Threats
Dutch authorities have arrested a 33-year-old man believed to be behind AVCheck, one of the world's largest counter-antivirus services used by cybercriminals to test malware against security products. The suspect was detained at Amsterdam's Schiphol Airport on Sunday evening after being under international surveillance. Data storage
Breaches
Security researchers at Sansec have discovered an active keylogger on the employee store of one of America's largest banks, potentially exposing credentials and payment data for over 200,000 staff members. The attack was detected on January 14, 2026, and remained active until January 15 when the malware
Alerts
Cisco has confirmed active exploitation of a critical zero-day vulnerability in its Secure Email Gateway and Secure Email and Web Manager appliances. Tracked as CVE-2025-20393, the flaw carries a maximum CVSS score of 10.0 and allows unauthenticated attackers to execute arbitrary commands with root privileges via crafted HTTP requests.
Alerts
Critical AWS CodeBuild Flaw Exposed AWS Console to Supply Chain Attack A critical misconfiguration in AWS CodeBuild could have allowed attackers to compromise key AWS-owned GitHub repositories, including the JavaScript SDK that powers the AWS Console itself. Security researchers at Wiz Research discovered the vulnerability, dubbed "CodeBreach," which
Threats
A coordinated operation led by Microsoft and international law enforcement has dismantled RedVDS, a major infrastructure provider behind large-scale business email compromise (BEC) fraud worldwide. RedVDS functioned as a low-cost, subscription-based cybercrime service, offering criminals disposable virtual machines that appeared online as legitimate Windows systems. These rented environments allowed attackers
Alerts
Microsoft's first Patch Tuesday of 2026 addresses 114 security vulnerabilities across Windows, Office, and related services. The release includes 12 critical-severity flaws and patches for three zero-day vulnerabilities. By the Numbers Zero-Days Patched Three zero-day vulnerabilities were addressed in this release: * CVE-2026-20805 - Desktop Window Manager information disclosure
Breaches
A threat actor using the alias "datsell_alld" claims to be selling a database containing approximately 3.1 million records of Armenian citizens on a dark web forum. With Armenia's population estimated at just over 3 million, the claimed size suggests this could represent a near-complete
Alerts
Gogs, a lightweight and self-hosted Git service commonly used as an alternative to GitHub Enterprise or GitLab, has become the focus of urgent U.S. federal cybersecurity action. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Gogs vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog,
Breaches
The Everest ransomware group has claimed responsibility for a significant cyber intrusion targeting Nissan Motor Co., Ltd., alleging the exfiltration of approximately 900GB of sensitive data from the Japanese automaker. What We Know So Far Everest posted alleged proof-of-compromise samples on underground forums, a tactic commonly associated with double-extortion ransomware
Alerts
Patch immediately. CVSS 10.0. A maximum-severity flaw in n8n allows unauthenticated attackers to fully compromise servers and access all connected systems including API keys, databases, and cloud services. Vulnerability Summary CVECVE-2026-21858Severity10.0 CRITICALAffectedn8n versions < 1.121.0ExploitedPoC availablePatchUpgrade to 1.121.0+ What's at Risk Attackers
Threats
A newly attributed China-nexus threat actor designated UAT-7290 has been conducting espionage operations against telecommunications providers in South Asia and organizations in Southeastern Europe since at least 2022. According to research published recently by Cisco Talos, the group employs a sophisticated multi-stage attack chain combining open-source tools, custom malware, and
Threats
Security researchers have uncovered evidence suggesting that threat actors speaking Chinese may have been exploiting serious vulnerabilities in VMware ESXi long before these flaws were publicly disclosed by the vendor. According to a new analysis by cybersecurity firm Huntress, a breach observed in December 2025 began with the compromise of