Top Security News for Today
UK government admits years of cyber policy have failed, announces reset
https://therecord.media/uk-government-cyber-action-plan
A Cyberattack Was Part of the US Assault on Venezuela
https://www.schneier.com/blog/archives/2026/01/a-cyberattack-was-part-of-the-us-assault-on-venezuela.html
Phishing actors exploit complex routing and misconfigurations to spoof domains
https://www.microsoft.com/en-us/security/blog/2026/01/06/phishing-actors-exploit-complex-routing-and-misconfigurations-to-spoof-domains/
Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services
https://www.microsoft.com/en-us/security/blog/2026/01/06/introducing-the-microsoft-defender-experts-suite-elevate-your-security-with-expert-led-services/
A practical guide to finding soundness bugs in ZK circuits
https://www.reddit.com/r/netsec/comments/1q5b20w/a_practical_guide_to_finding_soundness_bugs_in_zk/
Reverse engineering my cloud-connected e-scooter and finding the master key to unlock all scooters
https://www.reddit.com/r/netsec/comments/1q5k295/reverse_engineering_my_cloudconnected_escooter/
Proxying Flutter Traffic on Android with Claude
https://www.reddit.com/r/netsec/comments/1q5pocf/proxying_flutter_traffic_on_android_with_claude/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
UK government admits years of cyber policy have failed, announces reset
https://therecord.media/uk-government-cyber-action-plan
A Cyberattack Was Part of the US Assault on Venezuela
https://www.schneier.com/blog/archives/2026/01/a-cyberattack-was-part-of-the-us-assault-on-venezuela.html
Phishing actors exploit complex routing and misconfigurations to spoof domains
https://www.microsoft.com/en-us/security/blog/2026/01/06/phishing-actors-exploit-complex-routing-and-misconfigurations-to-spoof-domains/
Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services
https://www.microsoft.com/en-us/security/blog/2026/01/06/introducing-the-microsoft-defender-experts-suite-elevate-your-security-with-expert-led-services/
A practical guide to finding soundness bugs in ZK circuits
https://www.reddit.com/r/netsec/comments/1q5b20w/a_practical_guide_to_finding_soundness_bugs_in_zk/
Reverse engineering my cloud-connected e-scooter and finding the master key to unlock all scooters
https://www.reddit.com/r/netsec/comments/1q5k295/reverse_engineering_my_cloudconnected_escooter/
Proxying Flutter Traffic on Android with Claude
https://www.reddit.com/r/netsec/comments/1q5pocf/proxying_flutter_traffic_on_android_with_claude/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
UK government admits years of cyber policy have failed, announces reset
The current system of accountability has left much of the British government vulnerable to cyberattacks, according to a new Government Cyber Action Plan, with responsibilities for risk “unclear at all levels.”
Top Security News for Today
Alleged cyber scam kingpin arrested, extradited to China
https://therecord.media/alleged-cyber-scam-kingpin-cambodia-arrested-extradited
Cyberattack forces British high school to cancel classes and delay reopening
https://therecord.media/cyberattack-forces-british-high-school-to-delay-opening
Inside GoBruteforcer: AI-Generated Server Defaults, Weak Passwords, and Crypto-Focused Campaigns
https://research.checkpoint.com/2026/01/inside-gobruteforcer-ai-generated-server-defaults-weak-passwords-and-crypto-focused-campaigns/
Explore the latest Microsoft Incident Response proactive services for enhanced resilience
https://www.microsoft.com/en-us/security/blog/2026/01/07/explore-the-latest-microsoft-incident-response-proactive-services-for-enhanced-resilience/
Illinois state agency exposed personal data of 700,000 people
https://therecord.media/illinois-agency-exposed-data
Spanish airline Iberia attributes recent data breach claims to November incident
https://therecord.media/spanish-airline-attributes-recent-breach-allegation-to-nov-incident
Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)
https://www.reddit.com/r/netsec/comments/1q6iw0y/ni8mare_unauthenticated_remote_code_execution_in/
Stalkerware operator pleads guilty in rare prosecution
https://therecord.media/stalkerware-guilty-plea-fleming
JA4 Fingerprinting Against AI Scrapers: A Practical Guide
https://www.reddit.com/r/netsec/comments/1q71l7v/ja4_fingerprinting_against_ai_scrapers_a/
How Real is Your Jailbreak? Fine-grained Jailbreak Evaluation with Anchored Reference
https://arxiv.org/abs/2601.03288
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Alleged cyber scam kingpin arrested, extradited to China
https://therecord.media/alleged-cyber-scam-kingpin-cambodia-arrested-extradited
Cyberattack forces British high school to cancel classes and delay reopening
https://therecord.media/cyberattack-forces-british-high-school-to-delay-opening
Inside GoBruteforcer: AI-Generated Server Defaults, Weak Passwords, and Crypto-Focused Campaigns
https://research.checkpoint.com/2026/01/inside-gobruteforcer-ai-generated-server-defaults-weak-passwords-and-crypto-focused-campaigns/
Explore the latest Microsoft Incident Response proactive services for enhanced resilience
https://www.microsoft.com/en-us/security/blog/2026/01/07/explore-the-latest-microsoft-incident-response-proactive-services-for-enhanced-resilience/
Illinois state agency exposed personal data of 700,000 people
https://therecord.media/illinois-agency-exposed-data
Spanish airline Iberia attributes recent data breach claims to November incident
https://therecord.media/spanish-airline-attributes-recent-breach-allegation-to-nov-incident
Ni8mare - Unauthenticated Remote Code Execution in n8n (CVE-2026-21858)
https://www.reddit.com/r/netsec/comments/1q6iw0y/ni8mare_unauthenticated_remote_code_execution_in/
Stalkerware operator pleads guilty in rare prosecution
https://therecord.media/stalkerware-guilty-plea-fleming
JA4 Fingerprinting Against AI Scrapers: A Practical Guide
https://www.reddit.com/r/netsec/comments/1q71l7v/ja4_fingerprinting_against_ai_scrapers_a/
How Real is Your Jailbreak? Fine-grained Jailbreak Evaluation with Anchored Reference
https://arxiv.org/abs/2601.03288
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Alleged cyber scam kingpin arrested, extradited to China
Chen Zhi’s arrest is the latest chapter in the remarkable downfall of one of the country’s most prominent businesses, with holdings in the real estate, banking, entertainment and airline industries.
Top Security News for Today
ChatGPT Health feature draws concern from privacy critics over sensitive medical data
https://therecord.media/chatgpt-health-draws-concern-privacy-critics
Enhancing Retrieval-Augmented Generation with Two-Stage Retrieval: FlashRank Reranking and Query Expansion
https://arxiv.org/abs/2601.03258
Mastering the Game of Go with Self-play Experience Replay
https://arxiv.org/abs/2601.03259
CVE-2026-21876: OWASP Modsecurity CRS WAF bypass blogpost is out!
https://www.reddit.com/r/netsec/comments/1q7myyq/cve202621876_owasp_modsecurity_crs_waf_bypass/
US announces withdrawal from dozens of international treaties
https://therecord.media/us-announces-withdrawal-from-dozens-international-orgs
CISA sunsets 10 emergency directives thanks to evolution of exploited vulnerabilities catalog
https://therecord.media/cisa-sunsets-10-emergency-directives
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
ChatGPT Health feature draws concern from privacy critics over sensitive medical data
https://therecord.media/chatgpt-health-draws-concern-privacy-critics
Enhancing Retrieval-Augmented Generation with Two-Stage Retrieval: FlashRank Reranking and Query Expansion
https://arxiv.org/abs/2601.03258
Mastering the Game of Go with Self-play Experience Replay
https://arxiv.org/abs/2601.03259
CVE-2026-21876: OWASP Modsecurity CRS WAF bypass blogpost is out!
https://www.reddit.com/r/netsec/comments/1q7myyq/cve202621876_owasp_modsecurity_crs_waf_bypass/
US announces withdrawal from dozens of international treaties
https://therecord.media/us-announces-withdrawal-from-dozens-international-orgs
CISA sunsets 10 emergency directives thanks to evolution of exploited vulnerabilities catalog
https://therecord.media/cisa-sunsets-10-emergency-directives
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
ChatGPT Health feature draws concern from privacy critics over sensitive medical data
The artificial intelligence juggernaut in a blog post encouraged its hundreds of millions of users to connect medical records and wellness app data to the new health-focused chatbot feature, adding that it will be outfitted with extra data privacy protections.
Top Security News for Today
N/A
N/A
Palo Alto Crosswalk Signals Had Default Passwords
https://www.schneier.com/blog/archives/2026/01/palo-alto-crosswalk-signals-had-default-passwords.html
Former NSA insider Kosiba brought back as spy agency’s No. 2
https://therecord.media/timothy-kosiba-nsa-new-deputy-chief
MedPI: Evaluating AI Systems in Medical Patient-facing Interactions
https://arxiv.org/abs/2601.04195
RAGVUE: A Diagnostic View for Explainable and Automated Evaluation of Retrieval-Augmented Generation
https://arxiv.org/abs/2601.04196
Automatic Construction of Chinese Verb Collostruction Database
https://arxiv.org/abs/2601.04197
Identification of a Kalman filter: consistency of local solutions
https://arxiv.org/abs/2601.04198
Using Grok to Avoid Personal Attacks While Correcting Misinformation on X
https://therecord.media/using-grok-to-avoid-personal-attacks-while-correcting-misinformation-on-x
At least $26 million in crypto stolen from Truebit platform as crypto crime landscape evolves
https://therecord.media/26-million-in-crypto-stolen-truebit
Lawmakers call on app stores to remove Grok, X over sexualized deepfakes
https://therecord.media/lawmakers-call-on-app-stores-to-remove-grok-x
Basketball player arrested for alleged ransomware ties freed in Russia-France prisoner swap
https://therecord.media/france-frees-russian-basketball-player-ransomware-swap
Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast
https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-the-chinese-squid-fishing-fleet-off-the-argentine-coast.html
DVAIB: A deliberately vulnerable AI bank for practicing prompt injection and AI security attacks
https://www.reddit.com/r/netsec/comments/1q87uqn/dvaib_a_deliberately_vulnerable_ai_bank_for/
“The Conscience of a Hacker” is 40 today
https://www.reddit.com/r/netsec/comments/1q7wjjo/the_conscience_of_a_hacker_is_40_today/
[Article] Intercept: How MITM attacks work in Ethernet, IPv4 & IPv6
https://www.reddit.com/r/netsec/comments/1q89qxk/article_intercept_how_mitm_attacks_work_in/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
N/A
N/A
Palo Alto Crosswalk Signals Had Default Passwords
https://www.schneier.com/blog/archives/2026/01/palo-alto-crosswalk-signals-had-default-passwords.html
Former NSA insider Kosiba brought back as spy agency’s No. 2
https://therecord.media/timothy-kosiba-nsa-new-deputy-chief
MedPI: Evaluating AI Systems in Medical Patient-facing Interactions
https://arxiv.org/abs/2601.04195
RAGVUE: A Diagnostic View for Explainable and Automated Evaluation of Retrieval-Augmented Generation
https://arxiv.org/abs/2601.04196
Automatic Construction of Chinese Verb Collostruction Database
https://arxiv.org/abs/2601.04197
Identification of a Kalman filter: consistency of local solutions
https://arxiv.org/abs/2601.04198
Using Grok to Avoid Personal Attacks While Correcting Misinformation on X
https://therecord.media/using-grok-to-avoid-personal-attacks-while-correcting-misinformation-on-x
At least $26 million in crypto stolen from Truebit platform as crypto crime landscape evolves
https://therecord.media/26-million-in-crypto-stolen-truebit
Lawmakers call on app stores to remove Grok, X over sexualized deepfakes
https://therecord.media/lawmakers-call-on-app-stores-to-remove-grok-x
Basketball player arrested for alleged ransomware ties freed in Russia-France prisoner swap
https://therecord.media/france-frees-russian-basketball-player-ransomware-swap
Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast
https://www.schneier.com/blog/archives/2026/01/friday-squid-blogging-the-chinese-squid-fishing-fleet-off-the-argentine-coast.html
DVAIB: A deliberately vulnerable AI bank for practicing prompt injection and AI security attacks
https://www.reddit.com/r/netsec/comments/1q87uqn/dvaib_a_deliberately_vulnerable_ai_bank_for/
“The Conscience of a Hacker” is 40 today
https://www.reddit.com/r/netsec/comments/1q7wjjo/the_conscience_of_a_hacker_is_40_today/
[Article] Intercept: How MITM attacks work in Ethernet, IPv4 & IPv6
https://www.reddit.com/r/netsec/comments/1q89qxk/article_intercept_how_mitm_attacks_work_in/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
Palo Alto Crosswalk Signals Had Default Passwords - Schneier on Security
Palo Alto’s crosswalk signals were hacked last year. Turns out the city never changed the default passwords.
Top Security News for Today
A small experiment to understand speculative execution via cache side effects
https://www.reddit.com/r/lowlevel/comments/1q9k9ad/a_small_experiment_to_understand_speculative/
Browser based tech support scam abusing full screen, input lock, and fake BSOD
https://www.reddit.com/r/netsec/comments/1q8z7h2/browser_based_tech_support_scam_abusing_full/
Gixy-Next: NGINX Configuration Security & Hardening Scanner
https://www.reddit.com/r/netsec/comments/1q9c7zg/gixynext_nginx_configuration_security_hardening/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
A small experiment to understand speculative execution via cache side effects
https://www.reddit.com/r/lowlevel/comments/1q9k9ad/a_small_experiment_to_understand_speculative/
Browser based tech support scam abusing full screen, input lock, and fake BSOD
https://www.reddit.com/r/netsec/comments/1q8z7h2/browser_based_tech_support_scam_abusing_full/
Gixy-Next: NGINX Configuration Security & Hardening Scanner
https://www.reddit.com/r/netsec/comments/1q9c7zg/gixynext_nginx_configuration_security_hardening/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the lowlevel community on Reddit: A small experiment to understand speculative execution via cache side effects
Explore this post and more from the lowlevel community
Top Security News for Today
EDRStartupHinder: EDR Startup Process Blocker
https://www.reddit.com/r/netsec/comments/1q9vvbz/edrstartuphinder_edr_startup_process_blocker/
Two CVEs, Zero Ego: A Mailpit Story
https://www.reddit.com/r/netsec/comments/1qa8e6i/two_cves_zero_ego_a_mailpit_story/
Grok's image edits spark sexualised deepfakes and regulator probes worldwide
https://www.reddit.com/r/netsec/comments/1qagif3/groks_image_edits_spark_sexualised_deepfakes_and/
Client-side encrypted file sharing with Argon2id and AES-256-GCM
https://www.reddit.com/r/netsec/comments/1qahx46/clientside_encrypted_file_sharing_with_argon2id/
Relaying NFS4 from inside a container
https://www.reddit.com/r/netsec/comments/1qahvtm/relaying_nfs4_from_inside_a_container/
WTF Are Abliterated Models? Uncensored LLMs Explained
https://www.reddit.com/r/netsec/comments/1qakrb5/wtf_are_abliterated_models_uncensored_llms/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
EDRStartupHinder: EDR Startup Process Blocker
https://www.reddit.com/r/netsec/comments/1q9vvbz/edrstartuphinder_edr_startup_process_blocker/
Two CVEs, Zero Ego: A Mailpit Story
https://www.reddit.com/r/netsec/comments/1qa8e6i/two_cves_zero_ego_a_mailpit_story/
Grok's image edits spark sexualised deepfakes and regulator probes worldwide
https://www.reddit.com/r/netsec/comments/1qagif3/groks_image_edits_spark_sexualised_deepfakes_and/
Client-side encrypted file sharing with Argon2id and AES-256-GCM
https://www.reddit.com/r/netsec/comments/1qahx46/clientside_encrypted_file_sharing_with_argon2id/
Relaying NFS4 from inside a container
https://www.reddit.com/r/netsec/comments/1qahvtm/relaying_nfs4_from_inside_a_container/
WTF Are Abliterated Models? Uncensored LLMs Explained
https://www.reddit.com/r/netsec/comments/1qakrb5/wtf_are_abliterated_models_uncensored_llms/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: EDRStartupHinder: EDR Startup Process Blocker
Explore this post and more from the netsec community
Top Security News for Today
UK launches formal investigation into X over ‘nudification’ of children images
https://therecord.media/uk-launches-formal-investigation-x-grok-images
12th January – Threat Intelligence Report
https://research.checkpoint.com/2026/12th-january-threat-intelligence-report/
Corrupting LLMs Through Weird Generalizations
https://www.schneier.com/blog/archives/2026/01/corrupting-llms-through-weird-generalizations.html
Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response
https://www.trendmicro.com/en_us/research/26/a/analyzing-a-a-multi-stage-asyncrat-campaign-via-mdr.html
Dutch court sentences hacker who used port systems to smuggle cocaine to 7 years
https://therecord.media/dutch-court-sentences-hacker-who-smuggled-cocaine-ports
Sweden detains ex-military IT consultant suspected of spying for Russia
https://therecord.media/sweden-detains-it-consultant-russia
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
UK launches formal investigation into X over ‘nudification’ of children images
https://therecord.media/uk-launches-formal-investigation-x-grok-images
12th January – Threat Intelligence Report
https://research.checkpoint.com/2026/12th-january-threat-intelligence-report/
Corrupting LLMs Through Weird Generalizations
https://www.schneier.com/blog/archives/2026/01/corrupting-llms-through-weird-generalizations.html
Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response
https://www.trendmicro.com/en_us/research/26/a/analyzing-a-a-multi-stage-asyncrat-campaign-via-mdr.html
Dutch court sentences hacker who used port systems to smuggle cocaine to 7 years
https://therecord.media/dutch-court-sentences-hacker-who-smuggled-cocaine-ports
Sweden detains ex-military IT consultant suspected of spying for Russia
https://therecord.media/sweden-detains-it-consultant-russia
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
UK launches formal investigation into X over ‘nudification’ of children images
The move follows an eruption of complaints that began earlier this month when the platform’s artificial intelligence tool Grok was used to create sexual images of non-consenting people in response to user requests.
Top Security News for Today
Kremlin-linked hackers pose as charities to spy on Ukraine’s military
https://therecord.media/kremlin-linked-hackers-pose-as-charities-spy-ukraine
Suspected ransomware attack threatens one of South Korea’s largest companies
https://therecord.media/kyowon-group-south-korea-suspected-ransomware-attack
Senior military cyber operator removed from Russia task force
https://therecord.media/senior-military-cyber-op-removed-russia-task-force
Ukraine parliament approves resignation of security service chief in major reshuffle
https://therecord.media/ukraine-parliament-approves-resignation-sbu-chief
Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system
https://therecord.media/guilty-plea-hacking-supreme-court-case-filing-system
More than 40 countries impacted by North Korea IT worker scams, crypto thefts
https://therecord.media/40-countries-impacted-nk-it-thefts-united-nations
How Microsoft builds privacy and security to work hand-in-hand
https://www.microsoft.com/en-us/security/blog/2026/01/13/how-microsoft-builds-privacy-and-security-to-work-hand-in-hand/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Kremlin-linked hackers pose as charities to spy on Ukraine’s military
https://therecord.media/kremlin-linked-hackers-pose-as-charities-spy-ukraine
Suspected ransomware attack threatens one of South Korea’s largest companies
https://therecord.media/kyowon-group-south-korea-suspected-ransomware-attack
Senior military cyber operator removed from Russia task force
https://therecord.media/senior-military-cyber-op-removed-russia-task-force
Ukraine parliament approves resignation of security service chief in major reshuffle
https://therecord.media/ukraine-parliament-approves-resignation-sbu-chief
Tennessee man to plead guilty to hacking Supreme Court’s electronic case filing system
https://therecord.media/guilty-plea-hacking-supreme-court-case-filing-system
More than 40 countries impacted by North Korea IT worker scams, crypto thefts
https://therecord.media/40-countries-impacted-nk-it-thefts-united-nations
How Microsoft builds privacy and security to work hand-in-hand
https://www.microsoft.com/en-us/security/blog/2026/01/13/how-microsoft-builds-privacy-and-security-to-work-hand-in-hand/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Kremlin-linked hackers pose as charities to spy on Ukraine’s military
Victims were prompted to download what appeared to be documents but were, in fact, executable files, often packaged in password-protected archives.
Top Security News for Today
Fortinet Forticlient EMS RCE CVE-2025-59922 and one IMG tag to rule them all
https://www.reddit.com/r/netsec/comments/1qciz0v/fortinet_forticlient_ems_rce_cve202559922_and_one/
Patch Tuesday, January 2026 Edition
https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/
Cyberattack forces Belgian hospital to transfer critical care patients
https://therecord.media/belgium-hospital-cyberattack-antwerp-az-monica
Federal agencies ordered to patch Microsoft Desktop Windows Manager bug
https://therecord.media/desktop-windows-manager-vulnerability-added-to-cisa-list
Sicarii Ransomware: Truth vs Myth
https://research.checkpoint.com/2026/sicarii-ransomware-truth-vs-myth/
Multiple XSS in Meta Conversion API Gateway Leading to Zero-Click Account Takeover
https://www.reddit.com/r/netsec/comments/1qcpsp9/multiple_xss_in_meta_conversion_api_gateway/
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
https://www.microsoft.com/en-us/security/blog/2026/01/14/inside-redvds-how-a-single-virtual-desktop-provider-fueled-worldwide-cybercriminal-operations/
Microsoft named a Leader in IDC MarketScape for Unified AI Governance Platforms
https://www.microsoft.com/en-us/security/blog/2026/01/14/microsoft-named-a-leader-in-idc-marketscape-for-unified-ai-governance-platforms/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Fortinet Forticlient EMS RCE CVE-2025-59922 and one IMG tag to rule them all
https://www.reddit.com/r/netsec/comments/1qciz0v/fortinet_forticlient_ems_rce_cve202559922_and_one/
Patch Tuesday, January 2026 Edition
https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/
Cyberattack forces Belgian hospital to transfer critical care patients
https://therecord.media/belgium-hospital-cyberattack-antwerp-az-monica
Federal agencies ordered to patch Microsoft Desktop Windows Manager bug
https://therecord.media/desktop-windows-manager-vulnerability-added-to-cisa-list
Sicarii Ransomware: Truth vs Myth
https://research.checkpoint.com/2026/sicarii-ransomware-truth-vs-myth/
Multiple XSS in Meta Conversion API Gateway Leading to Zero-Click Account Takeover
https://www.reddit.com/r/netsec/comments/1qcpsp9/multiple_xss_in_meta_conversion_api_gateway/
Inside RedVDS: How a single virtual desktop provider fueled worldwide cybercriminal operations
https://www.microsoft.com/en-us/security/blog/2026/01/14/inside-redvds-how-a-single-virtual-desktop-provider-fueled-worldwide-cybercriminal-operations/
Microsoft named a Leader in IDC MarketScape for Unified AI Governance Platforms
https://www.microsoft.com/en-us/security/blog/2026/01/14/microsoft-named-a-leader-in-idc-marketscape-for-unified-ai-governance-platforms/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Fortinet Forticlient EMS RCE CVE-2025-59922 and one IMG tag to rule them all
Explore this post and more from the netsec community
Top Security News for Today
The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multi-Step Malware
https://therecord.media/germany-cyber-dome-israel
New Vulnerability in n8n
https://www.schneier.com/blog/archives/2026/01/new-vulnerability-in-n8n.html
Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI
https://www.trendmicro.com/en_us/research/26/a/aesir.html
Elon Musk’s X says it will block Grok from making sexual images
https://therecord.media/musk-x-grok-block-sexual
A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
https://projectzero.google/2026/01/pixel-0-click-part-1.html
A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave
https://projectzero.google/2026/01/pixel-0-click-part-2.html
A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
https://projectzero.google/2026/01/pixel-0-click-part-3.html
Google to pay $8.25 million to settle lawsuit alleging children’s privacy violations
https://therecord.media/google-youtube-lawsuit-settle
CVE-2026-20965: Cymulate Research Labs Discovers Token Validation Flaw that Leads to Tenant-Wide RCE in Azure Windows Admin Center
https://www.reddit.com/r/netsec/comments/1qdmwad/cve202620965_cymulate_research_labs_discovers/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multi-Step Malware
https://therecord.media/germany-cyber-dome-israel
New Vulnerability in n8n
https://www.schneier.com/blog/archives/2026/01/new-vulnerability-in-n8n.html
Introducing ÆSIR: Finding Zero-Day Vulnerabilities at the Speed of AI
https://www.trendmicro.com/en_us/research/26/a/aesir.html
Elon Musk’s X says it will block Grok from making sexual images
https://therecord.media/musk-x-grok-block-sexual
A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
https://projectzero.google/2026/01/pixel-0-click-part-1.html
A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave
https://projectzero.google/2026/01/pixel-0-click-part-2.html
A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
https://projectzero.google/2026/01/pixel-0-click-part-3.html
Google to pay $8.25 million to settle lawsuit alleging children’s privacy violations
https://therecord.media/google-youtube-lawsuit-settle
CVE-2026-20965: Cymulate Research Labs Discovers Token Validation Flaw that Leads to Tenant-Wide RCE in Azure Windows Admin Center
https://www.reddit.com/r/netsec/comments/1qdmwad/cve202620965_cymulate_research_labs_discovers/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Germany turns to Israel for a ‘cyber dome’ amid rising threats
Germany and Israel have signed a cyber and security cooperation agreement — a deal that Berlin hopes will lead to its own version of Israel’s so-called “cyber dome.”
Top Security News for Today
Police raid homes of alleged Black Basta hackers
https://therecord.media/police-raid-homes-of-alleged-black-basta-hackers
Jordanian initial access broker pleads guilty to helping target 50 companies
https://therecord.media/guilty-plea-initial-access-broker-r1z
Functional PoCs in less than a minute?
https://portswigger.net/blog/functional-pocs-in-less-than-a-minute
Your 100 Billion Parameter Behemoth is a Liability
https://www.trendmicro.com/en_us/research/26/a/your-100-billion-parameter-behemoth-is-a-liability.html
Using a shared library to hijack sudo's call to read to lift users' passwords
https://oxasploits.com/posts/post-exploitation-hijacking-sudo-read-library-call-to-lift-passwords/
StackWarp: Exploiting Stack Layout Vulnerabilities in Modern Processors
https://www.reddit.com/r/netsec/comments/1qehxzy/stackwarp_exploiting_stack_layout_vulnerabilities/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Police raid homes of alleged Black Basta hackers
https://therecord.media/police-raid-homes-of-alleged-black-basta-hackers
Jordanian initial access broker pleads guilty to helping target 50 companies
https://therecord.media/guilty-plea-initial-access-broker-r1z
Functional PoCs in less than a minute?
https://portswigger.net/blog/functional-pocs-in-less-than-a-minute
Your 100 Billion Parameter Behemoth is a Liability
https://www.trendmicro.com/en_us/research/26/a/your-100-billion-parameter-behemoth-is-a-liability.html
Using a shared library to hijack sudo's call to read to lift users' passwords
https://oxasploits.com/posts/post-exploitation-hijacking-sudo-read-library-call-to-lift-passwords/
StackWarp: Exploiting Stack Layout Vulnerabilities in Modern Processors
https://www.reddit.com/r/netsec/comments/1qehxzy/stackwarp_exploiting_stack_layout_vulnerabilities/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Police raid homes of alleged Black Basta hackers, hunt suspected Russian ringleader
Black Basta has been active since at least early 2022 and is believed to be responsible for extorting hundreds of companies, hospitals and public institutions worldwide — including Swiss industrial giant ABB and U.S. healthcare provider Ascension — causing…
Top Security News for Today
Account Takeover in Facebook mobile app due to usage of cryptographically unsecure random number generator and XSS in Facebook JS SDK
https://www.reddit.com/r/netsec/comments/1qg4kl7/account_takeover_in_facebook_mobile_app_due_to/
After the Takedown: Excavating Abuse Infrastructure with DNS Sinkholes
https://www.reddit.com/r/netsec/comments/1qgi29k/after_the_takedown_excavating_abuse/
XuanJia: A Comprehensive Virtualization-Based Code Obfuscator for Binary Protection
https://arxiv.org/abs/2601.10581
From Single to Multi-Agent Reasoning: Advancing GeneGPT for Genomics QA
https://arxiv.org/abs/2304.09720
Genetic Algorithm Based Combinatorial Optimization for the Optimal Design of Water Distribution Network of Gurudeniya Service Zone, Sri Lanka
https://arxiv.org/abs/2601.10848
Chatting with Confidants or Corporations? Privacy Management with AI Companions
https://arxiv.org/abs/2601.10754
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Account Takeover in Facebook mobile app due to usage of cryptographically unsecure random number generator and XSS in Facebook JS SDK
https://www.reddit.com/r/netsec/comments/1qg4kl7/account_takeover_in_facebook_mobile_app_due_to/
After the Takedown: Excavating Abuse Infrastructure with DNS Sinkholes
https://www.reddit.com/r/netsec/comments/1qgi29k/after_the_takedown_excavating_abuse/
XuanJia: A Comprehensive Virtualization-Based Code Obfuscator for Binary Protection
https://arxiv.org/abs/2601.10581
From Single to Multi-Agent Reasoning: Advancing GeneGPT for Genomics QA
https://arxiv.org/abs/2304.09720
Genetic Algorithm Based Combinatorial Optimization for the Optimal Design of Water Distribution Network of Gurudeniya Service Zone, Sri Lanka
https://arxiv.org/abs/2601.10848
Chatting with Confidants or Corporations? Privacy Management with AI Companions
https://arxiv.org/abs/2601.10754
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Account Takeover in Facebook mobile app due to usage of cryptographically unsecure random…
Posted by smaury - 104 votes and 9 comments
Top Security News for Today
"AI-Powered Surveillance in Schools"
https://www.schneier.com/blog/archives/2026/01/ai-powered-surveillance-in-schools.html
"Iranian State TV Feed Reportedly Hijacked to Air Anti-Regime Messages"
https://therecord.media/iran-state-television-reported-hack-opposition
"From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers"
https://www.trendmicro.com/en_us/research/26/a/analysis-of-the-evelyn-stealer-campaign.html
"Write-up: Cloudflare Zero-day: Accessing Any Host Globally"
https://www.reddit.com/r/netsec/comments/1qh5osi/writeup_cloudflare_zeroday_accessing_any_host/
"synthetic vulnerabilities — security flaws unique to AI-generated code"
https://www.reddit.com/r/netsec/comments/1qh1dsq/synthetic_vulnerabilities_security_flaws_unique/
"Japanese AI Agent System on Human Papillomavirus Vaccination: System Design"
https://arxiv.org/abs/2601.10718
"Do You Trust Me? Cognitive-Affective Signatures of Trustworthiness in Large Language Models"
https://arxiv.org/abs/2601.10719
"Verified Design of Robotic Autonomous Systems using Probabilistic Model Checking"
https://arxiv.org/abs/2601.10720
"Collaborative Continuum Robots: A Survey"
https://arxiv.org/abs/2601.10721
"Too Helpful to Be Safe: User-Mediated Attacks on Planning and Web-Use Agents"
https://arxiv.org/abs/2601.10758
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
"AI-Powered Surveillance in Schools"
https://www.schneier.com/blog/archives/2026/01/ai-powered-surveillance-in-schools.html
"Iranian State TV Feed Reportedly Hijacked to Air Anti-Regime Messages"
https://therecord.media/iran-state-television-reported-hack-opposition
"From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers"
https://www.trendmicro.com/en_us/research/26/a/analysis-of-the-evelyn-stealer-campaign.html
"Write-up: Cloudflare Zero-day: Accessing Any Host Globally"
https://www.reddit.com/r/netsec/comments/1qh5osi/writeup_cloudflare_zeroday_accessing_any_host/
"synthetic vulnerabilities — security flaws unique to AI-generated code"
https://www.reddit.com/r/netsec/comments/1qh1dsq/synthetic_vulnerabilities_security_flaws_unique/
"Japanese AI Agent System on Human Papillomavirus Vaccination: System Design"
https://arxiv.org/abs/2601.10718
"Do You Trust Me? Cognitive-Affective Signatures of Trustworthiness in Large Language Models"
https://arxiv.org/abs/2601.10719
"Verified Design of Robotic Autonomous Systems using Probabilistic Model Checking"
https://arxiv.org/abs/2601.10720
"Collaborative Continuum Robots: A Survey"
https://arxiv.org/abs/2601.10721
"Too Helpful to Be Safe: User-Mediated Attacks on Planning and Web-Use Agents"
https://arxiv.org/abs/2601.10758
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Schneier on Security
AI-Powered Surveillance in Schools - Schneier on Security
It all sounds pretty dystopian: Inside a white stucco building in Southern California, video cameras compare faces of passersby against a facial recognition database. Behavioral analysis AI reviews the footage for signs of violent behavior. Behind a bathroom…
Top Security News for Today
VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun
https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/
Successful Errors: New Code Injection and SSTI Techniques
https://www.reddit.com/r/netsec/comments/1qgcgey/successful_errors_new_code_injection_and_ssti/
Could ChatGPT Convince You to Buy Something?
https://www.schneier.com/blog/archives/2026/01/could-chatgpt-convince-you-to-buy-something.html
Cloudflare Zero-day: Accessing Any Host Globally
https://www.reddit.com/r/netsec/comments/1qhyjnj/cloudflare_zeroday_accessing_any_host_globally/
UK warns of sustained cyberthreat from pro-Russian hacktivists
https://therecord.media/uk-ncsc-warning-russia-aligned-hacktivist-groups
UK launches landmark 'Report Fraud' service to tackle cybercrime and fraud
https://therecord.media/uk-report-fraud-platform-launch-police-cybercrime
Four priorities for AI-powered identity and network access security in 2026
https://www.microsoft.com/en-us/security/blog/2026/01/20/four-priorities-for-ai-powered-identity-and-network-access-security-in-2026/
Billion-Dollar Bait & Switch: Exploiting a Race Condition in Blockchain Infrastructure
https://www.reddit.com/r/netsec/comments/1qi9em3/billiondollar_bait_switch_exploiting_a_race/
Supreme Court to consider whether geofence warrants are constitutional
https://therecord.media/supreme-court-geofence-constitutionality
When The Gateway Becomes The Doorway: Pre-Auth RCE in API Management
https://www.reddit.com/r/netsec/comments/1qiq357/when_the_gateway_becomes_the_doorway_preauth_rce/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun
https://research.checkpoint.com/2026/voidlink-early-ai-generated-malware-framework/
Successful Errors: New Code Injection and SSTI Techniques
https://www.reddit.com/r/netsec/comments/1qgcgey/successful_errors_new_code_injection_and_ssti/
Could ChatGPT Convince You to Buy Something?
https://www.schneier.com/blog/archives/2026/01/could-chatgpt-convince-you-to-buy-something.html
Cloudflare Zero-day: Accessing Any Host Globally
https://www.reddit.com/r/netsec/comments/1qhyjnj/cloudflare_zeroday_accessing_any_host_globally/
UK warns of sustained cyberthreat from pro-Russian hacktivists
https://therecord.media/uk-ncsc-warning-russia-aligned-hacktivist-groups
UK launches landmark 'Report Fraud' service to tackle cybercrime and fraud
https://therecord.media/uk-report-fraud-platform-launch-police-cybercrime
Four priorities for AI-powered identity and network access security in 2026
https://www.microsoft.com/en-us/security/blog/2026/01/20/four-priorities-for-ai-powered-identity-and-network-access-security-in-2026/
Billion-Dollar Bait & Switch: Exploiting a Race Condition in Blockchain Infrastructure
https://www.reddit.com/r/netsec/comments/1qi9em3/billiondollar_bait_switch_exploiting_a_race/
Supreme Court to consider whether geofence warrants are constitutional
https://therecord.media/supreme-court-geofence-constitutionality
When The Gateway Becomes The Doorway: Pre-Auth RCE in API Management
https://www.reddit.com/r/netsec/comments/1qiq357/when_the_gateway_becomes_the_doorway_preauth_rce/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Check Point Research
VoidLink: Evidence That the Era of Advanced AI-Generated Malware Has Begun - Check Point Research
VoidLink's framework marks the first evidence of fully AI-designed and built advanced malware, beginning a new era of AI-generated malware
Top Security News for Today
Greek police arrest scammers using fake cell tower hidden in car trunk
https://therecord.media/greek-police-arrest-scammers-using-hidden-cell-towers
Internet Voting is Too Insecure for Use in Elections
https://www.schneier.com/blog/archives/2026/01/internet-voting-is-too-insecure-for-use-in-elections.html
EU unveils new plans to tackle Huawei, ZTE as China alleges protectionism
https://therecord.media/eu-unveils-new-plans-to-tackle-huawei-zte
Break LLM Workflows with Claude's Refusal Magic String
https://www.reddit.com/r/netsec/comments/1qj01yt/break_llm_workflows_with_claudes_refusal_magic/
A new era of agents, a new era of posture
https://www.microsoft.com/en-us/security/blog/2026/01/21/new-era-of-agents-new-era-of-posture/
Third-party identity verification provider breach exposes government ID images (Total Wireless / Veriff)
https://www.reddit.com/r/netsec/comments/1qj7951/thirdparty_identity_verification_provider_breach/
Attackers With Decompilers Strike Again (SmarterTools SmarterMail WT-2026-0001 Auth Bypass) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1qjfhso/attackers_with_decompilers_strike_again/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Greek police arrest scammers using fake cell tower hidden in car trunk
https://therecord.media/greek-police-arrest-scammers-using-hidden-cell-towers
Internet Voting is Too Insecure for Use in Elections
https://www.schneier.com/blog/archives/2026/01/internet-voting-is-too-insecure-for-use-in-elections.html
EU unveils new plans to tackle Huawei, ZTE as China alleges protectionism
https://therecord.media/eu-unveils-new-plans-to-tackle-huawei-zte
Break LLM Workflows with Claude's Refusal Magic String
https://www.reddit.com/r/netsec/comments/1qj01yt/break_llm_workflows_with_claudes_refusal_magic/
A new era of agents, a new era of posture
https://www.microsoft.com/en-us/security/blog/2026/01/21/new-era-of-agents-new-era-of-posture/
Third-party identity verification provider breach exposes government ID images (Total Wireless / Veriff)
https://www.reddit.com/r/netsec/comments/1qj7951/thirdparty_identity_verification_provider_breach/
Attackers With Decompilers Strike Again (SmarterTools SmarterMail WT-2026-0001 Auth Bypass) - watchTowr Labs
https://www.reddit.com/r/netsec/comments/1qjfhso/attackers_with_decompilers_strike_again/
Follow Top Cyber News at https://news.1rj.ru/str/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
therecord.media
Greek police arrest scammers using fake cell tower hidden in car trunk
A vehicle search uncovered a mobile computing system hidden in the trunk and connected to a roof-mounted transmitter disguised as a shark-fin antenna.