Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

New DarkSword iOS exploit used in infostealer attack on iPhones

A new exploit kit for iOS devices and delivery framework dubbed "Darksword" has been used to steal a wide range of personal information, including data from cryptocurrency wallet app.
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.
Bleeping Computer

Russian hackers exploit recently patched Microsoft Office bug in attacks

Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office. On January 26, ...
Dark Reading

Ivanti EPMM Zero-Day Bugs Spark Exploit Frenzy — Again

A handful of European government agencies have been compromised by hackers in recent weeks, thanks to a new round of critical vulnerabilities in an Ivanti product — and it's another grim reminder of ...
CSOonline

Attackers exploit decade‑old Windows driver flaw to shut down modern EDR defenses

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools. In a recent incident, attackers abused a legitimate but vulnerable Windows ...
Covers

Super Bowl Script: Epic Moments You're Guaranteed to Witness in Super Bowl 60

From first-quarter lulls to impossible catches, here’s why every Super Bowl feels like it was written in advance – even when it isn’t. Let's clear the air before you read another word: I do not ...
TechCrunch

Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users

Microsoft has rolled out fixes for security vulnerabilities in Windows and Office, which the company says are being actively abused by hackers to break into people’s computers. The exploits are ...
Ars Technica

Microsoft releases urgent Office patch. Russian-state hackers pounce.

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...
Forbes

Microsoft Confirms Windows Is Under Attack — Update Now

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. This voice experience is generated by AI. Learn more. This ...
Dark Reading

Microsoft Patches 6 Actively Exploited Zero-Days

Attackers are already actively exploiting six of the 59 vulnerabilities Microsoft disclosed in its latest security update, meaning security teams will need to treat February's Patch Tuesday more as an ...