IT Security News Daily Summary 2026-01-29

181 posts were published in the last hour

• 22:34 : MongoDB Ransomware Is Still Actively Hitting Exposed Databases
• 21:38 : Understanding the Russian Cyber Threat to the 2026 Winter Olympics
• 21:38 : Meta confirms it’s working on premium subscription for its apps
• 21:5 : Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach
• 21:5 : Report: Open Source Malware Instances Increased 73% in 2025
• 20:31 : SolarWinds addressed four critical Web Help Desk flaws
• 20:9 : How to get started with security response automation on AWS
• 20:5 : IT Security News Hourly Summary 2026-01-29 21h : 8 posts
• 19:32 : SoundCloud – 29,815,722 breached accounts
• 19:32 : Google Introduces AI-Powered Side Panel in Chrome to Automate Browsing
• 19:32 : Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
• 19:7 : I’m locked in!
• 19:7 : Python-based PyRAT with Cross-Platform Capabilities and Extensive Remote Access Features
• 19:7 : Beware of Weaponized VS Code Extension Named ClawdBot Agent that Deploys ScreenConnect RAT
• 19:7 : Threat Actors Leverage Google Search Ads for ‘Mac Cleaner’ to Direct Users to Malicious Websites
• 19:7 : Exposed Open Directory Leaks BYOB Framework Across Windows, Linux, and macOS
• 18:32 : Common Cloud Migration Security Mistakes (and How to Avoid Them)
• 18:32 : ICE Pretends It’s a Military Force. Its Tactics Would Get Real Soldiers Killed
• 18:32 : Salt Security Brings “Plain English” Clarity to API Security
• 18:32 : New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data
• 18:9 : Op Bizarre Bazaar: New LLMjacking Campaign Targets Unprotected Models
• 18:9 : Rockwell Automation ControlLogix
• 18:9 : Rockwell Automation ArmorStart LT
• 18:9 : KiloView Encoder Series
• 18:9 : TA584 Actors Leveraging ClickFix Social Engineering to Deliver Tsundere Bot Malware
• 18:9 : 31.4 Tbps DDoS Attack Via Aisuru Botnet Breaks Internet With New World Record
• 18:9 : Essential E-Signature Solutions for Cybersecurity in 2026
• 18:9 : Matanbuchus Malware Downloader Evading AV Detections by Changing Components
• 17:34 : Wordfence Intelligence Weekly WordPress Vulnerability Report (January 19, 2026 to January 25, 2026)
• 17:34 : Google Disrupts Major Residential Proxy Network IPIDEA
• 17:34 : Davos Reflections on AI, Security, and Responsibility
• 17:34 : The Security Debt We Pretend Isn’t There
• 17:34 : Google Disrupts Extensive Residential Proxy Networks
• 17:5 : IT Security News Hourly Summary 2026-01-29 18h : 14 posts
• 17:3 : To stop crims, Google starts dismantling residential proxy network they use to hide
• 17:3 : An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a Gmail Account
• 17:3 : AV vendor goes to war with security shop over update server scare
• 17:2 : Employment Fraud & Hiring Risk: When Access Becomes Risk
• 17:2 : Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve Cybersecurity
• 17:2 : CISA, security researchers warn FortiCloud SSO flaw is under attack
• 16:36 : Google targets IPIDEA in crackdown on global residential proxy networks
• 16:36 : CISA Warns of FortiCloud SSO Authentication Bypass Vulnerability Exploited in Attacks
• 16:36 : Google Announces Android Theft Protection Feature to Make Your Device Harder Target for Hackers
• 16:36 : Google disrupts proxy network used by 550+ threat groups
• 16:36 : France Fines National Employment Agency €5m Over 2024 Data Breach
• 16:11 : Seven habits that help security teams reduce risk without slowing delivery
• 16:11 : Top 7 Threat Intelligence Platforms & Software
• 16:11 : New CISA Guidance Targets Insider Threat Risks
• 15:38 : Cal.com Access Control Flaws Expose Millions of Bookings
• 15:38 : Supply chain attack on eScan antivirus: detecting and remediating malicious updates
• 15:38 : Microsoft Office zero-day lets malicious documents slip past security checks
• 15:38 : LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’
• 15:38 : Cyber Briefing: 2026.01.29
• 15:15 : Microsoft releases update to address zero-day vulnerability in Microsoft Office
• 15:15 : This startup aims to solve crypto’s broken key management problem
• 15:15 : eScan Antivirus Update Server Breached to Deliver Malicious Software Updates
• 15:15 : Fake “Mac Cleaner” Campaign Uses Google Ads to Redirect Users to Malware
• 15:15 : Swarmer Tool Abuses Windows Registry to Evade Detection and Persist on Systems
• 15:15 : BlackIce Introduced as Container-Based Red Teaming Toolkit for AI Security Testing
• 15:15 : Open Directory Exposure Leaks BYOB Framework Across Windows, Linux, and macOS
• 15:14 : ShinyHunters swipes right on 10M records in alleged dating app data grab
• 15:14 : Apple’s new iPhone and iPad security feature limits cell networks from collecting precise location data
• 15:14 : Clawdbot’s rename to Moltbot sparks impersonation campaign
• 15:14 : N8n Vulnerabilities Could Lead to Remote Code Execution
• 15:14 : Anthropic Cracks Down on Claude Code Spoofing, Tightens Access for Rivals and Third-Party Tools
• 15:14 : Cyberattack Paralyzes Russia’s Delta Security Systems
• 15:14 : Researchers Uncover Pakistan-Linked Cyber Activity Targeting India
• 15:14 : SK hynix Launches New AI Company as Data Center Demand Drives Growth
• 15:14 : eScan AV supply chain compromise: Users targeted with malicious updates
• 15:14 : Virtue AI AgentSuite enables enterprises to test and secure AI agents
• 15:14 : Russian Hackers Behind Poland Grid Wiper
• 15:14 : WhatsApp Improves Security For At Risk Users
• 14:37 : Cybersecurity and business needs: A CISO’s 2026 outlook
• 14:37 : Scientists found a way to cool quantum computers using noise
• 14:37 : Interlock Ransomware: New Techniques, Same Old Tricks
• 14:37 : eSkimming Attacks Fuelled with Persistent Threats, Evolving Tactics, and Unfinished Recovery
• 14:37 : Hackers Exploiting FreePBX Vulnerability to Deploy Webshell and Gain Control of Systems
• 14:37 : Cal.com Broken Access Controls Exposes Millions of Bookings and Leads to Complete Account Takeover
• 14:36 : Microsoft 365 Outlook Add-ins Weaponized to Exfiltrate Sensitive Email Data Without Leaving Traces
• 14:36 : Google Disrupted World’s Largest IPIDEA Residential Proxy Network
• 14:36 : France Travail fined €5 million for failing to protect job seeker data
• 14:36 : Druva Threat Watch offers continuous threat monitoring of backup data
• 14:36 : Grist Core Flaw Enables Remote Code Execution
• 14:36 : Kontigo Stablecoin Bank Hit By Cyberattack
• 14:36 : Cyberattack Disrupts Dresden Museum Systems
• 14:36 : Inverclyde Schools Offline After Phishing
• 14:36 : Google Updates Android Theft Protection
• 14:12 : US Sentences Chinese National for Role in $36.9 Million Crypto Scam
• 14:12 : The UK Threat Landscape Is Shifting. And Many Security Teams Are Looking the Wrong Way.
• 14:11 : Celebrating Check Point’s 2025 Americas Partner Award Winners
• 14:11 : Microsoft Previews Windows 11 Update With Smarter AI and Phone Continuity
• 14:11 : Patch or perish: Vulnerability exploits now dominate intrusions
• 14:11 : MIND Extends DLP Reach to AI Agents
• 14:11 : ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories
• 14:5 : IT Security News Hourly Summary 2026-01-29 15h : 5 posts
• 13:32 : SolarWinds Patches Critical Web Help Desk Vulnerabilities
• 13:32 : Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups
• 13:31 : FBI Takes Down RAMP Ransomware Forum
• 13:9 : ISC Stormcast For Thursday, January 29th, 2026 https://isc.sans.edu/podcastdetail/9786, (Thu, Jan 29th)
• 13:9 : US Data Breaches Hit Record High but Victim Numbers Decline
• 12:37 : Malicious Google Ads Target Mac Users with Fake Mac Cleaner Pages
• 12:36 : Cyberattack on Poland’s power grid could have turned deadly in winter cold
• 12:36 : Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps
• 12:7 : Q&A: Why Cybersecurity Is Now a Core Business Risk, Not Just a Technical Problem
• 12:7 : Critical IDIS IP Cameras One-Click Vulnerability Leads to full Compromise of Victim’s Computer
• 12:7 : BlackIce – A Container Based Red Teaming Toolkit for AI Security Testing
• 12:7 : Threat Actors Using AI Generated Malicious Job Offers to Deploy PureRAT
• 12:7 : Cyber Insights 2026: Zero Trust and Following the Path
• 12:7 : N-able brings AI to endpoint, security, and recovery
• 12:7 : Conditional Access enforcement change coming to Microsoft Entra
• 11:32 : Nation-state and criminal actors leverage WinRAR flaw in attacks
• 11:32 : CyberASAP Demo Day: Exclusive First Look at the UK’s Next-Generation Cyber Security Innovations
• 11:32 : Mega Breaches in 2026
• 11:32 : Google Disrupts IPIDEA Proxy Network
• 11:32 : Real-Time Blackhole List – How to Remove an IP From It?
• 11:32 : Why Protecting Your Phone Number Matters for Online Security
• 11:32 : 3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026
• 11:9 : IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations
• 11:9 : Dissecting UAT-8099: New persistence mechanisms and regional focus
• 11:9 : Silent Brothers | Ollama Hosts Form Anonymous AI Network Beyond Platform Guardrails
• 11:9 : China Approves First Nvidia H200 Imports
• 11:9 : ShinyHunters Claims 14M Panera Bread Records Exposed in Data Breach
• 11:9 : cside VPN Detection enables control of VPN traffic to prevent fraud and legal exposure
• 11:9 : Sumsub’s AI Agent Verification binds automation to verified human identity
• 11:9 : Tosi Platform delivers unified connectivity, visibility, and security for OT at scale
• 11:5 : IT Security News Hourly Summary 2026-01-29 12h : 8 posts
• 10:32 : US Marshals Service Confirms Crypto Hack Probe
• 10:32 : Google agrees to pay $135 million over Android data harvesting claims
• 10:11 : CMA Recommends Publisher Controls For Google AI
• 10:11 : 75% of Organisations Have Gaps in Core Security Controls, Research Finds
• 10:11 : eScan Antivirus Update Server Hacked to Push Malicious Update packages
• 10:11 : Samsung tackles shoulder surfing on Galaxy devices
• 10:11 : SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass
• 10:11 : Number of Cybersecurity Pros Surges 194% in Four Years
• 9:32 : Microsoft Reports Record Expenditures Amid AI Push
• 9:32 : OpenSSL issued security updates to fix 12 flaws, including Remote Code Execution
• 9:32 : SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP!
• 9:10 : EU To Guide Google On Android AI Competition
• 9:10 : Amazon Confirms 16,000 More Corporate Job Cuts
• 9:10 : Poor Weather Delays Cornwall Broadband Repairs
• 9:10 : Google Chrome Gets ‘Auto Browse’ Agent
• 9:10 : Attackers Targeting Canadian Citizens by Exploiting Their Reliance on Digital Services
• 9:9 : Critical Solarwinds Web Vulnerability Allows Remote Code Execution and Security Bypass
• 9:9 : Microsoft Exchange Online to Deprecate SMTP AUTH Basic Authentication for Tenants
• 9:9 : Cybersecurity Teams Embrace AI, Just Not at the Scale Marketing Suggests
• 8:36 : Dynatrace RUM delivers end-to-end visibility for cloud-native and AI-powered user experiences
• 8:36 : Sandbox flaw exposes n8n instances, Fake Moltbot assistant drops malware, PeckBirdy takes flight for cross-platform attacks
• 8:9 : PwC and Google Cloud Ink $400 Million Deal to Scale AI-Powered Defense
• 8:5 : IT Security News Hourly Summary 2026-01-29 09h : 2 posts
• 7:34 : Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tactic
• 7:34 : Google Disrupts IPIDEA — One of the World’s Largest Residential Proxy Networks
• 7:4 : New Semantic Chaining Jailbreak Attack Bypasses Grok 4 and Gemini Nano Security Filters
• 7:4 : Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence
• 7:4 : A Lack of Spending Isn’t the Problem With Cloud Security, Structural Complexity Is
• 7:4 : Open-source malware zeroes in on developer environments
• 6:36 : Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan
• 6:36 : Hottest cybersecurity open-source tools of the month: January 2026
• 5:34 : What motivates hackers and what makes them walk away
• 5:34 : A practical take on cyber resilience for CISOs
• 5:5 : IT Security News Hourly Summary 2026-01-29 06h : 4 posts
• 5:4 : 2026-01-29: njRAT infection with MassLogger
• 5:4 : Top 10 Best Data Removal Services In 2026
• 4:9 : CISA Chief Uploaded Sensitive Documents into Public ChatGPT
• 4:9 : ImmuniWeb reports double-digit growth and platform advances
• 3:16 : PQC-Hardened Model Context Protocol Transport Layers
• 3:16 : Single Sign-on Community Help Resources
• 3:16 : What is SAML and how does SAML Authentication Work?
• 2:9 : 2026-01-22: SmartApeSG uses ClickFix technique to push Remcos RAT
• 0:34 : A fake romance turns into an Android spyware infection
• 0:7 : 2026-01-20: Lumma Stealer infection with follow-up malware
• 0:7 : How does Agentic AI improve platform security
• 0:7 : What makes secrets management essential for businesses
• 0:7 : How do autonomous agents decide in secure environments
• 0:7 : What are the best practices for NHI management
• 23:38 : 2026-01-20: Xworm infection
• 23:38 : 2026-01-20: VIP Recovery infection with FTP data exfiltration traffic
• 23:38 : OPNsense 26.1 brings updates to open-source firewall management
• 23:7 : Data masking: DIY internal scripts or time to buy?
• 23:7 : Logstash (Elastic Beats ecosystem)
• 23:5 : IT Security News Hourly Summary 2026-01-29 00h : 2 posts
• 22:55 : IT Security News Daily Summary 2026-01-28