IT Security News Daily Summary 2026-01-28

179 posts were published in the last hour

• 22:36 : Akamai Named a 2026 Gartner Peer Insights™ Customers’ Choice for Network Security
• 22:4 : No Place Like Home Network: Disrupting the World’s Largest Residential Proxy Network
• 22:4 : ICE Is Using Palantir’s AI Tools to Sort Through Tips
• 22:4 : AI security startup Outtake raises $40M from Iconiq, Satya Nadella, Bill Ackman, and other big names
• 21:32 : Federal Cyber Agencies Withdraw From RSAC Raising Collaboration Concerns
• 21:31 : AI security startup Outtake raises $40M from Iconiq, Satya Nadella, Bill Ackman and other big names
• 21:31 : Ransomware crims forced to take off-RAMP as FBI seizes forum
• 21:11 : 50+ Ransomware Statistics Vital for Security in 2026
• 21:11 : 17 WhatsApp Scams to Know in 2026 + Tips to Stay Safe
• 21:11 : Here’s the Company That Sold DHS ICE’s Notorious Face Recognition App
• 21:11 : Radware Acquires Pynt to Add API Security Testing Tool
• 21:11 : Government’s new approach to software security oversight could complicate things for vendors
• 20:36 : OpenSSL Vulnerabilities Cause Risk of Remote Code Execution
• 20:36 : Here’s the Company That Sold DHS ICE’s Notorious Face Recognition App
• 20:36 : U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
• 20:11 : AI-Powered DevSecOps: Automating Security with Machine Learning Tools
• 20:11 : WhatsApp Adds One-Tap Security Settings for Added Privacy
• 20:11 : $95M Payout: Apple Begins Compensating Users in Siri Eavesdropping Case
• 20:11 : When MFA Fails Quietly: Inside the Rise of AiTM Phishing Attacks
• 20:11 : Student Data at Risk: What the Victoria Education Breach Exposes About Public Sector Security
• 20:11 : SSO vs. Federated Identity Management: A Guide
• 20:11 : Survey Surfaces Lots of Room for DevSecOps Improvement
• 20:5 : IT Security News Hourly Summary 2026-01-28 21h : 1 posts
• 19:38 : 2026 Public Sector Cyber Outlook: Identity, AI and the Fight for Trust
• 19:4 : Everybody is WinRAR phishing, dropping RATs as fast as lightning
• 18:32 : Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858
• 18:32 : 31 More Charged in Massive ATM Jackpotting Scheme Linked to Tren de Aragua Gang
• 18:31 : Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
• 18:7 : How to Actually Read Your Business Data for Better Cybersecurity (Without Going Cross-Eyed)
• 18:7 : Zero Trust for Agents: Implementing Context Lineage in the Enterprise Data Mesh
• 18:7 : Fortinet Confirms CVE-2026-24858 SSO Flaw Under Active Attack
• 18:7 : Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
• 17:32 : Russian Cybercrime Platform RAMP Forum Seized by FBI
• 17:32 : Threat Actors Leverage Real Enterprise Email Threads to Deliver Phishing Links
• 17:32 : Some ChatGPT Browser Extensions Are Putting User Accounts at Risk
• 17:31 : Corporate workers lean on shadow AI to enhance speed
• 17:5 : IT Security News Hourly Summary 2026-01-28 18h : 20 posts
• 17:2 : Russian Cybercrime Platform RAMP Forum Seized by Feds
• 17:2 : CVE-2025-56005: Python PLY Flaw Enables Remote Code Execution
• 17:2 : NDSS 2025 – Iris: Dynamic Privacy Preserving Search In Authenticated Chord Peer-To-Peer Networks
• 17:2 : Autonomous System Uncovers Long-Standing OpenSSL Flaws
• 17:2 : AI tools break quickly, underscoring need for governance
• 17:2 : Corporate workers willing to use shadow AI to enhance speed
• 16:36 : Fortinet unearths another critical bug as SSO accounts borked post-patch
• 16:36 : Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858)
• 16:36 : Check Point Harmony SASE Windows Client Vulnerability Enables Privilege Escalation
• 16:36 : ZAP JavaScript Engine Memory Leak Issue Impacts Active Scan Usage
• 16:36 : Gemini MCP Tool 0-day Vulnerability Allows Remote Attackers to Execute Arbitrary Code
• 16:36 : TP-Link Archer Vulnerability Let Attackers Take Control Over the Router
• 16:36 : Cyber Insights 2026: Offensive Security; Where It Is and Where It’s Going
• 16:36 : AI tools break quickly and in serious ways, underscoring need for governance
• 16:11 : Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop?, (Wed, Jan 28th)
• 16:11 : Hackers Still Using Patched WinRAR Flaw for Malware Drops, Warns Google
• 16:11 : Build Practical Cyber Defense Skills with This 5-Course Bundle
• 16:11 : React Server Components Flaws Enable DoS Attacks
• 16:11 : VaynerX Engages Keeper Security to Standardise Credential Security Globally
• 16:11 : Critical and High Severity n8n Sandbox Flaws Allow RCE
• 15:32 : Trump’s acting cybersecurity chief uploaded sensitive government docs to ChatGPT
• 15:32 : Indonesia Temporarily Blocks Grok After AI Deepfake Misuse Sparks Outrage
• 15:32 : Cybercriminals Report Monetizing Stolen Data From US Medical Company
• 15:31 : Threat Actors Target Misconfigured Proxies for Paid LLM Access
• 15:31 : Cyber Briefing: 2026.01.28
• 15:12 : Attack Against Poland’s Grid Disrupted Communication Devices at About 30 Sites
• 15:12 : Critical IDIS IP Camera Vulnerability Allows Full Computer Compromise with One-Click Exploit
• 15:12 : Cybercriminals Leverage AI-Generated Malicious Job Offers to Spread PureRAT Malware
• 15:12 : Gemini MCP Tool 0-Day Vulnerability Exposes Systems to Remote Code Execution
• 15:12 : eSkimming Attacks Surge with Evolving Tactics and Ongoing Recovery Challenges
• 15:12 : Cal.com Broken Access Controls Lead to Account Takeover and Data Exposure
• 15:12 : My close call with an adoption scam and the red flags to watch for
• 15:12 : LayerX Finds Malicious ChatGPT Extensions Hijack User Accounts
• 15:12 : The conference where founders scale: TechCrunch Founder Summit 2026 tickets are now live at the lowest prices
• 15:12 : Data Privacy Day and Change Your Password Day
• 15:11 : Malicious Chrome extensions can spy on your ChatGPT chats
• 15:11 : Cyber Insights 2026: Offensive Security; Where It is and Where Its Going
• 15:11 : Veracode’s platform enhancements help prevent software supply chain attacks
• 15:11 : WinRAR vulnerability still a go-to tool for hackers, Mandiant warns
• 15:11 : Ransomware Attack Hits Winona County
• 15:11 : London Cyber Attack Delays Home Sales
• 15:11 : Ex CEO Allegedly Hijacked Company Domain
• 15:11 : More Charged In Ploutus ATM Scheme
• 15:11 : Hackers Blackmail Best Buy Employee
• 14:32 : Smarter Security, Smaller Teams: Building Resilience with Limited Resources
• 14:32 : Unveiling the Weaponized Web Shell EncystPHP
• 14:32 : Mesh Security Raises $12 Million for CSMA Platform
• 14:32 : Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
• 14:7 : GoTo Resolve Tool’s Background Activities Compared to Ransomware Tactics
• 14:7 : The Trends Defining Cyber Security in 2026: Cyber Security Report 2026
• 14:7 : Why We Can’t Let AI Take the Wheel of Cyber Defense
• 14:7 : Feds Take Their Ball and Go Home From RSAC Conference
• 14:5 : IT Security News Hourly Summary 2026-01-28 15h : 13 posts
• 13:36 : Web Application Security Best Practices: Best Practices for Securing Web Applications
• 13:36 : GoTo Resolve Activities Compared to Ransomware Tactics
• 13:36 : SoundCloud Data Breach Exposes 29.8 Million Personal users Details
• 13:36 : Old Windows quirks help punch through new admin defenses
• 13:36 : Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach
• 13:36 : MIND DLP for Agentic AI protects sensitive data and controls AI access
• 13:36 : Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks
• 13:36 : From Triage to Threat Hunts: How AI Accelerates SecOps
• 13:36 : Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution
• 13:15 : GoTo Resolve Flagged for Silent Access, Abuse Linked to Ransomware Tactics
• 13:15 : WhatsApp rolls out new protections against advanced exploits and spyware
• 13:15 : Trust At Scale: The Commons, Threats, and AI in the Loop | Sonatype
• 13:15 : Rein Security launches to provide protection inside application production environments
• 12:34 : 6 Best VPN Services (2026), Tested and Reviewed
• 12:34 : Why “Platform Consolidation” Often Increases Risk Instead of Reducing It
• 12:34 : AI Security Threats Loom as Enterprise Usage Jumps 91%
• 12:34 : Emojis in PureRAT’s Code Point to AI-Generated Malware Campaign
• 12:34 : Blue Team Handbook: Incident Response Edition
• 12:9 : Trump’s Acting Cyber Chief Allegedly Leaked Data to ChatGPT
• 12:9 : Nike Investigating Data Breach Following WorldLeaks Ransomware Group Claim
• 12:9 : Fortinet Confirms Critical FortiCloud SSO Vulnerability(CVE-2026-24858) Actively Exploited in the Wild
• 12:9 : Chrome Security Update Patches Background Fetch API Vulnerability
• 11:11 : Phantom Malware in Android Game Mods Hijacks Devices for Ad Fraud
• 11:11 : Best IT Managed Services for Large Enterprises
• 11:11 : Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
• 11:11 : Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
• 11:11 : Password Reuse in Disguise: An Often-Missed Risky Workaround
• 11:11 : Chinese Money Launderers Drive Global Ecosystem Worth $82bn
• 11:11 : Researchers Uncover 454,000+ Malicious Open Source Packages
• 11:5 : IT Security News Hourly Summary 2026-01-28 12h : 7 posts
• 10:36 : Anthropic Raising $20bn At $350bn Valuation
• 10:36 : WhatsApp Boosts Account Security for At-Risk Individuals
• 10:36 : French government abandons Zoom and Microsoft Teams over security concerns
• 10:36 : n8n adds Chat Hub to centralize AI access inside automation workflows
• 10:14 : Samsung TriFold Comes To US Market, At A Cost
• 10:14 : Android Phones Get AI-Powered Anti-Theft Features
• 10:14 : McAfee upgrades Scam Detector to spot QR code scams and suspicious messages
• 9:32 : UK To Spend £36m For AI Supercomputer Upgrade
• 9:32 : PackageGate bugs let attackers bypass protections in NPM, PNPM, VLT, and Bun
• 9:32 : Fake CAPTCHA Attack Leverages Microsoft Application Virtualization (App-V) to Deploy Malware
• 9:32 : Chinese National Jailed to 46 Months for Laundering Millions of Dollars Stolen from American Investors
• 9:32 : WhatsApp Denies Lawsuit Claim and Confirms Messages are Device-encrypted and Private
• 9:32 : APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability
• 9:32 : US Charges 31 More Defendants in Massive ATM Hacking Probe
• 9:31 : Fortinet expands FortiCNAPP with network, data, and runtime-aware risk prioritization
• 9:31 : Cloudbrink adds AI innovations to its platform to protect agents, apps, and data
• 9:9 : TikTok Settles California Social Media Lawsuit
• 9:9 : Volante’s Multi-cloud Resiliency Service keeps payments running during cloud outages
• 9:9 : Yubico extends hardware passkey deployment options
• 9:9 : Teleport’s Agentic Identity Framework protects AI agents in production environments
• 8:32 : TikTok US Denies Widespread Reports Of Censorship
• 8:32 : Drowning in spam or scam emails? Here’s probably why
• 8:32 : Fortinet Patches Exploited FortiCloud SSO Authentication Bypass
• 8:32 : Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems
• 8:32 : WhatsApp rolls out new security feature to protect users from sophisticated attacks
• 8:32 : Pondurance RansomSnare blocks file encryption and data exfiltration
• 8:32 : US cyber chief uploaded sensitive files into public ChatGPT, Vibe-coded ‘Sicarii’ ransomware can’t be decrypted, WhatsApp account feature combats spyware
• 8:5 : Report Of High-Level UK China Hack Questioned
• 8:5 : Critical OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code
• 8:5 : Fortinet Disables FortiCloud SSO Following 0-day Vulnerability Exploited in the Wild
• 8:5 : 16 Malicious Chrome Extensions as ChatGPT Enhancements Steals ChatGPT Logins
• 8:5 : IT Security News Hourly Summary 2026-01-28 09h : 7 posts
• 8:5 : HoneyMyte Hacker Group Updates CoolClient Malware to Deploy Browser Login Data Stealer
• 8:4 : WhatsApp New Strict Account Settings Option to Protect Your Account from Hackers
• 8:4 : High-Severity Remote Code Execution Vulnerability Patched in OpenSSL
• 7:31 : Another Credential Leak, Another Dollar
• 7:31 : Android just got smarter at stopping snatch-and-run phone thefts
• 7:31 : WhatsApp Introduces High-Security Mode for Users Facing Advanced Threats
• 7:13 : CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
• 6:32 : Google Warns of WinRAR Vulnerability Exploited to Gain Control Over Windows System
• 6:32 : OpenSSL Vulnerabilities Allow Remote Attackers to Execute Malicious Code
• 6:13 : Microsoft Issues Emergency Patch for Actively Exploited Office Zero-Day (CVE-2026-21509)
• 6:13 : Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom
• 5:34 : Audits for AI systems that keep changing
• 5:34 : Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions
• 5:34 : Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
• 5:34 : What’s App Privacy Lawsuit
• 5:5 : IT Security News Hourly Summary 2026-01-28 06h : 5 posts
• 4:34 : Cryptographic Agility for Contextual AI Resource Governance
• 4:9 : How does Agentic AI reduce risks in digital environments?
• 4:9 : Can compliance automation keep regulators satisfied?
• 4:9 : How does AI enhance visibility in secrets management?
• 4:9 : How improved can compliance be with AI integration?
• 2:9 : ISC Stormcast For Wednesday, January 28th, 2026 https://isc.sans.edu/podcastdetail/9784, (Wed, Jan 28th)
• 2:9 : Critical Vulnerability in VM2 Sandbox Library for Node.js Let Attackers run Untrusted Code
• 0:36 : Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
• 23:5 : IT Security News Hourly Summary 2026-01-28 00h : 3 posts
• 23:4 : Introducing Palo Alto Networks Quantum-Safe Security
• 22:55 : IT Security News Daily Summary 2026-01-27