Latest Internet & Cybersecurity News
Critical NGINX Vulnerability Is Being Actively Exploited
A critical NGINX vulnerability, CVE-2026-42945, disclosed last week, is now being exploited by attackers, according to VulnCheck researcher Patrick Garrity. The issue is drawing urgent attention because active exploitation means exposed systems may already be at immediate risk .
GitHub Breach Reportedly Linked to Poisoned VS Code Extension
A security incident involving GitHub has been tied to a poisoned Visual Studio Code extension, highlighting the growing abuse of trusted developer tooling. The case underscores how supply-chain attacks can compromise organizations through seemingly legitimate software updates or extensions .
UN General Assembly Adopts Global Cybersecurity Governance Framework
The UN General Assembly adopted a landmark resolution creating a new global cybersecurity governance framework. The move is intended to strengthen international coordination on cyber norms, cooperation, and shared responses to cross-border threats .
Zero Trust in OT Expands Beyond Identity to Visibility and Segmentation
Industrial operators are increasingly treating zero trust in operational technology as more than identity verification, emphasizing visibility, segmentation, and resilience. Experts cited by Industrial Cyber say the focus is shifting toward minimizing blast radius and keeping critical systems running during attacks .
OT Security Leaders Push Resilience-Based Architectures
The Industrial Cyber feature says organizations are prioritizing a Minimum Viable Digital Enterprise approach so essential functions remain available under attack. This reflects a broader move from pure prevention toward continuity, recovery, and operational resilience in industrial environments .
Australia’s Under-16 Social Media Ban Highlights Youth Online Safety Debate
A current-affairs report notes Australia has enacted a social media prohibition for users under 16, described as a global first in protecting youth online. While not strictly a cyber policy, it signals increasing government intervention in digital safety and platform accountability .
Parents Urged to Strengthen Home Cyber Defenses for Children
A practical cybersecurity guide recommends parental controls, router restrictions, and monitoring tools to reduce children’s exposure to cyber risks. It also points parents toward resources and apps such as Qustodio, Norton Family, and Bark for safer device usage .
Cybersecurity Awareness for Families Gains More Attention
The same family-safety article stresses continuous learning through newsletters, webinars, and workshops to keep pace with changing threats. The emphasis reflects a wider trend toward making cybersecurity awareness a household responsibility, not just an enterprise one .
Dragos Examines Rising OT Risk in 2026
Cyber Magazine features Dragos discussing the evolving operational technology threat landscape and key risks facing industrial organizations in 2026. The focus reinforces how OT security remains a major concern as attackers increasingly target critical infrastructure .
Trusted Software Ecosystems Remain a High-Value Attack Surface
The GitHub and VS Code-extension incident highlights the continuing danger of supply-chain compromise in developer ecosystems. Security teams are being reminded that signed, popular, or familiar tools can still be used as attack vectors when trust is abused .