January 2026

Federal agencies told to fix or ditch Gogs as exploited zero-day lands on CISA hit list

Git server flaw that attackers have been abusing for months has now caught the attention of US cyber cops CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the self-hosted Git service was added to its Known Exploited…

Mandiant open sources tool to prevent leaky Salesforce misconfigs

AuraInspector automates the most common abuses and generates fixes for customers Mandiant has released an open source tool to help Salesforce admins detect misconfigurations that could expose sensitive data.…

Court tosses appeal by hacker who opened port to coke smugglers with malware

Dutchman fails to convince judges his trial was unfair because cops read his encrypted chats A Dutch appeals court has kept a seven-year prison sentence in place for a man who hacked port IT systems with malware-stuffed USB sticks to help cocaine smugglers move containers, brushing off claims…

Block CISO: We red-teamed our own AI agent to run an infostealer on an employee laptop

Agents must be 'safer and better than humans,' James Nettesheim tells The Reg interview  When it comes to security, AI agents are like self-driving cars, according to Block Chief Information Security Officer James Nettesheim.…

Infamous BreachForums forum breached, spilling data on 325K users

Website built around buying and selling stolen data has lost control of its own Updated  BreachForums, the serially resurrected cybercrime marketplace, has tripped over itself after a data breach spilled details tied to about 324,000 user accounts.…

Ofcom officially investigating X as Grok’s nudify button stays switched on

Tech minister Liz Kendall says the government will back a robust regulatory response Ofcom is investigating X over potential violations of the Online Safety Act, Britian's comms watchdog has confirmed.…

Tories vow to boot under-16s off social media and ban phones in schools

Opposition leader Kemi Badenoch pitches age limits and classroom curbs as fixes for behavior and mental health The Tories have pledged to kick under-16s off social media, betting that banning teens from TikTok and Instagram will fix what they see as a growing crisis in kids' mental health…

India’s government denies it plans to demand smartphone source code

Says ongoing talks about security are about understanding best practice, not strong-arming vendors India’s government has denied that it is working on rules that would require smartphone manufacturers to provide access to their source code.…

UK government exempting itself from flagship cyber law inspires little confidence

Ministers promise equivalent standards just without the legal obligation ANALYSIS  From May's cyberattack on the Legal Aid Agency to the Foreign Office breach months later, cyber incidents have become increasingly common in UK government.…

How hackers are fighting back against ICE surveillance tech

Remember when government agents didn't wear masks? While watching us now seems like the least of its sins, the US Immigration and Customs Enforcement (ICE) was once best known (and despised) for its multi-billion-dollar surveillance tech budget.…

Copyright © 2026 Lugapel