Cyber Security News

Threat actors linked to Chinese hosting infrastructure have established a massive network of over 18,000 active command-and-control servers across 48 different hosting providers in recent months. This widespread abuse highlights a serious issue in how malicious infrastructure can hide within trusted networks and cloud services. Traditional threat hunting methods that focus on individual IP addresses The post Chinese Threat Actors Hosted 18,000 Active C2 Servers Across 48 Hosting Providers appeared first on Cyber Security News.

Palo Alto Networks has patched a critical denial-of-service vulnerability in its PAN-OS firewall software, tracked as CVE-2026-0227, which lets unauthenticated attackers disrupt GlobalProtect gateways and portals. The flaw carries a CVSS v4.0 base score of 7.7 (HIGH severity), stemming from improper checks for unusual conditions that force firewalls into maintenance mode after repeated exploitation attempts. The post Palo Alto Networks Firewall Vulnerability Allows Attacker to Trigger DoS Attacks appeared first on Cyber Security News.

Microsoft released security updates on January 13, 2026, addressing a critical elevation of privilege vulnerability in SQL Server that enables authorized attackers to bypass authentication controls and gain elevated system privileges remotely. Tracked as CVE-2026-20803, the vulnerability stems from missing authentication mechanisms for critical functions within the database engine. The flaw affects multiple SQL Server The post Microsoft SQL Server Vulnerability Allows Attackers to Elevate Privileges over a Network appeared first on Cyber Security News.

A sophisticated malware loader known as CastleLoader has emerged as a critical threat to US government agencies and critical infrastructure organizations. First identified in early 2025, this stealthy malware has been used as the initial access point in coordinated attacks targeting multiple sectors including federal agencies, IT firms, logistics companies, and essential infrastructure providers across The post Stealthy CastleLoader Malware Attacking US Government Agencies and Critical Infrastructure appeared first on Cyber Security News.

DragonForce is the latest ransomware brand to move from noisy forum posts to full RaaS operations, targeting both Windows and VMware ESXi environments. First seen in December 2023 on BreachForums, the group advertises stolen data and uses a dark web blog to pressure victims. The early leak post revealed the new cartel-style operation. The group The post Researchers Breakdown DragonForce Ransomware Along with Decryptor for ESXi and Windows Systems appeared first on Cyber Security News.

A novel single-click attack targeting Microsoft Copilot Personal that enables attackers to silently exfiltrate sensitive user data. The vulnerability, now patched, allowed threat actors to hijack sessions via a phishing link without further interaction.​ Attackers initiate Reprompt by sending a phishing email with a legitimate Copilot URL containing a malicious ‘q’ parameter, which auto-executes a The post New One-Click Microsoft Copilot Vulnerability Grants Attackers Undetected Access to Sensitive Data appeared first on Cyber Security News.

North Korean threat actors have launched a sophisticated social engineering campaign targeting software developers through fake recruitment offers. The campaign, known as Contagious Interview, uses malicious repositories disguised as technical assessment projects to deploy a dual-layer malware system. Victims are lured through LinkedIn messages from fake recruiters claiming to represent organizations like Meta2140, then directed The post North Korean Hackers use Code Abuse Tactics for ‘Contagious Interview’ Campaign appeared first on Cyber Security News.

Austin, TX / USA, January 14th, 2026, CyberNewsWire New monitoring capability delivers unprecedented visibility into vendor identity exposures, moving enterprises and government agencies from static risk scoring to protecting against actual identity threats.  SpyCloud, the leader in identity threat protection, today announced the launch of its Supply Chain Threat Protection solution, an advanced layer of The post SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats appeared first on Cyber Security News.

Large language models are changing how ransomware crews plan and run their attacks. Instead of inventing new kinds of malware, LLMs are speeding up every step of the existing ransomware lifecycle, from recon to extortion. Crews can now write fluent phishing lures, localize ransom notes, and triage stolen data in many languages in minutes, not The post LLMs are Accelerating the Ransomware Lifecycle to Gain Speed, Volume, and Multilingual Reach appeared first on Cyber Security News.

New York, NY, January 14th, 2026, CyberNewsWire Leading secrets security platform sees accelerated adoption across Fortune 500, with 60% of new customers choosing multi-year commitments. GitGuardian, the leading secrets and Non-Human Identity security platform, today announced record growth in ARR and customer expansion throughout 2025, reinforcing its position as the enterprise standard for protecting code, The post GitGuardian Closes 2025 with Strong Enterprise Momentum, Protecting Millions of Developers Worldwide appeared first on Cyber Security News.