Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-22 16:00 PST
- Okta SSO accounts targeted in vishing-based data theft attacks
BleepingComputer • 2026-01-22 13:43 • www.bleepingcomputer.com
Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft. […]
https://www.bleepingcomputer.com/news/security/okta-sso-accounts-targeted-in-vishing-based-data-theft-attacks/ - Curl ending bug bounty program after flood of AI slop reports
BleepingComputer • 2026-01-22 11:01 • www.bleepingcomputer.com
The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by low-quality AI-generated vulnerability reports. […]
https://www.bleepingcomputer.com/news/security/curl-ending-bug-bounty-program-after-flood-of-ai-slop-reports/ - SmarterMail auth bypass flaw now exploited to hijack admin accounts
BleepingComputer • 2026-01-22 10:44 • www.bleepingcomputer.com
Hackers began exploiting an authentication bypass vulnerability in SmarterTools’ SmarterMail email server and collaboration tool that allows resetting admin passwords. […]
https://www.bleepingcomputer.com/news/security/smartermail-auth-bypass-flaw-now-exploited-to-hijack-admin-accounts/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
