52/69 Wednesday, January 28, 2026 Cloudflare has released details about a BGP route leak that occurred on January 22, impacting IPv6 traffic for approximately 25 minutes. The incident caused significant network congestion and packet loss, with traffic drops reaching up to 12 Gbps. The impact was not limited to Cloudflare customers but also affected interconnected […]
51/69 Tuesday, January 27, 2026 Researchers from Varonis have identified a new Malware-as-a-Service (MaaS) toolkit named Stanley, which is being advertised for sale on cybercrime forums for approximately USD 2,000–6,000. A key feature of Stanley is its ability to create malicious Chrome extensions that can reportedly pass Google’s review process and be published on the […]
50/69 Tuesday, January 27, 2026 Nike has confirmed that it is investigating a potential cybersecurity incident after the cybercriminal group WorldLeaks claimed it had accessed and stolen data from the company’s systems. Nike stated that it has launched an investigation to assess the impact and verify the legitimacy of the claims, emphasizing that protecting consumer […]
49/69 Tuesday, January 27, 2026 Check Point Research has reported the discovery of a new wave of cyberattacks by the Konni hacking group (also known as Earth Imp / Opal Sleet), which has expanded its targeting beyond its traditional focus on South Korea and Russia to software developers and engineering teams in the blockchain sector […]
48/69 Monday, January 26, 2026 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in VMware vCenter Server, tracked as CVE-2024-37079 (CVSS score 9.8), to its Known Exploited Vulnerabilities (KEV) Catalog after confirming real-world exploitation. The vulnerability is caused by a heap-overflow flaw in the DCERPC protocol handling, which allows network-accessible […]
47/69 Monday, January 26, 2026 Researchers from Symantec and VMware Carbon Black have identified a new ransomware strain named Osiris, which was used in attacks in November 2025 against a major food franchise operator in Southeast Asia. The attackers leveraged a Bring Your Own Vulnerable Driver (BYOVD) technique using a malicious driver known as POORTRY […]
46/69 Monday, January 26, 2026 In late December 2025, a cyberattack targeted Poland’s energy infrastructure. According to an investigation by ESET, the operation has been attributed to the state-sponsored Sandworm group, also known as APT44, UAC-0113, and Seashell Blizzard. What makes this incident particularly notable is the use of a newly identified data-wiping malware called […]
45/69 Friday, January 23, 2026 Researchers from Dr.Web have discovered a new strain of Android malware that elevates traditional attack techniques by leveraging machine learning, specifically through the TensorFlow.js library, to conduct ad click-fraud. The malware spreads through Xiaomi’s GetApps app store, as well as via APK files from third-party sources, including modded app websites […]
44/69 Friday, January 23, 2026 Zoom has released security updates to address multiple vulnerabilities, including a critical flaw in Zoom Node Multimedia Routers (MMRs) tracked as CVE-2026-22844 with a CVSS score of 9.9. The vulnerability is a command injection issue that could allow a meeting participant with network access to execute remote code (RCE) on […]
43/69 Friday, January 23, 2026 Cisco has issued a security advisory and released software updates to address CVE-2026-20045, a critical Remote Code Execution (RCE) vulnerability affecting its enterprise communications products, including Cisco Unified Communications Manager (Unified CM), Unified CM SME, Unified CM IM & Presence, Cisco Unity Connection, and Webex Calling Dedicated Instance. Cisco’s Product […]
