Scam warnings rise after disasters as phishing spreads, RCE flaws emerge, banks and schools face attacks, grid threats surface, and platforms boost security. This article has been indexed from CyberMaterial Read the original article: Cyber Briefing: 2026.01.29
Tag: EN
Microsoft releases update to address zero-day vulnerability in Microsoft Office
Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild. This article has been indexed from Cisco Talos Blog Read…
This startup aims to solve crypto’s broken key management problem
Crypto security firm Sodot launches Exchange API Vault to stop API key theft, securing billions in assets while supporting low latency, high frequency trading. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read…
eScan Antivirus Update Server Breached to Deliver Malicious Software Updates
MicroWorld Technologies’ eScan antivirus platform fell victim to a sophisticated supply chain attack on January 20, 2026, when threat actors compromised legitimate update infrastructure to distribute multi-stage malware to enterprise and consumer endpoints worldwide. Security researchers immediately alerted the vendor,…
Fake “Mac Cleaner” Campaign Uses Google Ads to Redirect Users to Malware
Cybercriminals are exploiting Google Search Ads to distribute malware through deceptive landing pages that impersonate Apple’s official website design. The malicious ads appear prominently in Google Search results when users search for “mac cleaner,” displaying trusted domains such as docs.google.com…
Swarmer Tool Abuses Windows Registry to Evade Detection and Persist on Systems
Swarmer, a sophisticated tool designed to manipulate Windows registry hives while bypassing endpoint detection systems. The tool exploits legacy Windows infrastructure to achieve persistent access without triggering traditional EDR monitoring systems that typically flag direct registry modifications. Endpoint Detection and…
BlackIce Introduced as Container-Based Red Teaming Toolkit for AI Security Testing
Databricks introduced BlackIce at CAMLIS Red 2025, an open-source containerized toolkit that consolidates 14 widely-used AI security tools into a single, reproducible environment. This innovation addresses critical pain points in AI red teaming by eliminating complex setup procedures and dependency…
Open Directory Exposure Leaks BYOB Framework Across Windows, Linux, and macOS
An exposed command-and-control server hosting a complete deployment of the BYOB (Build Your Own Botnet) framework, a sophisticated post-exploitation tool targeting Windows, Linux, and macOS systems. The discovery, made through Hunt.io’s AttackCapture tooling, reveals an active campaign that has operated…
ShinyHunters swipes right on 10M records in alleged dating app data grab
Extortion crew says it’s found love in someone else’s info as Match Group plays down the impact ShinyHunters has added a fresh notch to its breach belt, claiming it has pinched more than 10 million records from Match Group, a…
Apple’s new iPhone and iPad security feature limits cell networks from collecting precise location data
The new security feature makes it more difficult for police and malicious hackers to obtain a person’s precise location data from a cell phone company. This article has been indexed from Security News | TechCrunch Read the original article: Apple’s…
Clawdbot’s rename to Moltbot sparks impersonation campaign
This Moltbot impersonation campaign is a case study in supply-chain risk, brand hijacking, and what happens when open source goes viral. This article has been indexed from Malwarebytes Read the original article: Clawdbot’s rename to Moltbot sparks impersonation campaign
N8n Vulnerabilities Could Lead to Remote Code Execution
The two bugs impacted n8n’s sandbox mechanism and could be exploited via weaknesses in the AST sanitization logic. The post N8n Vulnerabilities Could Lead to Remote Code Execution appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Anthropic Cracks Down on Claude Code Spoofing, Tightens Access for Rivals and Third-Party Tools
Anthropic has rolled out a new set of technical controls aimed at stopping third-party applications from impersonating its official coding client, Claude Code, to gain cheaper access and higher usage limits to Claude AI models. The move has directly…
Cyberattack Paralyzes Russia’s Delta Security Systems
A massive cyberattack was launched against Delta, a leading Russian smart alarm system supplier for residential, commercial, and automotive use, on 26 January 2026, causing widespread operational disruptions across the country. The attack crippled Delta’s information technology systems, bringing…
Researchers Uncover Pakistan-Linked Cyber Activity Targeting India
A familiar, uneasy brink appears to be looming between India and Pakistan once again, where geopolitical tension spills over borders into less visible spheres and risks spilling over into more obscure regions. As the war intensified in May 2025,…
SK hynix Launches New AI Company as Data Center Demand Drives Growth
A surge in demand for data center hardware has lifted SK hynix into stronger market standing, thanks to limited availability of crucial AI chips. Though rooted in memory production, the company now pushes further – launching a dedicated arm…
eScan AV supply chain compromise: Users targeted with malicious updates
The update infrastructure for eScan antivirus, a product of Indian cybersecurity company MicroWorld Technologies, has been compromised by unknown attackers to deliver a persistent downloader to enterprise and consumer endpoints. The supply chain compromise also resulted in the eScan antivirus…
Virtue AI AgentSuite enables enterprises to test and secure AI agents
Virtue AI announced AgentSuite, a multi-layer security and compliance platform for enterprise AI agents. Organizations worldwide are deploying agents that modify databases, trigger payments, and access systems containing sensitive information. AgentSuite is the AI-native platform built specifically for this new…
Russian Hackers Behind Poland Grid Wiper
Recent investigations have identified the Russia-linked hacking group Sandworm as the culprit behind a December attempt to disrupt Poland’s electrical grid using destructive data-wiping malware. This article has been indexed from CyberMaterial Read the original article: Russian Hackers Behind Poland…
WhatsApp Improves Security For At Risk Users
WhatsApp has introduced a new security feature called Strict Account Settings designed to protect high-profile individuals like journalists and public figures from sophisticated cyberattacks. This article has been indexed from CyberMaterial Read the original article: WhatsApp Improves Security For At…