[Control systems] Siemens security advisory (AV26-106)

January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI's...

Aisle, the company blog authoring the post, is an AI security tool. Recently, Antrophic reported finding 500 vulnerabilities across various products. This has a problem, though: they don't discuss...

Zack Whittaker reports: Singapore’s government has blamed a known Chinese cyber-espionage group for targeting four of its top telecommunication companies as part of a months-long attack. In a...

“The president, several of his top advisers, and lawmakers will be participating in a discussion at the White House today about FISA Section 702 renewal,” a senior White House official said.

Some may experience some schadenfraude over this one. Zack Whittaker reports: A hacktivist has scraped more than half-a-million payment records from a provider of consumer-grade “stalkerware”...

It’s easy to forget that just because a news cycle may be about 15 minutes, incident response is much longer. The following is an update from St. Mary’s County in Maryland about the CodeRED...

SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance. The incident took place on January 29,...

Liv McMahon reports: Discord will soon require users globally to verify their age with a face scan or by uploading a form of ID if they want to access adult content. […] Users can either upload a...

Multiple vulnerabilities have been discovered in Ivanti Endpoint Manager, the most severe of which could allow for authentication bypass. Ivanti Endpoint Manager is a client-based unified endpoint...

Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution.FortiAuthenticator is a centralized identity and access...

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these...

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.Adobe After Effects is a digital effects, motion graphics, and...

The world’s biggest social media companies face several landmark trials this year that seek to hold them responsible for harms to children who use their platforms. Opening statements in one such...

In April 2007, the Baltic nation of Estonia woke up to one of the world’s first major cyberattacks on civil society carried out by a state. A series of massive “distributed denial of service”...

Ukraine has launched Mission Control, a first-of-its-kind digital command-and-control system designed to unify planning, execution and reporting for all drone operations across the country, as...

A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user's computer into a residential proxy node. [...]

On Jan. 7, U.S. President Donald Trump issued a memorandum ordering the United States to withdraw from 66 international organizations. Many of these are various United Nations entities or...

Artificial intelligence (AI) has evolved beyond its origins as a productivity booster and is now fundamentally reshaping the cybersecurity battlefield. The number of AI-related cyberattacks is...

Microsoft has released the Windows 10 KB5075912 extended security update to fix February 2026 Patch Tuesday vulnerabilities, including six zero-days, and continue rolling out replacements for...

The Trump administration’s push to acquire Greenland has produced a carefully calibrated response from Moscow. An air of restraint in public comments masks more private concern over potential...

Introduction In modern warfare, the front lines are no longer confined to the battlefield; they extend directly into the servers and supply chains of the industry that safeguards the nation....

FortiGuard Labs details a new XWorm RAT campaign using multi-language phishing emails, Excel exploits (CVE-2018-0802), HTA execution, and fileless .NET techniques to gain full remote control of...

Mere data exfiltration is no longer a lucrative approach for ransomware groups, and threat actors may increasingly rely on encryption to regain leverage, Coveware notes in a new report. Following...

2Critical51Important1Moderate0LowMicrosoft addresses 54 CVEs in the February 2026 Patch Tuesday released, including six zero-day vulnerabilities that were exploited in the wild and three publicly...

2Critical51Important1Moderate0LowMicrosoft addresses 54 CVEs in the February 2026 Patch Tuesday released, including six zero-day vulnerabilities that were exploited in the wild and three publicly...

Italian authorities are investigating a series of suspected sabotage attacks on railway infrastructure in northern Italy that disrupted travel services during the opening days of the Winter...

The Netherlands' Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that...

Today is Microsoft's February 2026 Patch Tuesday with security updates for 58 flaws, including 6 actively exploited and three publicly disclosed zero-day vulnerabilities. [...]

The European Commission reports a cyberattack on its central mobile infrastructure that may have exposed staff names and phone numbers. Swift action by CERT-EU contained the breach within nine...