Hacking
WhatsApp rolls out Strict Account settings to strengthen protection for high-risk users
Meta announced new Strict Account Settings on WhatsApp to better protect high-risk users from advanced cyber attacks. Meta announced new Strict Account Settings on WhatsApp to enhance the security of high-risk users from advanced, targeted cyber attacks. “Strict Account Settings is one of many ways we’re working to protect you from the most sophisticated of […]
Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online
Shadowserver researchers found 6,000+ SmarterMail servers exposed online and likely vulnerable to a critical auth bypass flaw. Nonprofit security organization Shadowserver reported that over 6,000 SmarterMail servers are exposed on the internet and likely vulnerable to attacks exploiting a critical authentication bypass flaw tracked as CVE-2026-23760. Cybersecurity firm watchTowr disclosed the vulnerability on January 8, […]
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: […]
Amnesia RAT deployed in multi-stage phishing attacks against Russian users
A multi-stage phishing campaign targets users in Russia with ransomware and Amnesia RAT using fake business documents as lures. FortiGuard Labs researchers uncovered a multi-stage malware campaign mainly targeting users in Russia. The attack uses fake business documents as social engineering lures to distract victims while malware runs in the background. It escalates to full […]
Bypassing Windows Administrator Protection
submitted by /u/CyberMasterV [link] [comments]
Dormakaba flaws allow to access major organizations’ doors
Researchers found over 20 flaws in Dormakaba access systems that could let attackers remotely unlock doors at major organizations. Researchers from SEC Consult discovered and fixed more than 20 security flaws in Dormakaba physical access control systems. The experts uncovered multiple critical vulnerabilities in Dormakaba physical access control systems based on exos 9300. These enterprise […]
Emergency Microsoft update fixes in-the-wild Office zero-day
Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 2016–2024 and Microsoft 365 Apps. Microsoft released out-of-band security updates to address an actively exploited Office zero-day vulnerability tracked as CVE-2026-21509. The issue is a security feature bypass vulnerability that affects multiple Office versions, including Microsoft Office 2016, Microsoft Office 2019, […]
ShinyHunters claims 2 Million Crunchbase records; company confirms breach
Crunchbase confirms a data breach after cybercrime group ShinyHunters claims to have stolen over 2 million personal records. Crunchbase confirmed a data breach after the cybercriminal group ShinyHunters claimed to steal over 2 million personal records from its systems. The group leaked a 402 MB compressed archive on their website due to a failed extortion […]
Saudi Arabia ordered to pay £3m to London dissident over Pegasus spying
High court finds kingdom responsible for hacking phones of Ghanem al-Masarir and for physical attack on himA judge has ordered Saudi Arabia to pay more than £3m in damages to a London-based dissident whose phones were targeted with Pegasus spyware.In a…