Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial…
Google Disrupts IPIDEA — One of the World’s Largest Residential Proxy Networks
Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it described as one of the largest residential proxy networks in the world. To that…
SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass
Ravie LakshmananJan 29, 2026Vulnerability / Software Security SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in…
3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026
The Hacker NewsJan 29, 2026Threat Intelligence / Incident Response Beyond the direct impact of cyberattacks, enterprises suffer from a secondary but potentially even more costly risk: operational downtime, any amount…
Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps
A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100…
New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories
Ravie LakshmananJan 29, 2026Cybersecurity / Hacking News This week's updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until…
Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial intelligence (AI) deployment has created a vast "unmanaged, publicly accessible layer of AI compute infrastructure"…
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released
Ravie LakshmananJan 30, 2026Vulnerability / Enterprise Security Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day…
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score
Ravie LakshmananJan 30, 2026Vulnerability / Email Security SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution.…
Ex-Google Engineer Convicted for Stealing AI Secrets for China Startup
Ravie LakshmananJan 30, 2026Artificial Intelligence / Economic Espionage A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted…
Badges, Bytes and Blackmail
Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in…
