Cyber Security News

In a sophisticated supply chain phishing attack, threat actors hijacked an ongoing email thread among C-suite executives discussing a document awaiting final approval. The intruder, posing as a legitimate participant, replied directly with a phishing link mimicking a Microsoft authentication form. Researchers attribute this to a compromised sales manager account at an enterprise contractor, allowing […]

The post Threat Actors Leverage Real Enterprise Email Threads to Deliver Phishing Links appeared first on Cyber Security News.

A critical security advisory has been released for a command injection vulnerability affecting the Archer MR600 v5 router. The flaw, tracked as CVE-2025-14756, enables authenticated attackers to execute arbitrary system commands through the device’s admin interface, potentially leading to complete router compromise. The vulnerability exists in the admin interface component of the Archer MR600 v5 […]

The post TP-Link Archer Vulnerability Let Attackers Take Control Over the Router appeared first on Cyber Security News.

A critical zero‑day vulnerability in Gemini MCP Tool exposes users to remote code execution (RCE) attacks without any authentication. Tracked as ZDI‑26‑021 / ZDI‑CAN‑27783 and assigned CVE‑2026‑0755, the flaw carries a maximum CVSS v3.1 score of 9.8, reflecting its ease of exploitation and severe impact. According to a new advisory from Trend Micro’s Zero Day […]

The post Gemini MCP Tool 0-day Vulnerability Allows Remote Attackers to Execute Arbitrary Code appeared first on Cyber Security News.

The ZAP (Zed Attack Proxy) project, a widely used open-source web application security scanner, has disclosed a critical memory leak in its JavaScript engine. This flaw, likely present for some time, now disrupts active scanning workflows following the introduction of a new JavaScript scan rule in the OpenAPI add-on. Security teams relying on ZAP for […]

The post ZAP JavaScript Engine Memory Leak Issue Impacts Active Scan Usage appeared first on Cyber Security News.

A critical privilege-escalation vulnerability has been discovered in Check Point’s Harmony SASE (Secure Access Service Edge) Windows client software, affecting versions prior to 12.2. Tracked as CVE-2025-9142, the flaw allows local attackers to write or delete files outside the intended certificate working directory, potentially leading to system-level compromise. The vulnerability exists within the Service component of Perimeter81 […]

The post Check Point Harmony SASE Windows Client Vulnerability Enables Privilege Escalation appeared first on Cyber Security News.

In December 2025, music streaming platform SoundCloud disclosed a significant data breach affecting approximately 29.8 million user accounts. The unauthorized access compromised personally identifiable information (PII), including email addresses, usernames, display names, avatars, follower statistics, and geographic location data. The incident represents one of the most significant music platform breaches in recent years, impacting roughly […]

The post SoundCloud Data Breach Exposes 29.8 Million Personal users Details appeared first on Cyber Security News.

Chrome versions 144.0.7559.109 and 144.0.7559.110 have been released to the stable channel, addressing a critical security vulnerability in the Background Fetch API. The update is rolling out across Windows, Mac, and Linux systems over the coming days and weeks, making it essential for users to ensure their browsers are fully updated. The security fix centers […]

The post Chrome Security Update Patches Background Fetch API Vulnerability appeared first on Cyber Security News.

Fortinet has confirmed a critical authentication bypass vulnerability in its FortiCloud SSO feature, actively exploited in the wild under CVE-2026-24858. According to an advisory published on January 27, 2026, the flaw affects FortiOS, FortiManager, FortiAnalyzer, and FortiProxy. With a CVSSv3 score of 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), it stems from improper access control (CWE-288) in the GUI component. […]

The post Fortinet Confirms Critical FortiCloud SSO Vulnerability(CVE-2026-24858) Actively Exploited in the Wild appeared first on Cyber Security News.

Sportswear giant Nike is actively investigating a potential cybersecurity incident after WorldLeaks, a financially motivated ransomware group, claimed responsibility for a significant data breach affecting the company. The group announced the breach on its darknet leak site on January 22, 2026, claiming to have exfiltrated over 1.4 terabytes of internal data and threatening to release […]

The post Nike Investigating Data Breach Following WorldLeaks Ransomware Group Claim appeared first on Cyber Security News.

WhatsApp has strongly denied a new class-action lawsuit accusing Meta of secretly accessing users’ end-to-end encrypted messages, labeling the claims as false and baseless. The messaging giant reiterated that messages remain private through device-based encryption via the open-source Signal protocol. A class-action complaint filed on January 23, 2026, in the U.S. District Court for the […]

The post WhatsApp Denies Lawsuit Claim and Confirms Messages are Device-encrypted and Private appeared first on Cyber Security News.

A Chinese national named Jingliang Su has been sentenced to 46 months in prison for his involvement in a major cryptocurrency fraud scheme targeting American investors. On January 27, 2026, federal courts ordered Su to serve his sentence and pay $26.9 million in restitution to victims. The case represents a significant law enforcement victory against […]

The post Chinese National Jailed to 46 Months for Laundering Millions of Dollars Stolen from American Investors appeared first on Cyber Security News.

A newly discovered campaign demonstrates a sophisticated approach to delivering information-stealing malware through a combination of social engineering and legitimate Windows components. The attack begins with a deceptive CAPTCHA prompt that tricks users into executing commands manually through the Windows Run dialog, presenting the infection as a required verification step. Instead of using traditional PowerShell […]

The post Fake CAPTCHA Attack Leverages Microsoft Application Virtualization (App-V) to Deploy Malware appeared first on Cyber Security News.

WhatsApp has introduced Strict Account Settings, a lockdown-style security feature designed to protect users from highly sophisticated cyber-attacks. The new privacy feature is specifically tailored for individuals who may be targets of advanced threats, including journalists, activists, and public figures who face elevated cybersecurity risks. The instant messaging platform, which already provides default end-to-end encryption […]

The post WhatsApp New Strict Account Settings Option to Protect Your Account from Hackers appeared first on Cyber Security News.

The HoneyMyte threat group, also known as Mustang Panda or Bronze President, continues to pose a significant risk to government organizations across Asia and Europe. Recent security research has revealed that this advanced hacker collective is actively upgrading its digital arsenal with enhanced versions of malware designed to steal sensitive information from targeted systems. The […]

The post HoneyMyte Hacker Group Updates CoolClient Malware to Deploy Browser Login Data Stealer appeared first on Cyber Security News.

Researchers have uncovered a significant security threat targeting ChatGPT users through deceptive browser extensions. A coordinated campaign involving 16 malicious Chrome extensions has been discovered, all designed to appear as legitimate productivity tools and ChatGPT enhancement applications. These malware extensions are actively stealing ChatGPT session authentication tokens, granting attackers complete access to victims’ accounts and […]

The post 16 Malicious Chrome Extensions as ChatGPT Enhancements Steals ChatGPT Logins appeared first on Cyber Security News.

Fortinet temporarily disabled its FortiCloud Single Sign-On (SSO) service after confirming active exploitation of a zero-day authentication bypass vulnerability in multiple products. The issue, tracked as FG-IR-26-060, allows attackers with a malicious FortiCloud account to log into devices registered to other accounts. The flaw stems from an Authentication Bypass Using an Alternate Path or Channel […]

The post Fortinet Disables FortiCloud SSO Following 0-day Vulnerability Exploited in the Wild appeared first on Cyber Security News.

OpenSSL patched 12 vulnerabilities on January 27, 2026, including one high-severity flaw that could lead to remote code execution. Most issues cause denial-of-service attacks but highlight risks in parsing untrusted data. The most serious issue, CVE-2025-15467, hits CMS AuthEnvelopedData parsing with AEAD ciphers like AES-GCM. Attackers craft oversized IVs in ASN.1 parameters, causing stack overflows […]

The post Critical OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code appeared first on Cyber Security News.

A critical security flaw in WinRAR, one of the most widely used file compression tools for Windows, has become a favorite weapon for attackers seeking unauthorized access to computer systems. The vulnerability, tracked as CVE-2025-8088, allows threat actors to place malicious files into sensitive system directories without user awareness, essentially handing over control of Windows […]

The post Google Warns of WinRAR Vulnerability Exploited to Gain Control Over Windows System appeared first on Cyber Security News.

A critical sandbox escape vulnerability has been identified in vm2. This widely used Node.js library provides sandbox isolation for executing untrusted code. The flaw, tracked as CVE-2026-22709 (GHSA-99p7-6v5w-7xg8), affects all versions up to and including 3.10.0 and carries a CVSS v3.1 base score of 10.0, indicating maximum severity. The vulnerability stems from incomplete callback sanitization […]

The post Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code appeared first on Cyber Security News.

Cybercriminals have discovered a dangerous way to trick developers into downloading malware by exploiting how GitHub works. The attack involves creating fake versions of the GitHub Desktop installer and making them appear legitimate to unsuspecting users. Between September and October 2025, this campaign primarily targeted users in Europe and the European Economic Area, though infections […]

The post Attackers Hijacking Official GitHub Desktop Repository to Distribute Malware as Official Installer appeared first on Cyber Security News.