Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

22/01/2026 0 Comments 0 tags

A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11 years. The vulnerability, tracked as CVE-2026-24061, is rated 9.8 out

ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories

22/01/2026 0 Comments 0 tags

Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted

Filling the Most Common Gaps in Google Workspace Security

22/01/2026 0 Comments 0 tags

Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience.

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

22/01/2026 0 Comments 0 tags

A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch. The vulnerability, which currently does

Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts

22/01/2026 0 Comments 0 tags

A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner,

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

22/01/2026 0 Comments 0 tags

Cybersecurity company Arctic Wolf has warned of a “new cluster of automated malicious activity” that involves unauthorized firewall configuration changes on Fortinet FortiGate devices. The activity, it said, commenced on

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

22/01/2026 0 Comments 0 tags

Cisco has released fresh patches to address what it described as a “critical” security vulnerability impacting multiple Unified Communications (CM) products and Webex Calling Dedicated Instance that it has been

North Korean PurpleBravo Campaign Targeted 3,136 IP Addresses via Fake Job Interviews

21/01/2026 0 Comments 0 tags

As many as 3,136 individual IP addresses linked to likely targets of the Contagious Interview activity have been identified, with the campaign claiming 20 potential victim organizations spanning artificial intelligence

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

21/01/2026 0 Comments 0 tags

Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service (DoS) and remote code execution. The most severe of the lot

Exposure Assessment Platforms Signal a Shift in Focus

21/01/2026 0 Comments 0 tags

Gartner® doesn’t create new categories lightly. Generally speaking, a new acronym only emerges when the industry’s collective “to-do list” has become mathematically impossible to complete. And so it seems that