China-linked APT groups deploy PeckBirdy JScript-based framework
PeckBirdy is JScript-based, which allows it to run across different environments using legitimate system tools.
Cybersecurity News - Page 17
Malicious Chrome extensions masquerade as ChatGPT tools to steal user accounts
The extensions share a common mechanism that hijacks ChatGPT session authentication tokens and sends them to a third-party backend.
New ClickFix сampaign abuses Microsoft App-V to deliver Amatera infostealer
The attack begins with a fake CAPTCHA verification that instructs victims to manually paste and run a command using the Windows Run dialog.
Microsoft rolls out emergency fix for actively exploited Office zero-day
Patches are currently available for most supported versions, but updates for Office 2016 and Office 2019 have not yet been released.
Zimbra, VMware flaws actively exploited in the wild
CISA has added five vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
North Korean Konni hackers deploy AI-Generated PowerShell malware against blockchain devs
The attack chain begins with a Discord-hosted link that delivers a ZIP archive containing a PDF lure and a malicious Windows shortcut (LNK).
Multi-stage phishing campaign targets Russian users with Amnesia RAT and ransomware
The attack uses social engineering lures delivered via business-themed documents.
Russian Sandworm APT behind DynoWiper attack on Poland’s power grid
The attacks targeted two combined heat and power plants, as well as a system used to manage electricity generated from renewable sources.
Cyber Security Week in Review: January 23, 2026
In brief: Cisco fixes two zero-days, flaws in Fortinet’s FortiGate and FortiSIEM solutions exploited in the wild, and more.
Cisco fixes critical Unified CM flaw exploited in the wild
Also, attackers are reportedly exploiting a patch bypass for a previously fixed critical Fortinet FortiGate authentication vulnerability.
Showing elements 161 - 170