Cisco Fixes Unified Communications RCE Flaw Under Attack
Threat actors are attempting to exploit the Cisco remote code execution flaw (CVE-2026-20045) in the wild, according to a new security advisory.
Archives for January 2026
All topics
Articles
18 Posts
Fortinet FortiGate Devices Targeted in New Campaign
This activity shares some similarities with a campaign that researchers at Arctic Wolf identified in December. That campaign started soon after Fortinet disclosed two authentication bypass flaws (CVE-2025-59718 and CVE-2025-59719).
High-Risk Authentication Bypass Flaw Found in Telnetd
The flaw is in the way that the telnetd server handles some specific user-supplied data. An attacker who exploits this vulnerability would be able to bypass the authentication path and gain root privileges.
UK Warns of DoS Attacks by Russian Hacktivist Group NoName057(16)
The network was linked to various attacks in 2023 and 2024, including ones against Swedish authorities and bank websites, and a wave of 14 different attacks on more than 250 German companies.
The RedVDS Takedown, Yet Another Chinese APT Emerges, and the StackWarp AMD Bug
This week, we talk about how Microsoft disrupted a long-running, large-scale cybercrime-as-a-service platform called RedVDS that has been active since 2019 and was used in high-volume phishing and BEC scams (1:00), then we discuss the research from Cisco Talos on another (!) Chinese APT called UAT-8837 that is targeting critical infrastructure organizations in North America […]
Microsoft Disrupts RedVDS Cybercrime Platform
The takedown marks a significant blow to the cybercrime-as-a-service ecosystem, which fuels large-scale, automated fraud.