Cisco has released a security advisory addressing multiple vulnerabilities in Snort 3, the network intrusion detection and prevention engine used across several Cisco security products. The issues affect how Snort 3 processes Distributed Computing Environment / Remote Procedure Call (DCE/RPC) traffic and could allow a remote, unauthenticated attacker to interrupt packet inspection or access limited

Continue Reading

Google has published the January 2026 Android Security Bulletin, outlining the latest security updates intended to protect Android users from newly identified vulnerabilities. Devices that receive the January 5, 2026 security patch level (2026-01-05) are expected to include all fixes referenced in this release. The bulletin notes that Android partners were notified of the issues

Continue Reading

Veeam has released an important security update for Veeam Backup & Replication that addresses several vulnerabilities affecting version 13.x. The fixes are included in build 13.0.1.1071, released on January 6, 2026. These issues, identified during Veeam’s internal testing process, could allow privileged users to perform remote code execution and other high-risk actions if left unpatched.Veeam

Continue Reading

A recent ownCloud advisory has highlighted a series of credential theft incidents affecting some organizations running self-hosted file-sharing platforms, including ownCloud Community Edition deployments. The advisory references a January 2026 report from threat intelligence firm Hudson Rock, which confirms the incidents were not caused by software vulnerabilities or a breach of the ownCloud platform itself.

Continue Reading

Security researchers at cybersecurity softare company OX Security have uncovered a widespread malware campaign involving two Chrome extensions that impersonate a legitimate AI sidebar tool while covertly collecting users’ ChatGPT and DeepSeek conversations along with extensive browsing data. Combined, the malicious extensions have been installed by more than 900,000 users. Despite containing data-stealing functionality, one

Continue Reading

IBM has issued a security alert for a critical authentication bypass vulnerability impacting IBM API Connect, warning that the flaw could let attackers gain access without valid credentials. API Connect is a foundational platform used by enterprises to build, secure, and manage APIs, meaning the issue strikes at the core of systems that connect key

Continue Reading

A critical security vulnerability has been disclosed in LangChain that could enable attackers to extract environment secrets and inject unauthorized objects during deserialization. The issue affects LangChain Core versions 1.0.0 to 1.2.4 and LangChain versions below 0.3.81, with fixes now available in langchain-core 1.2.5 and langchain 0.3.81, according to the project’s official security advisory. The

Continue Reading

A critical Remote Code Execution (RCE) vulnerability has been disclosed in n8n, a widely used open-source workflow automation platform. The issue affects a large range of versions and could allow attackers to execute arbitrary code on vulnerable systems. ecurity researchers warn that unpatched instances may be fully compromised if exploited. The flaw exists in n8n’s

Continue Reading