News
-
Belgian hospital shuts down servers and cancels procedures after cyberattack
A Belgian hospital operating in Antwerp and Deurne disconnected servers at 6:32 AM after a cyberattack, cancelling scheduled procedures and transferring seven critical patients. Authorities have been notified and an investigation is under way.
-
Long running web skimmer targeted major payment networks since 2022
A technical analysis found a web skimming campaign active since January 2022 that targeted major payment networks and used obfuscated JavaScript to harvest payment and personal data from checkout pages.
-
VoidLink modular Linux malware targets cloud and container environments
VoidLink is a modular Linux malware framework found in December 2025 that targets cloud and container environments. The framework supports 37 plugins and includes rootkit techniques, credential harvesting and multiple command and control channels.
-
New SHADOW#REACTOR campaign uses text only stagers and MSBuild to deploy Remcos RAT
A technical report from Securonix details SHADOW#REACTOR, a campaign that stages text only fragments and in memory loaders to deliver the Remcos RAT and achieve persistent access, using MSBuild and other legitimate Windows binaries.
-
CISA Adds Gogs Path Traversal CVE-2025-8110 to Known Exploited Vulnerabilities Catalog
CISA added CVE-2025-8110, a high severity Gogs path traversal that can enable code execution, to its Known Exploited Vulnerabilities catalog on January 12 2026. About 1,600 exposed instances exist with several hundred compromised.
-
Apex Legends players report character hijacks during live matches
Players reported Apex Legends characters being controlled remotely during live matches, causing disconnects and name changes. The developer acknowledged and then resolved the incident after about six hours while saying there was no evidence of remote code execution.
-
BreachForums database of 323,986 user accounts leaked in January
A database of 323,986 BreachForums accounts was published January 9. The dump is dated August and includes hashed passwords, private messages, a password protected PGP key and a 4,400 word manifesto titled Doomsday.
-
Ransomware breach at Cancer Center exposes participant files including 1990s Social Security numbers
A ransomware attack on August 31, 2025 breached the Cancer Center in Honolulu and stole study participant files including 1990s documents with Social Security numbers, the university said in a report to the state legislature.
-
Endesa discloses customer data breach affecting contract and payment details
Endesa and operator Energía XXI disclosed that hackers accessed a commercial platform and obtained customer contract information, including identity and payment details. The firm serves about 22 million clients and is notifying affected customers.
-
OpenCode vulnerability allowed unauthenticated code execution on users machines
An independent disclosure found OpenCode started an unauthenticated local HTTP server that allowed connected clients to execute arbitrary code. Update to v1.1.10 or newer and check server settings to reduce exposure.
