Higham Lane School Cyberattack Disrupts IT Systems, Forcing Temporary Closure

A UK school cyberattack has forced a British secondary school to close its doors at the start of the new term, highlighting ongoing cybersecurity challenges across the education sector. Higham Lane School in Nuneaton, central England, confirmed that a cyber incident has disrupted its entire IT infrastructure, preventing students and staff from accessing essential digital services.

https://thecyberexpress.com/higham-lane-school-cyberattack/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Hackers claim breach of engineering firm, offer sale of info on three major US utilities

Investigations are underway

Pickett and Associates, a Florida-based civil engineering, surveying, and geospatial services firm, has allegedly been hacked and had sensitive client data stolen.

Earlier this week, cybercriminals posted a new thread on a dark web forum claiming to have stolen more than 800 files from the company. The data, they say, is “real, operational engineering data from active projects of major utilities and is suitable for infrastructure analysis and risk assessment.”

https://www.techradar.com/pro/security/hackers-claim-breach-of-engineering-firm-offer-sale-of-info-on-three-major-us-utilities

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Hacktivist deletes white supremacist websites live onstage during hacker conference

A hacktivist remotely wiped three white supremacist websites live onstage during their talk at a hacker conference last week, with the sites yet to return online.

https://techcrunch.com/2026/01/05/hacktivist-deletes-white-supremacist-websites-live-on-stage-during-hacker-conference/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death (BSOD) screens to trick users into manually compiling and executing malware on their systems.

A BSOD is a Windows crash screen displayed when the operating system encounters a fatal, unrecoverable error that causes it to halt.

https://www.bleepingcomputer.com/news/security/clickfix-attack-uses-fake-windows-bsod-screens-to-push-malware/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Elite Auto Data Breach Exposes 1 Million Customer Records

🇫🇷 France - Elite Auto

Elite Auto, a French company specializing in car sales and reselling, has allegedly been compromised following a data leak on a cybercrime forum. Threat actors publicly shared a database containing approximately 1 million lines of records. The leak reportedly spans 130.4MB of information regarding the company’s customer base

https://dailydarkweb.net/elite-auto-data-breach-exposes-1-million-customer-records/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

NordVPN Denies Breach After Hacker Leaks Data

The VPN company has conducted an investigation after a threat actor claimed to have hacked its systems.

VPN company NordVPN has denied suffering a breach after a threat actor leaked data allegedly stolen from its systems.

The hacker claimed on January 4 on the BreachForums cybercrime forum that they had obtained source code from a “NordVPN development server”.

https://www.securityweek.com/nordvpn-denies-breach-after-hacker-leaks-data/

https://nordvpn.com/blog/addressing-alleged-salesforce-breach/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

EU looking ‘very seriously’ at taking action against X over Grok

The European Commission is “very seriously” looking into taking action against the social media platform X following an incident in which its artificial intelligence tool Grok was used to create sexual images of a minor, a commission spokesperson confirmed on Monday.

https://therecord.media/eu-grok-regulation-deepfake

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

California urgent care clinic notifies patients of data breach that compromised SSNs, medical info

Pulse Urgent Care Center in Redding, California is notifying an undisclosed number of patients about a March 2025 data breach, according to a disclosure published by the California attorney general. The breach compromised the following personal info:

https://www.comparitech.com/news/california-urgent-care-clinic-notifies-patients-of-data-breach-that-compromised-ssns-medical-info/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

2025, the year of the Infostealer

Introduction

Infostealers are not new malware. They have been around for decades. What has changed is how effective they have become, and how easily they blend into normal user behaviour.

In 2025, infostealers became the fastest growing malware category, overtaking ransomware in terms of deployment and spread. The H1 2025 reports highlighted a sharp rise in simple “copy and paste this command” lures, used to deliver infostealers across Windows, Linux, and macOS environments. These attacks do not rely on complex tooling or exploits. They rely on users doing something that looks routine.

https://www.pentestpartners.com/security-blog/2025-the-year-of-the-infostealer/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution.

Threat actors are actively exploiting a critical RCE flaw, tracked as CVE-2026-0625 (CVSS score of 9.3), in legacy D-Link DSL routers.

https://securityaffairs.com/186616/hacking/hackers-actively-exploit-critical-rce-flaw-in-legacy-d-link-dsl-routers.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

This new malware campaign is stealing chat logs via Chrome extensions

Almost a million people are affected

A new malicious practice has emerged called “Prompt poaching” - where extensions, add-ons, and other apps, eavesdrop on people’s conversations with AI chatbots and exfiltrate their prompts for various purposes.

This is growing increasingly popular, as researchers find more extensions with hundreds of thousands of users.

https://www.techradar.com/pro/security/this-new-malware-campaign-is-stealing-chat-logs-via-chrome-extensions

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Founder of spyware maker pcTattletale pleads guilty to hacking and advertising surveillance software

The founder of a U.S.-based spyware company, whose surveillance products allowed customers to spy on the phones and computers of unsuspecting victims, pleaded guilty to federal charges linked to his long-running operation.

https://techcrunch.com/2026/01/06/founder-of-spyware-maker-pctattletale-pleads-guilty-to-hacking-and-advertising-surveillance-software/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

HackerOne 'ghosted' me for months over $8,500 bug bounty, says researcher

Long after CVEs issued and open source flaws fixed

Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a popular Kubernetes controller, via HackerOne's Internet Bug Bounty (IBB) program. Both were assigned CVEs and have since been fixed. But instead of receiving an $8,500 reward for the two flaws, Ciolek says, HackerOne ghosted him for months.

https://www.theregister.com/2026/01/07/hackerone_ghosted_researcher/

https://github.com/argoproj/argo-cd/security/advisories/GHSA-gpx4-37g2-c8pv

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

OpenAI is reportedly getting ready to test ads in ChatGPT

Multiple reports suggest that OpenAI is going ahead with its plans to add ads to ChatGPT, but the experiment will be initially limited to its employees.

Journalist Alex Heath reports that OpenAI CEO of Applications Fidji Simo recently told employees that OpenAI is mulling ads in an internal version of ChatGPT.

https://www.bleepingcomputer.com/news/artificial-intelligence/openai-is-reportedly-getting-ready-to-test-ads-in-chatgpt/

https://sources.news/p/whats-next-for-sources

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

BD Morning Data Breach Exposes User and Admin Records

🇧🇩 Bangladesh - BD Morning

BD Morning, a news portal based in Bangladesh, has allegedly been compromised, resulting in the exposure of its internal database. The breach was identified on a cybercriminal forum where the dataset was made available for download. According to the sample data provided, the leak appears to contain sensitive administrative and user account information. The allegedly compromised data includes:

https://dailydarkweb.net/bd-morning-data-breach-exposes-user-and-admin-records/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Critical Dolby Vulnerability Patched in Android

The flaw is tracked as CVE-2025-54957 and its existence came to light in October 2025 after it was discovered by Google researchers.

The January 2026 Android update patches a single vulnerability, a critical Dolby audio decoder issue whose existence came to light in October 2025.

The flaw, tracked as CVE-2025-54957, was described at the time of its disclosure as a medium-severity out-of-bounds write issue impacting the widely used Dolby Digital Plus (DD+) Unified Decoder.

https://www.securityweek.com/critical-dolby-vulnerability-patched-in-android/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Chesapeake Bay Museum notifies 5,000+ people of data breach that leaked SSNS, financial info

The Chesapeake Bay Maritime Museum has notified 5,181 people of an August 2024 data breach, according to new figures disclosed by Maine’s attorney general.

The breach compromised victims’ names, Social Security numbers, and financial account info.

https://www.comparitech.com/news/chesapeake-bay-museum-notifies-5000-people-of-data-breach-that-leaked-ssns-financial-info/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

How Cisco Talos powers the solutions protecting your organization

Cisco Talos is Cisco’s threat intelligence and security research organization that powers Cisco’s product portfolio with that intelligence. While we are well known for the security research in our blog, vulnerability discoveries, and our open-source software, you may not be aware of exactly how our know-how protects Cisco customers.

https://blog.talosintelligence.com/how-cisco-talos-powers-the-solutions-protecting-your-organization/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv