Security News

CVE-2026-20045, a CVSS 9.8 RCE flaw in Cisco Unified CM, is being actively exploited. No workaround exists—organizations must upgrade to 14SU5 or 15SU4 immediately.

Arctic Wolf detected automated attacks on FortiGate devices starting January 15, exploiting CVE-2026-24858 (CVSS 9.8) to create backdoor admin accounts. Fortinet temporarily suspended FortiCloud SSO globally to contain the threat.

Apple broadens its Advanced Data Protection feature to more countries and adds new encrypted data categories, while maintaining its refusal to comply with UK government demands for a backdoor—leaving British users without the feature.

Packages 'spellcheckerpy' and 'spellcheckpy' downloaded over 1,000 times use multi-layer encryption and fileless execution to deliver cryptocurrency-stealing RAT. Same threat actor linked to November 2025 campaign.

The Everest ransomware group leaked 72.7 million Under Armour customer records including emails, names, dates of birth, purchase history, and loyalty program details after the company didn't pay.

Massive security update includes patches across 122 products with two CVSS 10.0 flaws. Java SE receives 11 remotely exploitable patches, and Financial Services Applications have 33 unauthenticated attack vectors.

Healthcare ransomware attacks affected 93% of organizations in 2024-2025, with Ascension's $1.8B loss and 5.6M affected patients illustrating the sector's vulnerability. HIPAA Security Rule update pending.

Five malicious Chrome extensions disguised as HR and ERP platforms like Workday, NetSuite, and SuccessFactors stole authentication tokens and enabled account takeover before being removed from the Chrome Web Store.

On July 19, 2024, a faulty CrowdStrike Falcon content update crashed 8.5 million Windows systems worldwide, causing over $10 billion in damages and grounding thousands of flights. A retrospective on what happened and what changed.

The Securities and Exchange Commission files charges against a publicly traded firm for materially understating the scope and impact of a 2025 data breach, signaling aggressive enforcement of cyber disclosure rules adopted in December 2023.

CVE-2025-62507 is a stack buffer overflow in Redis 8.2's XACKDEL command. JFrog researchers demonstrated full remote code execution is achievable, contradicting the initial 'authentication required' assessment.

Chinese state-sponsored hackers compromised nine major US telecommunications carriers throughout 2024, accessing wiretap systems, call metadata for over a million users, and communications of presidential campaign staff.