germany, using fake order receipts to infect machines with Agent Tesla, Snake Keylogger, and TorNet malware.

Read the full story: https://thehackernews.com/2025/01/purecrypter-deploys-agent-tesla-and-new.html

🔒 SOCs Drowning in Alerts? AI-powered SOC Analysts now triage & investigate within MINUTES!

Speed, accuracy, and efficiency—ALL in one solution, reducing breach impact and costs.

Find out how AI is transforming SOCs: https://thehackernews.com/2025/01/ai-soc-analysts-propelling-secops-into.html

🚨 URGENT: Critical Zero-Day Alert!

Thousands of Zyxel CPE devices are being actively exploited by attackers. Over 1,500 devices exposed globally.

⤷ Limit admin access
⤷ Filter traffic for unusual requests

🔗 Read: https://thehackernews.com/2025/01/zyxel-cpe-devices-face-active.html

🚨 WATCH OUT: A new vulnerability, CVE-2025-22217, in VMware Avi Load Balancer could give attackers full access to your databases!

No workarounds—only updates will protect you.

Running affected versions? Learn more: https://thehackernews.com/2025/01/broadcom-warns-of-high-severity-sql.html

🛑 UAC-0063 has been using stolen documents from Kazakhstan’s Ministry of Foreign Affairs to spear-phish targets and deploy HATVIBE malware.

👉 Read the full details on UAC-0063’s evolving tactics: https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html

⚠️ A critical flaw (CVE-2025-22604) in Cacti could lead to remote code execution. If exploited, authenticated attackers could steal or manipulate sensitive data.

Patch to version 1.2.29 to fix this flaw and protect your systems.

Learn more: https://thehackernews.com/2025/01/critical-cacti-security-flaw-cve-2025.html

🚨 Apple Silicon CPUs hit by 2 new vulnerabilities: SLAP & FLOP

These attacks target Load Address and Load Value Predictors in Apple CPUs, risking exposure of your:

⤷ Location history
⤷ Calendar events
⤷ Sensitive data

🔗 Read: https://thehackernews.com/2025/01/new-slap-flop-attacks-expose-apple-m.html

🔥 AI isn’t just a trend in cybersecurity—it’s already reshaping how teams defend against threats.

But are we fully prepared to tackle its challenges?

In this latest #webinar, you’ll discover:
⤷ Real insights from 200 cybersecurity professionals using AI today
⤷ What’s working & what’s not in the world of AI-driven security
⤷ The real hurdles—data issues, transparency, and more

👨‍💻 Join Now and discover how to make AI work harder for you: https://thehackernews.com/2025/01/ai-in-cybersecurity-whats-effective-and.html

Here's the ss: https://fractalcomputing.substack.com/p/trump-announces-500-billion-for-obsolete?utm_source=post-email-title&publication_id=2720922&post_id=155381773&utm_campaign=email-post-title&isFreemail=true&r=ev0rb&triedRedirect=true&utm_medium=email

I like this video as this guy lived in china 14 years and tells the real story... https://youtu.be/jjWairkG9lw

Sony BMG Rootkit Scandal: 10 Years Later | CSO Online
https://www.csoonline.com/article/553369/sony-bmg-rootkit-scandal-10-years-later.html