Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-20 07:00 PST
- Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution
The Hacker News • 2026-01-20 05:55 • thehackernews.com
A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete arbitrary files and execute code under certain conditions.
“These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI assistant reads (a malicious README,
https://thehackernews.com/2026/01/three-flaws-in-anthropic-mcp-git-server.html - Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
The Hacker News • 2026-01-20 05:46 • thehackernews.com
Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads, likely with the intent to deploy a remote access trojan (RAT).
The activity delivers “weaponized files via Dynamic Link Library (DLL) sideloading, combined with a legitimate, open-source Python pen-testing script,” ReliaQuest said in a report shared with
https://thehackernews.com/2026/01/hackers-use-linkedin-messages-to-spread.html - Webinar: Aligning cybersecurity purchases with what your SOC team needs
BleepingComputer • 2026-01-20 05:15 • www.bleepingcomputer.com
Learn how security leaders and SOC teams can work together to close the gap between platform decisions and operational needs. Join Sumo Logic and BleepingComputer on January 29 for a practical webinar on aligning security tools with real-world workflows. […]
https://www.bleepingcomputer.com/news/security/webinar-aligning-cybersecurity-purchases-with-what-your-soc-team-needs/ - Could ChatGPT Convince You to Buy Something?
Schneier on Security • 2026-01-20 04:08 • www.schneier.comEighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AI’s development hadn’t consolidated under a small number of big tech firms. Nor had it capitalized on consumer attention, surveilling users and delivering ads.
Unfortunately, the AI industry is now taking a page from the social media playbook and has set its sights on monetizing consumer attention. When OpenAI…
https://www.schneier.com/blog/archives/2026/01/could-chatgpt-convince-you-to-buy-something.html - The Hidden Risk of Orphan Accounts
The Hacker News • 2026-01-20 03:58 • thehackernews.com
The Problem: The Identities Left Behind
As organizations grow and evolve, employees, contractors, services, and systems come and go – but their accounts often remain. These abandoned or “orphan” accounts sit dormant across applications, platforms, assets, and cloud consoles.
The reason they persist isn’t negligence – it’s fragmentation.
Traditional IAM and IGA systems are designed
https://thehackernews.com/2026/01/the-hidden-risk-of-orphan-accounts.html - Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto
The Hacker News • 2026-01-20 03:48 • thehackernews.com
Cybersecurity researchers have disclosed details of a malware campaign that’s targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem.
“The malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency-related data. Compromised developer
https://thehackernews.com/2026/01/evelyn-stealer-malware-abuses-vs-code.html - Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers
The Hacker News • 2026-01-20 03:12 • thehackernews.com
Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers.
“The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*),” the web infrastructure
https://thehackernews.com/2026/01/cloudflare-fixes-acme-validation-bug.html - Why Secrets in JavaScript Bundles are Still Being Missed
The Hacker News • 2026-01-20 02:45 • thehackernews.com
Leaked API keys are no longer unusual, nor are the breaches that follow. So why are sensitive tokens still being so easily exposed?
To find out, Intruder’s research team looked at what traditional vulnerability scanners actually cover and built a new secrets detection method to address gaps in existing approaches.
Applying this at scale by scanning 5 million applications revealed over
https://thehackernews.com/2026/01/why-secrets-in-javascript-bundles-are.html - Add Punycode to your Threat Hunting Routine, (Tue, Jan 20th)
SANS ISC Diary (full) • 2026-01-20 02:01 • isc.sans.eduIDNs or “International Domain Names†have been with us for a while now (see RFC3490[1]). They are (ab)used in many attack scenarios because.. it works! Who can immediately spot the difference between:
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
