The Hacker News

⚠️ DevOps SaaS isn’t “always on.” In 2024, GitHub, Jira, and Azure DevOps logged 502 incidents, causing 4,755 hours of outages or degraded service. Early 2025 data shows a 69% YoY rise in major incidents. Shared responsibility leaves data protection with you. 🔗 Read → https://thehackernews.com/2026/01/high-costs-of-devops-saas-downtime.html

⚡ Cybersecurity Recap: From critical exploits to cloud missteps and AI-driven attacks, the threat surface keeps expanding. See how defenders are adapting—and where the next wave is forming. 🔗 Read the full Weekly Recap → https://thehackernews.com/2026/01/weekly-recap-fortinet-exploits-redline.html

🚨 AMD StackWarp flaw weakens SEV-SNP VM isolation. A hardware bug in Zen 1–5 CPUs lets a privileged host misuse a control bit (via hyperthreading) to corrupt a confidential VM’s stack, enabling key recovery and auth bypass. 🔗 Details & fixes → https://thehackernews.com/2026/01/new-stackwarp-hardware-flaw-breaks-amd.html

🚨 A fake Chrome ad blocker crashes the browser on purpose, then tricks users into running attacker commands. Huntress calls it CrashFix, an evolved ClickFix tactic linked to the KongTuke traffic distribution system for reuse in follow-on attacks. 🔗 Learn how the crash-and-fix loop works → https://thehackernews.com/2026/01/crashfix-chrome-extension-delivers.html

⚠️ Researchers exploited an XSS flaw in the StealC malware control panel and exposed its operators. They extracted system fingerprints, live sessions, and cookies from infrastructure built to steal data—showing how fragile MaaS setups can be. 🔗 Read → https://thehackernews.com/2026/01/security-bug-in-stealc-malware-panel.html

🚨 Authorities added Black Basta’s alleged leader, Oleg Nefedov, to the EU Most Wanted list and issued an INTERPOL Red Notice. Police say he directed targeting, recruitment, and ransom handling for a ransomware group that pulled in hundreds of millions in crypto. Leaked internal chats later exposed the operation. 🔗 Inside Black Basta → https://thehackernews.com/2026/01/black-basta-ransomware-hacker-leader.html

OpenAI will start showing ads in ChatGPT for logged-in adult U.S. users on Free and Go plans. 📢 Ads are clearly labeled, appear only at the bottom of chats, and do not influence responses. OpenAI says conversations aren’t sold to advertisers, and ad personalization can be turned off. 🔗 Read → https://thehackernews.com/2026/01/openai-to-show-ads-in-chatgpt-for.html

⚠️ GootLoader now uses 500–1,000 ZIP files glued together! The broken ZIP won’t open in WinRAR or 7-Zip, but Windows Explorer still opens it and runs the JavaScript malware. Each download is different, so file hashes don’t match. 🔗 Learn how this ZIP trick bypasses defenses → https://thehackernews.com/2026/01/gootloader-malware-uses-5001000.html

🚨 Researchers uncovered 5 malicious Chrome extensions masquerading as HR/ERP tools like Workday and NetSuite. They exfiltrate auth cookies and suppress access to security and admin pages via DOM manipulation. 🔗 Details here → https://thehackernews.com/2026/01/five-malicious-chrome-extensions.html

Most people lock down passwords but forget what’s already public. 🧾 Home addresses and phone numbers are listed on data broker sites anyone can search. That visibility increases the risk of doxxing, scams, and real-world harassment. 🔗 How public data turns into a safety risk → https://thehackernews.com/2026/01/your-digital-footprint-can-lead-right.html

⚠️ Update: Check Point says CVE-2025-37164 is being mass-exploited to spread the RondoDox botnet, with 40,000+ attacks on Jan 7. The activity targeted government, finance, and industrial sectors, prompting same-day KEV inclusion. 🔗 Read → https://thehackernews.com/2026/01/cisa-flags-microsoft-office-and-hpe.html

🚨 A China-linked group targeted U.S. government and policy entities using Venezuela-themed phishing lures. The campaign delivered the LOTUSLITE backdoor via DLL side-loading. No confirmed compromises. 🔗 Details → https://thehackernews.com/2026/01/lotuslite-backdoor-targets-us-policy.html