Vulnerabilities discovered by researchers in Dormakaba physical access control systems could have allowed hackers to remotely open doors at major organizations. The security holes were discovered by experts at SEC Consult, a cybersecurity consulting firm under Atos-owned Eviden, in Dormakaba's Exos central management software, a hardware access manager, and registration units that enable entry via a keypad, fingerprint reader, or chip card.
The North Korean threat actor known as Konni has been observed using PowerShell malware generated using artificial intelligence (AI) tools to target developers and engineering teams in the blockchain sector. The phishing campaign has targeted Japan, Australia, and India, highlighting the adversary's expansion of the targeting scope beyond South Korea, Russia, Ukraine, and European nations, Check Point Research said in a technical report published last week.
infosec in brief T'was a dark few days for automotive software systems last week, as the third annual Pwn2Own Automotive competition uncovered 76 unique zero-day vulnerabilities in targets ranging from Tesla infotainment to EV chargers. A record 73 entries were included in this year's competition at Automotive World in Tokyo, and, while not all were successful, Trend Micro's Zero Day Initiative still ended up paying out more than $1 million to successful competitors. For those unfamiliar with the structure of a Pwn2Own competition, ethical hackers and security experts enter with plans to perform a certain exploit, which they must do in a limited time.
Russia was probably behind the failed attempts to compromise the systems of Poland's power companies in December, cybersecurity researchers claim. ESET attributed the attack with "medium" confidence to Russia's GRU-run Sandworm unit, after it investigated the attack and its use of wiper malware. The attackers, believed to be state-backed, deployed DynoWiper malware on Poland's national energy systems. Energy minister Milosz Motyka said they attempted to disrupt communication between renewable hardware and power distribution operators, but were unsuccessful.
In early January 2026, some Ledger customers were notified that personal and order information related to Ledger.com purchases had been accessed during a security incident involving Global-e, a third-party e-commerce partner that acts as the "merchant of record" for certain orders. Ledger stressed that its own hardware and software systems were not breached. However, the exposed purchase data was enough to spark a familiar second act: highly targeted phishing attempts that appear legitimate because they reference real-world details.
Yesterday (Jan. 20), the Commission unveiled its revised Cybersecurity Act proposal after months of behind-the-scenes negotiations that reportedly caused substantial friction between officials and member states. This sweeping update introduces measures to identify and potentially exclude "high-risk" third countries and companies from Europe's critical digital infrastructure across 18 essential sectors, including energy systems. As cybersecurity threats continue rising since the original Act took effect seven years ago, the EU is essentially drawing new battle lines in the global tech landscape.
Wiz Security's research team identified that a subset of repositories configured regular expressions for AWS CodeBuild webhook filters intended to limit trusted actor IDs, but these filters were insufficient, allowing a predictably acquired actor ID to gain administrative permissions. The four affected repositories that put the AWS Console supply chain at risk were the AWS SDK for JavaScript v3, the general-purpose cryptographic library aws-lc, amazon-corretto-crypto-provider, and awslabs/open-data-registry, a repository of publicly available datasets accessible from AWS resources.
The National Institute of Standards and Technology (NIST) recently released NIST IR 8596, the Initial Preliminary Draft of the Cybersecurity Framework Profile for Artificial Intelligence (Cyber AI Profile). The document establishes a structured approach for managing cybersecurity risk related to AI systems and the use of AI in cyber defense, organised around three focus areas: Securing AI System Components (Secure), Conducting AI-Enabled Cyber Defense (Defend), and Thwarting AI-Enabled Cyber Attacks (Thwart).
We have already discussed in the previous two articles about file and folder permissions along with special permissions that are supported in linux. The permissions are effective for many scenarios. But what happens when you need more granularity? How do you grant write access to a file to just one specific user who isn't the owner and isn't in the owning group? How do you allow two different groups read access, but only one of them write access?
A U.S. judge recently dismissed a shareholder lawsuit that accused cybersecurity company CrowdStrike Holdings Inc. ( NASDAQ: CRWD) of making false statements about its software testing before the 2024 global outage. Also, it has announced its intent to acquire Seraphic and SGNL, as well as new strategic partnership with Nord Security. The share price is 6.3% lower than a month ago and down 3.9% from six months ago, underperforming the Nasdaq in both time frames.
Research from Pentera Labs reveals evidence of active exploitation in customer-managed business cloud environments, particularly within Fortune 500 companies and cybersecurity vendors. This exploitation is targeting training applications utilized by said organizations. These are applications typically deployed for security demos and training, including OWASP Juice Shop, DVWA and Hackazon. The research discovered thousands of systems exposed, with several hosted on enterprise infrastructure using Azure, AWS and GCP cloud platforms.
To start, having your Google Ads account hijacked can be devastating, and it is just that much worse on the agency level. Your budgets can be spent, your bank accounts can be depleted, and your account history and reputation can be ruined. All of this can also lead to losing advertising clients and maybe worse. We covered some of this in our November story.
BIG - ShinyHunters confirmed to me that they are behind the recent Okta vishing campaign and have published alleged data from three major victims ( Crunchbase, SoundCloud, and Betterment) on their new blog, stating more are coming. 🔽
"A floor manager responsible for production asked me to fix his PC, which was so slow he could literally make a coffee in the time between double-clicking an icon and having the program open," Parker told On Call. The manager's PC was only a year old and ran Windows XP, a combo that at the time of this tale should have made for decent performance.
Last year, the security consulting community reached a new milestone: the introduction of the Ed Chandler Security Innovation Award. The award, presented for the very first time at CONSULT 2025 and co-sponsored by SecuritySpecifiers and Security magazine, honors the life, legacy and influence of Edmonds (Ed) Chandler Jr. The inaugural award is designed to recognize the innovation that advances both the practice and impact of security consulting.
