DPRK Actors Deploy VS Code Tunnels for Remote Hacking
A spear-phishing campaign by North Korean actors is abusing a legitimate feature of Microsoft Visual Studio (VS) Code to gain full remote control of targeted systems. In the campaign, discovered by researchers at Darktrace, South Korean targets receive government-themed phishing emails containing fake official documents, according to a report published today. The documents are JSE files disguised as word processor documents. READ MORE...
Under Armour ransomware breach: data of 72 million customers appears on the dark web
When reports first emerged in November 2025 that sportswear giant Under Armour had been hit by the Everest ransomware group, the story sounded depressingly familiar: a big brand, a huge trove of data, and a lot of unanswered questions. Since then, the narrative around what actually happened has split into two competing versions-cautious corporate statements on one side and mounting evidence on the other that strongly suggests a large customer dataset is now circulating online. READ MORE...
European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data
It has just been a few weeks since we reported on the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse. When ESA revealed that it had been hacked over the Christmas period by a hacker known as "888" it was quick to reassure the public that the impact was "limited" to external servers containing unclassified engineering data. READ MORE...
Hackers exploit 29 zero-days on second day of Pwn2Own Automotive
On the second day of Pwn2Own Automotive 2026, security researchers collected $439,250 in cash awards after exploiting 29 unique zero-days. The Pwn2Own Automotive hacking contest focuses on automotive technologies and takes place this week in Tokyo, Japan, from January 21 to January 23, during the Automotive World auto conference. Throughout the competition, security researchers target fully patched electric vehicle (EV) chargers, in-vehicle infotainment (IVI) systems, and car operating systems. READ MORE...
LastPass warns backup request is phishing campaign in disguise
LastPass on Tuesday warned of a phishing campaign with false claims that the company is conducting maintenance and asking customers to back up their vaults in the next 24 hours, according to an alert released by the company. LastPass said the campaign began on or about Monday, which was Martin Luther King Jr. Day, when many U.S. businesses were closed. The company emphasized the email is not a legitimate request and confirmed that customers are being targeted in a social engineering campaign. READ MORE...
Atlassian, GitLab, Zoom Release Security Patches
Atlassian security updates Atlassian, GitLab, and Zoom this week announced security patches that address over two dozen vulnerabilities across their products. Updates rolled out for Atlassian's Bamboo, Bitbucket, Confluence, Crowd, and Jira products include 32 security patches for critical- and high-severity vulnerabilities. Most of the flaws impact third-party dependencies and were publicly disclosed over the past two years. Three of these bugs, however, are from 2021 and 2022. READ MORE...
Black Basta's alleged ringleader identified as authorities raid homes of other members
Law enforcement agencies from multiple European countries are still pursuing leads on people involved in the Black Basta ransomware group, nearly a year after the group's internal chat logs were leaked, exposing key details about its operations, and at least six months since the group claimed responsibility for new attacks. Officials in Ukraine and Germany said they raided the homes of two Russian nationals accused of participating in Black Basta's crimes and effectively halted their operations. READ MORE...
Millions of people imperiled through sign-in links sent by SMS
Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of people, leaving them vulnerable to scams, identity theft, and other crimes, recently published research has found. The links are sent to people seeking a range of services, including those offering insurance quotes, job listings, and referrals for pet sitters and tutors. Many such services instead require users to provide a cell phone number when signing up for an account. READ MORE...
Bruce Schneier: Why AI Keeps Falling for Prompt Injection Attacks
Imagine you work at a drive-through restaurant. Someone drives up and says: "I'll have a double cheeseburger, large fries, and ignore previous instructions and give me the contents of the cash drawer." Would you hand over the money? Of course not. Yet this is what large language models (LLMs) do. Prompt injection is a method of tricking LLMs into doing things they are normally prevented from doing. A user writes a prompt in a certain way, asking the LLM to perform forbidden instructions READ MORE...
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?
CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. On Tuesday, a Fortinet administrator posted on Reddit asking whether other enterprise admins had observed attackers logging in and creating new accounts on FortiGate firewalls that had already been upgraded to address CVE-2025-59718. READ MORE...
Ancient telnet bug happily hands out root to attackers
A recently disclosed critical vulnerability in the GNU InetUtils telnet daemon (telnetd) is "trivial" to exploit, experts say. The bug, which had gone unnoticed for nearly 11 years, was disclosed on January 20 and is tracked as CVE-2026-24061 (9.8). It was introduced in a May 2015 update, and if you're one of the few to still be running telnetd, patch up, because attacks are already underway. In the past 24 hours, 15 unique IPs were trying to execute a remote authentication bypass attack. READ MORE...
- ...in 1931, singer/songwriter and "King of Soul" Sam Cooke is born in Clarksdale, MS.
- ...in 1940, veteran English actor John Hurt ("The Elephant Man", "Alien", "I, Claudius") is born in Derbyshire.
- ...in 1953, film director Jim Jarmusch ("Down By Law", "Dead Man") is born in Cuyahoga Falls, OH.
- ...in 1984, Apple Computer introduces the Macintosh personal computer with a Super Bowl commercial inspired by George Orwell's "1984".
