How VPN Tunneling Works: The Technology Behind Encrypted Connections
When you connect to a VPN, your traffic doesn’t simply “go private.” Something specific happens to every packet of data before it leaves your device…
Agentjacking Attack Can Trick AI Coding Agents Into Running Hacker-Controlled Code
A new attack called Agentjacking shows how AI coding agents can be tricked into running attacker-controlled code after reading a fake Sentry error report. The…
152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Faked Google Search Traffic
A network of 152 Chrome live wallpaper extensions used misleading privacy disclosures while funneling users to ad-monetized websites, according to the Socket Threat Research Team.…
Maine Takes Data Breach Portal Offline After Fake VRChat and Discord Filings
The Office of the Maine Attorney General has taken its public data breach database offline after fake breach notices impersonated VRChat and Discord. In a…
Anthropic Blocks Fable 5 and Mythos 5 Access After US Government Directive
Anthropic has disabled access to Claude Fable 5 and Claude Mythos 5 for all customers after receiving a US government export control directive. In an…
Splunk Enterprise Flaw Exposes Pre-Auth RCE Chain Through PostgreSQL Sidecar Service
Splunk has patched a critical Splunk Enterprise vulnerability that can let unauthenticated attackers create or truncate files through a PostgreSQL sidecar service endpoint. The flaw…
BugHunter Adds Free AI Provider Support for Bug Bounty Research
BugHunter is an open-source bug bounty toolkit that helps security researchers move from reconnaissance to vulnerability reports from the terminal. The BugHunter GitHub project says…
Oracle PeopleSoft Zero-Day Exploited by ShinyHunters in Data Theft Attacks
Oracle has warned customers about a critical PeopleSoft vulnerability that was exploited as a zero-day in attacks tied to ShinyHunters. The flaw is tracked as…
Microsoft Teams for Android Vulnerability Could Expose Sensitive Data
Microsoft has patched an information disclosure vulnerability in Microsoft Teams for Android that could allow an authenticated attacker to expose sensitive data over a network.…
Google Chrome Update Fixes 27 Security Bugs That Could Allow Code Execution
Google has released a Chrome security update that fixes 27 vulnerabilities in the desktop browser, including five critical flaws that could let attackers execute malicious…
January 22, 2026
1 comment 
