Month: January 2026

A memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers. Read More  

Two US citizens pleaded guilty to working as ALPHV/BlackCat ransomware affiliates in 2023, and both were previously employed by prominent security firms. Read More  

The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. "This organization has continued to conduct high-intensity intelligence gathering activities against Ukrainian military and government departments in 2025," the 360 Threat Intelligence Center said in

[[{"value":"Flights across Greece were impacted for several hours after noise was reported on multiple air traffic communication channels. The post Cyberattack Unlikely in Communications Failure That Grounded Flights in Greece…

[[{"value":"The hacking group Crimson Collective has claimed the theft of personal information pertaining to over 1 million Brightspeed customers. The post Brightspeed Investigating Cyberattack appeared first on SecurityWeek."}]] Read More  

[[{"value":"Hackers have compromised a file transfer system at Sedgwick’s subsidiary that serves government agencies. The post Sedgwick Confirms Cyberattack on Government Subsidiary appeared first on SecurityWeek."}]] Read More  

 WhatsApp’s multi-device encryption protocol has long leaked metadata, allowing attackers to fingerprint users’ device operating systems, aiding targeted malware delivery. Recent research highlights partial fixes by Meta, but transparency issues…

The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality," the company said in an analysis published last week. Kimwolf

 Google has announced that Gmail will discontinue support for two key features regarding third-party email accounts. Starting in January 2026, the platform will drop support for “Gmailify” and the widely…

[[{"value":"With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws. The post CISA KEV Catalog Expanded 20% in 2025, Topping…

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining, botnet payloads, and other malicious activity to IoT networks and enterprises. Read More  

 Higham Lane School and Sixth Form has been forced to close its doors to all students and staff this week following a significant cyber-attack that has paralyzed the institution’s IT…

This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jan. 5, 2026 –Read the press release in EIN Presswire The editors at Cybercrime Magazine named Nir Zuk,…

The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit. This week’s stories share one pattern. Nothing flashy. No single moment. Just steady abuse of trust — updates, extensions,