Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-22 12:00 PST
- Curl ending bug bounty program after flood of AI slop reports
BleepingComputer • 2026-01-22 11:01 • www.bleepingcomputer.com
The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by low-quality AI-generated vulnerability reports. […]
https://www.bleepingcomputer.com/news/security/curl-ending-bug-bounty-program-after-flood-of-ai-slop-reports/ - SmarterMail auth bypass flaw now exploited to hijack admin accounts
BleepingComputer • 2026-01-22 10:44 • www.bleepingcomputer.com
Hackers began exploiting an authentication bypass vulnerability in SmarterTools’ SmarterMail email server and collaboration tool that allows resetting admin passwords. […]
https://www.bleepingcomputer.com/news/security/smartermail-auth-bypass-flaw-now-exploited-to-hijack-admin-accounts/ - New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack
The Hacker News • 2026-01-22 10:00 • thehackernews.com
Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator in Southeast Asia in November 2025.
The attack leveraged a malicious driver called POORTRY as part of a known technique referred to as bring your own vulnerable driver (BYOVD) to disarm security software, the Symantec and Carbon Black Threat Hunter
https://thehackernews.com/2026/01/new-osiris-ransomware-emerges-as-new.html - Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access
The Hacker News • 2026-01-22 08:30 • thehackernews.com
A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11 years.
The vulnerability, tracked as CVE-2026-24061, is rated 9.8 out of 10.0 on the CVSS scoring system. It affects all versions of GNU InetUtils from version 1.9.3 up to and including version 2.7.
“Telnetd in GNU Inetutils through 2.7 allows remote authentication bypass
https://thehackernews.com/2026/01/critical-gnu-inetutils-telnetd-flaw.html - Microsoft Teams to add brand impersonation warnings to calls
BleepingComputer • 2026-01-22 08:28 • www.bleepingcomputer.com
Microsoft will soon add new fraud protection features to Teams calls, warning users about external callers who attempt to impersonate trusted organizations in social engineering attacks. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-to-add-brand-impersonation-warnings-to-calls/ - INC ransomware opsec fail allowed data recovery for 12 US orgs
BleepingComputer • 2026-01-22 08:21 • www.bleepingcomputer.com
An operational security failure allowed researchers to recover data that the INC ransomware gang stole from a dozen U.S. organizations. […]
https://www.bleepingcomputer.com/news/security/inc-ransomware-opsec-fail-allowed-data-recovery-for-12-us-orgs/ - Why Active Directory password resets are surging in hybrid work
BleepingComputer • 2026-01-22 07:01 • www.bleepingcomputer.com
Hybrid work has driven a surge in Active Directory password resets, turning minor lockouts into major productivity drains. Specops shows why remote access, cached credentials, and security policies are fueling the spike. […]
https://www.bleepingcomputer.com/news/security/why-active-directory-password-resets-are-surging-in-hybrid-work/ - ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories
The Hacker News • 2026-01-22 06:23 • thehackernews.com
Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted workflows were enough to open doors without forcing them.
What stands out is how little friction attackers now need. Some activity focused on quiet reach and coverage, others on timing and reuse. The emphasis
https://thehackernews.com/2026/01/threatsday-bulletin-pixel-zero-click.html - Microsoft updates Notepad and Paint with more AI features
BleepingComputer • 2026-01-22 06:22 • www.bleepingcomputer.com
Microsoft is rolling out new artificial intelligence features with the latest updates to the Notepad and Paint apps for Windows 11 Insiders. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-updates-notepad-and-paint-with-more-ai-features/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
