The Friday Wrap up

[Webinar] The Smarter SOC Blueprint: Learn What to Build, Buy, and Automate Live webinar explains how modern SOCs decide what to build, buy, or automate to reduce tool sprawl and improve outcomes.

Discover a smarter Security Operations Center (SOC) blueprint that simplifies threat detection and response. Learn ways to boost efficiency and accuracy in cybersecurity management. #CyberSmartSoc

Iron Mountain: Data breach mostly limited to marketing materials Iron Mountain, a leading data storage and recovery services company, says that a recent breach claimed by the Everest extortion gang is limited to mostly marketing materials.

Iron Mountain had a data breach, but the company says it mainly affected marketing materials—not sensitive customer info. Investigations are ongoing to confirm. #databreach

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

A significant botnet, a new Microsoft Office zero-day vulnerability, and other security updates are shaping the cybersecurity landscape. Staying informed is crucial to understanding these evolving threats. #CybersecurityUpdate

Mozilla announces switch to disable all Firefox AI features In response to user feedback on AI integration, Mozilla announced today that the next Firefox release will let users disable AI features entirely or manage them individually.

Mozilla is adding a setting in Firefox that lets users disable all AI features, giving more control and privacy over browser use. A clear step for those who prefer tech without artificial intelligence built in. #PrivacyControl

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access Experts uncovered malicious Chrome extensions that replace affiliate links, exfiltrate data, and steal ChatGPT authentication tokens from users.

Researchers have discovered Chrome extensions stealing user data. This highlights ongoing privacy risks and the importance of vigilance in protecting personal information online. #CybersecurityThreats

Crypto wallets received a record $158 billion in illicit funds last year Illegal cryptocurrency flows hit a record $158 billion in 2025, reversing a three-year trend of declining amounts from $86B in 2021 to $64B in 2024.

Crypto wallets saw a record $1.58B in illegal funds last year, mostly from scams and stolen crypto—highlighting growing risks in digital finance. More funds now flow into illicit wallets despite efforts to block them. #CyberCrimeTrends

Friday Wrap Up: 30 January 2025 Another week, another avalanche of cyber chaos!

FWU: Dating apps breached, 1.5M devs hit by malicious VS Code extensions, Ivanti zero-days exploited, 175K exposed AI servers found, shadow AI everywhere. Another week in cybersecurity! 🔐 #FWU #fridaywrapup #CyberSecurity

New security threats revealed: remote code execution vulnerabilities and darknet developments require regular updates and strong defenses. Stay informed to keep safe. #CybersecurityInsights

Match Group breach exposes data from Hinge, Tinder, OkCupid, and Match Match Group, the owner of multiple popular online dating services, Tinder, Match.com, Meetic, OkCupid, and Hinge, confirmed a cybersecurity incident that compromised user data.

A data breach at Match Group exposed sensitive info from popular dating apps like Tinder, Hinge, OkCupid, and Match, linked to a third-party vendor. The incident highlights the risks of external partnerships in data security. #databreach

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

A significant vulnerability in the vm2 JavaScript library affects Node.js, allowing attackers to bypass sandbox protections and execute malicious code. It is crucial for tech systems relying on Node.js to address this issue. #CybersecurityAlert

New sandbox escape flaw exposes n8n instances to RCE attacks Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

A new flaw in the n8n workflow tool lets attackers break out of its sandbox, potentially taking full remote control of affected systems. This vulnerability highlights risks in low-code tools when security controls are bypassed. #CyberSecurityRisk

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

Cybersecurity alert: fake browser updates are tricking users into downloading malware in ClickFix attacks. These threats highlight the importance of careful online navigation and staying informed for safety. #CyberSafety

Nike investigates data breach after extortion gang leaks files Nike is investigating what it described as a "potential cyber security incident" after the World Leaks ransomware gang leaked 1.4 TB of files allegedly stolen from the sportswear giant.

Nike is looking into a potential data breach after a hacker group leaked internal files, claiming a successful cyberattack. It's part of a growing trend of ransomware gangs targeting big companies. #CyberSecurity

⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More Weekly cybersecurity recap covering emerging threats, fast-moving attacks, critical flaws, and key security developments you need to track this week.

Firewall flaws highlight security risks, AI generate harmful malware, and enterprises face evolving threats. Stay informed to protect your digital world.
#CybersecurityUpdates

Microsoft patches actively exploited Office zero-day vulnerability Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks.

Microsoft fixed a serious Office security flaw hackers were already using. This zero-day bug let attackers run harmful code through documents. Updating your software is key to staying protected.
#CyberSecurityNews

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by February 12, 2026.

CISA updated its Known Exploited Vulnerabilities catalog with four critical flaws. This highlights the need for heightened vigilance and patching to boost cybersecurity defenses. #CyberAwareness

CISA confirms active exploitation of four enterprise software bugs The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend tooling...

CISA warns that hackers are actively exploiting four major security flaws in enterprise software, posing serious risks to businesses. These bugs affect widely used tools, making timely updates critical. #CyberSecurityAlert

ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories Weekly cybersecurity bulletin tracking how routine systems are being quietly misused across platforms, infrastructure, and services.

Google Pixel faces a zero-click vulnerability, allowing attackers to take control without user interaction. This highlights the need for updated cybersecurity defenses in modern devices. #CyberSecurityAlert

SmarterMail auth bypass flaw now exploited to hijack admin accounts Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration tool that allows resetting admin passwords.

Hackers are exploiting a critical flaw in SmarterMail that lets them skip login checks and take over admin accounts. This serious bug is now being abused in real attacks. #CyberSecurityAlert

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws Zoom patched a critical CVE-2026-22844 RCE flaw in Node MMRs, while GitLab fixed DoS and 2FA bypass vulnerabilities affecting CE and EE versions.

Zoom and GitLab rolled out security updates to fix vulnerabilities related to encryption and authentication. Staying updated with the latest security patches is crucial to protect sensitive information. #CyberSecurityUpdates

Fortinet admins report patched FortiGate firewalls getting hacked Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls.

Fortinet admins say their firewalls are getting hacked even after patching a severe flaw. Experts warn attacks may exploit older breaches or compromised admin creds. Stay alert—patching alone may not be enough. #cybersecurity

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some cases, lead to RCE.

Flaws in Anthropic's MCP Git server can expose sensitive data. Key issues include access control gaps and inadequate patching. Understanding these flaws is crucial for securing your systems. #CyberSecurityAlert

EU plans cybersecurity overhaul to block foreign high-risk suppliers The European Commission has proposed new cybersecurity legislation mandating the removal of high-risk suppliers to secure telecommunications networks and strengthening defenses against state-backed and...

The EU is planning stricter cybersecurity rules to limit foreign “high-risk” tech suppliers, aiming to better protect critical infrastructure from cyber threats and geopolitical risks. #CyberSecurityEurope

⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More This week’s recap unpacks how evolving exploits, malware frameworks, and cloud missteps are reshaping modern cyber defense and exposing new weak point

Discover key cybersecurity issues: Fortinet vulnerabilities, RedLine Stealer threats, and major cyber incidents shaping 2026. Gain insights into prevention and response strategies. #CyberInsights

UK govt. warns about ongoing Russian hacktivist group attacks The U.K. government is warning of continued malicious activity from Russian-aligned hacktivist groups targeting critical infrastructure and local government organizations in the country in disruptive...

Russian-linked hacktivists are actively targeting UK infrastructure with cyberattacks, prompting government warnings. These attacks aim to disrupt services rather than steal data, raising risks for critical systems. #CyberThreats

Friday Wrap Up: 16 January 2025 🎢 This week’s cybersecurity rollercoaster: where Wi-Fi crashes with one packet, Chrome extensions cosplay as your HR portal, and ZIP files contain more layers than a lasagna made by someone with…

This week: Wi-Fi crashes with 1 packet, Chrome extensions fake HR portals, GootLoader hides in 1000 ZIP files, & 2 missing chars nearly killed AWS. Cybercrime runs tighter ops than most IT depts. Patch everything. 🛡️ #CyberSecurity #InfoSec #FWU

China-linked hackers exploited Sitecore zero-day for initial access An advanced threat actor tracked as UAT-8837 and believed to be linked to China has been focusing on critical infrastructure systems in North America, gaining access by exploiting both known and zero-day...

China-linked hackers used a hidden flaw in Sitecore software to break into systems and launch more attacks. This zero-day flaw gave them early access that’s hard to detect. #CyberSecurity

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access A critical WordPress Modular DS plugin flaw (CVE-2026-23550) allows unauthenticated attackers to gain admin access; patched in version 2.5.2.

A critical flaw in a WordPress plugin called Modular DS exposes sites to serious cybersecurity risks. Users should update their plugins to prevent exploitation. #WordPressSecurity

Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices A critical vulnerability in Google's Fast Pair protocol can allow attackers to hijack Bluetooth audio accessories like wireless headphones and earbuds, track users, and eavesdrop on their conversations.

A critical Bluetooth flaw lets hackers track your location and listen in on conversations through audio devices, affecting earbuds, car systems, and more. A fix is in progress, but many devices remain vulnerable.
#BluetoothSecurity

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware.

Hackers exploit Windows by side-loading C-ARES DLLs to inject malware. This method tricks apps into running malicious code, posing security risks. Stay informed on these evolving threats to secure your devices. #CybersecurityThreats