The Hacker News

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

CISA warns that hackers are actively exploiting a high-severity flaw in Gogs that can lead to remote code execution; no patch ...

For January, Patch Tuesday starts off with a bang

The latest update from Microsoft deals with 112 flaws, including eight the company rated critical — and three zero-day ...
SecurityWeek

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

Chrome 144 and Firefox 147 were released with patches for a total of 26 vulnerabilities, including high-severity code ...
The Hacker News

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft’s January 2026 Patch Tuesday fixes 114 Windows flaws, including an actively exploited Desktop Window Manager bug ...
GovInfoSecurity

Flaw in AI Libraries Exposes Models to Remote Code Execution

Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by ...

US government told to patch serious Gogs security issue or face attack

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new bug to its Known Exploited Vulnerabilities ...

CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks

CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in ...
Network World

Palo Alto Networks patches firewalls after discovery of a new denial-of-service flaw

A previous virtually identical zero day DoS vulnerability was targeted in the wild, and there's already a PoC for this one.
CSO Online

High-severity bug in Broadcom software enables easy WiFi denial-of-service

Discovered during fuzz testing, the bug affects Broadcom chipset software and requires a manual router reboot after each ...
CSO Online

Cybersecurity risk will accelerate this year, fueled in part by AI, says World Economic Forum

Its annual cybersecurity outlook says cyber resilience is key to lowering that risk, with AI the most significant driver of ...

Signal Creator's New AI Assistant Won’t Read Your Chats—Not Even the Admins Can

Signal creator Moxie Marlinspike has launched Confer AI. This is claimed to be truly private and offers hardware-based ...

Best of the Week: IT earnings signal demand recovery, margins still strain

Tata Consultancy Services posted $7.51 billion in revenue, growing 0.6% sequentially, with net profit rising 2.7% to $1.5 ...