π Apple Expands RCS Encryption and Memory Protections in iOS 26.4 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
iOS 26.4 Beta adds endtoend encryption for RCS messaging and enhanced Memory Integrity Enforcement.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
β€2
π’ Millions of developers could be impacted by flaws in Visual Studio Code extensions β here's what you need to know and how to protect yourself π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The VS Code vulnerabilities highlight broader IDE security risks, said OX Security.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Millions of developers could be impacted by flaws in Visual Studio Code extensions β here's what you need to know and how to protectβ¦
The VS Code vulnerabilities highlight broader IDE security risks, said OX Security
π’ Ransomware protection for all: How consumption-based subscription models can lower the entry point for cyber resilience π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Consumptionbased immutable backup makes enterprisegrade ransomware resilience affordable to all.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ChannelPro
Ransomware protection for all: How consumption-based subscription models can lower the entry point for cyber resilience
Consumption-based immutable backup makes enterprise-grade ransomware resilience affordable to all
π¦Ώ Microsoft: Critical Windows Admin Center Flaw Allows Privilege Escalation π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
A highseverity Windows Admin Center vulnerability CVE202626119 could allow privilege escalation in enterprise environments. Heres what to know and how to mitigate risk. The post Microsoft Critical Windows Admin Center Flaw Allows Privilege Escalation appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Microsoft: Critical Windows Admin Center Flaw Allows Privilege Escalation
A high-severity Windows Admin Center vulnerability (CVE-2026-26119) could allow privilege escalation in enterprise environments. Hereβs what to know and how to mitigate risk.
π¦Ώ Substack Breach May Have Leaked Nearly 700,000 User Details Online π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online. The post Substack Breach May Have Leaked Nearly 700,000 User Details Online appeared first on TechRepublic.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Substack Breach May Have Leaked Nearly 700,000 User Details Online
Substack says hackers accessed user emails, phone numbers, and internal metadata in October 2025, with a database of 697,313 records later posted online.
ποΈ CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of a new campaign dubbed CRESCENTHARVEST, likely targeting supporters of Iran's ongoing protests to conduct information theft and longterm espionage. The Acronis Threat Research Unit TRU said it observed the activity after January 9, with the attacks designed to deliver a malicious payload that serves as a remote access trojan RAT and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Citizen Lab Finds Cellebrite Tool Used on Kenyan Activistβs Phone in Police Custody ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
New research from the Citizen Lab has found signs that Kenyan authorities used a commercial forensic extraction tool manufactured by Israeli company Cellebrite to break into a prominent dissident's phone, making it the latest case of abuse of the technology targeting civil society. The interdisciplinary research unit at the University of Toronto's Munk School of Global Affairs Public.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE20262329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stackbased buffer overflow that could result in remote code.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code VS Code extensions that, if successfully exploited, could allow threat actors to steal local files and execute code remotely. The extensions, which have been collectively installed more than 125 million times, are Live Server, Code Runner, Markdown Preview Enhanced, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Cybersecurity Tech Predictions for 2026: Operating in a World of Permanent Instability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In 2025, navigating the digital seas still felt like a matter of direction. Organizations charted routes, watched the horizon, and adjusted course to reach safe harbors of resilience, trust, and compliance. In 2026, the seas are no longer calm between storms. Cybersecurity now unfolds in a state of continuous atmospheric instability AIdriven threats that adapt in real time, expanding.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited as a zeroday by a suspected Chinanexus threat cluster dubbed UNC6201 since mid2024, according to a new report from Google Mandiant and Google Threat Intelligence Group GTIG. The activity involves the exploitation of CVE202622769 CVSS score 10.0, a case of hardcoded credentials.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 3 Ways to Start Your Intelligent Workflow Program ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Security, IT, and engineering teams today are under relentless pressure to accelerate outcomes, cut operational drag, and unlock the full potential of AI and automation. But simply investing in tools isnt enough. 88 of AI proofsofconcept never make it to production, even though 70 of workers cite freeing time for highvalue work as the primary AI automation motivation. Real impact comes.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Notepad has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design that aims to make the update process "robust and effectively unexploitable." This includes verification.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Flags Four Security Flaws Under Active Exploitation in Latest KEV Update ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added four security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows CVE20262441 CVSS score 8.8 A useafterfree vulnerability in Google Chrome that could allow a remote attacker to potentially exploit heap.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Cryptojacking Campaign Exploits Driver to Boost Monero Mining π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π AI Assistants Used as Covert Command-and-Control Relays π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
AIs like Grok and Microsoft Copilot can be exploited as covert C2 channels for malware communication.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Record Number of Ransomware Victims and Groups in 2025 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Searchlight Cyber reports a 30 annual increase in ransomware victim numbers in 2025.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Record Number of Ransomware Victims and Groups in 2025
Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025
π Chinese APT Group Exploits Dell Zero-Day for Two Years π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Mandiant reveals campaign featuring exploit of a CVSS 10.0 CVE in Dell RecoverPoint for Virtual Machines.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
π Business Development Representative for Channels π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post Business Development Representative for Channels appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Business Development Representative for Channels - UnderDefense
π From Ambiguous Alert to Fileless Attack: A Banking Security Breach Prevented π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
See how human expertise identified malicious ViewState code injection hiding in IIS memory before data was compromised. The post From Ambiguous Alert to Fileless Attack A Banking Security Breach Prevented appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Fileless Attack Detection or How We Stopped a ViewState Code Injection
See how human expertise identified malicious ViewState code injection hiding in IIS memory before data was compromised.
π Researchers Reveal Six New OpenClaw Vulnerabilities π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Researchers Reveal Six New OpenClaw Vulnerabilities
Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw