Archive for January, 2026
CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries
| January 5th, 2026With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws.
The post CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries appeared first on SecurityWeek.
Source:: securityweek
Kimwolf Android Botnet Grows Through Residential Proxy Networks
| January 5th, 2026The 2-million-device-strong botnet allows monetization through DDoS attacks, app installs, and the selling of proxy bandwidth.
The post Kimwolf Android Botnet Grows Through Residential Proxy Networks appeared first on SecurityWeek.
Source:: securityweek
Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes
| January 5th, 2026WhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day.
The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes appeared first on SecurityWeek.
Source:: securityweek
The deal involved aerospace and defense specialist Emcore Corp. selling its computer chips and wafer fabrication operation.
The post President Trump Orders Divestment in $2.9 Million Chips Deal to Protect US Security Interests appeared first on SecurityWeek.
Source:: securityweek
Two US Cybersecurity Pros Plead Guilty Over Ransomware Attacks
| January 2nd, 2026Ryan Goldberg and Kevin Martin have admitted being affiliates of the BlackCat/Alphv ransomware group.
The post Two US Cybersecurity Pros Plead Guilty Over Ransomware Attacks appeared first on SecurityWeek.
Source:: securityweek
RondoDox Botnet Exploiting React2Shell Vulnerability
| January 2nd, 2026In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers.
The post RondoDox Botnet Exploiting React2Shell Vulnerability appeared first on SecurityWeek.
Source:: securityweek
Covenant Health Data Breach Impacts 478,000 Individuals
| January 2nd, 2026The Qilin ransomware group hacked the healthcare organization and stole data from its systems in May 2025.
The post Covenant Health Data Breach Impacts 478,000 Individuals appeared first on SecurityWeek.
Source:: securityweek
Adobe ColdFusion Servers Targeted in Coordinated Campaign
| January 2nd, 2026GreyNoise has observed thousands of requests targeting a dozen vulnerabilities in Adobe ColdFusion during the Christmas 2025 holiday.
The post Adobe ColdFusion Servers Targeted in Coordinated Campaign appeared first on SecurityWeek.
Source:: securityweek
Agentic AI Security Is Complicated, and the Hyper-Scalers Know It
| January 2nd, 20263 best practices for secure and efficient Agentic AI adoption and use.
Source:: Security magazin