Zero Day Wire

Alerts

ConnectWise Patches High-Severity XSS and Session Cookie Vulnerabilities in PSA Platform

ConnectWise has released a security update for its Professional Services Automation (PSA) platform, addressing two vulnerabilities that could allow stored script execution and session cookie theft. The company recommends upgrading to version 2026.1 as soon as possible. Vulnerabilities CVE IDTypeCVSS ScoreImpactCVE-2026-0695Cross-Site Scripting (XSS)8.7 (High)Stored script executionCVE-2026-0696Sensitive

Threats

Jordanian Man Pleads Guilty to Selling Network Access to 50 Companies as Initial Access Broker

A 40-year-old Jordanian man has pleaded guilty in U.S. federal court to operating as an "access broker," selling unauthorized network access to at least 50 victim companies. Feras Khalil Ahmad Albashiti, who operated under the alias "r1z," entered his plea before U.S. District Judge

Threats

Ukraine and Germany Expose Ransomware Group Members, Russian Organizer Placed on INTERPOL Wanted List

Ukrainian and German law enforcement have identified members of a Russian-affiliated ransomware group responsible for hundreds of millions of euros in damages, with searches conducted in Ukraine and the alleged organizer placed on INTERPOL's international wanted list. The Operation Cyber police officers from Ukraine's National Police,

Breaches

Canadian Investment Regulator Confirms Data Breach Affecting 750,000 Investors

The Canadian Investment Regulatory Organization (CIRO) has confirmed that approximately 750,000 investors were impacted by a data breach following a phishing attack detected in August 2025. CIRO, which oversees all investment and mutual fund dealers in Canada alongside trading activity on the country's debt and equity markets,

Alerts

Electron Vulnerability Allows Backdooring of Signal, 1Password, Slack, and Chrome

Security researchers at Trail of Bits have discovered a critical vulnerability in Electron-based applications that allows attackers to inject persistent backdoors into Signal, 1Password, Slack, and Chrome by tampering with V8 heap snapshot files. Tracked as CVE-2025-55305, the flaw bypasses code integrity checks in nearly all applications built on the

Threats

Dutch Police Arrest Alleged AVCheck Mastermind Behind Major Counter-Antivirus Platform

Dutch authorities have arrested a 33-year-old man believed to be behind AVCheck, one of the world's largest counter-antivirus services used by cybercriminals to test malware against security products. The suspect was detained at Amsterdam's Schiphol Airport on Sunday evening after being under international surveillance. Data storage

Breaches

Keylogger Discovered on Major US Bank's Employee Store Affecting 200,000+ Staff

Security researchers at Sansec have discovered an active keylogger on the employee store of one of America's largest banks, potentially exposing credentials and payment data for over 200,000 staff members. The attack was detected on January 14, 2026, and remained active until January 15 when the malware

Alerts

Cisco Zero-Day RCE in Secure Email Gateway Actively Exploited by China-Linked Threat Actor

Cisco has confirmed active exploitation of a critical zero-day vulnerability in its Secure Email Gateway and Secure Email and Web Manager appliances. Tracked as CVE-2025-20393, the flaw carries a maximum CVSS score of 10.0 and allows unauthenticated attackers to execute arbitrary commands with root privileges via crafted HTTP requests.

Alerts

Critical AWS CodeBuild Flaw Exposed AWS Console to Supply Chain Attack

Critical AWS CodeBuild Flaw Exposed AWS Console to Supply Chain Attack A critical misconfiguration in AWS CodeBuild could have allowed attackers to compromise key AWS-owned GitHub repositories, including the JavaScript SDK that powers the AWS Console itself. Security researchers at Wiz Research discovered the vulnerability, dubbed "CodeBreach," which

Threats

Microsoft and Global Police Disrupt RedVDS, a Scaled Engine Behind Massive BEC Fraud

A coordinated operation led by Microsoft and international law enforcement has dismantled RedVDS, a major infrastructure provider behind large-scale business email compromise (BEC) fraud worldwide. RedVDS functioned as a low-cost, subscription-based cybercrime service, offering criminals disposable virtual machines that appeared online as legitimate Windows systems. These rented environments allowed attackers

Alerts

Microsoft January 2026 Patch Tuesday: 114 Vulnerabilities Fixed Including 3 Zero-Days

Microsoft's first Patch Tuesday of 2026 addresses 114 security vulnerabilities across Windows, Office, and related services. The release includes 12 critical-severity flaws and patches for three zero-day vulnerabilities. By the Numbers Zero-Days Patched Three zero-day vulnerabilities were addressed in this release: * CVE-2026-20805 - Desktop Window Manager information disclosure

Breaches

3.1 Million Armenian Citizens' Data Allegedly for Sale on Dark Web

A threat actor using the alias "datsell_alld" claims to be selling a database containing approximately 3.1 million records of Armenian citizens on a dark web forum. With Armenia's population estimated at just over 3 million, the claimed size suggests this could represent a near-complete