Cybersecurity weekly report: This weekly cybersecurity roundup makes one thing clear right away 2026 did not start quietly. Instead of flashy, highly technical attacks, many threat actors leaned into trust abuse, third-party exposure, and identity compromise. According to multiple intelligence providers, a claimed NordVPN development-environment exposure, a confirmed Global-e incident affecting Ledger customers, and Russia-aligned activity abusing consumer messaging apps set the tone for the week. At the same time, ransomware attacks January 2026 continued at a familiar pace, reinforcing patterns already visible across recent data breach news 2026 and the latest threat intelligence report releases. Weekly cybersecurity roundup: what…
Author: Cyber infos
Malicious Chrome Extensions Secretly Copy ChatGPT DeepSeek Chats of 900k Users. A sneaky web browser scheme has been caught by security experts. This setup used fake Chrome add-ons to grab private talks from ChatGPT and DeepSeek. Information pulled wasn’t limited to chats – full surfing records were taken too. The digital theft affected over nine hundred thousand people across the globe. Most victims had no idea their data was being siphoned away. Researchers at OX Security spotted the activity while checking browser add-ons. Notably disturbing – these fake tools looked just like real AI helpers people trust. Their realistic design…
Workflow automation tools are designed to save time, reduce manual effort, and quietly power business operations behind the scenes. But when these tools break, the damage can be far from quiet. That’s exactly the concern surrounding CVE-2025-68668, a newly disclosed critical n8n vulnerability that allows authenticated users to execute arbitrary system commands on the host server. With a CVSS score of 9.9, this flaw is among the most severe issues reported in automation platforms in recent years. What makes CVE-2025-68668 especially dangerous isn’t just its technical severity, it’s where n8n sits in modern organizations. From startups automating marketing workflows to…
Late December 2025 brought a serious wake-up call for anyone running MongoDB databases. The vulnerability, known as Mongobleed Vulnerability (CVE-2025-14847), hit the headlines fast because attackers can pull sensitive data straight from your server’s memory without even logging in. Most database problems need some kind of access first, but this one doesn’t. It strikes right away, before any checks happen. That’s what makes it so risky for businesses like yours. It carries a high CVSS score of 8.7, and scans show over 87,000 MongoDB instances could be exposed online. In early 2026, this quickly became one of the top database…
Cybersecurity isn’t something most people think about until something goes wrong. A hacked email. A drained bank account. A social media account hijacked and used to scam friends. That moment usually comes with the same sinking feeling: “I should’ve been more careful.” That’s why cybersecurity resolutions for 2026 matter more than ever. They’re not just a checklist you glance at once and forget. They’re habits simple, repeatable actions that quietly protect you every single day. This isn’t about fear or technical jargon. It’s about awareness, consistency, and taking control of your digital life. Resolution #1: Adopt a Password Manager Let’s…
Look, let’s reset expectations right away. Every January, security teams hear the same message: this year will be different. Better tools. Smarter automation. Fewer incidents. And yet, by March, inboxes are full of incident reports and late-night Slack pings again. That’s why emerging malware 2026 isn’t just another annual prediction exercise. It’s a reality check. Throughout 2025, I spent time reviewing breach write-ups, internal SOC timelines, and real-world response notes from environments running Microsoft 365, Google Workspace, AWS, and Azure. Nothing exotic. No fringe setups. And the pattern kept repeating. Malware didn’t win because it was advanced. It won because…