Monthly Security Bulletin – January 2026
From AI‑enhanced WhatsApp malware to zero‑day exploits and supply chain breaches, the cyber threat landscape is evolving faster than ever. This month bulletin highlights the most significant attacks, vulnerabilities, and security failures from recent months, explaining how attackers are abusing trusted tools, services, and platforms to reach their targets.
- Emerging Malware Campaigns – New multi-format and AI-powered attacks (e.g., Water Saci via WhatsApp, PureRAT targeting job seekers, SantaStealer stealing browser and crypto data).
- Exploits and Vulnerabilities – Coverage of critical vulnerabilities in widely used systems (Cisco ISE, Socomec, React Server Components, Fortinet, WatchGuard firewalls).
- Zero-Days and Active Exploitation – Recent disclosure and exploitation of major flaws like CVE‑2025‑55182 and Windows RasMan zero-day.
- Software and Platform Abuse – Malicious use of legitimate tools and platforms such as VSCode Marketplace, Foxit PDF Reader, Azure CLI, and PowerShell for malware delivery.
- System and Service Failures – Issues linked to Microsoft Windows updates, Exchange Online access, and Message Queuing service disruptions.
- Corporate Data Breaches – Security incidents affecting companies like SoundCloud and Nissan, and exposure from Red Hat infrastructure.
- Social Engineering and Fraud – Fake PayPal subscription scams, phishing through torrents, and deceptive purchase emails used for financial or credential theft.
- Privacy and Legal Actions – Example: Texas suing TV manufacturers for collecting user viewing data without consent.
- Trends in Ransomware and Cybercrime – Reports on CyberVolk ransomware and analysis of hypervisors as emerging ransomware targets.
- Hacker Activity and Attribution – Insights into Chinese threat groups tied to React2Shell attacks and campaigns exploiting Cisco email systems.
Read the full report:
