-
Microsoft is launching a new security feature designed to protect Teams users from fraudulent external callers impersonating trusted organizations. The Brand Impersonation Protection for Teams Calling will roll out starting mid-February 2026, with gene…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Day Two of Pwn2Own Automotive 2026 kicked off with high intensity, as security researchers targeted automotive infotainment systems, EV chargers, and gateways. Building on Day One’s momentum, teams demonstrated 37 unique zero-day vulnerabilities,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered ransomware family, Osiris, targeted a major foodservice franchisee in Southeast Asia in November 2025. Despite sharing a name with a 2016 Locky ransomware variant, security researchers confirm this represents an entirely new threat w…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Akamai’s Security Intelligence and Response Team (SIRT) uncovered a serious command injection vulnerability in legacy Vivotek IoT camera firmware. Tracked as CVE-2026-22755, the flaw lets remote attackers inject and run arbitrary code as root wit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has patched critical vulnerabilities in its CUDA Toolkit that expose developers and GPU-accelerated systems to command injection and arbitrary code execution risks. Released on January 20, 2026, the update addresses four flaws in Nsight Systems …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in BIND 9 exposes DNS servers to remote denial-of-service (DoS) attacks. Security firm ISC disclosed CVE-2025-13878 on January 21, 2026, warning that malformed BRID or HHIT records in DNS queries can trigger an unexpected termi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated multi-stage phishing campaign is actively targeting PNB MetLife Insurance customers through fake payment gateway pages. The attack chain extracts customer details, forces fraudulent UPI payments, and escalates to full banking credential…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Snaps are compressed, cryptographically signed, revertable software packages for Linux desktops, servers, and embedded devices. A sophisticated campaign targeting Canonical’s Snap Store has escalated dramatically, with threat actors shifting from…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
JA3 fingerprinting, long dismissed as outdated technology, is experiencing a resurgence as security teams discover its practical value in identifying and tracking malicious infrastructure with surprising precision. Despite widespread skepticism about J…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has added CVE-2026-20045, a critical zero-day remote code execution (RCE) vulnerability in Cisco Unified Communications Manager (Unified CM), to its Known Exploited Vulnerabilities (KEV) catalog. Added on January 21, 2026, this flaw affects multip…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
