Ionut Arghire

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects

The botnet’s propagation is fueled by the AI-generated server deployments that use weak credentials, and legacy web stacks.

January 13, 2026

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

SAP has released 17 security notes, including four that address critical SQL injection, RCE, and code injection vulnerabilities.

January 13, 2026

Dutch Port Hacker Sentenced to Prison

The 44-year-old individual planted remote access malware on a logistics firm’s systems, with help from employees.

January 13, 2026

Spanish Energy Company Endesa Hacked

Hackers stole complete customer information, including contact details, national identity numbers, and payment details.

January 13, 2026

Instagram Fixes Password Reset Vulnerability Amid User Data Leak

The social media platform confirmed that the issue allowed third parties to send password reset emails to Instagram users.

January 12, 2026

Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities

APT28 was seen impersonating popular webmail and VPN services, including Microsoft OWA, Google, and Sophos VPN portals.

January 12, 2026

LLMs in Attacker Crosshairs, Warns Threat Intel Firm

Threat actors are hunting for misconfigured proxy servers to gain access to APIs for various LLMs.

January 12, 2026

Torq Raises $140 Million at $1.2 Billion Valuation

The company will use the investment to accelerate platform adoption and expansion into the federal market.

January 12, 2026

FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes

The North Korean state-sponsored espionage group Kimsuky has targeted government organizations, think tanks, and academic institutions.

January 9, 2026

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog.

January 9, 2026

‘ZombieAgent’ Attack Let Researchers Take Over ChatGPT

Radware bypassed ChatGPT’s protections to exfiltrate user data and implant a persistent logic into the agent’s long-term memory.

January 9, 2026

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days.

January 9, 2026

Blackbird.AI Raises $28 Million for Narrative Intelligence Platform

The company will use the funds to enhance its AI-based narrative intelligence technology platform and accelerate go-to-market efforts.

January 8, 2026

Critical Vulnerability Patched in jsPDF

The bug can allow attackers to read arbitrary files from the system, potentially exposing configurations and credentials.

January 8, 2026

Critical Vulnerability Exposes N8n Instances to Takeover Attacks

Tracked as CVE-2026-21858 (CVSS score 10), the bug enables remote code execution without authentication.

January 8, 2026

Critical HPE OneView Vulnerability Exploited in Attacks

The maximum-severity code injection flaw can be exploited without authentication for remote code execution.

January 8, 2026

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Impersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating users’ browser activity.

January 7, 2026

Vulnerability in Totolink Range Extender Allows Device Takeover

An error in the firmware-upload handler leads to devices starting an unauthenticated root-level Telnet service.

January 7, 2026

Hackers Exploit Zero-Day in Discontinued D-Link Devices

The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands.

January 7, 2026

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks

Threat actors spoof legitimate domains to make their phishing emails appear to have been sent internally.

January 7, 2026

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

GoBruteforcer Botnet Targeting Crypto, Blockchain Projects

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

Dutch Port Hacker Sentenced to Prison

Spanish Energy Company Endesa Hacked

Instagram Fixes Password Reset Vulnerability Amid User Data Leak

Russia’s APT28 Targeting Energy Research, Defense Collaboration Entities

LLMs in Attacker Crosshairs, Warns Threat Intel Firm

Torq Raises $140 Million at $1.2 Billion Valuation

FBI: North Korean Spear-Phishing Attacks Use Malicious QR Codes

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

‘ZombieAgent’ Attack Let Researchers Take Over ChatGPT

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Blackbird.AI Raises $28 Million for Narrative Intelligence Platform

Critical Vulnerability Patched in jsPDF

Critical Vulnerability Exposes N8n Instances to Takeover Attacks

Critical HPE OneView Vulnerability Exploited in Attacks

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Vulnerability in Totolink Range Extender Allows Device Takeover

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks

Featured

Supply Chain Security

Cybersecurity Firms Impacted by Klue Supply Chain Attack

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Funding/M&A

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push

Data Breaches

Kodak Admits Data Breach After ShinyHunters Hack Claims

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Latest News

Artificial Intelligence

French President Urges US to Share Cutting-Edge AI and Democracies to Cooperate on Regulation

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

Funding/M&A

Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Daily Briefing Newsletter