ICYMI: 2026-01-28
Latest Headlines
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks
Password Reuse in Disguise: An Often-Missed Risky Workaround
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
Here’s the Company That Sold DHS ICE’s Notorious Face Recognition App
Cyber Insights 2026: Offensive Security; Where It Is and Where It’s Going
Rein Security Emerges From Stealth With $8M, Bringing Inside-Out AppSec Approach
Indurex Emerges From Stealth to Close Security Gap in Cyber-Physical Systems
Fortinet Patches Exploited FortiCloud SSO Authentication Bypass
High-Severity Remote Code Execution Vulnerability Patched in OpenSSL
Initial access hackers switch to Tsundere Bot for ransomware attacks
Cyberattack on Polish energy grid impacted around 30 facilities
eScan confirms update server breached to push malicious update
Viral Moltbot AI assistant raises concerns over data security
New sandbox escape flaw exposes n8n instances to RCE attacks
Empire cybercrime market owner pleads guilty to drug conspiracy
AI Is Rewriting Compliance Controls and CISOs Must Take Notice
SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation
Slovakian man pleads guilty to operating darknet marketplace
New WhatsApp lockdown feature protects high-risk users from hackers
OpenAI’s ChatGPT ad costs are on par with live NFL broadcasts
– MTZ