News Feed

Secure Your Spot at RSAC 2026 Conference

ChatGPT Temporary chat feature is getting a much-needed upgrade

OpenAI is testing a big upgrade for ChatGPT's temporary chat feature. The update will allow you to retain personalization in temporary chat, and still block temporary chat from influencing your account. [...]

1Password adds pop-up warnings for suspected phishing sites

The 1Password digital vault and password manager has added built-in protection against phishing URLs to help users identify malicious pages and prevent them from sharing account credentials with threat actors. [...]

Microsoft investigates Windows 11 boot failures after January updates

Microsoft is investigating reports that some Windows 11 devices are failing to boot with "UNMOUNTABLE_BOOT_VOLUME" errors after installing the January 2026 Patch Tuesday security updates. [...]

Microsoft releases emergency OOB update to fix Outlook freezes

Microsoft has released emergency, out-of-band updates on Saturday for Windows 10, Windows 11, and Windows Server to fix an issue that prevented Microsoft Outlook classic from opening when using PSTs stored in cloud storage. [...]

Sandworm hackers linked to failed wiper attack on Poland’s energy systems

A cyberattack targeting Poland's power grid in late December 2025 has been linked to the Russian state-sponsored hacking group Sandworm, which attempted to deploy a new destructive data-wiping malware dubbed DynoWiper during the attack.. [...]

Konni hackers target blockchain engineers with AI-built malware

The North Korean hacker group Konni (Opal Sleet, TA406) is using AI-generated PowerShell malware to target developers and engineers in the blockchain sector. [...]

China investigates top general Zhang Youxia in rare purge of senior military leaders

A notice published Friday by state-run Xinhua News Agency said the two men — Zhang Youxia, the country’s most senior uniformed military officer, and Liu Zhenli, a top operational commander — have been placed under investigation following deliberation by the Chinese Communist Party’s Central Committee.

2025 Was a Wake-Up Call to Protect Human Decisions, Not Just Systems

Cybersecurity must shift from solely protecting systems to safeguarding human decision-making under uncertainty and system failures.

ShinyHunters claim to be behind SSO-account data theft attacks

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. [...]

Swipe, Plug-in, Pwned: Researchers Find New Ways to Hack Vehicles

Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers during the latest Pwn2Own contest at Automotive World 2026.

Exploited Zero-Day Flaw in Cisco UC Could Affect Millions

Mass scanning is underway for CVE-2026-20045, which Cisco tagged as critical because successful exploitation could lead to a complete system takeover.

Europe's GCVE Raises Concerns Over Fragmentation in Vulnerability Databases

GCVE would enhance global collaboration, flexibility, and efficiency in tracking security flaws. Duplicate entries and a decentralization policy may create more chaos for defenders.

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft's Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers. [...]

CISA confirms active exploitation of four enterprise software bugs

The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend tooling framework, and the Prettier code formatter. [...]

Healthy Security Cultures Thrive on Risk Reporting

The signs of an effective security culture are shifting as companies call on CISOs and security teams to raise their hands unabashedly.

US to deport Venezuelans who emptied bank ATMs using malware

South Carolina federal prosecutors announced that two Venezuelan nationals convicted of stealing hundreds of thousands of dollars from U.S. banks in an ATM jackpotting scheme will be deported after serving their sentences. [...]

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. [...]

What an AI-Written Honeypot Taught Us About Trusting Machines

AI-generated code can introduce subtle security flaws when teams over-trust automated output. Intruder shows how an AI-written honeypot introduced hidden vulnerabilities that were exploited in attacks. [...]

Cyberattack disrupts digital systems at renowned Dresden museum network

Germany's Dresden State Art Collections network said it was able to keep facilities open and protect artworks while responding to a cyberattack against large portions of its digital infrastructure.