59/69 Friday, January 30, 2026 The U.S. Federal Bureau of Investigation (FBI) has seized the cybercrime forum known as RAMP, a platform widely used to advertise and trade malware, hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware activities. Both the forum’s Tor site and its clearnet domain […]
58/69 Friday, January 30, 2026 In late December, Poland’s energy infrastructure became the target of coordinated cyberattacks across multiple regions, focusing on Distributed Energy Resources (DERs) nationwide. The affected facilities included wind, solar, and combined heat and power plants, with approximately 30 sites impacted (up from an initial estimate of 12). Although the attackers were […]
57/69 Thursday, January 29, 2026 Researchers from Kaspersky have identified that the Mustang Panda threat group has released a new version of its CoolClient backdoor, adding enhanced capabilities to steal browser login data and monitor clipboard contents. The observed attacks primarily target government organizations in Myanmar, Mongolia, Malaysia, Russia, and Pakistan. The attackers leveraged software […]
56/69 Thursday, January 29, 2026 Shadowserver has reported the detection of more than 6,000 SmarterMail servers that are exposed to the internet and are likely affected by a critical authentication bypass vulnerability, tracked as CVE-2026-23760. The vulnerability was disclosed by cybersecurity firm watchTowr on January 8, 2026, and was patched by SmarterTools on January 15, […]
55/69 Thursday, January 29, 2026 Cybersecurity experts are warning that a high-severity vulnerability in WinRAR, tracked as CVE-2025-8088, continues to be actively exploited by a wide range of threat actors, including state-sponsored groups and financially motivated cybercriminals. The flaw is a path traversal vulnerability that abuses Alternate Data Streams (ADS) to write malicious files to […]
54/69 Wednesday, January 28, 2026 Cybersecurity researchers from Blackpoint Cyber have identified an attack campaign that uses fake CAPTCHA prompts to install the Amatera Stealer infostealer malware. Instead of asking users to select images as in legitimate CAPTCHA challenges, the malicious website instructs victims to press Windows Key + R, paste a command, and press […]
53/69 Wednesday, January 28, 2026 Microsoft has released an out-of-band security update to address an actively exploited zero-day vulnerability in Microsoft Office, tracked as CVE-2026-21509. The vulnerability affects multiple Office versions, including Office 2016, Office 2019, Office LTSC 2021, Office LTSC 2024, and Microsoft 365 Apps for Enterprise. According to Microsoft, the flaw is classified […]
52/69 Wednesday, January 28, 2026 Cloudflare has released details about a BGP route leak that occurred on January 22, impacting IPv6 traffic for approximately 25 minutes. The incident caused significant network congestion and packet loss, with traffic drops reaching up to 12 Gbps. The impact was not limited to Cloudflare customers but also affected interconnected […]
51/69 Tuesday, January 27, 2026 Researchers from Varonis have identified a new Malware-as-a-Service (MaaS) toolkit named Stanley, which is being advertised for sale on cybercrime forums for approximately USD 2,000–6,000. A key feature of Stanley is its ability to create malicious Chrome extensions that can reportedly pass Google’s review process and be published on the […]
50/69 Tuesday, January 27, 2026 Nike has confirmed that it is investigating a potential cybersecurity incident after the cybercriminal group WorldLeaks claimed it had accessed and stolen data from the company’s systems. Nike stated that it has launched an investigation to assess the impact and verify the legitimacy of the claims, emphasizing that protecting consumer […]
