Latest Internet & Cybersecurity News
CISA warns of actively exploited critical HPE OneView remote‑code‑execution flaw
The U.S. Cybersecurity and Infrastructure Security Agency added a **maximum‑severity HPE OneView vulnerability (CVE‑2025‑37164)** to its Known Exploited Vulnerabilities catalog after evidence of active attacks. The bug affects all HPE OneView versions before 11.00 and allows **unauthenticated remote code execution via low‑complexity code injection**, with no workarounds available; agencies must patch by late January and organizations are urged to upgrade immediately.
AI‑enabled malware and jailbroken AI tools accelerate cybercrime
Threat‑intelligence analysts report a surge in **AI‑enabled cyber attacks and malware**, including campaigns like GoBruteforcer targeting poorly secured crypto and blockchain servers. The same update highlights how **jailbroken generative‑AI tools (e.g., “HackGPT”) are becoming shortcuts for low‑skill attackers**, providing turnkey scripts, recon assistance, and evasion tips that lower the barrier to serious cybercrime.
Chrome extensions with 900,000+ installs caught stealing AI chats and browsing data
Security researchers uncovered two malicious **Chrome browser extensions** in the official Web Store, together installed over **900,000 times**, that secretly harvested sensitive data. The extensions siphoned **chat logs from popular AI services like ChatGPT and DeepSeek, plus general browsing activity**, prompting incident‑response outreach to affected organizations and renewed warnings about extension vetting.
Over 10,000 Fortinet firewalls still vulnerable to five‑year‑old 2FA bypass bug
More than **10,000 Fortinet firewalls** remain exposed online to attacks leveraging a critical **two‑factor‑authentication bypass vulnerability (CVE‑2020‑12812)** first patched in 2020. Despite vendor guidance and updated FortiOS releases, many devices are still unpatched, leaving them open to active exploitation that can undermine 2FA protections for perimeter network access.
North Korean Kimsuky group using malicious QR codes in new campaigns, FBI says
The FBI issued an alert detailing how the **North Korean threat group Kimsuky** is adopting **malicious QR codes** to compromise targets. The campaign uses QR codes embedded in phishing lures to direct victims to credential‑harvesting pages or malware delivery sites, underscoring evolving social‑engineering tactics that blend physical and digital vectors.
Telecom sector faces steady rise in ransomware due to unpatched flaws and weak perimeters
A new threat‑intelligence report finds the **telecommunications sector is seeing a sustained increase in ransomware attacks**, driven by exploitable edge systems and legacy tech. Researchers cite **unpatched vulnerabilities, lax perimeter controls, exposed management interfaces and misconfigured VPNs/ZTNA** as key factors, warning that disruption of telecom infrastructure has cascading effects on other critical services.
Major data breaches hit Global‑e, Brightspeed, and others in early‑January roundup
PrivacyGuides’ latest **data‑breach roundup** highlights several incidents, including a hack of **Global‑e**, a payment processor for Ledger and other major brands, exposing customer names and contact data. The same period saw claims of a breach at **US broadband provider Brightspeed**, with attackers advertising data on over 1 million customers, plus ongoing crypto thefts traceable back to the poorly handled 2022 LastPass breach.
CISA faces resource strain, election‑security and China challenges in 2026
A Cybersecurity Dive analysis outlines **seven major challenges for CISA**, including workforce cuts, morale issues, and pressure to protect critical infrastructure amid rising Chinese cyber aggression. The agency must finalize and implement the **CIRCIA incident‑reporting rules**, support state and local election security, and improve partnerships even as most cyberattacks in the U.S. still go unreported.
OwnCloud urges MFA after infostealer‑driven credential theft affects multiple file‑sharing services
File‑sharing platform **OwnCloud** issued a warning after researchers tied **dozens of major data breaches** to credentials stolen by infostealer malware and reused across several file‑transfer services. While OwnCloud says its own infrastructure was not hacked, it is urging customers to **enable multi‑factor authentication** and harden account security to mitigate the credential‑stuffing wave.
Global CISOs brace for AI‑driven attack surface growth and rising security budgets in 2026
Attack‑surface‑management forecasts indicate that **AI is shifting primary breach vectors from pure infrastructure flaws to identities, sessions, and unmanaged devices**, enabling highly targeted phishing and automated lateral movement. Gartner expects **cybersecurity budgets to rise about 12–13% in 2026 to roughly $240 billion**, yet many CISOs still fear funding will lag behind AI‑enhanced threats and expanding cloud footprints.
Top 10 IT security risks for 2026 spotlight AI phishing, ransomware reinvention, and regulatory pressure
A new industry analysis highlights **AI‑powered phishing and social engineering, reinvented ransomware with triple extortion, and exposed APIs/IAM weaknesses** as leading IT security risks for 2026. The report also stresses mounting **global data‑privacy regulations** and the need for stronger posture management, configuration audits, and zero‑trust adoption to keep up with adversaries.