Cyber Security News

A critical authentication bypass vulnerability in Cal.com’s scheduling platform enables attackers to hijack any user account by exploiting a flaw in the NextAuth JWT callback mechanism. Tracked as CVE-2026-23478, this vulnerability affects versions from 3.1.6 up to but not including 6.0.7, with patches available in version 6.0.7 and later. The vulnerability resides in a custom […]

The post Critical Cal.com Vulnerability Let Attackers Bypass Authentication and Hijack any User Account appeared first on Cyber Security News.

Mozilla released Firefox 147 on January 13, 2026, addressing 16 security vulnerabilities detailed in the Mozilla Foundation Security Advisory. The update patches critical issues across components such as graphics, JavaScript, and networking, addressing six high-impact flaws, including multiple sandbox escapes, that could enable arbitrary code execution if exploited. These fixes also apply to Firefox ESR […]

The post Firefox 147 Released With Fixes for 16 Vulnerabilities that Enable Arbitrary Code Execution appeared first on Cyber Security News.

A critical unauthenticated privilege escalation vulnerability in the Modular DS WordPress plugin allows attackers to gain instant admin access, with exploitation confirmed in the wild. Affecting over 40,000 sites, the flaw in versions up to 2.5.1 has prompted urgent patches and mitigations from Patchstack and the vendor. Modular DS, developed by modulards.com, enables remote management […]

The post Critical WordPress Plugin Vulnerability Exploited in the Wild to Gain Instant Admin Access appeared first on Cyber Security News.

Hewlett Packard Enterprise (HPE) has disclosed four high-severity vulnerabilities in its Aruba Networking Instant On devices that could allow attackers to access sensitive network information and disrupt operations. The security flaws, identified as CVE-2025-37165, CVE-2025-37166, CVE-2023-52340, and CVE-2022-48839, affect devices running software version 3.3.1.0 and earlier. Vulnerability Details and Risk Assessment The most critical vulnerability, […]

The post HPE Aruba Vulnerabilities Enables Unauthorized Access to Sensitive Information appeared first on Cyber Security News.

Threat actors linked to Chinese hosting infrastructure have established a massive network of over 18,000 active command-and-control servers across 48 different hosting providers in recent months. This widespread abuse highlights a serious issue in how malicious infrastructure can hide within trusted networks and cloud services. Traditional threat hunting methods that focus on individual IP addresses […]

The post Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting Providers appeared first on Cyber Security News.

Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated attackers disrupt GlobalProtect gateways and portals. The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from improper checks for unusual conditions that force firewalls into maintenance mode after repeated exploitation attempts. […]

The post Palo Alto Networks Firewall Vulnerability Allows Attacker to Trigger DoS Attacks appeared first on Cyber Security News.

Microsoft released security updates on January 13, 2026, addressing a critical elevation of privilege vulnerability in SQL Server that enables authorized attackers to bypass authentication controls and gain elevated system privileges remotely. Tracked as CVE-2026-20803, the vulnerability stems from missing authentication mechanisms for critical functions within the database engine. The flaw affects multiple SQL Server […]

The post Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network appeared first on Cyber Security News.

A sophisticated malware loader known as CastleLoader has emerged as a critical threat to US government agencies and critical infrastructure organizations. First identified in early 2025, this stealthy malware has been used as the initial access point in coordinated attacks targeting multiple sectors including federal agencies, IT firms, logistics companies, and essential infrastructure providers across […]

The post Stealthy CastleLoader Malware Attacking US Government Agencies and Critical Infrastructure appeared first on Cyber Security News.

DragonForce is the latest ransomware brand to move from noisy forum posts to full RaaS operations, targeting both Windows and VMware ESXi environments. First seen in December 2023 on BreachForums, the group advertises stolen data and uses a dark web blog to pressure victims. The early leak post revealed the new cartel-style operation. The group […]

The post Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems appeared first on Cyber Security News.

A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sessions via a phishing link without further interaction.​ Attackers initiate Reprompt by sending a phishing email with a legitimate Copilot URL containing a malicious ‘q’ parameter, which auto-executes a […]

The post New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data appeared first on Cyber Security News.

North Korean threat actors have launched a sophisticated social engineering campaign targeting software developers through fake recruitment offers. The campaign, known as Contagious Interview, uses malicious repositories disguised as technical assessment projects to deploy a dual-layer malware system. Victims are lured through LinkedIn messages from fake recruiters claiming to represent organizations like Meta2140, then directed […]

The post North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign appeared first on Cyber Security News.

Austin, TX / USA, January 14th, 2026, CyberNewsWire New monitoring capability delivers unprecedented visibility into vendor identity exposures, moving enterprises and government agencies from static risk scoring to protecting against actual identity threats.  SpyCloud, the leader in identity threat protection, today announced the launch of its Supply Chain Threat Protection solution, an advanced layer of […]

The post SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats appeared first on Cyber Security News.

Large language models are changing how ransomware crews plan and run their attacks. Instead of inventing new kinds of malware, LLMs are speeding up every step of the existing ransomware lifecycle, from recon to extortion. Crews can now write fluent phishing lures, localize ransom notes, and triage stolen data in many languages in minutes, not […]

The post LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual Reach appeared first on Cyber Security News.

New York, NY, January 14th, 2026, CyberNewsWire Leading secrets security platform sees accelerated adoption across Fortune 500, with 60% of new customers choosing multi-year commitments. GitGuardian, the leading secrets and Non-Human Identity security platform, today announced record growth in ARR and customer expansion throughout 2025, reinforcing its position as the enterprise standard for protecting code, […]

The post GitGuardian Closes 2025 with Strong Enterprise Momentum, Protecting Millions of Developers Worldwide appeared first on Cyber Security News.

In August 2025, Fortinet issued an advisory for CVE-2025-25256, an OS command injection vulnerability (CWE-78) in FortiSIEM that exposed the platform to unauthenticated remote code execution via crafted CLI requests. Practical exploits surfaced in the wild, prompting security firm Horizon3.ai to conduct a deep investigation. Their analysis uncovered a devastating chain: an unauthenticated argument injection […]

The post Critical FortiSIEM Vulnerability(CVE-2025-64155) Enable Full RCE and Root Compromise appeared first on Cyber Security News.

Panorays has just dropped the latest edition of its annual CISO Survey for Third-Party Cyber Risk Management, and it contains some major wakeup calls for security professionals. The biggest takeaway is that software supply chain attacks are rising once more, as cybercriminals look to take advantage of their complexity by targeting a growing laundry list of third-party components.   The situation isn’t helped by […]

The post As Third-Party Vulnerabilities Rise, CISOs Accelerate Push for Security Modernization   appeared first on Cyber Security News.

Discord users are facing a growing threat from VVS Stealer, a Python-based information-stealing malware that targets sensitive account data, including credentials and tokens. This stealer was actively marketed on Telegram as early as April 2025, promoting its ability to steal Discord data, intercept active sessions through injection, and extract web browser information such as cookies, […]

The post VVS Stealer Attacking Discord Users to Exfiltrate Credentials and Tokens appeared first on Cyber Security News.

Microsoft patched a critical zero-day information disclosure flaw in its Desktop Window Manager (DWM) on January 13, 2026, in the Patch Tuesday update after detecting active exploitation in the wild. Tracked as CVE-2026-20805, the vulnerability allows low-privilege local attackers to expose sensitive user-mode memory, specifically section addresses, via remote ALPC ports. This could aid further […]

The post Microsoft Desktop Window Manager 0-Day Vulnerability Exploited in the wild appeared first on Cyber Security News.

Microsoft’s January 2026 updates fix 114 vulnerabilities, with several remote code execution bugs rated critical across Office applications and Windows services such as LSASS. This Patch Tuesday addresses critical remote code execution flaws and numerous elevation of privilege issues that could enable attackers to compromise systems. Vulnerability Type Count Remote Code Execution 22 Denial of […]

The post Microsoft Patch Tuesday January 2026 – 114 Vulnerabilities Fixed Including 3 Zero-days appeared first on Cyber Security News.

Fortinet disclosed a Server-Side Request Forgery (SSRF) vulnerability in its FortiSandbox appliance on January 13, 2026, urging users to update amid risks of internal network proxied requests. Tracked as CVE-2025-67685 (FG-IR-25-783), the flaw resides in the GUI component and stems from CWE-918, enabling authenticated attackers to craft HTTP requests that proxy traffic to internal plaintext […]

The post FortiSandbox SSRF Vulnerability Allow Attacker to proxy Internal Traffic via Crafted HTTP Requests appeared first on Cyber Security News.