News2025-11-20T18:59:28-05:00

The Latest News In Cyber Security

CarGurus – Data Breach – February 2026

February 22nd, 2026|Security Notice|

According to the dealer website blog by the used car advertising platform Auto Ad Manager, CarGurus.com suffered a data breach in February 2026.  This breach is impacting an estimated 12.5 million user and dealer accounts, according to data compiled by HaveIBeenPwned.com. The breach has been linked to the hacker group known as ShinyHunters, which reportedly attempted to extort CarGurus before[...]

Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites

January 19th, 2026|News|

Cybersecurity researchers have disclosed details of a security flaw that leverages indirect prompt injection targeting Google Gemini as a way to bypass authorization guardrails and use Google Calendar as a data extraction mechanism. The vulnerability, Miggo Security's Head of Research, Liad Eliyahu, said, made it possible to circumvent Google Calendar's privacy controls by hiding a dormant

Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice

January 17th, 2026|News|

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union's Most Wanted and INTERPOL's Red Notice lists, authorities

OpenAI to Show Ads in ChatGPT for Logged-In U.S. Adults on Free and Go Plans

January 17th, 2026|News|

OpenAI on Friday said it would start showing ads in ChatGPT to logged-in adult U.S. users in both the free and ChatGPT Go tiers in the coming weeks, as the artificial intelligence (AI) company expanded access to its low-cost subscription globally. "You need to know that your data and conversations are protected and never sold to advertisers," OpenAI said. "And[...]

GootLoader Malware Uses 500–1,000 Concatenated ZIP Archives to Evade Detection

January 16th, 2026|News|

The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 archives. "The actor creates a malformed archive as an anti-analysis technique," Expel security researcher Aaron Walton said in a report shared with The Hacker News. "That is, many unarchiving tools

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

January 15th, 2026|News|

A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider's own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk. The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible disclosure on

Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers

January 14th, 2026|News|

The Black Lotus Labs team at Lumen Technologies said it null-routed traffic to more than 550 command-and-control (C2) nodes associated with the AISURU/Kimwolf botnet since early October 2025. AISURU and its Android counterpart, Kimwolf, have emerged as some of the biggest botnets in recent times, capable of directing enslaved devices to participate in distributed denial-of-service (DDoS)

Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

January 13th, 2026|News|

Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay. "Enterprise organizations that are clients of these payment providers are the most likely to be impacted," Silent Push said in a report published today.

n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens

January 12th, 2026|News|

Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers' OAuth credentials. One such package, named "n8n-nodes-hfgjf-irtuinvcm-lasdqewriit," mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

January 10th, 2026|News|

The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. "The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

January 10th, 2026|News|

Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of an operation conducted by the Spanish National Police, in coordination with the Bavarian State Criminal Police Office and Europol, 28 arrests were made in Seville, along with three others in Madrid, two[...]

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

January 9th, 2026|News|

Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024. Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage, said it may have[...]

Simplified Summary

This is our news page where we write about things. New articles appear daily.