IT Security News Daily Summary 2026-01-19

139 posts were published in the last hour

• 21:32 : 100,000 WordPress Sites Affected by Privilege Escalation Vulnerability in Advanced Custom Fields: Extended WordPress Plugin
• 21:32 : Inside the Leaks that Exposed the Hidden Infrastructure Behind a Ransomware Operation
• 21:32 : Threat Actors Weaponizing Visual Studio Code to Deploy a Multistage Malware
• 20:34 : Attackers are Using WSL2 as a Stealthy Hideout Inside Windows Systems
• 20:34 : Threat Actors Impersonate as MalwareBytes to Attack Users and Steal Logins
• 20:34 : Randall Munroe’s XKCD ‘Funny Numbers’
• 20:34 : NDSS 2025 – ASGARD
• 20:9 : Jordanian Man Pleads Guilty to Selling Stolen Logins for 50 Companies
• 20:5 : IT Security News Hourly Summary 2026-01-19 21h : 2 posts
• 19:36 : Ransomware attack on Ingram Micro impacts 42,000 individuals
• 19:36 : Raaga – 10,225,145 breached accounts
• 18:32 : Views on AI & the Anthropic Report
• 18:32 : Attackers Redirected Employee Paychecks Without Breaching a Single System
• 18:32 : How to Visualize Web & API Coverage with Screenshots and Validate Attack Paths in Escape
• 18:32 : Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites
• 17:32 : Passwordless Authentication: Hype vs. Reality
• 17:32 : Cloudflare Zero-Day Vulnerability Enables Any Host Access Bypassing Protections
• 17:32 : New Spear-Phishing Attack Abusing Google Ads to Deliver EndRAT Malware
• 17:7 : Broker who sold malware to the FBI set for sentencing
• 17:5 : IT Security News Hourly Summary 2026-01-19 18h : 6 posts
• 16:36 : NDSS 2025 – BitShield: Defending Against Bit-Flip Attacks On DNN Executables
• 16:36 : Hacker Pleads Guilty to Access Supreme Court, AmeriCorps, VA Systems
• 16:36 : Researchers Uncover PDFSIDER Malware Built for Long-Term, Covert System Access
• 16:9 : Prompt Injection Defense Architecture: Sandboxed Tools, Allowlists, and Typed Calls
• 16:9 : Microsoft Issues Emergency Fix After Some Windows 11 Systems Can’t Shut Down
• 16:9 : Rogue agents and shadow AI: Why VCs are betting big on AI security
• 15:34 : StealC malware control panel flaw leaks details on active attacker
• 15:34 : European Authorities Identify Black Basta Suspects as Ransomware Group Collapses
• 15:34 : UAE Banks Ditch SMS OTPs for Biometric App Authentication
• 15:34 : Russian Hacktivists Intensify Disruptive Cyber Pressure on UK Orgs
• 15:34 : Cyber Briefing: 2026.01.19
• 15:11 : TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking
• 15:11 : Plaso / log2timeline
• 14:36 : Visual Studio Code Abused in Sophisticated Multistage Malware Attacks
• 14:36 : 1-15 January 2026 Cyber Attacks Timeline
• 14:36 : At Davos, Cybersecurity Is a Leadership Imperative
• 14:36 : Free Converter Apps that Convert your Clean System to Infected in Seconds
• 14:36 : Fake browser crash alerts turn Chrome extension into enterprise backdoor
• 14:36 : Canadian Investment Watchdog Breach
• 14:36 : Ransomware Disrupts Kyowon Operations
• 14:36 : Ukraine Germany Target Black Basta
• 14:36 : Tennessee Man Hacks Supreme Court System
• 14:36 : China Tests Quantum Cyber Weapons
• 14:5 : Google Gemini AI Tricked Into Leaking Calendar Data via Meeting Invites
• 14:5 : Remcos RAT Campaign Uses Trojanized VeraCrypt Installers to Steal Credentials
• 14:5 : Acting CISA Director Pushed to Remove Agency CIO
• 14:5 : Don’t underestimate pro-Russia hacktivists, warns UK’s cyber crew
• 14:5 : ‘SolyxImmortal’ Information Stealer Emerges
• 14:5 : Jordanian Admits in US Court to Selling Access to 50 Enterprise Networks
• 14:5 : ⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More
• 14:5 : Beyond the Algorithm
• 14:5 : IT Security News Hourly Summary 2026-01-19 15h : 14 posts
• 13:32 : Cybercriminals Impersonate Malwarebytes to Steal User Credentials
• 13:32 : Windows SMB Client Vulnerability Exposes Organizations to Full Active Directory Compromise
• 13:32 : CIRO Confirms Data Breach Impacting 750,000 Canadian Investors
• 13:32 : Unmasked by Leaks: The Hidden Backbone of a Ransomware Operation
• 13:32 : Pulsar RAT Abuses Memory-Only Execution and HVNC for Stealthy Remote Takeover
• 13:32 : Copilot, Code, and CI/CD: Securing AI-Generated Code in DevOps Pipelines
• 13:32 : Windows 11 shutdown bug forces Microsoft into out-of-band damage control
• 13:32 : Cyber Insights 2026: Information Sharing
• 13:31 : Digital Minimalism
• 13:5 : Firefox joins Chrome and Edge as sleeper extensions spy on users
• 13:5 : 5 Malicious Chrome Extensions Attacking Enterprise HR and ERP Platforms for Complete Takeover
• 13:5 : CIRO Confirms Data Breach – 750,000 Canadian Investors Have been Impacted
• 13:5 : Livewire Filemanager Vulnerability Exposes Web Applications to RCE Attacks
• 13:5 : Ukraine Police Exposed Russian Hacker Group Specializes in Ransomware Attack
• 13:4 : Ingram Micro admits summer ransomware raid exposed thousands of staff records
• 13:4 : New StackWarp Hardware Flaw Breaks AMD SEV-SNP Protections on Zen 1–5 CPUs
• 13:4 : DevOps & SaaS Downtime: The High (and Hidden) Costs for Cloud-First Businesses
• 12:36 : Hackers Exploiting PDF24 App to Deploy Stealthy PDFSIDER Backdoor
• 12:36 : New Reports Reinforce Cyberattack’s Role in Maduro Capture Blackout
• 12:36 : Why Most Startup Founders Fail and How ISHIR Texas Venture Studio Helps the Right Ones Win
• 12:36 : Transparent Tribe Targets Indian Public Sector and Academic Networks
• 12:36 : Malicious Google Chrome Extensions Hijack Workday and Netsuite
• 12:9 : From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers
• 12:9 : UK prime minister stares down barrel of ban on social media for kids
• 12:9 : Outsourcing IT Support: Benefits, Risks, and Smart Next Steps
• 12:9 : 4 Ways Email Automation Will Reshape Customer Journeys in 2026
• 12:9 : Law enforcement tracks ransomware group blamed for massive financial losses
• 11:32 : Mastang Panda Uses Venezuela News to Spread LOTUSLITE Malware
• 11:32 : Warwickshire school to reopen after cyberattack crippled IT
• 11:32 : Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’
• 11:31 : Keepnet bets on agentic AI behavioral training to curb security mistakes
• 11:31 : Suspects Linked to Black Basta Ransomware Group Raided in Ukraine
• 11:13 : Researchers Gained Access to Hacker Domain Server Using Name Server Delegation
• 11:13 : PDFSIDER Malware Actively Used by Threat Actors to Bypass Antivirus and EDR Systems
• 11:13 : 42,000 Impacted by Ingram Micro Ransomware Attack
• 11:5 : IT Security News Hourly Summary 2026-01-19 12h : 4 posts
• 10:34 : Royal Navy’s helicopter drone makes its first autonomous flight
• 10:34 : British Army to spend £279 million on permanent cyber regiment base
• 10:33 : CrashFix Chrome Extension Delivers ModeloRAT Using ClickFix-Style Browser Crash Lures
• 10:13 : Cyber Breaches, Compliance and Reputation Top UK Corporate Concerns
• 9:34 : Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems
• 9:34 : CrashFix – Hackers Using Malicious Extensions to Display Fake Browser Warnings
• 9:34 : Windows SMB Client Vulnerability Enables Attacker to Own Active Directory
• 9:34 : Entity Resolution vs. Identity Verification: What Security Teams Actually Need
• 9:34 : Ring’s Facial Recognition Feature: Convenience or Privacy Nightmare?
• 9:33 : Researchers Exploit Bug in StealC Infostealer to Collect Evidence
• 9:11 : Social Media Firms Block 4.7 Million Australian Accounts
• 9:11 : Five Chrome Extensions Used to Hijack Enterprise HR and ERP Systems
• 9:11 : How ‘Reprompt’ Attack Let Hackers Steal Data From Microsoft Copilot
• 8:36 : US Adds Charges To China-Export AI Chips
• 8:36 : PDFSIDER Malware Actively Exploited to Evade Antivirus and EDR Defenses
• 8:36 : 17 New Malicious Chrome GhostPoster Extensions with 840,000+ Installs Steals User Data
• 8:36 : Redmi Buds Vulnerability Allow Attackers Access Call Data and Trigger Firmware Crashes
• 8:36 : A week in security (January 12 – January 18)
• 8:36 : NSA dual-hat question, third-party report, GhostPoster extension continues
• 8:7 : UK Influencer To Pay Reduced Extradition Costs
• 8:7 : Argus: Python-Based Recon Toolkit Aims to Boost Security Intelligence
• 8:7 : Mandiant Publishes Rainbow Tables That Crack NTLMv1 Admin Passwords
• 8:7 : ATM maintenance tech broke the bank by forgetting to return a key
• 8:7 : Global tensions are pushing cyber activity toward dangerous territory
• 8:6 : SEON Identity Verification combines KYC checks with real-time fraud intelligence
• 8:5 : IT Security News Hourly Summary 2026-01-19 09h : 5 posts
• 7:32 : BodySnatcher – New Vulnerability Allows Attacker to Impersonate Any ServiceNow User
• 7:32 : New Kerberos Relay Attack Uses DNS CNAME to Bypass Mitigations – PoC Released
• 7:32 : Review: AI Strategy and Security
• 7:32 : Rubrik introduces Security Cloud Sovereign for data sovereignty and regulatory compliance
• 7:31 : Security Bug in StealC Malware Panel Let Researchers Spy on Threat Actor Operations
• 7:4 : Can hackers eavesdrop and track people via Bluetooth audio devices?
• 7:4 : Researchers Hijack Hacker Domain Using Name Server Delegation
• 7:4 : New “BodySnatcher” Flaw Allows Full ServiceNow User Impersonation
• 6:34 : Bytebase: Open-source database DevOps tool
• 6:11 : Microsoft January 2026 Security Update Triggers Credential Prompt Failures in Remote Desktop
• 6:11 : Threat Actors Abuse Browser Extensions to Deliver Fake Warning Messages
• 6:11 : A new European standard outlines security requirements for AI
• 5:32 : New Kerberos Relay Technique Exploits DNS CNAMEs to Bypass Existing Defenses
• 5:32 : When the Olympics connect everything, attackers pay attention
• 5:32 : Cisco Patches Async OS Bug
• 5:7 : GhostPoster Malware Targets Chrome Users via 17 Rogue Extensions
• 5:7 : Cyber risk keeps winning, even as AI takes over
• 3:34 : Hardware Security Module Integration for Quantum-Safe Model Contexts
• 3:34 : AI Can Answer You, But Should You Trust It to Guide You?
• 2:31 : Microsoft hiring energy strategists to power its Asian datacenters
• 0:9 : Mandiant releases quick credential cracker, to hasten the death of a bad protocol
• 23:34 : Hacktivists hijacked Iran ’s state TV to air anti-regime messages and an appeal to protest from Reza Pahlavi
• 23:5 : IT Security News Hourly Summary 2026-01-19 00h : 2 posts
• 22:58 : IT Security News Weekly Summary 03
• 22:55 : IT Security News Daily Summary 2026-01-18