🚨 CISA KEV 1[−]
7 Jan KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2009-0556 Microsoft Office PowerPoint Code Injection Vulnerability CVE-2025-37164 HPE OneView Code Injection Vulnerability These…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 31[−]
7 JanOngoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL RoutersA newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS score: 9.3), concerns a case of command injection in the "dnscfg.cgi" endpoint that arises as a result …THEHACKERNEWS.COM
7 JanCVE-2025-4432 Ring: some aes functions may panic when overflow checking is enabled in ringInformation published.MSRC.MICROSOFT.COM
7 JanGoogle Warns of High-Risk WebView Vulnerability That Breaks Security ControlsGoogle released Chrome versions 143.0.7499.192/.193 on January 6, 2026, to patch a high-severity vulnerability in WebView that could allow attackers to bypass important security policies. The flaw, tracked as CVE-2026-0628, represents a significant threat to users whose browsers …GBHACKERS.COM
7 Jann8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud VersionsOpen-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE). The vulnerability, which has been assigned the CVE identifier CVE-2026-21877, is rated 10.0 on t…THEHACKERNEWS.COM
7 JanVeeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & ReplicationVeeam has released security updates to address multiple flaws in its Backup & Replication software, including a "critical" issue that could result in remote code execution (RCE). The vulnerability, tracked as CVE-2025-59470, carries a CVSS score of 9.0. "This vulnerability al…THEHACKERNEWS.COM
7 JanBug in Open WebUI macht Kostenlos-Tool zur BackdoorDer Schweregrad des Bugs in Open WebUI wird als hoch eingestuft. Wirestock Creators- shutterstock.com Sicherheitsforschende von Cato Networks haben eine Schwachstelle in Open WebUI, einem selbstgehosteten Enterprise Interface für Large Language Models (LLM), entdeckt . Diese soll…CSOONLINE.COM
7 JanCritical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full ControlCybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over susceptible instances. The vulnerability, tracked as CVE-202…THEHACKERNEWS.COM
7 JanCritical RCE flaw allows full takeover of n8n AI workflow platformResearchers have released details about a critical vulnerability that was silently patched in n8n, a platform used by many companies to build LLM-powered agents and automated workflows. The flaw can allow unauthenticated attackers to completely take over local n8n deployments, ex…CSOONLINE.COM
7 JanCritical n8n Vulnerability Allows Authenticated Remote Code ExecutionA critical security vulnerability has been discovered in n8n, the popular workflow automation tool, potentially allowing authenticated attackers to execute arbitrary code on the host server. Identified as CVE-2026-21877, this high-severity vulnerability affects both self-hosted a…GBHACKERS.COM
7 JanCVE-2025-68285 libceph: fix potential use-after-free in have_mon_and_osd_map()Information published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68290 most: usb: fix double free on late probe failureInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68331 usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transferInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68327 usb: renesas_usbhs: Fix synchronous external abort on unbindInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68330 iio: accel: bmc150: Fix irq assumption regressionInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68282 usb: gadget: udc: fix use-after-free in usb_gadget_state_workInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68283 libceph: replace BUG_ON with bounds check for map->max_osdInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBsInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68286 drm/amd/display: Check NULL before accessingInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68295 smb: client: fix memory leak in cifs_construct_tcon()Information published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68288 usb: storage: Fix memory leak in USB bulk transportInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68284 libceph: prevent potential out-of-bounds writes in handle_auth_session_key()Information published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68308 can: kvaser_usb: leaf: Fix potential infinite loop in command parsersInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68287 usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call pathsInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68289 usb: gadget: f_eem: Fix memory leak in eem_unwrapInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68302 net: sxgbe: fix potential NULL dereference in sxgbe_rx()Information published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68328 firmware: stratix10-svc: fix bug in saving controller dataInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68339 atm/fore200e: Fix possible data race in fore200e_open()Information published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68342 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing dataInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-68343 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing headerInformation published.MSRC.MICROSOFT.COM
7 JanCVE-2025-62224 Microsoft Edge (Chromium-based) for Android Spoofing VulnerabilityUser interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 24[−]
7 JanCybersecurity hat kein Budget-ProblemEin Tag im Leben eines Sicherheitsentscheiders… Dudarau Dzmitry | shutterstock.com Wenn es um Security-Budgets geht, dreht sich ein Großteil der (Online-)Diskussionen darum, wie man das “Board” für sich gewinnt und Investitionen rechtfertigt. Einige Ansätze basieren auf spezifisc…CSOONLINE.COM
7 Jan8 things CISOs can’t afford to get wrong in 2026Cybersecurity leaders have a lot to consider when trying to keep their organizations safe. But some things stand out more than others — or might be under the radar. As a new year dawns, here are some things CISOs should avoid falling short on in 2026. Get complacent about identit…CSOONLINE.COM
7 JanVeeam Backup Vulnerability Exposes Systems to Root-Level Remote Code ExecutionVeeam has released a critical security update for its Backup & Replication software to address multiple high-severity vulnerabilities. The most concerning of these flaws could allow attackers to execute remote code with root-level privileges, potentially…GBHACKERS.COM
7 JanBlack Cat Hacker Group Uses Fake Notepad++ Websites to Distribute Malware and Steal DataA sophisticated cyberattack campaign orchestrated by the notorious “Black Cat” criminal gang has been uncovered by CNCERT and Microstep Online, revealing a coordinated effort to compromise internet users through weaponized fake Notepad++ download websites. The operati…GBHACKERS.COM
7 JanHackers Exploit Routing Misconfigurations to Successfully Spoof OrganizationsCybercriminals are exploiting complex routing scenarios and misconfigured email authentication protections to successfully spoof organizational domains, enabling them to deliver phishing emails that appear to originate from within targeted companies. The attack vector, which has …GBHACKERS.COM
7 JanCISO Lessons from a Children’s Novel as Cybersecurity Outgrows IT and Building Talent - BSW #429Cyber threats and cyber criminals indiscriminately target the old as well as young regardless of race, creed or origin. Teens and young adults must realize that on the Internet nobody knows you’re a rat. How do we keep kids and young adults safe in an era of AI-driven attacks? To…YOUTUBE.COM
7 JanMicrosoft Warns Misconfigured Email Routing Can Enable Internal Domain PhishingThreat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations' domains and distribute emails that appear as if they have been sent internally. "Threat actors have leveraged this vector to deliver a wid…THEHACKERNEWS.COM
7 JanComplex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing AttacksThreat actors spoof legitimate domains to make their phishing emails appear to have been sent internally. The post Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
7 JanMicrosoft warns of a surge in phishing attacks exploiting email routing gapsMicrosoft’s Threat Intelligence team has disclosed that threat actors are increasingly exploiting complex email routing and misconfigured domain spoof protection to make phishing messages appear as if they were sent from inside the organizations they’re targeting. These campaigns…CSOONLINE.COM
7 JanCritical Dolby Vulnerability Patched in Android - SecurityWeeksubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/critical-dolby-vulnerability-patched-in-android/SH.ITJUST.WORKS
7 Jan KEVNew D-Link flaw in legacy DSL routers actively exploited in attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-d-link-flaw-in-legacy-dsl-routers-actively-exploited-in-attacks/SH.ITJUST.WORKS
7 JanHackers Exploit Zero-Day in Discontinued D-Link DevicesThe critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands. The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek .SECURITYWEEK.COM
7 JanNew Veeam vulnerabilities expose backup servers to RCE attacksVeeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability. [...]BLEEPINGCOMPUTER.COM
7 JanVeeam Backup Vulnerabilities Enable Remote Code Execution as Rootsubmitted by kid to cybersecurity 3 points | 0 comments https://cyberpress.org/veeam-backup-vulnerabilities-enable-remote-code-execution-as-root/SH.ITJUST.WORKS
7 JanVulnerability in Totolink Range Extender Allows Device TakeoverAn error in the firmware-upload handler leads to devices starting an unauthenticated root-level Telnet service. The post Vulnerability in Totolink Range Extender Allows Device Takeover appeared first on SecurityWeek .SECURITYWEEK.COM
7 JanHow to eliminate IT blind spots in the modern, AI-driven enterpriseThe more organizations lean on artificial intelligence (AI), spread workloads across different environments, and tie systems together, the harder it becomes for traditional security practices to present a complete picture of what’s going on. The result is a growing number of blin…CSOONLINE.COM
7 Jann8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versionssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/01/n8n-warns-of-cvss-100-rce-vulnerability.htmlSH.ITJUST.WORKS
7 JanMax severity Ni8mare flaw lets hackers hijack n8n serversA maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform. [...]BLEEPINGCOMPUTER.COM
7 JanChinese Hackers Use NFC-Enabled Android Malware to Steal Payment InformationChinese threat actors are conducting an aggressive campaign that distributes NFC-enabled Android malware capable of intercepting and remotely relaying payment card data via Telegram. Identified as “Ghost Tap” and linked to threat groups including TX-NFC and NFU Pay, t…GBHACKERS.COM
7 JanTOTOLINK EX200 Extender Flaw Allows Attackers Full System AccessA critical security flaw has been discovered in the TOTOLINK EX200 Wi-Fi extender that allows attackers to gain complete control over the device. The vulnerability involves a logic error in how the device handles failed firmware updates, inadvertently openin…GBHACKERS.COM
7 JanThreat Actors Exploit Google Cloud Services to Steal Microsoft 365 CredentialsA sophisticated phishing campaign is exploiting Google Cloud infrastructure to bypass email security filters and steal Microsoft 365 credentials, demonstrating how attackers increasingly abuse trusted cloud platforms to lend legitimacy to their malicious activities. Cybersecurity…GBHACKERS.COM
7 JanToddyCat Malware Exploits ProxyLogon to Compromise Microsoft Exchange ServersToddyCat, a sophisticated cyber-espionage threat group also known as Websiic and Storm-0247, has emerged as a significant risk to organizations across Europe and Asia. The group’s operations, which began in December 2020 by targeting Microsoft Exchange servers in Taiwan and…GBHACKERS.COM
7 JanCritical jsPDF flaw lets hackers steal secrets via generated PDFsThe jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by including it in generated files. [...]BLEEPINGCOMPUTER.COM
7 JanNew GoBruteforcer attack wave targets crypto, blockchain projectsA new wave of GoBruteforcer botnet malware attacks is targeting databases of cryptocurrency and blockchain projects on exposed servers believed to be configured using AI-generated examples. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 10[−]
7 JanAutomated data poisoning proposed as a solution for AI theft threatResearchers have developed a tool that they say can make stolen high-value proprietary data used in AI systems useless, a solution that CSOs may have to adopt to protect their sophisticated large language models (LLMs). The technique , created by researchers from universities in …CSOONLINE.COM
7 JanSedgwick Acknowledges Data Breach After TridentLocker Ransomware ClaimSedgwick has confirmed a cybersecurity incident at its government-focused subsidiary after the TridentLocker ransomware gang claimed responsibility for stealing 3.4 gigabytes of data. The breach highlights ongoing risks to federal contractors handling sensitive U.S. agency data. …GBHACKERS.COM
7 JanBlack Cat Behind SEO Poisoning Malware Campaign Targeting Popular Software SearchesA cybercrime gang known as Black Cat has been attributed to a search engine optimization (SEO) poisoning campaign that employs fraudulent sites advertising popular software to trick users into downloading a backdoor capable of stealing sensitive data. According to a report publis…THEHACKERNEWS.COM
🔥 INCIDENT REPORTING 11[−]
7 JanFür Cyberattacken gewappnet – Krisenkommunikation nach Planloading="lazy" width="400px"> Lesen Sie, welche Aspekte für einen Krisenkommunikationsplan entscheidend sind. Gorodenkoff – shutterstock.com Cyberangriffe fordern nicht nur CISOs in punkto Prävention und Krisenbewältigung heraus. Auch die Unternehmenskommunikation ist mit im Boot…CSOONLINE.COM
7 JanKimwolf Bot Strikes - "Routers Will Not Protect You"In this episode of Cybersecurity Today, host Jim Love discusses the latest in cybersecurity threats including the rapidly growing Kim Wolf botnet affecting millions of devices, the rising threats to file-sharing environments, and the intersection of cybercrime with physical suppl…CYBERSECURITYTODAY.LIBSYN.COM
7 JanWeekly Update 485Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite 15 mins and 40 seconds. That's how long it took to troubleshoot the first tech problem of 2026, and that's how far you'l…TROYHUNT.COM
7 JanMalicious Chrome Extension Leaks ChatGPT and DeepSeek Chats of 900,000 UsersOver 900,000 Chrome users have been compromised by two malicious extensions that secretly exfiltrate ChatGPT and DeepSeek conversations to attacker-controlled servers. Security researchers discovered the extensions impersonating the legitimate AITOPIA AI sidebar tool, with one ro…GBHACKERS.COM
7 JanownCloud urges users to enable MFA after credential theft reportsFile-sharing platform ownCloud warned users today to enable multi-factor authentication (MFA) to block attackers using compromised credentials from stealing their data. [...]BLEEPINGCOMPUTER.COM
7 JanChrome Extensions With 900,000 Downloads Caught Stealing AI ChatsImpersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating users’ browser activity. The post Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats appeared first on SecurityWeek .SECURITYWEEK.COM
7 JanNeue Ransomware-Bedrohung zielt auf deutsche UnternehmenDer Ransomware-Dienst Ransomhouse nutzt jetzt eine komplexe Dual-Schlüssel-Verschlüsselung und automatisierte Angriffe auf VMware ESXi. Suttipun – shutterstock.com Sicherheitsexperten haben kürzlich festgestellt, dass die Ransomware-Gruppe Jolly Scorpius ihren RaaS-(Ransomware as…CSOONLINE.COM
7 JanExplore the latest Microsoft Incident Response proactive services for enhanced resilienceThe new proactive services from Microsoft Incident Response turn security uncertainty into readiness with expert‑led preparation and advanced intelligence. The post Explore the latest Microsoft Incident Response proactive services for enhanced resilience appeared first on Microso…MICROSOFT.COM
7 JanHackers Claim to Disconnect Brightspeed Customers After Breach - Infosecurity Magazinesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/hackers-disconnect-brightspeed/SH.ITJUST.WORKS
7 JanCrazyHunter Ransomware Targets Healthcare Sector Using Sophisticated Evasion TacticsA sophisticated new ransomware variant, CrazyHunter, has emerged as a critical threat to the healthcare sector, employing advanced anti-malware evasion techniques and rapid network propagation that have security researchers deeply concerned. Trellix, which has been actively track…GBHACKERS.COM
7 JanLockBit 5.0 Unveils Advanced Encryption and Enhanced Anti-Analysis TechniquesLockBit has solidified its position as the most prolific ransomware-as-a-service (RaaS) operation globally, accounting for approximately 21% of all documented ransomware attacks in 2023, following its dominance of 30.25% during the 2021-2022 period. The emergence of LockBit 5.0 r…GBHACKERS.COM
🕵️ THREAT INTELLIGENCE 22[−]
7 JanISC Stormcast For Wednesday, January 7th, 2026 https://isc.sans.edu/podcastdetail/9756, (Wed, Jan 7th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
7 JanCourt Demands OpenAI Hand Over 20M Anonymized ChatGPT Chats in AI Copyright DisputeA federal judge has ordered OpenAI to turn over 20 million anonymized ChatGPT conversation logs in a major copyright lawsuit, rejecting the company’s arguments that privacy concerns should limit the disclosure. District Judge Sidney H. Stein upheld a ruling by Magistrate Ju…GBHACKERS.COM
7 JanHackers Create Fake DocuSign Login Page to Steal User CredentialsPhishing attacks continue to dominate the cybercrime landscape as threat actors refine their social engineering tactics to evade detection systems. The FBI’s Internet Crime Complaint Center (IC3) recorded 193,407 phishing and spoofing complaints in 2024, making it the year&…GBHACKERS.COM
7 JanHigh-Severity Flaw in Open WebUI Affects AI Connectionssubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/flaw-open-webui-affects-ai/SH.ITJUST.WORKS
7 JanHospitality Sector Hit By PHALT#BLYX ClickFix Malware Campaignsubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/phaltblyx-clickfix-malware/SH.ITJUST.WORKS
7 JanCoinbase insider who sold customer data to criminals arrested in Indiasubmitted by kid to cybersecurity 1 points | 0 comments https://www.bitdefender.com/en-us/blog/hotforsecurity/coinbase-insider-who-sold-customer-data-to-criminals-arrested-in-indiaSH.ITJUST.WORKS
7 JanThe Wegman’s Supermarket Chain Is Probably Using Facial RecognitionThe New York City Wegman’s is collecting biometric information about customers.SCHNEIER.COM
7 JanMicrosoft most spoofed brand in phishing attacks | Cybernewssubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/cybercrime/microsoft-most-spoofed-brand-in-phishing/SH.ITJUST.WORKS
7 JanCritical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Serverssubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2026/01/critical-adonisjs-bodyparser-flaw-cvss.htmlSH.ITJUST.WORKS
7 JanCybersecurity Firms Secured $14 Billion in Funding in 20252025 was the strongest year for cybersecurity funding since the 2021 peak, according to Pinpoint Search Group. The post Cybersecurity Firms Secured $14 Billion in Funding in 2025 appeared first on SecurityWeek .SECURITYWEEK.COM
7 JanUK Launches New Cyber Unit to Bolster Defences Against Cyber Threats - Infosecurity Magazinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/uk-launches-new-cyber-unit/SH.ITJUST.WORKS
7 JanSeveral Code Execution Flaws Patched in Veeam Backup & ReplicationFour vulnerabilities have been fixed in the latest release of Veeam Backup & Replication. The post Several Code Execution Flaws Patched in Veeam Backup & Replication appeared first on SecurityWeek .SECURITYWEEK.COM
7 JanYour Phone Remembers EverythingSmartphones track every move, storing all actions. Ignoring this can lead to privacy invasions. How aware are you of your digital footprint? Subscribe to our podcasts: https://securityweekly.com/subscribe #PrivacyMatters #SmartphoneTracking #DigitalFootprint #SecurityWeekly #Cybe…YOUTUBE.COM
7 JanThe Loudest Voices in Security Often Have the Least to LoseSecurity advice fails when it comes from those who don’t bear the consequences and won’t be responsible for making it work. The post The Loudest Voices in Security Often Have the Least to Lose appeared first on SecurityWeek .SECURITYWEEK.COM
7 JanIn 2026, Hackers Want AI: Threat Intel on Vibe Hacking & HackGPTCybercriminals are increasingly using AI to lower the barrier to entry for fraud and hacking, shifting from skill-based to AI-assisted attacks known as "vibe hacking." Flare examines how underground forums promote AI tools, jailbreak techniques, and so-called "Hacking-GPT" servic…BLEEPINGCOMPUTER.COM
7 JanEmbrace Your Unique EdgeEmbrace your individuality and find roles that respect your uniqueness. The industry needs diverse minds, not conformity. How can embracing your uniqueness lead to success in your field? Subscribe to our podcasts: https://securityweekly.com/subscribe #BeYourself #DiversityInTech …YOUTUBE.COM
7 JanGhost Tap Malware Fuels Surge in Remote NFC Payment Fraud - Infosecurity Magazinesubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/ghost-tap-malware-remote-nfc-fraud/SH.ITJUST.WORKS
7 JanHackers Using Malicious QR Codes for Phishing via HTML TableThreat actors are continuing to refine “quishing” phishing delivered through QR codes by shifting from traditional image-based payloads to “imageless” QR codes rendered directly in email HTML, a tactic designed to sidestep security tools that focus on decoding QR images. QR code …GBHACKERS.COM
7 JanWindows Packer pkr_mtsi Powers Widespread Malvertising Campaigns with Multiple MalwareA custom Windows packer dubbed pkr_mtsi is fueling large-scale malvertising and SEO‑poisoning campaigns that deliver a broad range of information‑stealing and remote‑access malware, according to new research. First observed in the wild on April 24, 2025, the packer remains active…GBHACKERS.COM
7 JanChinese Hackers Launch Ongoing Attacks on Taiwan’s Critical InfrastructureChina’s state-sponsored cyber operations against Taiwan have intensified dramatically, with threat actors launching an average of 2.63 million intrusion attempts daily targeting critical infrastructure across nine primary sectors, according to a newly released report from T…GBHACKERS.COM
7 JanNorth Korean Threat Actor Spreads Malware via QR CodesThe North Korean threat actor “Kimsuky” is using QR codes to trick users into installing malicious mobile apps, according to security researchers at ENKI. The phishing sites, which impersonate delivery services, inform users that the webpage cannot be viewed on a desktop.KNOWBE4.COM
7 JanAI: The New Threat to PrivacyAI can generate content that poses privacy risks. Ignoring this can lead to blackmail and extortion. How prepared are organizations to handle these threats? Subscribe to our podcasts: https://securityweekly.com/subscribe #AIThreat #PrivacyRisks #DigitalSecurity #SecurityWeekly #C…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
7 JanWebinar: Learn How AI-Powered Zero Trust Detects Attacks with No Files or IndicatorsSecurity teams are still catching malware. The problem is what they're not catching. More attacks today don't arrive as files. They don't drop binaries. They don't trigger classic alerts. Instead, they run quietly through tools that already exist inside the environment — scripts,…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
7 JanHow the World Got Owned Episode 1: The 1980sIn this special documentary episode, Patrick Gray and Amberleigh Jack take a historical dive into hacking in the 1980s. Through the words of those that were there, they discuss life on the ARPANET, the 414s hacking group, the Morris Worm, the vibe inside the NSA and a parallel hu…RISKY.BIZ
📡 INFOSEC NEWS 12[−]
7 JanA phishing campaign with QR codes rendered using an HTML table, (Wed, Jan 7th)Malicious use of QR codes has long been ubiquitous, both in the real world as well as in electronic communication. This is hardly surprising given that a scan of a QR code can lead one to a phishing page as easily as clicking a link in an e-mail.
ISC.SANS.EDU
7 JanUK announces plan to strengthen public sector cyber defensesThe United Kingdom has announced a new cybersecurity strategy, backed by more than £210 million ($283 million), to boost cyber defenses across government departments and the wider public sector. [...]BLEEPINGCOMPUTER.COM
7 JanThe Future of Cybersecurity Includes Non-Human EmployeesNon-human employees are becoming the future of cybersecurity, and enterprises need to prepare accordingly. As organizations scale Artificial Intelligence (AI) and cloud automation, there is exponential growth in Non-Human Identities (NHIs), including bots, AI agents, service acco…THEHACKERNEWS.COM
7 JanGoogle Search AI hallucinations push Google to hire "AI Answers Quality" engineersAI, including AI Overviews on Google Search, can hallucinate and often make up stuff or offer contradicting answers when asked in two different ways. [...]BLEEPINGCOMPUTER.COM
7 JanDigital Identities: Getting to Know the Verifiable Digital Credential EcosystemUnderstanding mDL credential formats Standards in the VDC Ecosystem In our first blog post in this series, we highlighted that VDCs can represent a wide range of credentials, from a driver’s license to a diploma to proof of age. The ability to use VDCs in a wide variety of use ca…NIST.GOV
7 JanMicrosoft: Classic Outlook bug prevents opening encrypted emailsMicrosoft has confirmed a known issue that prevents recipients from opening encrypted emails in classic Outlook. [...]BLEEPINGCOMPUTER.COM
7 JanLogitech Options+, G HUB macOS apps break after certificate expiresLogitech's Options+ and G Hub apps on macOS stopped working after their code-signing certificate expired, leaving users unable to launch them on Apple systems. [...]BLEEPINGCOMPUTER.COM
7 JanChatGPT is losing market share as Google Gemini gains groundNew data suggests that ChatGPT is losing its market share to Gemini on the web. It's unclear if Gemini is also gaining ground in the mobile space. [...]BLEEPINGCOMPUTER.COM
7 JanOpenAI says ChatGPT won't use your health information to train its modelsOpenAI is rolling out ChatGPT Health, which is a dedicated space for health conversations. Amidst privacy concerns, OpenAI said it won't use your health data. [...]BLEEPINGCOMPUTER.COM
7 JanWeekly Threat Bulletin – January 7th, 2026These are the top threats you should know about this week.F5.COM
7 JanGRU-Linked BlueDelta Evolves Credential HarvestingInsikt Group reveals how GRU-linked BlueDelta evolved credential-harvesting campaigns targeting government, energy, and research organizations across Europe and Eurasia.RECORDEDFUTURE.COM