Latest Internet & Cybersecurity News
Osiris Ransomware Emerges Using BYOVD to Disable Security Tools
New ransomware Osiris leverages Bring Your Own Vulnerable Driver (BYOVD) technique to terminate security tools. It targets enterprises with experienced attackers behind it. This highlights evolving evasion tactics in ransomware operations.
Fully Patched FortiGate Firewalls Compromised in Automated Attacks
Arctic Wolf detected a surge in automated attacks on Fortinet FortiGate firewalls, including fully patched devices via single sign-on exploits. Attackers are probing even latest releases in the wild. NCSC warns of ongoing threats.
CISA Adds VMware vCenter Server Flaw to Known Exploited Vulnerabilities
U.S. CISA added a critical flaw in Broadcom VMware vCenter Server to its KEV catalog due to active exploitation. Organizations urged to patch immediately. This follows multiple vendor vulnerabilities under attack.
Cisco Unified Communications Zero-Day Actively Exploited
Cisco fixed a zero-day in Unified Communications products added to CISA's KEV catalog, with PSIRT confirming wild exploitation attempts. Attackers are targeting this flaw aggressively. Recent probes noted on RCE vulnerabilities.
Under Armour Data Breach Exposes 72M Records
Investigation underway after 72 million Under Armour records surfaced online from a November 2025 Everest ransomware attack confirmed in January 2026. This marks the company's second major breach. Impacts personal data of users.
Jordanian Access Broker Pleads Guilty to Hacking 50 Companies
Feras Khalil Ahmad Albashiti admitted selling unauthorized access to networks of 50 companies via online forums for cryptocurrency. U.S. DOJ announced the guilty plea. Highlights risks of initial access brokers.
Sandworm Behind Cyberattack on Poland’s Power Grid
ESET attributes late 2025 cyberattack on Poland's energy grid to Russian Sandworm group using wiper malware aimed at outages. Attack targeted power plants and producers. Ongoing geopolitical cyber tensions.
CIRO Data Breach Exposes 750,000 Canadian Investors
Canadian Investment Regulatory Organization confirmed phishing-led breach from August 2025 affecting 750,000 investors' personal data. No passwords stolen but risks fraud and identity theft. Scope revealed in January 2026.
Critical TP-Link VIGI Camera Flaw Allows Remote Takeover
TP-Link patched a vulnerability in VIGI cameras enabling remote hacking of surveillance systems. No CVE assigned yet but under active attack. Urges immediate updates for affected devices.
RansomHub Claims Breach of Apple Partner Luxshare
RansomHub ransomware affiliates claim to have stolen and encrypted sensitive data from Chinese Apple supplier Luxshare Precision Industry. Posted on data leak site. Raises supply chain security concerns.
MoonPeak Malware Targets South Korea via Malicious LNK Files
IIJ Sect reports North Korean-linked MoonPeak (XenoRAT variant) delivered via LNK files in financially motivated attacks. Observed in January 2026 targeting South Korean users. Revives old initial access tactics.
Sophisticated Trafficker Gang Steals $2.4M in Crypto via Fake Apps
Organized cybercriminals use fake Electron apps disguised as tools to target crypto users and Web3 employees, earning $2.4M. Employs 80+ domains and social engineering linked to multiple groups. Advanced infrastructure noted.