159-CVE January Patch Tuesday smashes single-month record
Brace yourselves… and consider reading your email in plaintext for now
Similar Posts
Protecting Your Software Supply Chain: Assessing the Risks Before Deployment
Bys sImagine you’re considering a new car for your family. Before making a purchase, you evaluate its safety ratings, fuel efficiency, and reliability. You might even take it for a test drive to ensure it meets your needs. The same approach should be applied to software and hardware products before integrating them into an organization’s environment….
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog, flagging it as actively exploited in attacks. The vulnerability, tracked as CVE-2025-40551 (CVSS score: 9.8), is a untrusted data deserialization vulnerability that could pave the way for…
Oracle customers confirm data stolen in alleged cloud breach is valid
Bys sOracle continues to deny it had any breach, but customers and researchers are claiming otherwise. Lawrence Abrams reports: Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor…
EPIC Releases New Report on Protecting Health Privacy in the Digital Age
Bys sToday the Electronic Privacy Information Center (EPIC) released Beyond HIPAA: Reimagining How Privacy Laws Apply to Health Data to Maximize Equity in the Digital Age. The report examines and proposes solutions to the health data privacy crisis—a product of unregulated digital technologies, weak privacy laws, the criminalization of many forms of health care, and growing federal attacks on marginalized communities. Through commercial surveillance, our health data is extracted to profile us, reveal……
PJobRAT makes a comeback, takes another crack at chat apps
Bys sSophos X-Ops uncovers a recent campaign from an Android RAT first seen in 2019 – now infecting users in Taiwan
⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
Bys sIn a world where threats are persistent, the modern CISO’s real job isn’t just to secure technology—it’s to preserve institutional trust and ensure business continuity. This week, we saw a clear pattern: adversaries are targeting the complex relationships that hold businesses together, from supply chains to strategic partnerships. With new regulations and the rise of…