π¨ SolarWinds patches unauthenticated RCE paths β https://thehackernews.com/2026/01/solarwinds-fixes-four-critical-web-help.html
Four critical Web Help Desk bugs let attackers skip login, run code.
Deserialization + auth bypass chained. Update closes it.
Four critical Web Help Desk bugs let attackers skip login, run code.
Deserialization + auth bypass chained. Update closes it.
π₯5π4π3
π¨ Fake ChatGPT Chrome add-on stole 459+ API keys: https://thehackernews.com/2026/01/weekly-recap-firewall-flaws-ai-built.html#:~:text=Malicious%20Chrome%20Extensions%20Steal%20OpenAI%20API%20Keys%20and%20User%20Prompts
Keys sent to Telegram after logout or chat delete.
Hidden Google access raised the real stakes.
Keys sent to Telegram after logout or chat delete.
Hidden Google access raised the real stakes.
π13π5π±5
ππ‘οΈ Poor threat intel drives downtime and analyst burnout in modern SOCs.
Fresh, validated feeds shorten MTTD/MTTR and reduce false positives at scale.
Full details: https://thehackernews.com/2026/01/3-decisions-cisos-need-to-make-to.html
Fresh, validated feeds shorten MTTD/MTTR and reduce false positives at scale.
Full details: https://thehackernews.com/2026/01/3-decisions-cisos-need-to-make-to.html
π9
π₯ This weekβs ThreatsDay tracks exploits, ransomware trends, crypto laundering, and phishing operations.
Patterns point to scale and repetition, not one-off incidents, across platforms teams already trust.
Full details β‘οΈ https://thehackernews.com/2026/01/threatsday-bulletin-new-rces-darknet.html
Patterns point to scale and repetition, not one-off incidents, across platforms teams already trust.
Full details β‘οΈ https://thehackernews.com/2026/01/threatsday-bulletin-new-rces-darknet.html
π₯9
π Too many security tools. Not enough visibility.
If your asset inventory lives in spreadsheets π, alerts lack context π¨, and remediation drags on β³, CTEM might be overdue.
This CTEM Readiness Checklist highlights 8 signs itβs time to move from firefighting to prevention with Axonius as the foundation for complete asset intelligence.
Worth a quick read if exposure management is on your radar π β https://thn.news/ctem-readiness-checklist
If your asset inventory lives in spreadsheets π, alerts lack context π¨, and remediation drags on β³, CTEM might be overdue.
This CTEM Readiness Checklist highlights 8 signs itβs time to move from firefighting to prevention with Axonius as the foundation for complete asset intelligence.
Worth a quick read if exposure management is on your radar π β https://thn.news/ctem-readiness-checklist
π4
π‘οΈ OMICRON uncovers widespread OT vulnerabilities in substations and power plants.
Most issues surfaced within 30 minutes, showing systemic visibility and governance failures.
Detection at network level is now baseline, not optional.
Full details: https://thehackernews.com/2026/01/survey-of-100-energy-systems-reveals.html
Most issues surfaced within 30 minutes, showing systemic visibility and governance failures.
Detection at network level is now baseline, not optional.
Full details: https://thehackernews.com/2026/01/survey-of-100-energy-systems-reveals.html
π6
β οΈ Researchers map 175K publicly exposed Ollama LLM servers worldwide.
Tool-calling turns exposed AI into a highest-severity execution risk.
Full details: https://thehackernews.com/2026/01/researchers-find-175000-publicly.html
Tool-calling turns exposed AI into a highest-severity execution risk.
Full details: https://thehackernews.com/2026/01/researchers-find-175000-publicly.html
π₯13β‘2
π WARNING: Ivanti fixes exploited EPMM zero-days with CVSS 9.8 severity.
Exploits enable code execution, persistence, and access to sensitive device data.
Federal agencies face KEV deadlines; temporary patches donβt persist across upgrades.
Read β https://thehackernews.com/2026/01/two-ivanti-epmm-zero-day-rce-flaws.html
Exploits enable code execution, persistence, and access to sensitive device data.
Federal agencies face KEV deadlines; temporary patches donβt persist across upgrades.
Read β https://thehackernews.com/2026/01/two-ivanti-epmm-zero-day-rce-flaws.html
π7β‘4
β οΈ SmarterMail fixed a critical unauthenticated RCE in its email server software.
The flaw, CVE-2026-24423 (CVSS 9.3), lets attackers execute OS commands via a crafted remote server. It affects builds before 9511.
π Fixed builds and attack mechanics β https://thehackernews.com/2026/01/smartermail-fixes-critical.html
The flaw, CVE-2026-24423 (CVSS 9.3), lets attackers execute OS commands via a crafted remote server. It affects builds before 9511.
π Fixed builds and attack mechanics β https://thehackernews.com/2026/01/smartermail-fixes-critical.html
π5
A U.S. jury convicted a former Google engineer of stealing AI trade secrets for China.
Prosecutors said 2,000+ internal documents were taken to help build a China-based startup while he was still employed.
The case shows how AI infrastructure is now treated as a national security issue.
π Details β https://thehackernews.com/2026/01/ex-google-engineer-convicted-for.html
Prosecutors said 2,000+ internal documents were taken to help build a China-based startup while he was still employed.
The case shows how AI infrastructure is now treated as a national security issue.
π Details β https://thehackernews.com/2026/01/ex-google-engineer-convicted-for.html
π₯8β‘7π3π€2
The FBI has seized the RAMP cybercrime forum, shutting down its Tor site and clearnet domain with DOJ coordination.
Threat actors are already migrating to other platforms, underscoring how fast the underground re-forms after takedowns.
π Read β https://thehackernews.com/2026/01/threatsday-bulletin-new-rces-darknet.html#major-cybercrime-forum-takedown
Threat actors are already migrating to other platforms, underscoring how fast the underground re-forms after takedowns.
π Read β https://thehackernews.com/2026/01/threatsday-bulletin-new-rces-darknet.html#major-cybercrime-forum-takedown
π13π±9π₯6
π Cybercrime enforcement follows clear patterns. A new analysis maps 418 confirmed actions worldwide from 2021β2025, showing where arrests, takedowns, and sanctions are focused.
The U.S. and Europe lead, with private companies playing a growing support role.
π How cybercrime is being targeted worldwide β https://thehackernews.com/2026/01/badges-bytes-and-blackmail.html
The U.S. and Europe lead, with private companies playing a growing support role.
π How cybercrime is being targeted worldwide β https://thehackernews.com/2026/01/badges-bytes-and-blackmail.html
π₯5π±3
China-linked UAT-8099 targets IIS servers in Asia using BadIIS SEO malware.
The group broke into vulnerable IIS servers, mainly in Thailand and Vietnam, using web shells and PowerShell. The aim remains SEO fraud, now tuned by region.
π Read β https://thehackernews.com/2026/01/china-linked-uat-8099-targets-iis.html
The group broke into vulnerable IIS servers, mainly in Thailand and Vietnam, using web shells and PowerShell. The aim remains SEO fraud, now tuned by region.
π Read β https://thehackernews.com/2026/01/china-linked-uat-8099-targets-iis.html
π₯6π±3π2π1π€―1
π Chrome extensions are being abused at scale.
Researchers uncovered tools that hijack affiliate links, scrape shopping data, steal ChatGPT login tokens, and even deliver phishing pagesβwhile passing official store reviews.
π Learn more about the affiliate fraud, AI token theft, and the browser as attack surface β https://thehackernews.com/2026/01/researchers-uncover-chrome-extensions.html
Researchers uncovered tools that hijack affiliate links, scrape shopping data, steal ChatGPT login tokens, and even deliver phishing pagesβwhile passing official store reviews.
π Learn more about the affiliate fraud, AI token theft, and the browser as attack surface β https://thehackernews.com/2026/01/researchers-uncover-chrome-extensions.html
π8π5π±4