Cybersecurity Articles

20/69 Tuesday, January 13, 2026 Cryptocurrency transactions linked to illicit activity reached an all-time high in 2025, according to blockchain analytics data. Crypto addresses associated with criminal activity received at least USD 154 billion, representing a 162% increase year over year. This surge highlights a clear shift in cybercrime from purely financial motives toward broader […]

19/69 Tuesday, January 13, 2026 The FBI has issued a warning about a new tactic used by the hacker group Kimsuky (also known as APT43), which is actively targeting government agencies and educational institutions. The group is using a technique known as Quishing-phishing via QR codes. In these attacks, hackers send spear-phishing emails containing QR […]

18/69 Monday, January 12, 2026 The threat group MuddyWater has launched attacks against diplomatic, financial, telecommunications, and maritime transportation organizations in the Middle East using the RustyWater malware. The campaign relies on spear-phishing emails disguised as cybersecurity safety guidance, with a malicious Microsoft Word document attached. When victims open the document and click “Enable Content,” […]

17/69 Monday, January 12, 2026 The well-known hacking forum BreachForums, a platform used for buying, selling, and sharing stolen data—as well as trading access to corporate networks and other cybercrime services-has suffered a data breach, with its user database table leaked online. The incident affects the latest incarnation of BreachForums, which has been repeatedly taken […]

16/69 Monday, January 12, 2026 Security researchers have observed renewed activity from the threat group APT28 (also known as BlueDelta), In this campaign, the group has focused on stealing high-value credentials, primarily targeting personnel in energy and nuclear research organizations in Turkey, as well as officials in European institutions and agencies in North Macedonia and […]

15/69 Friday, January 9, 2026 Cisco has released a security update to address CVE-2026-20029 affecting Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), which are used for network access control and identity management. The vulnerability is caused by improper handling of XML input processing in the Web Management Interface, allowing an attacker […]

14/69 Friday, January 9, 2026 Veeam has released security updates to address multiple vulnerabilities in Veeam Backup & Replication, including a critical issue tracked as CVE-2025-59470 with a CVSS score of 9.0. This vulnerability could allow remote code execution (RCE), enabling users assigned the Backup or Tape Operator roles to execute arbitrary code as the […]

13/69 Friday, January 9, 2026 A critical security vulnerability, tracked as CVE-2025-68428, has been discovered in jsPDF, a popular JavaScript library with more than 3.5 million downloads per week. The vulnerability carries a CVSS score of 9.2 and stems from Local File Inclusion (LFI) and Path Traversal flaws in the file-loading mechanism when jsPDF is […]

12/69 Thursday, January 8, 2026 The CERT Coordination Center (CERT/CC) has disclosed details of a vulnerability tracked as CVE-2025-65606 affecting the TOTOLINK EX200 wireless range extender. The flaw allows a remote attacker with access to the device to escalate privileges to the highest level (root). The vulnerability stems from improper firmware upload error handling, which […]

11/69 Thursday, January 8, 2026 Google has released the January 2026 Android security update to address a critical vulnerability in the Dolby Digital Plus (Dolby DD+) audio decoder, tracked as CVE-2025-54957. The flaw is rated Critical and was originally discovered by researchers from Google Project Zero in October 2025. Google had previously begun rolling out […]