Security News

CVE-2026-24858 is a critical authentication bypass flaw in FortiOS single sign-on with a CVSS score of 9.4. Patches are now available.

New campaign uses social engineering and legitimate Microsoft Application Virtualization scripts to distribute Amatera information stealer.

CVE-2026-24002 allows remote code execution through malicious spreadsheet formulas in popular open-source data tool.

APT group targets government entities with enhanced malware enabling comprehensive data theft from infected endpoints.

New additions include CVE-2026-21509, a Linux kernel flaw from 2018, and SmarterMail vulnerabilities. Federal agencies face February deadlines.

The National Cybersecurity Alliance kicks off Data Privacy Week from January 26-30, focusing on empowering individuals and organizations to manage personal information.

CVE-2026-21509 bypasses OLE mitigations in Microsoft Office and Microsoft 365. CISA has added the flaw to its KEV catalog with a February 16 deadline.

Packages 'spellcheckerpy' and 'spellcheckpy' downloaded over 1,000 times before removal from Python Package Index.

Massive security update includes 38 patches for Financial Services Applications, with 33 remotely exploitable without authentication.

Coordinated action with UK, German authorities, and Europol takes down subscription service offering disposable VMs for $24/month to criminals.

CVE-2026-23550 in Modular DS plugin scores maximum CVSS 10.0, enabling unauthenticated privilege escalation on WordPress sites.

Monthly security update addresses 114 CVEs including CVE-2026-20805, a Windows Desktop Window Manager flaw under active exploitation.

AZ Monica hospital in Antwerp forced to cancel procedures and move patients to other facilities following security incident.

January 2026 Security Patch Day releases 17 notes including four critical vulnerabilities affecting enterprise ERP systems.

APT28 targets organizations in the Balkans, Middle East, and Central Asia with simple but effective phishing attacks using legitimate documents.

Spear-phishing campaign targets diplomatic, maritime, financial, and telecom entities across the Middle East with upgraded malware toolkit.

Investigation reveals service providers fueling Southeast Asian scam compounds where trafficking victims are forced to conduct investment fraud.

CVE-2026-21858 (Ni8mare) scores maximum CVSS 10.0, enabling unauthenticated attackers to execute arbitrary code on n8n servers.

CVE-2026-0625 enables unauthenticated remote code execution on legacy D-Link DSL routers via DNS configuration endpoint. No patch available for EOL devices.

Attackers exfiltrated API tokens, Bitbucket repositories, and source code from ESA servers. Investigation ongoing.

Protected health information potentially exposed including names, dates of birth, claims data, diagnoses, and medication information.

Attackers claim to have exfiltrated sensitive data from systems supporting government services operations at one of the world's largest claims administrators.

Former security workers admitted to operating as BlackCat/ALPHV affiliates, paying 20% of ransoms to administrators for malware access.