Jan 13, 2026The Hacker NewsArtificial Intelligence / Automation Security AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed… Read More "From MCPs and Tool Access to Shadow API Key Sprawl"
Ransomware-Gruppen setzen ihre Opfer vermehrt mit Compliance-Verstößen unter Druck. Digitala World – shutterstock.com Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an… Read More "Ransomware-Banden erpressen Opfer mit Compliance-Verstößen"
Cybercriminals are using are increasingly using a sneaky browser-in-the-browser (BitB) attack technique in efforts to steal login credentials of Facebook users. According to analysis by cybersecurity researchers at Trellix, there has been a surge in attackers distributing phishing emails which… Read More "Phishing Scams Exploit Browser Attacks to Steal Facebook Passwords"
Jan 13, 2026Ravie LakshmananThreat Intelligence / Cyber Espionage Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that’s specifically designed for long-term, stealthy access to Linux-based cloud environments According to a new report from… Read More "New Advanced Linux VoidLink Malware Targets Cloud and container Environments"
CyRC assigned the vulnerability a CVSS 4.0 score of 8.4 (high), driven primarily by its availability impact rather than data confidentiality or integrity loss. Testing was conducted using an ASUS RT-BE86U router running firmware versions 3.0.0.6.102_37812 and earlier, though the… Read More "High-severity bug in Broadcom software enables easy WiFi denial-of-service"
Security researchers have warned of a major digital skimming campaign that has gone undetected since 2022. Silent Push said the campaign uses scripts targeting at least six major payment network providers: American Express, Diners Club, Discover, JCB, Mastercard and UnionPay. Given… Read More "Global Magecart Campaign Targets Six Card Networks"
Jan 13, 2026The Hacker NewsThreat Intelligence / Identity Security Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics The security industry loves talking about “new” threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures. But looking around,… Read More "What Should We Learn From How Attackers Leveraged AI in 2025?"
I have stared at enough scanner dashboards to recognize the pattern. SAST flags theoretical flaws that never execute. DAST shrugs because the route to the vulnerable function is blocked. SCA floods the zone with CVEs that never touch a hot… Read More "For application security: SCA, SAST, DAST and MAST. What next?"
A parliamentary committee has asked for industry input to help it better scrutinize the Cyber Security and Resilience Bill (CSRB). First trailed in the King’s Speech in 2024, the CSRB is the long-awaited successor to the NIS Regulations 2018 and promises… Read More "Parliament Asks Security Pros to Shape Cyber Security and Resilience B"
“It’s no longer Officer Friendly out there,” Whitlock says. “This is not to give any excuse, but I can imagine there is a mindset within the field ICE agents and CBP where they really do think they’re under attack and… Read More "What to Do If ICE Invades Your Neighborhood"
