🚨 CISA KEV 1[−]
5 Jan KEVCISA KEV Catalog Expanded 20% in 2025, Topping 1,480 EntriesWith 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws. The post CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries appeared first on SecurityWeek .SECURITYWEEK.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
5 JanTen thousand firewalls are vulnerable to old vulnerabilityBleeping Computer reports that hackers are exploiting an old vulnerability in FortiOS that can be used to get around the two-factor authentication (2FA) requirement. The vulnerability, designated CVE-2020-12812, was patched back in July 2020, but five and a half years later, ther…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
5 JanWas bei der Cloud-Konfiguration schiefläuft – und wie es besser gehtFehlerhaft konfigurierte Cloud-Dienste sorgen regelmäßig für Datenlecks – und schlimmeres. DC Studio | shutterstock.com Konfigurationsfehler in der Cloud, die Unternehmensdaten gefährden, sind nicht unbedingt etwas Neues – eher im Gegenteil . Umso schlimmer, dass Unternehmen ihre…CSOONLINE.COM
5 JanCybersecurity leaders’ resolutions for 2026As the AI-hype dust settles, CISOs have a lot to focus on 2026. From ongoing struggles such as ensuring teams are not burning out to current and future concerns, which includes finding effective business cases for AI, focusing on spotting a breach before it happens to planning fo…CSOONLINE.COM
5 JanNew VVS Stealer Malware Targets Discord Accounts via Obfuscated Python CodeCybersecurity researchers have disclosed details of a new Python-based information stealer called VVS Stealer (also styled as VVS $tealer) that's capable of harvesting Discord credentials and tokens. The stealer is said to have been on sale on Telegram as far back as April 2025, …THEHACKERNEWS.COM
5 JanWhy are cybersecurity predictions so bad? - ESW #440For our first episode of the new year, we thought it would be appropriate to dig into some cybersecurity predictions. First, we cover the very nature of predictions and why they're often so bad. To understand this, we get into logical fallacies and cognitive biases. In the next s…YOUTUBE.COM
5 JanResearcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out FixesWhatsApp device fingerprinting can be useful in the delivery of sophisticated spyware, but impact is very limited without a zero-day. The post Researcher Spotlights WhatsApp Metadata Leak as Meta Begins Rolling Out Fixes appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanThe State of Cybersecurity in 2025: Key Segments, Insights, and InnovationsFeaturing: Cybersecurity is being reshaped by forces that extend beyond individual threats or tools. As organizations operate across cloud infrastructure, distributed endpoints, and complex supply chains, security has shifted from a collection of point solutions to a question of …THEHACKERNEWS.COM
5 JanHow the Organizational Risk Culture Standard can supercharge your cybersecurity cultureYou don’t lose most cyber battles to code. You lose them to culture: A rushed approval. A silent near-miss. A leader who shrugs at weak signals. Tools don’t fix that. People do, when they understand risk, own it and act with discipline under pressure. That is what the Organizatio…CSOONLINE.COM
5 Jan⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & MoreThe year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit. This …THEHACKERNEWS.COM
5 JanKimwolf Botnet Exploits 2 Million Devices to Build a Global Proxy InfrastructureA massive new botnet dubbed “Kimwolf” has infected over 2 million devices globally, transforming innocent users’ home internet connections into secret proxy nodes for cybercriminals. According to a new report by security firm Synthient, the botnet has grown expl…GBHACKERS.COM
5 JanProfileHound: Post-Escalation Tool Designed to Achieve Red Team ObjectivesProfileHound emerges as a specialized post-exploitation instrument for offensive security professionals seeking to identify high-value targets within Active Directory environments. The tool addresses a critical gap in red-team reconnaissance by enumerating domain user profiles st…GBHACKERS.COM
5 JanGHOSTCREW: AI-Powered Red Team Toolkit Integrating Metasploit, Nmap, and MoreA new open-source tool is bridging the gap between artificial intelligence and offensive security operations. GHOSTCREW is an advanced AI red team assistant that leverages Large Language Models (LLMs), Model Context Protocol (MCP), and Retrieval-Augmented Generation (RAG) to auto…GBHACKERS.COM
5 JanMultiple Flaws in QNAP Tools Allow Attackers to Steal Sensitive DataQNAP has released a security advisory addressing multiple vulnerabilities in its License Center application. If left unpatched, these flaws could allow attackers to steal sensitive information, crash system processes, or modify memory on affected Network Attached Storage (NAS) de…GBHACKERS.COM
5 JanNordVPN denies breach claims, says attackers have "dummy data"NordVPN denied allegations that its internal Salesforce development servers were breached, saying that cybercriminals obtained "dummy data" from a trial account on a third-party automated testing platform. [...]BLEEPINGCOMPUTER.COM
5 Jan KEVOver 10K Fortinet firewalls exposed to actively exploited 2FA bypasssubmitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/over-10-000-fortinet-firewalls-exposed-to-ongoing-2fa-bypass-attacks/SH.ITJUST.WORKS
5 JanStress caused by cybersecurity threats is taking its tollAs cyber threats become more frequent and more complex, they’re causing visible, measurable damage to organizations’ reputations and bottom lines. But the damage doesn’t end there. Breaches — or at least the threat of them — are impacting the mental health of companies’ IT and se…CSOONLINE.COM
5 Jan5 myths about DDoS attacks and protectionDistributed denial-of-service (DDoS) attacks come in many shapes and sizes, as do the myths surrounding them. These myths can center on motivations, DDoS attack vectors and techniques, mitigation strategies, and more. DDoS myths are also sometimes more dangerous than the attacks …CSOONLINE.COM
5 JanWhy Arbor Edge Defense and CDN-Based DDoS protection are better togetherIn today’s hyperconnected digital landscape, distributed denial-of-service (DDoS) attacks have evolved into sophisticated, multivector threats capable of crippling even the most resilient infrastructures. While content delivery network (CDN)-based DDoS protection offers scalable …CSOONLINE.COM
5 JanWhy cybersecurity needs to focus more on investigation and less on just detection and responseWhen we think about cybersecurity, most of us picture alarms going off, software scanning for viruses, and firewalls keeping the bad guys out. Detection and response are the heavy lifters in any modern security strategy, and rightfully so. They help us spot threats, shut them dow…CSOONLINE.COM
5 JanNew ransomware tactics to watch out for in 2026Ransomware groups made less money in 2025 despite a 47% increase in attacks, driving new tactics: bundled DDoS services, insider recruitment, and gig worker exploitation. Learn the emerging trends defenders must prepare for in 2026.RECORDEDFUTURE.COM
📢 SECURITY ADVISORIES 2[−]
5 JanEaton Vulnerabilities Allow Attackers to Execute Arbitrary Code on Host SystemsEaton has issued a critical security advisory warning users about multiple high-severity vulnerabilities in its UPS Companion software that could allow attackers to execute arbitrary code on affected systems. The power management company released patches addressing two significan…GBHACKERS.COM
🔥 INCIDENT REPORTING 18[−]
5 JanInfrastructure Under Attack: Cybersecurity Today for Monday January 5, 2026In this episode of 'Cybersecurity Today', host David Shipley discusses significant cyber events and their implications. The podcast explores hints by President Donald Trump regarding the use of cyber tactics in a U.S. operation that resulted in a power outage in Venezuela. The ep…CYBERSECURITYTODAY.LIBSYN.COM
5 JanCybersecurity firm turns tables on threat actors with decoy data trapCybersecurity firm Resecurity says it deliberately lured threat actors linked to Scattered Lapsus$ Hunters ( SLH ) alliance into a honeypot, after the group claimed that it had hacked the company and stolen internal and client data. “Understanding that the actor is conducting rec…CSOONLINE.COM
5 JanTelegram Hosting World’s Largest Darknet MarketWired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing firm Elliptic. …SCHNEIER.COM
5 JanCryptocurrency theft attacks traced to 2022 LastPass breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/cryptocurrency-theft-attacks-traced-to-2022-lastpass-breach/SH.ITJUST.WORKS
5 JanCovenant Health data breach impacted 478,000+ people | Cybernewssubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/news/covenant-health-data-breach-impacted-478000-people/SH.ITJUST.WORKS
5 JanSedgwick confirms cyber incident affecting its major federal contractor subsidiary | The Record from Recorded Future Newssubmitted by kid to cybersecurity 3 points | 0 comments https://therecord.media/sedgwick-cyber-incident-ransomwareSH.ITJUST.WORKS
5 JanHackers Steal $35M in Cryptocurrency Following LastPass BreachRussian cybercriminals have laundered over $35 million in stolen cryptocurrency linked to the devastating 2022 LastPass breach, according to new forensic analysis by blockchain intelligence firm TRM Labs. The 2022 attack exposed encrypted password vaults belonging to roughly 30 m…GBHACKERS.COM
5 JanCrimson Collective Claims Alleged Breach of Brightspeed Fiber NetworkA threat actor group operating under the name “Crimson Collective” has publicly claimed responsibility for a significant data breach targeting Brightspeed, the United States’ third-largest fiber broadband infrastructure builder. The threat group has presented wh…GBHACKERS.COM
5 JanLedger customers impacted by third-party Global-e data breachLedger is informing some customers that their personal data has been exposed after hackers breached the systems of third-party payment processor Global-e. [...]BLEEPINGCOMPUTER.COM
5 JanNordVPN denies breach claims, says attackers have "dummy data"submitted by kid to cybersecurity 3 points | 0 comments https://www.bleepingcomputer.com/news/security/nordvpn-denies-breach-claims-says-attackers-have-dummy-data/SH.ITJUST.WORKS
5 JanSedgwick Confirms Cyberattack on Government SubsidiaryHackers have compromised a file transfer system at Sedgwick’s subsidiary that serves government agencies. The post Sedgwick Confirms Cyberattack on Government Subsidiary appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanTaiwan subjected to 2.6 million Chinese cyberattacks a day in 2025Taiwan’s National Security Agency states that the number of Chinese cyberattacks against the country’s critical infrastructure increased by 6% in 2025, averaging 2.6 million attacks per day, Reuters reports. The attacks mainly targeted the energy sector, hospitals, banks and emer…CSOONLINE.COM
5 JanEuropean Space Agency Confirms Server Breach - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/european-space-agency-confirms/SH.ITJUST.WORKS
5 JanBrightspeed Investigating CyberattackThe hacking group Crimson Collective has claimed the theft of personal information pertaining to over 1 million Brightspeed customers. The post Brightspeed Investigating Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanCyberattack Unlikely in Communications Failure That Grounded Flights in GreeceFlights across Greece were impacted for several hours after noise was reported on multiple air traffic communication channels. The post Cyberattack Unlikely in Communications Failure That Grounded Flights in Greece appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanLedger customers impacted by third-party Global-e data breachsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/ledger-customers-impacted-by-third-party-global-e-data-breach/SH.ITJUST.WORKS
5 JanUS broadband provider Brightspeed investigates breach claimsBrightspeed, one of the largest fiber broadband companies in the United States, is investigating security breach and data theft claims made by the Crimson Collective extortion gang. [...]BLEEPINGCOMPUTER.COM
5 JanCloud file-sharing sites targeted for corporate data theft attacksA threat actor known as Zestix has been offering to corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 18[−]
5 JanISC Stormcast For Monday, January 5th, 2026 https://isc.sans.edu/podcastdetail/9752, (Mon, Jan 5th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
5 JanNew GlassWorm malware wave targets Macs with trojanized crypto walletssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/new-glassworm-malware-wave-targets-macs-with-trojanized-crypto-wallets/SH.ITJUST.WORKS
5 JanHackers claim to hack Resecurity, firm says it was a honeypotsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/hackers-claim-resecurity-hack-firm-says-it-was-a-honeypot/SH.ITJUST.WORKS
5 JanWhat is happening to the Internet in Venezuela?submitted by kid to cybersecurity 2 points | 0 comments https://securityaffairs.com/186509/intelligence/what-is-happening-to-the-internet-in-venezuela.htmlSH.ITJUST.WORKS
5 JanLeak exposes Knownsec’s role in state cyber targeting | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/security/knownsec-leak-exposes-involvement-in-state-linked-cyber-operations/SH.ITJUST.WORKS
5 JanKimwolf Android Botnet Grows Through Residential Proxy NetworksThe 2-million-device-strong botnet allows monetization through DDoS attacks, app installs, and the selling of proxy bandwidth. The post Kimwolf Android Botnet Grows Through Residential Proxy Networks appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanAdobe ColdFusion Servers Targeted in Coordinated Campaign - SecurityWeeksubmitted by kid to cybersecurity 2 points | 0 comments https://www.securityweek.com/adobe-coldfusion-servers-targeted-in-coordinated-campaign/SH.ITJUST.WORKS
5 JanAttackers Leverage FortiWeb Vulnerabilities to Deploy Sliver C2 for Long-Term AccessThreat researchers have uncovered a sophisticated attack campaign targeting FortiWeb web application firewalls across multiple continents, with adversaries deploying the Sliver command-and-control framework to establish persistent access and establish covert proxy infrastructure.…GBHACKERS.COM
5 JanPyArmor Obfuscation as a Method to Hinder Static and Signature-Based AnalysisMalware authors continue to adopt legitimate software protection tools to shield their malicious code from security researchers. A prime example is the “VVS Stealer,” a Python-based malware family actively targeting Discord users. By leveraging Pyarmor, a tool de…GBHACKERS.COM
5 JanThreat Actors Abuse Trusted Business Infrastructure to Host InfostealersIn a disturbing evolution of the cybercrime landscape, a self-sustaining cycle of infection has emerged in which victims of malware are being unwillingly conscripted into the ranks of attackers. New research from the Hudson Rock Threat Intelligence Team, in collaboration with the…GBHACKERS.COM
5 JanAI: Faster, Not BetterIn our latest episode, we tackle the myth of 'faster is better' in cybersecurity. 🚀 Discover why AI-driven pen tests might be quick but not necessarily superior, and explore the real cost of mediocrity in generative AI. As investments in AI continue to soar, are we heading toward…YOUTUBE.COM
5 JanVSCode IDE forks expose users to "recommended extension" attacksPopular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in the OpenVSX registry, allowing threat actors to claim the namespace and upload malicious extensions. [...]BLEEPINGCOMPUTER.COM
5 JanCybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaignsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/01/cybercriminals-abuse-google-cloud-email.htmlSH.ITJUST.WORKS
5 JanSeveral countries investigate Elon Musk’s Grok after sexualized deepfakes on women and childrenFrance and Malaysia have launched investigations against Elon Musk’s AI chatbot Grok, after it generated sexualized deepfakes of women and minors, Techcrunch reports. India has also demanded that X restrict Grok’s ability to generate “obscene, pornographic or pedophilic” images w…CSOONLINE.COM
5 JanVVS Stealer Uses Advanced Obfuscation to Target Discord Users - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/vvs-stealer-advanced-obfuscation/SH.ITJUST.WORKS
5 JanRussia-Aligned Hackers Abuse Viber to Target Ukrainian Military and GovernmentThe Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. "This organization has continued to conduct high-intensity intelligence gathering…THEHACKERNEWS.COM
5 JanAI Can't Replace Human ValuePredictions about AI replacing jobs often overlook human value. Understanding what people and sponsors value is crucial to this debate. How do we ensure AI complements rather than replaces human roles? Subscribe to our podcasts: https://securityweekly.com/subscribe #HumanValue #J…YOUTUBE.COM
5 JanPalo Alto Networks Announces Support for NVIDIA Enterprise AI FactorySecure your AI Factory with Palo Alto Networks Prisma AIRS and NVIDIA BlueField. Get zero trust security without sacrificing AI performance. The post Palo Alto Networks Announces Support for NVIDIA Enterprise AI Factory appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
5 JanKimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy NetworksThe botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. "Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling resident…THEHACKERNEWS.COM
5 JanClickFix attack uses fake Windows BSOD screens to push malwareA new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death (BSOD) screens to trick users into manually compiling and executing malware on their systems. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 4[−]
5 JanBitfinex Hack Convict Ilya Lichtenstein Released Early Under U.S. First Step ActIlya Lichtenstein, who was sentenced to prison last year for money laundering charges in connection with his role in the massive hack of cryptocurrency exchange Bitfinex in 2016, said he has been released early. In a post shared on X last week, the 38-year-old announced his relea…THEHACKERNEWS.COM
5 JanAgentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeAs agentic AI adoption accelerates, identity is emerging as the primary security challenge. Token Security explains why AI agents behave like a new class of identity and why CISOs must manage their access, lifecycle, and risk. [...]BLEEPINGCOMPUTER.COM
5 JanRisks of OOB Access via IP KVM Devices, (Mon, Jan 5th)Recently, a new "breed" of IP-based KVM devices has been released. In the past, IP-based KVM devices required dedicated "server-grade" hardware using IPMI. They often cost several $100 per server, and are only available for specific systems that support the respective add-on…ISC.SANS.EDU
5 JanHacktivist deletes white supremacist websites live on stage during hacker conferenceA hacker known as Martha Root broke in and deleted three white supremacists websites at the end of a talk during the annual hacker conference Chaos Communication Congress in Germany.TECHCRUNCH.COM