Cisco warns of Identity Service Engine flaw with exploit code https://www.bleepingcomputer.com/news/security/cisco-warns-of-identity-service-engine-flaw-with-exploit-code/

CISA tags max severity HPE OneView flaw as actively exploited https://www.bleepingcomputer.com/news/security/cisa-tags-max-severity-hpe-oneview-flaw-as-actively-exploited/

OpenAI says ChatGPT won't use your health information to train its models https://www.bleepingcomputer.com/news/artificial-intelligence/openai-says-chatgpt-wont-use-your-health-information-to-train-its-models/

New GoBruteforcer attack wave targets crypto, blockchain projects https://www.bleepingcomputer.com/news/security/new-gobruteforcer-attack-wave-targets-crypto-blockchain-projects/

Job Opportunity: Citizen Lab Research Officer in the Area of Spyware and Digital Targeted Threats  https://citizenlab.ca/2026/01/job-opportunity-citizen-lab-research-officer-in-the-area-of-spyware-and-digital-targeted-threats/

Critical jsPDF flaw lets hackers steal secrets via generated PDFs https://www.bleepingcomputer.com/news/security/critical-jspdf-flaw-lets-hackers-steal-secrets-via-generated-pdfs/

Spanish airline Iberia attributes recent data breach claims to November incident https://therecord.media/spanish-airline-attributes-recent-breach-allegation-to-nov-incident

Illinois state agency exposed personal data of 700,000 people https://therecord.media/illinois-agency-exposed-data

Stalkerware operator pleads guilty in rare prosecution https://therecord.media/stalkerware-guilty-plea-fleming

Logitech Options+, G HUB macOS apps break after certificate expires https://www.bleepingcomputer.com/news/hardware/logitech-options-plus-g-hub-macos-apps-break-after-certificate-expires/

Max severity Ni8mare flaw lets hackers hijack n8n servers https://www.bleepingcomputer.com/news/security/max-severity-ni8mare-flaw-lets-hackers-hijack-n8n-servers/

In 2026, Hackers Want AI: Threat Intel on Vibe Hacking & HackGPT https://www.bleepingcomputer.com/news/security/in-2026-hackers-want-ai-threat-intel-on-vibe-hacking-and-hackgpt/

Alleged cyber scam kingpin arrested, extradited to China https://therecord.media/alleged-cyber-scam-kingpin-cambodia-arrested-extradited

GRU-Linked BlueDelta Evolves Credential Harvesting https://www.recordedfuture.com/research/gru-linked-bluedelta-evolves-credential-harvesting

ownCloud urges users to enable MFA after credential theft reports https://www.bleepingcomputer.com/news/security/owncloud-urges-users-to-enable-mfa-after-credential-theft-reports/

AI technical debt: What it is — and why it matters https://www.reversinglabs.com/blog/ai-technical-debt

Cyberattack forces British high school to cancel classes and delay reopening https://therecord.media/cyberattack-forces-british-high-school-to-delay-opening

UK announces plan to strengthen public sector cyber defenses https://www.bleepingcomputer.com/news/security/uk-announces-plan-to-strengthen-public-sector-cyber-defenses/

How Cisco Talos powers the solutions protecting your organization https://blog.talosintelligence.com/how-cisco-talos-powers-the-solutions-protecting-your-organization/

UK urged to unplug from US tech giants as digital sovereignty fears grow https://www.theregister.com/2026/01/06/uk_urged_to_unplug_from/

Forcepoint One DLP Client: Vulnerable Python version https://kb.cert.org/vuls/id/420440

OpenAI is rolling out GPT-5.2 “Codex-Max” for some users https://www.bleepingcomputer.com/news/artificial-intelligence/openai-is-rolling-out-gpt-52-codex-max-for-some-users/

Taiwan says China's attacks on its energy sector increased tenfold https://www.bleepingcomputer.com/news/security/taiwan-says-chinas-attacks-on-its-energy-sector-increased-tenfold/

Microsoft cancels plans to rate limit Exchange Online bulk emails https://www.bleepingcomputer.com/news/microsoft/microsoft-cancels-plans-to-rate-limit-exchange-online-bulk-emails/

New D-Link flaw in legacy DSL routers actively exploited in attacks https://www.bleepingcomputer.com/news/security/new-d-link-flaw-in-legacy-dsl-routers-actively-exploited-in-attacks/

Phishing actors exploit complex routing and misconfigurations to spoof domains https://www.microsoft.com/en-us/security/blog/2026/01/06/phishing-actors-exploit-complex-routing-and-misconfigurations-to-spoof-domains/

Kimwolf Android botnet abuses residential proxies to infect internal devices https://www.bleepingcomputer.com/news/security/kimwolf-android-botnet-abuses-residential-proxies-to-infect-internal-devices/

CrowdStrike Achieves 100% Detection, 100% Protection, and Zero False Positives in 2025 MITRE ATT&CK® Enterprise Evaluations https://www.crowdstrike.com/en-us/blog/crowdstrike-achieves-100-percent-2025-mitre-attack-enterprise-evaluation/

Civil Society and Access to Justice: Challenges of Seeking Remedy in the Global Fight Against Spyware https://citizenlab.ca/2026/01/civil-society-and-access-to-justice-challenges-of-seeking-remedy-in-the-global-fight-against-spyware/

Meet the Man Hunting Spies in Your Smartphone: MIT Tech Review https://citizenlab.ca/2026/01/meet-the-man-hunting-spies-in-your-smartphone-mit-tech-review/

Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services https://www.microsoft.com/en-us/security/blog/2026/01/06/introducing-the-microsoft-defender-experts-suite-elevate-your-security-with-expert-led-services/

UK government admits years of cyber policy have failed, announces reset https://therecord.media/uk-government-cyber-action-plan

Sedgwick confirms breach at government contractor subsidiary https://www.bleepingcomputer.com/news/security/sedgwick-confirms-breach-at-government-contractor-subsidiary/

Unpacking the packer ‘pkr_mtsi’ https://www.reversinglabs.com/blog/unpacking-pkr_mtsi

Are Copilot prompt injection flaws vulnerabilities or AI limits? https://www.bleepingcomputer.com/news/security/are-copilot-prompt-injection-flaws-vulnerabilities-or-ai-limits/

New ransomware tactics to watch out for in 2026 https://www.recordedfuture.com/blog/ransomware-tactics-2026

WhiteDate - 6,076 breached accounts https://haveibeenpwned.com/Breach/WhiteDate

Net-SNMP: snmptrapd vulnerability https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq

Kimmon hilavitkutin varastettiin poikkeuksellisen röyhkeästi: ”Hetkinen, mitä tässä tapahtuu?” https://www.is.fi/digitoday/tietoturva/art-2000011665059.html

CrowdStrike’s Journey in Customizing NVIDIA Nemotron Models for Peak Accuracy and Performance https://www.crowdstrike.com/en-us/blog/crowdstrike-journey-in-customizing-nvidia-nemotron-models/

Cloud file-sharing sites targeted for corporate data theft attacks https://www.bleepingcomputer.com/news/security/cloud-file-sharing-sites-targeted-for-corporate-data-theft-attacks/

ClickFix attack uses fake Windows BSOD screens to push malware https://www.bleepingcomputer.com/news/security/clickfix-attack-uses-fake-windows-bsod-screens-to-push-malware/

Russian hackers target European hospitality industry with ‘blue screen of death’ malware https://therecord.media/russian-hackers-europe-hospitality-blue-screen

US broadband provider Brightspeed investigates breach claims https://www.bleepingcomputer.com/news/security/us-broadband-provider-brightspeed-investigates-breach-claims/

Cyberattack forces British high school to close https://therecord.media/cyberattack-british-high-school-closes

EU looking ‘very seriously’ at taking action against X over Grok https://therecord.media/eu-grok-regulation-deepfake

Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the Outcome https://www.bleepingcomputer.com/news/security/agentic-ai-is-an-identity-problem-and-cisos-will-be-accountable-for-the-outcome/

Building Threat Models with MCP and AI Agents https://www.detectionatscale.com/p/threat-modeling-ai-agents-mcp

5th January – Threat Intelligence Report https://research.checkpoint.com/2026/5th-january-threat-intelligence-report/

How Microsoft is betting on AI agents in Windows, dusting off a winning playbook from the past https://www.geekwire.com/2025/how-microsoft-is-betting-on-ai-agents-in-windows-dusting-off-a-winning-playbook-from-the-past/