IT Security News Daily Summary 2026-01-09

156 posts were published in the last hour

• 22:8 : Cyber Resilience Act: Key Steps, Compliance Challenges, and Practical Guidance
• 22:8 : 2026-01-09: VIP Recovery infection from email attachment
• 22:8 : Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast
• 22:8 : Cyberattacks On Law Firms Are on The Rise. Here’s What Firms Need To Know.
• 22:8 : Cyber Geopolitics Establishing a “War-Mode” Incident Response Policy for Nation-State Conflict
• 22:8 : Against Democratizing AI (In The Workplace)
• 22:8 : Threat Intelligence: A New Layer to File Transfer Security
• 22:7 : Securing Our Water Systems: Check Point’s Perspective on the EPA’s New Cybersecurity Procurement Checklist
• 21:31 : NDSS 2025 – GhostShot: Manipulating The Image Of CCD Cameras With Electromagnetic Interference
• 21:9 : Why Encryption Alone Is Not Enough in Cloud Security
• 21:9 : How hackers are fighting back against ICE surveillance tech
• 21:9 : How to create an incident response playbook
• 20:31 : Why AI-Powered Cyber Defense Is No Longer Optional for Modern Businesses
• 20:31 : Ghost Tapped Turns Android Phones Into Fraud Payment Relays
• 20:7 : MAESTRO Toolkit Exploiting VMware VM Escape Vulnerabilities
• 20:7 : Beyond “Is Your SOC AI Ready?” Plan the Journey!
• 20:5 : IT Security News Hourly Summary 2026-01-09 21h : 6 posts
• 19:32 : AI Deployments Targeted in 91,000+ Attack Sessions
• 19:32 : How OffSec Maps Cybersecurity Training to Industry Frameworks
• 19:32 : Offensive Security in the Age of AI: Red Teaming LLM
• 19:32 : Fog Ransomware Attacking US Organizations Leveraging Compromised VPN Credentials
• 19:31 : xRAT Malware Attacking Windows Users Disguised as Adult Game
• 19:31 : China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
• 19:4 : Trend Micro fixed a remote code execution in Apex Central
• 18:31 : News brief: AI threats to shape 2026 cybersecurity
• 18:5 : Beyond Extensions: Architectural Deep-Dives into File Upload Security
• 18:4 : Trend Micro Apex Central Flaws Enable Remote Code Execution
• 18:4 : Keeper Security Launches JetBrains Extension
• 18:4 : Radware Discloses ZombieAgent Technique to Compromise AI Agents
• 17:32 : OWASP CRS Vulnerability Enables Charset Validation Bypass
• 17:32 : Best Ways to Learn Everything About Investing in Bitcoin
• 17:32 : xRAT Malware Targets Windows Users via Fake Adult Game
• 17:32 : Fog Ransomware Targets U.S. Organizations via Compromised VPN Credentials
• 17:32 : Microsoft Introduces Teams External Collaboration Administrator Role
• 17:32 : Use of XMRig Cryptominer by Threat Actors Expanding: Expel
• 17:11 : Why VM Shapes Matter: New Compute Plans Deliver Predictable Performance
• 17:11 : MuddyWater APT Weaponizing Word Documents to Deliver ‘RustyWater’ Toolkit Evading AV and EDR Tools
• 17:11 : Fake Fortinet Sites Steal VPN Credentials in Sophisticated Phishing Attack
• 17:11 : Cyber Threats Targeting Australia and New Zealand Fueled by Initial Access Sales, and Ransomware Campaigns
• 17:11 : Threat Actors Attacking Systems with 240+ Exploits Before Ransomware Deployment
• 17:5 : IT Security News Hourly Summary 2026-01-09 18h : 17 posts
• 16:32 : X Didn’t Fix Grok’s ‘Undressing’ Problem. It Just Makes People Pay for It
• 16:32 : pcTattletale founder pleads guilty as US cracks down on stalkerware
• 16:32 : Putinswap: France trades alleged ransomware crook for conflict researcher
• 16:32 : INFORM 2026: MITRE’s Updated Threat-Informed Defense Maturity Model Explained
• 16:32 : AI Deception Is Here: What Security Teams Must Do Now
• 16:32 : Are There IDORs Lurking in Your Code? LLMs Are Finding Critical Business Logic Vulns—and They’re Everywhere
• 16:32 : The New Weak Link in Compliance Isn’t Code – It’s Communication
• 16:32 : BitLocker Ransomware Attack Cripples Romanian Water Authority’s IT Systems
• 16:32 : Okta Report: Pirates of Payrolls Attacks Plague Corporate Industry
• 16:32 : WebRAT Malware Spreads Through Fake GitHub Exploit Repositories
• 16:31 : Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations
• 16:31 : AWS named Leader in the 2025 ISG report for Sovereign Cloud Infrastructure Services (EU)
• 16:31 : Telecom sector sees steady rise in ransomware attacks
• 16:7 : Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records
• 16:7 : London council cyber attack exposes personal data and highlights risks of shared public-sector IT
• 16:7 : QR codes a powerful new phishing weapon in hands of Pyongyang cyberspies
• 16:7 : In Other News: 8,000 Ransomware Attacks, China Hacked US Gov Emails, IDHS Breach Impacts 700k
• 15:32 : Mistral AI Wins French Military Deal
• 15:32 : OWASP CRS Flaw Lets Encoded Attacks Slip Past WAFs
• 15:32 : X Didn’t Fix Grok’s ‘Undressing’ Problem. It Just Makes People Pay for It
• 15:32 : Tim Kosiba Named NSA Deputy Director
• 15:32 : Cyber Briefing: 2026.01.09
• 15:6 : FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes
• 14:32 : Botnets, Breaches, and Critical Flaws Define This Week in Cybersecurity
• 14:32 : Microsoft’s New Teams New Admin Role to Manage External Collaboration Settings
• 14:32 : CISA Retires Ten Emergency Directives Following Milestone Achievement
• 14:32 : Beware of Fake WinRAR Website That Delivers Malware with WinRAR Installer
• 14:32 : Trend Micro Patches Critical Code Execution Flaw in Apex Central
• 14:32 : 377,000 Impacted In Texas Gas Data Breach
• 14:32 : Truebit Token Crashes After Hack
• 14:32 : Iran Cuts Internet Amid Protest Crackdown
• 14:32 : Gmail New AI Inbox Uses Gemini
• 14:31 : Russia Frees French Researcher In Swap
• 14:5 : From Code to Runtime: How AI Is Bridging the SAST–DAST Gap
• 14:5 : Opening the Automation Garden: API Request & Webhook Trigger in Infinity Playblocks
• 14:5 : China-linked cybercrims abused VMware ESXi zero-days a year before disclosure
• 14:5 : CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over
• 14:5 : NordPass streamlines two-factor authentication with a built-in Authenticator across devices
• 14:5 : IT Security News Hourly Summary 2026-01-09 15h : 12 posts
• 13:32 : CrowdStrike to Acquire Identity Security Startup SGNL in $740 Million Deal
• 13:32 : FBI Warns of Kimsuky Actors Leverage Malicious QR Codes to Target U.S. Organizations
• 13:32 : European Commission opens consultation on EU digital ecosystems
• 13:32 : Europol Leads Global Crackdown on Black Axe Cybercrime Gang, 34 Arrested
• 13:32 : CISA’s 7 Biggest Challenges in 2026
• 13:7 : Are we ready for ChatGPT Health?
• 13:7 : ‘ZombieAgent’ Attack Let Researchers Take Over ChatGPT
• 13:7 : Sectigo New Public Roots and Issuing CAs Hierarchy [2025 Migration Guide]
• 13:7 : Peek-A-Boo! 🫣 Emoji Smuggling and Modern LLMs – FireTail Blog
• 13:7 : The Definitive Guide to ISO 42001
• 13:7 : Crypto Thefts Hit Record $2.7 Billion in 2025
• 13:6 : Japan Prioritizes Cyber Resilience in Latest National Security Push
• 12:32 : Palo Alto Crosswalk Signals Had Default Passwords
• 12:32 : 377,000 Impacted by Data Breach at Texas Gas Station Firm
• 12:32 : Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t)
• 12:32 : World Economic Forum: Deepfake Face-Swapping Tools Are Creating Critical Security Risks
• 12:8 : Iran cuts Internet nationwide amid deadly protest crackdown
• 12:8 : 10 Best Automatic WiFi Security Providers – 2026
• 12:8 : 5 Sandbox Tools for Phishing Analysis in 2026
• 12:8 : 10 Best Web Security Scanners For Vulnerability Scanning – 2026
• 12:7 : Top 10 Best Managed Service Providers (MSP) for CISO, CTO & IT Managers – 2026
• 12:7 : How U.S K-12 Schools Can Solve Their Top 10 Cybersecurity Challenges – Free E-Book
• 12:7 : Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure
• 11:32 : Top 10 Most Common Cyber Attacks of 2026
• 11:32 : Microsoft Defender’s Blocks Legitimate MAS Amid Fake Script Hunt
• 11:32 : Trend Micro Apex Central Vulnerabilities Enables Remote Code Execution Attacks
• 11:32 : OWASP CRS Vulnerability Allows Attackers to Bypass Charset Validation
• 11:31 : 10 Best Bot Protection Software – 2026
• 11:5 : IT Security News Hourly Summary 2026-01-09 12h : 6 posts
• 11:2 : $15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China
• 11:2 : AI-Powered Truman Show Operation Industrializes Investment Fraud
• 10:32 : Data Security Firm Cyera Raises $400M, Hits $9B Valuation
• 10:31 : Grok told to cover up as UK weighs action over AI ‘undressing’
• 10:31 : CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024
• 10:31 : Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions
• 10:2 : China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware
• 10:2 : FBI Warns of North Korean QR Phishing Campaigns
• 9:32 : Nvidia Requires Up-Front Payment For China H200 Orders
• 9:31 : Credential stuffing: What it is and how to protect yourself
• 9:5 : EU Extends X Retention Order Over Sexualised Images
• 9:4 : New Ghost Tapped Attack Uses Your Android Device to Drain Your Bank Account
• 9:4 : Hackers Actively Exploiting AI Deployments – 91,000+ Attack Sessions Observed
• 9:4 : SmarterTools SmarterMail Vulnerability Enables Remote Code Execution Attack – PoC Released
• 8:32 : Malicious Process Environment Block Manipulation, (Fri, Jan 9th)
• 8:32 : China Said To Hack US Congress Email Systems
• 8:32 : January 2026 Patch Tuesday forecast: And so it continues
• 8:32 : Microsoft enforces admin MFA, Cisco patches ISE, Illinois breaches self
• 8:7 : China Tells Companies To Halt Nvidia H200 Orders
• 8:7 : China Dominates Humanoid Robot Shipments
• 8:5 : IT Security News Hourly Summary 2026-01-09 09h : 1 posts
• 7:31 : Help desk read irrelevant script, so techies found and fixed their own problem
• 7:5 : Are criminal hacking organizations recruiting teenagers to do the dirty work?
• 7:4 : Product showcase: TrackerControl lets Android users see who’s tracking them
• 7:4 : How AI agents are turning security inside-out
• 7:4 : FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing
• 6:31 : ICE Agent Who Reportedly Shot Renee Good Was a Firearms Trainer, per Testimony
• 6:31 : Cisco Small Business Switches Face Global DNS Crash Outage
• 6:31 : SCIM Provisioning Explained: Automating User Lifecycle Management with SSO
• 6:9 : Critical NI8MARE Vulnerability Exposes N8N To Full TakeOver
• 6:9 : Security teams are paying more attention to the energy cost of detection
• 5:32 : Microsoft Mandates MFA for Microsoft 365 Admin Center Access
• 5:32 : New “Ghost Tap” Attack Hijacks Android Phones to Drain Bank Accounts
• 5:31 : Wi-Fi evolution tightens focus on access control
• 5:31 : Window’s Blue Screen of Death Vulnerability
• 4:4 : Passkeys: An Overview
• 3:32 : ICE Agent Who Reportedly Shot Renee Good Was a Firearms Trainer, Per Testimony
• 2:5 : IT Security News Hourly Summary 2026-01-09 03h : 2 posts
• 2:4 : ISC Stormcast For Friday, January 9th, 2026 https://isc.sans.edu/podcastdetail/9760, (Fri, Jan 9th)
• 1:11 : Chinese-speaking hackers exploited ESXi zero-days long before disclosure
• 0:14 : Who Benefited from the Aisuru and Kimwolf Botnets?
• 0:14 : What are the latest trends in NHIs security?
• 0:14 : Why is being proactive with NHIs critical?
• 0:14 : How does Agentic AI adapt to changing security needs?
• 0:14 : Can Agentic AI be trusted with sensitive data?
• 23:5 : IT Security News Hourly Summary 2026-01-09 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2026-01-08