January 2026

Putinswap: France trades alleged ransomware crook for conflict researcher

Basketball player accused of aiding cybercrime gang extradition blocked in exchange for Swiss NGO consultant France has released an alleged ransomware crook wanted by the US in exchange for a conflict researcher imprisoned in Russia.…

QR codes a powerful new phishing weapon in hands of Pyongyang cyberspies

State-backed attackers are using QR codes to slip past enterprise security and help themselves to cloud logins, the FBI says North Korean government hackers are turning QR codes into credential-stealing weapons, the FBI has warned, as Pyongyang's spies find new ways to duck enterprise security and help themselves…

China-linked cybercrims abused VMware ESXi zero-days a year before disclosure

Huntress analysis suggests VM escape bugs were already weaponized in the wild Chinese-linked cybercriminals were sitting on a working VMware ESXi hypervisor escape kit more than a year before the bugs it relied on were made public.…

Grok told to cover up as UK weighs action over AI ‘undressing’

Image generation paywalled on X after ministers and regulators start asking awkward questions Grok has yanked its image-generation toy out of the hands of most X users after the UK government openly weighed a ban over the AI feature that "undressed" people on command.…

Ransomware attacks kept climbing in 2025 as gangs refused to stay dead

Cop wins hit crime infrastructure, not the people behind it If 2025 was meant to be the year ransomware started dying, nobody appears to have told the attackers.…

CISA flags actively exploited Office relic alongside fresh HPE flaw

Max-severity OneView hole joins a PowerPoint bug that should've been retired years ago CISA has added a pair of security holes to its actively exploited list, warning that attackers are now abusing a maximum-severity bug in HPE's OneView management software and a years-old flaw in Microsoft Office.…

UK regulators swarm X after Grok generated nudes from photos

Lawyers say Musk's platform may face punishment under Online Safety Act priority offenses Elon Musk's X platform is under fire as UK regulators close in on mounting reports that the platform's AI chatbot, Grok, is generating sexual imagery without users' consent.…

Maximum-severity n8n flaw lets randos run your automation server

Unauthenticated RCE means anyone on the network can seize full control A maximum-severity bug in the popular automation platform n8n has left an estimated 100,000 servers wide open to complete takeover, courtesy of a flaw so bad it doesn't even require logging in.…

OpenAI putting bandaids on bandaids as prompt injection problems keep festering

Happy Groundhog Day! Security researchers at Radware say they've identified several vulnerabilities in OpenAI's ChatGPT service that allow the exfiltration of personal information.…

Stalkerware slinger pleads guilty for selling snooper software to suspicious spouses

pcTattletale boss Bryan Fleming faces up to 15 years in prison when sentenced later this year The US government has secured a guilty plea from a stalkerware maker in federal court, marking just the second time in more than a decade that the US has managed to prosecute…

Copyright © 2026 Lugapel