Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-24 02:00 PST
- New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
The Hacker News • 2026-01-24 00:21 • thehackernews.com
The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the “largest cyber attack” targeting Poland’s power system in the last week of December 2025.
The attack was unsuccessful, the country’s energy minister, Milosz Motyka, said last week.
“The command of the cyberspace forces has diagnosed in the last days of the year the strongest attack on
https://thehackernews.com/2026/01/new-dynowiper-malware-used-in-attempted.html - Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents
The Hacker News • 2026-01-24 00:20 • thehackernews.com
AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity beyond human speed across the enterprise.
Then comes the moment every security team eventually hits:
“Wait… who approved this?”
Unlike users or applications, AI agents are often deployed quickly, shared broadly,
https://thehackernews.com/2026/01/who-approved-this-agent-rethinking.html - CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog
The Hacker News • 2026-01-24 00:09 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the
https://thehackernews.com/2026/01/cisa-adds-actively-exploited-vmware.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
