ICYMI: 2026-01-06
Latest Headlines
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands
Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
Hacker Conversations: Katie Paxton-Fear Talks Autism, Morality and Hacking
Cyber Risk Trends for 2026: Building Resilience, Not Just Defenses
Sophisticated ClickFix Campaign Targeting Hospitality Sector
Cybersecurity M&A Roundup: 30 Deals Announced in December 2025
Sedgwick confirms Data Breach Following TridentLocker Ransomware Gang Claim
Judge Demands OpenAI to Release 20 Million Anonymized ChatGPT Chats in AI Copyright Dispute
Critical AdonisJS Vulnerability Allow Remote Attacker to Write Files On Server
Critical Dolby Codec Vulnerability Exposes Android Devices to Code Execution Attacks
NordVPN Denies Data Breach Following Threat Actor Claim on Dark Web
New Tool to Remove Copilot, Recall and Other AI Tools From Windows 11
Christmas Phishing Surge Chains Docusign Spoofing with Identity Theft Questionnaires
CloudEyE MaaS Downloader and Cryptor Infects 100,000+ Users Worldwide
New Critical n8n Vulnerability Allow Attackers to Execute Arbitrary Commands
Taiwan says China’s attacks on its energy sector increased tenfold
Microsoft cancels plans to rate limit Exchange Online bulk emails
New D-Link flaw in legacy DSL routers actively exploited in attacks
Kimwolf Android botnet abuses residential proxies to infect internal devices
Jaguar Land Rover wholesale volumes down 43% after cyberattack
Sedgwick confirms breach at government contractor subsidiary
How generative AI accelerates identity attacks against Active Directory
Are Copilot prompt injection flaws vulnerabilities or AI limits?
– MTZ