Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-13 07:00 PST
- [Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl
The Hacker News • 2026-01-13 05:44 • thehackernews.com
AI agents are no longer just writing code. They are executing it.
Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks.
Behind every agentic workflow sits a layer few organizations are actively securing: Machine Control
https://thehackernews.com/2026/01/webinar-t-from-mcps-and-tool-access-to.html - Target employees confirm leaked code after 'accelerated' Git lockdown
BleepingComputer • 2026-01-13 05:08 • www.bleepingcomputer.com
Multiple current and former Target employees confirmed that leaked source code samples posted by a threat actor match real internal systems. The company also rolled out an “accelerated” lockdown of its Git server, requiring VPN access, a day after being contacted by BleepingComputer. […]
https://www.bleepingcomputer.com/news/security/target-employees-confirm-leaked-code-after-accelerated-git-lockdown/ - 1980s Hacker Manifesto
Schneier on Security • 2026-01-13 04:09 • www.schneier.comForty years ago, The Mentor—Loyd Blankenship—published “The Conscience of a Hacker” in Phrack.
You bet your ass we’re all alike… we’ve been spoon-fed baby food at school when we hungered for steak… the bits of meat that you did let slip through were pre-chewed and tasteless. We’ve been dominated by sadists, or ignored by the apathetic. The few that had something to teach found us willing pupils, but thos…
https://www.schneier.com/blog/archives/2026/01/1980s-hacker-manifesto.html - New Advanced Linux VoidLink Malware Targets Cloud and container Environments
The Hacker News • 2026-01-13 03:57 • thehackernews.com
Cybersecurity researchers have disclosed details of a previously undocumented and feature-rich malware framework codenamed VoidLink that’s specifically designed for long-term, stealthy access to Linux-based cloud environments
According to a new report from Check Point Research, the cloud-native Linux malware framework comprises an array of custom loaders, implants, rootkits, and modular
https://thehackernews.com/2026/01/new-advanced-linux-voidlink-malware.html - What Should We Learn From How Attackers Leveraged AI in 2025?
The Hacker News • 2026-01-13 03:55 • thehackernews.com
Old Playbook, New Scale: While defenders are chasing trends, attackers are optimizing the basics
The security industry loves talking about “new” threats. AI-powered attacks. Quantum-resistant encryption. Zero-trust architectures. But looking around, it seems like the most effective attacks in 2025 are pretty much the same as they were in 2015. Attackers are exploiting the same entry points that
https://thehackernews.com/2026/01/what-should-we-learn-from-how-attackers.html - ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation
The Hacker News • 2026-01-13 03:47 • thehackernews.com
ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user.
The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0
“This issue […] could enable an unauthenticated user to impersonate another user and
https://thehackernews.com/2026/01/servicenow-patches-critical-ai-platform.html - Who Decides Who Doesn’t Deserve Privacy?
Troy Hunt • 2026-01-13 03:41 • www.troyhunt.comRemember the Ashley Madison data breach? That was now more than a decade ago, yet it arguably remains the single most noteworthy data breach of all time. There are many reasons for this accolade, but chief among them is that by virtue of the site being expressly designed to facilitate
https://www.troyhunt.com/who-decides-who-doesnt-deserve-privacy/
- Hackers get hacked, as BreachForums database is leaked
Graham Cluley • 2026-01-13 01:45 • www.bitdefender.com
Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous?If so, I might have some unsettling news for you.
Read more in my article on the Hot for Security blog.
https://www.bitdefender.com/en-us/blog/hotforsecurity/hackers-get-hacked-as-breachforums-database-is-leaked - New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack
The Hacker News • 2026-01-13 01:08 • thehackernews.com
Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access.
“The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a
https://thehackernews.com/2026/01/new-malware-campaign-delivers-remcos.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
