Flock Exposed Its AI-Powered Cameras to the Internet. We Tracked Ourselves https://www.404media.co/flock-exposed-its-ai-powered-cameras-to-the-internet-we-tracked-ourselves/

Hackers claim Resecurity hack, firm says it was a honeypot https://www.bleepingcomputer.com/news/security/hackers-claim-resecurity-hack-firm-says-it-was-a-honeypot/

ShinyHunters claims Resecurity hack, firm says it’s a honeypot https://www.bleepingcomputer.com/news/security/shinyhunters-claims-resecurity-hack-firm-says-its-a-honeypot/

Windows Defender Support Logs https://windowsir.blogspot.com/2026/01/windows-defender-support-logs.html

Pakistan-linked hackers target Indian government, universities in new spying campaign https://therecord.media/pakistan-linked-hacking-group-targets-indian-orgs

European regulators take aim at X after Grok creates deepfake of minor https://therecord.media/europe-regulators-grok-france

Cryptocurrency theft attacks traced to 2022 LastPass breach https://www.bleepingcomputer.com/news/security/cryptocurrency-theft-attacks-traced-to-2022-lastpass-breach/

Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass https://www.bleepingcomputer.com/news/security/over-10-000-fortinet-firewalls-exposed-to-ongoing-2fa-bypass-attacks/

Haavoittuvuus MongoDB-tietokantaohjelmistossa mahdollistaa luottamuksellisen tiedon paljastumisen https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-2026-01

Google is testing a new image AI and it's going to be its fastest model https://www.bleepingcomputer.com/news/google/google-is-testing-a-new-image-ai-and-its-going-to-be-its-fastest-model/

The Kimwolf Botnet is Stalking Your Local Network https://krebsonsecurity.com/2026/01/the-kimwolf-botnet-is-stalking-your-local-network/

Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack https://www.bleepingcomputer.com/news/security/trust-wallet-links-85-million-crypto-theft-to-shai-hulud-npm-attack/

VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion https://unit42.paloaltonetworks.com/vvs-stealer/

Kyberturvallisuuskeskuksen viikkokatsaus - 01/2026 https://www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/kyberturvallisuuskeskuksen-viikkokatsaus-012026

Poliisi: Epäillyssä merikaapelin vaurioittamisesssa samankaltaisuutta aikaisempiin tapauksiin https://yle.fi/a/74-20202166

New GlassWorm malware wave targets Macs with trojanized crypto wallets https://www.bleepingcomputer.com/news/security/new-glassworm-malware-wave-targets-macs-with-trojanized-crypto-wallets/

OpenAI is offering $20 ChatGPT Plus for free to some users https://www.bleepingcomputer.com/news/artificial-intelligence/openai-is-offering-20-chatgpt-plus-for-free-to-some-users/

Poliisi varoittaa uhkaavista kiristysviesteistä https://www.is.fi/digitoday/art-2000011723058.html

NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices https://www.bleepingcomputer.com/news/security/nyc-mayoral-inauguration-bans-flipper-zero-raspberry-pi-devices/

December 2025 Patch Tuesday: One Critical Zero-Day, Two Publicly Disclosed Vulnerabilities Among 57 CVEs https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-december-2025/

Inside CrowdStrike’s Science-Backed Approach to Building Expert SOC Agents https://www.crowdstrike.com/en-us/blog/inside-crowdstrikes-science-backed-approach-to-building-soc-agents/

Hackers drain $3.9M from Unleash Protocol after multisig hijack https://www.bleepingcomputer.com/news/security/hackers-drain-39m-from-unleash-protocol-after-multisig-hijack/

RondoDox botnet exploits React2Shell flaw to breach Next.js servers https://www.bleepingcomputer.com/news/security/rondodox-botnet-exploits-react2shell-flaw-to-breach-nextjs-servers/

Finland seizes ship suspected of damaging subsea cable in Baltic Sea https://therecord.media/finland-seizes-ship-suspected-damaging-undersea-cable

IBM warns of critical API Connect auth bypass vulnerability https://www.bleepingcomputer.com/news/security/ibm-warns-of-critical-api-connect-auth-bypass-vulnerability/

Disney will pay $10 million to settle children's data privacy lawsuit https://www.bleepingcomputer.com/news/security/disney-will-pay-10m-to-settle-claims-of-childrens-privacy-violations-on-youtube/

WHILL Model C2 Electric Wheelchairs and Model F Power Chairs https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-364-01

New ErrTraffic service enables ClickFix attacks via fake browser glitches https://www.bleepingcomputer.com/news/security/new-errtraffic-service-enables-clickfix-attacks-via-fake-browser-glitches/

Treasury removes sanctions for three executives tied to spyware maker Intellexa https://therecord.media/treasury-sanctions-intellexa-removed

MongoBleed Unauthenticated Memory Leak https://fortiguard.fortinet.com/threat-signal-report/6308

Ransomware responders plead guilty to using ALPHV in attacks on US organizations https://therecord.media/ransomware-responders-guilty-plea-using-alphv-blackcat-us-attacks

US cybersecurity experts plead guilty to BlackCat ransomware attacks https://www.bleepingcomputer.com/news/security/us-cybersecurity-experts-plead-guilty-to-blackcat-alphv-ransomware-attacks/

CISA orders feds to patch MongoBleed flaw exploited in attacks https://www.bleepingcomputer.com/news/security/cisa-orders-federal-agencies-to-patch-mongobleed-flaw-actively-exploited-in-attacks/

SF² framework aims to help you scale SecOps wisely  https://www.reversinglabs.com/blog/software-factory-security-framework-secops

Streamline Security Operations with Falcon for IT’s Turnkey Automations https://www.crowdstrike.com/en-us/blog/streamline-security-operations-falcon-for-it-automations/

Vulnerability in SmarterTools Software https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor https://securelist.com/honeymyte-kernel-mode-rootkit/118590/

Trend Micro's Pivotal Role in INTERPOL's Operation Sentinel: Dismantling Digital Extortion Networks Across Africa https://www.trendmicro.com/en_us/research/25/l/operation-sentinel-digital-extortion-campaigns-identified.html

Chinese state hackers use rootkit to hide ToneShell malware activity https://www.bleepingcomputer.com/news/security/chinese-state-hackers-use-rootkit-to-hide-toneshell-malware-activity/

Coupang to split $1.17 billion among 33.7 million data breach victims https://www.bleepingcomputer.com/news/security/coupang-to-split-117-billion-among-337-million-data-breach-victims/

US, Australia say ‘MongoBleed’ bug being exploited https://therecord.media/us-australia-bug-exploitation

Happy 16th Birthday, KrebsOnSecurity.com! https://krebsonsecurity.com/2025/12/happy-16th-birthday-krebsonsecurity-com/

Two more banks notifying thousands of victims about Marquis Software ransomware attack https://therecord.media/banks-marquis-software-ransomware

Hacker arrested for KMSAuto malware campaign with 2.8 million downloads https://www.bleepingcomputer.com/news/security/hacker-arrested-for-kmsauto-malware-campaign-with-28-million-downloads/

French software company fined $2 million for cyber failings leading to data breach https://therecord.media/french-software-fined-cnil

Trust Wallet says 2,596 wallets drained in $7 million crypto theft attack https://www.bleepingcomputer.com/news/security/trust-wallet-says-7-million-crypto-theft-attack-drained-2-596-wallets/

ChatGPT finally rolls out Thinking time toggle on mobile https://www.bleepingcomputer.com/news/artificial-intelligence/chatgpt-finally-rolls-out-thinking-time-toggle-on-mobile/

Former Coinbase support agent arrested for helping hackers https://www.bleepingcomputer.com/news/security/former-coinbase-support-agent-arrested-for-helping-hackers/

Coupang recovers smashed laptop that alleged data leaker threw into river https://therecord.media/coupang-recovers-smashed-laptop-data-breach

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/