ICYMI: 2026-01-23
Latest Headlines
CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order
Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access
Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms
US Judge Rules ICE Raids Require Judicial Warrants, Contradicting Secret ICE Memo
CBP Wants AI-Powered ‘Quantum Sensors’ for Finding Fentanyl in Cars
149 Million Usernames and Passwords Exposed by Unsecured Database
Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices
In Other News: €1.2B GDPR Fines, Net-NTLMv1 Rainbow Tables, Rockwell Security Notice
Phishers Abuse SharePoint in New Campaign Targeting Energy Sector
Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements
Under Armour Looking Into Data Breach Affecting Customers’ Email Addresses
Organizations Warned of Exploited Zimbra Collaboration Vulnerability
Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026
2 Venezuelans Convicted in US for Using Malware to Hack ATMs
20,000 WordPress Sites Affected by Backdoor Vulnerability Allowing Malicious Admin User Creation
Threat Actors Weaponizes LNK File to Deploy MoonPeak Malware Attacking Windows Systems
Fake Captcha Ecosystem Exploits Trusted Web Infrastructure to Deliver Malware
Hackers Can Use GenAI to Change Loaded Clean Page Into Malicious within Seconds
New Phishing Kit As-a-service Attacking Google, Microsoft, and Okta Users
Microsoft to Add Brand Impersonation Protection Warning to Teams Calls
76 Zero-day Vulnerabilities Uncovered by Hackers on Pwn2Own Automotive 2026
ShinyHunters claim to be behind SSO-account data theft attacks
Malicious AI extensions on VSCode Marketplace steal developer data
CISA confirms active exploitation of four enterprise software bugs
US to deport Venezuelans who emptied bank ATMs using malware
Hackers exploit critical telnetd auth bypass flaw to get root
What an AI-Written Honeypot Taught Us About Trusting Machines
Microsoft: Outlook for iOS crashes, freezes due to coding error
Hackers get $1,047,000 for 76 zero-days at Pwn2Own Automotive 2026
Fortinet confirms critical FortiCloud auth bypass not fully patched
– MTZ