IT Security News Daily Summary 2026-01-23

136 posts were published in the last hour

• 22:34 : US Judge Rules ICE Raids Require Judicial Warrants, Contradicting Secret ICE Memo
• 22:34 : Friday Squid Blogging: Giant Squid in the Star Trek Universe
• 22:34 : Patch or die: VMware vCenter Server bug fixed in 2024 under attack today
• 22:34 : Can managing NHIs keep companies ahead in cybersecurity?
• 22:34 : How proactive can Agentic AI be in threat detection?
• 22:34 : Can AI manage compliance requirements efficiently?
• 22:34 : How do NHIs empower agile cybersecurity strategies?
• 22:4 : 149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online
• 22:4 : Data Leak Exposes 149M Logins, Including Gmail, Facebook
• 22:4 : NDSS 2025 – WAVEN: WebAssembly Memory Virtualization For Enclaves
• 22:4 : AWS achieves 2025 C5 Type 2 attestation report with 183 services in scope
• 21:31 : Secure AI Architecture for Payments: From Risk Signals to Real-Time Decisions
• 21:4 : Surrender as a service: Microsoft unlocks BitLocker for feds
• 21:4 : AWS renews the GSMA SAS-SM certification for two AWS Regions and expands to cover four new Regions
• 20:34 : Researchers say Russian government hackers were behind attempted Poland power outage
• 20:5 : IT Security News Hourly Summary 2026-01-23 21h : 7 posts
• 20:3 : Threat Actors Weaponizes LNK File to Deploy MoonPeak Malware Attacking Windows Systems
• 20:3 : 20,000 WordPress Sites Affected by Backdoor Vulnerability Allowing Malicious Admin User Creation
• 19:34 : Fortinet warns of active FortiCloud SSO bypass affecting updated devices
• 19:34 : Exploring common centralized and decentralized approaches to secrets management
• 19:13 : News brief: Email scams highlight need for employee vigilance
• 19:13 : Fake Captcha Ecosystem Exploits Trusted Web Infrastructure to Deliver Malware
• 19:13 : ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs
• 18:34 : Randall Munroe’s XKCD ‘Truly Universal Outlet’
• 18:34 : WhatsApp Bug Leads to Exposure of User Metadata
• 18:9 : Salt Security Expands “Universal Visibility” with Specialized API Security for Databricks and Rapid Edge Support for Netlify
• 17:34 : CBP Wants AI-Powered ‘Quantum Sensors’ for Finding Fentanyl in Cars
• 17:34 : Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects’ laptops: Reports
• 17:34 : AI-powered cyberattack kits are ‘just a matter of time,’ warns Google exec
• 17:7 : Venezuelan Nationals Face Deportation After Multi State ATM Jackpotting Scheme
• 17:5 : IT Security News Hourly Summary 2026-01-23 18h : 9 posts
• 16:32 : Cyberattack Targeting Poland’s Energy Grid Used a Wiper
• 16:32 : Product Categories for Technologies That Use Post-Quantum Cryptography Standards
• 16:32 : MacSync macOS Infostealer Leverage ClickFix-style Attack to Trick Users Pasting a Single Terminal Command
• 16:32 : Spammers abuse Zendesk to flood inboxes with legitimate-looking emails, but why?
• 16:32 : The New Rules of Cyber Resilience in an AI-Driven Threat Landscape
• 16:7 : Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects’ laptops: reports
• 16:7 : Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks
• 16:6 : CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
• 16:6 : NIST is rethinking its role in analyzing software vulnerabilities
• 15:34 : Wordfence Bug Bounty Program Monthly Report – December 2025
• 15:34 : Securing AI/ML Workloads in the Cloud: Integrating DevSecOps with MLOps
• 15:34 : Critical Vulnerabilities and Phishing Campaigns Dominate Cybersecurity Headlines
• 15:34 : From Incident to Insight: How Forensic Recovery Drives Adaptive Cyber Resilience
• 15:34 : Cyber Briefing: 2026.01.23
• 15:7 : Why Asia’s Public Sector Is Rethinking Cyber Resilience
• 15:7 : Akamai Block Storage Makes Block Disk Encryption the Default in Terraform
• 15:7 : CISA Updates KEV Catalog with 4 Critical Vulnerabilities Following Ongoing Exploits
• 15:7 : 20,000 WordPress Sites Compromised by Backdoor Vulnerability Enabling Malicious Admin Access
• 15:7 : Fake Captcha Exploits Trusted Web Infrastructure to Distribute Malware
• 15:7 : TrustAsia Pulls 143 Certificates Following Critical LiteSSL ACME Vulnerability
• 15:7 : Fortinet Confirms Active Exploitation of FortiCloud SSO Bypass Vulnerability
• 15:7 : Okta Uncovers Custom Phishing Kits Built for Vishing Callers
• 15:7 : Fortinet Firewalls Targeted as Attackers Bypass Patch for Critical FortiGate Flaw
• 15:7 : NHS Issues Open Letter Demanding Improved Cybersecurity Standards from Suppliers
• 15:7 : Everest Ransomware Hits Under Armour
• 15:7 : Europe GDPR Fines Hit 1.2B Euros
• 15:7 : Saga Falls Victim To DeFi Hack
• 15:6 : UK Launches New Report Fraud Service
• 15:6 : eBay Bans Illicit Automated Shopping
• 14:36 : Building Cyber Readiness Early: Why Youth Education Is a Security Imperative
• 14:36 : Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Seconds
• 14:36 : Top 10 Best Data Security Companies in 2026
• 14:9 : In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice
• 14:9 : Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices
• 14:9 : Teaching Cyber: Building the Bridge Between Education and Industry
• 14:5 : IT Security News Hourly Summary 2026-01-23 15h : 12 posts
• 13:34 : Phishers Abuse SharePoint in New Campaign Targeting Energy Sector
• 13:34 : Kimwolf Botnet Hijacks 1.8M Android Devices for DDoS Chaos
• 13:7 : New Watering Hole Attacking EmEditor User with Stealer Malware
• 13:7 : 76 Zero-day Vulnerabilities Uncovered by Hackers on Pwn2Own Automotive 2026
• 13:7 : Microsoft to Add Brand Impersonation Protection Warning to Teams Calls
• 13:7 : Node.js Updated HackerOne Program to Require a Signal of 1.0 or Higher to Submit Vulnerability Reports
• 13:7 : New Phishing Kit As-a-service Attacking Google, Microsoft, and Okta Users
• 13:7 : Fortinet admits FortiGate SSO bug still exploitable despite December patch
• 13:7 : Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements
• 13:7 : The 2025 Phishing Surge Proved One Thing: Chasing Doesn’t Work
• 13:7 : Okta users under attack: Modern phishing kits are turbocharging vishing attacks
• 13:7 : Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
• 12:32 : ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment
• 12:32 : U.S. CISA adds Prettier eslint-config-prettier, Vite Vitejs, Versa Concerto SD-WAN orchestration platform, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
• 12:32 : More than half of former UK employees still have access to company spreadsheets, study finds
• 12:32 : Under Armour Looking Into Data Breach Affecting Customers’ Email Addresses
• 12:32 : Mass Data, Mass Surveillance, and the Erosion of Particularity: The Fourth Amendment in the Age of Geofence Warrants and Artificial Intelligence
• 12:32 : AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
• 12:31 : Under Armour Investigates Data Breach After 72 Million Records Allegedly Exposed
• 12:5 : HPE Alletra and Nimble Storage Vulnerability Grants Admin Access to Remote Attacker
• 12:5 : TrustAsia Revoked 143 Certificates Following LiteSSL ACME Service Vulnerability
• 12:5 : New Windows Notepad and Paint Update Brings More Useful AI Features
• 12:5 : Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026
• 12:5 : Organizations Warned of Exploited Zimbra Collaboration Vulnerability
• 12:4 : 10 Questions Enterprise Leaders Should Ask Before Running a Red Teaming Exercise
• 12:4 : 1Password targets AI-driven phishing with built-in prevention
• 12:4 : Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
• 12:4 : TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order
• 11:34 : 149 Million Usernames and Passwords Exposed by Unsecured Database
• 11:7 : Hackers Disable Windows Security With New Malware Attack
• 11:7 : London boroughs limping back online months after cyberattack
• 11:7 : Fresh SmarterMail Flaw Exploited for Admin Access
• 11:5 : IT Security News Hourly Summary 2026-01-23 12h : 3 posts
• 10:38 : Elastic Agent Builder expands how developers build production-ready AI agents
• 10:38 : Raspberry Pi now offers a branded USB flash drive, starts at $30
• 10:5 : Ring now lets users verify whether videos have been altered
• 9:34 : Amazon Expected To Cut 14,000 More Corporate Jobs
• 9:34 : Common Apple Pay scams, and how to stay safe
• 9:34 : Investigation underway after 72M Under Armour records surface online
• 9:34 : Marching orders delayed: Veterans’ Digital ID off to a slow start
• 9:34 : 2 Venezuelans Convicted in US for Using Malware to Hack ATMs
• 9:13 : Court Approves Challenge To Mega-Scale London Data Centre
• 9:13 : Nike Allegedly Hacked by WorldLeaks Ransomware Group
• 9:13 : North Korean Hackers Adopted AI to Generate Malware Attacking Developers and Engineering Teams
• 9:13 : Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
• 8:34 : Intel Warns Of Supply-Chain Shortages
• 8:33 : Multi-stage SharePoint attack, SmarterMail bypass flaw, AI worries Davos
• 8:13 : Judge Dismisses Parts Of Apple Privacy Case
• 8:13 : Someone Is Impersonating Me on Instagram — and Meta Doesn’t Give a Sh*t
• 8:5 : IT Security News Hourly Summary 2026-01-23 09h : 4 posts
• 7:31 : One-time SMS links that never expire can expose personal data for years
• 7:31 : iboss unveils AI-powered SSPM capability to reduce SaaS risk
• 7:13 : Digital Identity Fatigue: Too Many Logins, Too Little Control
• 7:13 : New Windows 11 KB5074109 Update Breaks Systems – Microsoft Asks Users to Remove Update
• 6:34 : More employees get AI tools, fewer rely on them at work
• 6:34 : One-time SMS links that never expire are exposing personal data for years
• 6:15 : Agentic AI edges closer to everyday production use
• 5:31 : Microsoft introduces winapp, an open-source CLI for building Windows apps
• 5:31 : 11 Year Old LInux Bug Allows Root Access
• 5:5 : ZAP Releases OWASP PenTest Kit Browser Extension for Application Security Testing
• 5:5 : New infosec products of the week: January 23, 2026
• 2:13 : ISC Stormcast For Friday, January 23rd, 2026 https://isc.sans.edu/podcastdetail/9778, (Fri, Jan 23rd)
• 23:34 : Crims hit the easy button for Scattered-Spider style helpdesk scams
• 23:34 : How do AI secrets ensure cloud security?
• 23:34 : What makes AI in cybersecurity reliable?
• 23:34 : Why invest in advanced NHIs management?
• 23:34 : How to scale NHIs safely and efficiently?
• 23:5 : IT Security News Hourly Summary 2026-01-23 00h : 1 posts
• 22:55 : IT Security News Daily Summary 2026-01-22