Cyber Daily News – Details, episodes & analysis

Cyber Daily News January 24, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - CISA Adds Five Enterprise Software Flaws to Known Exploited Vulnerabilities Catalog https://thecyberexpress.com/cisa-adds-enterprise-software-flaws-to-kev/ - 11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061) https://securityaffairs.com/187255/security/11-year-old-critical-telnetd-flaw-found-in-gnu-inetutils-cve-2026-24061.html - Fortinet warns of active FortiCloud SSO bypass affecting updated devices https://securityaffairs.com/187250/security/fortinet-warns-of-active-forticloud-sso-bypass-affecting-updated-devices.html

Cyber Daily News January 23, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Under Armour ransomware breach: data of 72 million customers appears on the dark web https://www.malwarebytes.com/blog/news/2026/01/under-armour-ransomware-breach-data-of-72-million-customers-appears-on-the-dark-web - Phishing Kits Now Sync With Live Phone Scammers to Defeat Multifactor Authentication https://thecyberexpress.com/phishing-toolkits-to-defeat-mfa/ - GitLab Releases Critical Patch Updates to Address Multiple High-Severity Vulnerabilities https://thecyberexpress.com/gitlab-patch-release-security-vulnerabilities/ - Financial Firms Are Failing Basic Cybersecurity, Bank of England Finds https://thecyberexpress.com/financial-firm-cybersecurity-lacking-boe/ - Fortinet Admins Report Active Exploits on “Fixed” FortiOS 7.4.9 Firmware https://thecyberexpress.com/active-exploits-on-fixed-fortios-749-firmware/ - Critical SmarterMail vulnerability under attack, no CVE yet https://securityaffairs.com/187201/hacking/critical-smartermail-vulnerability-under-attack-no-cve-yet.html

Cyber Daily News January 14, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Microsoft Patch Tuesday January 2026: Actively Exploited Zero Day, 8 High-Risk Flaws https://thecyberexpress.com/patch-tuesday-january-2026-zero-day/ - MS-ISAC Flags High-Risk Security Flaws in Fortinet Products https://thecyberexpress.com/ms-isac-fortinet-vulnerabilities/ - Online shoppers at risk as Magecart skimming hits major payment networks https://www.malwarebytes.com/blog/news/2026/01/online-shoppers-at-risk-as-magecart-skimming-hits-major-payment-networks - New Android Banking Malware ‘DeVixor’ Adds Ransomware Capabilities https://thecyberexpress.com/android-banking-malware-devixor-ransomware/ - AZ Monica hospital in Belgium shuts down servers after cyberattack https://securityaffairs.com/186882/cyber-crime/az-monica-hospital-in-belgium-shuts-down-servers-after-cyberattack.html - Threat actor claims the theft of full customer data from Spanish energy firm Endesa https://securityaffairs.com/186861/cyber-crime/threat-actor-claims-the-theft-of-full-customer-data-from-spanish-energy-firm-endesa.html - Data broker fined after selling Alzheimer’s patient info and millions of sensitive profiles https://www.malwarebytes.com/blog/news/2026/01/data-broker-fined-after-selling-alzheimers-patient-info-and-millions-of-sensitive-profiles

Cyber Daily News January 13, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Spanish Energy Giant Endesa Notifies Customers of Data Breach Impacting Energía XXI https://thecyberexpress.com/endesa-data-breach/ - Attackers Targeting LLMs in Widespread Campaign https://thecyberexpress.com/attackers-targeting-llms-widespread-campaign/ - U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/186837/hacking/u-s-cisa-adds-a-flaw-in-gogs-to-its-known-exploited-vulnerabilities-catalog.html - Meta fixes Instagram password reset flaw, denies data breach https://securityaffairs.com/186829/security/meta-fixes-instagram-password-reset-flaw-denies-data-breach.html

Cyber Daily News January 12, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Credential-harvesting attacks by APT28 hit Turkish, European, and Central Asian organizations https://securityaffairs.com/186801/apt/credential-harvesting-attacks-by-apt28-hit-turkish-european-and-central-asian-organizations.html - Canopy Health Confirms Cyberattack, Patients Not Notified for Six Months https://thecyberexpress.com/canopy-health-data-breach-six-month-delay/ - After EU Probe, U.S. Senators Push Apple and Google to Review Grok AI https://thecyberexpress.com/grok-ai-under-fire-target-apple-and-google/ - Kyowon Group Confirms Cyberattack as Multiple Systems Go Offline https://thecyberexpress.com/kyowon-group-cyberattack-update/ - 84 Hrs and Counting as Internet Blackout in Iran Continues Amid Nationwide Unrest https://thecyberexpress.com/internet-blackout-in-iran-continues/

Cyber Daily News January 11, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - A massive breach exposed data of 17.5M Instagram users https://securityaffairs.com/186765/data-breach/a-massive-breach-exposed-data-of-17-5m-instagram-users.html - North Korea–linked APT Kimsuky behind quishing attacks, FBI warns https://securityaffairs.com/186755/intelligence/north-korea-linked-apt-kimsuky-behind-quishing-attacks-fbi-warns.html

Cyber Daily News January 10, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - North Korean Kimsuky Threat Actors Use Malicious QR Codes to Target Foreign Policy Experts https://thecyberexpress.com/kimsuky-threat-actors-malicious-qr-codes/ - Illinois Department of Human Services (IDHS) suffered a data breach that impacted 700K individuals https://securityaffairs.com/186745/data-breach/illinois-department-of-human-services-idhs-suffered-a-data-breach-that-impacted-700k-individuals.html - Trend Micro fixed a remote code execution in Apex Central https://securityaffairs.com/186733/hacking/trend-micro-fixed-a-remote-code-execution-in-apex-central.html

Cyber Daily News January 9, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Iran cuts Internet nationwide amid deadly protest crackdown https://securityaffairs.com/186718/intelligence/iran-cuts-internet-nationwide-amid-deadly-protest-crackdown.html - Chinese-speaking hackers exploited ESXi zero-days long before disclosure https://securityaffairs.com/186709/hacking/chinese-speaking-hackers-exploited-esxi-zero-days-long-before-disclosure.html - China-linked UAT-7290 spies on telco in South Asia and Europe using modular malware https://securityaffairs.com/186698/security/china-linked-uat-7290-spies-on-telco-in-south-asia-and-europe-using-modular-malware.html - Astaroth banking Trojan spreads in Brazil via WhatsApp worm https://securityaffairs.com/186685/malware/astaroth-banking-trojan-spreads-in-brazil-via-whatsapp-worm.html - Global DNS Crash Triggers Reboot Loops Across Cisco Small Business Switches https://thecyberexpress.com/dns-crash-cisco-small-business-switches/ - CISA Warns of Attacks on PowerPoint and HPE Vulnerabilities https://thecyberexpress.com/cisa-warns-powerpoint-and-hpe-vulnerabilities/ - Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability https://securityaffairs.com/186682/security/public-poc-prompts-cisco-patch-for-ise-ise-pic-vulnerability.html

Cyber Daily News January 8, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - New n8n Vulnerability (CVE-2026-21858) Allows Unauthenticated File Access and RCE https://thecyberexpress.com/cve-2026-21858-n8n-webhook-vulnerability/ - Australian Insurer Prosura Confirms Cyber Incident, Takes Online Services Offline Amid Investigation https://thecyberexpress.com/prosura-cyberattack-explained/ - Infostealers and Lack of MFA Led to Dozens of Major Breaches https://thecyberexpress.com/infostealers-and-lack-of-mfa-led-to-breaches/ - U.S. CISA adds HPE OneView and Microsoft Office PowerPoint flaws to its Known Exploited Vulnerabilities catalog https://securityaffairs.com/186672/security/u-s-cisa-adds-hpe-oneview-and-microsoft-office-powerpoint-flaws-to-its-known-exploited-vulnerabilities-catalog.html - China-linked groups intensify attacks on Taiwan’s critical infrastructure, NSB warns https://securityaffairs.com/186658/intelligence/china-linked-groups-intensify-attacks-on-taiwans-critical-infrastructure-nsb-warns.html

Cyber Daily News January 7, 2026 Cyber Daily News is also available via podcast! https://feeds.transistor.fm/cyber-daily-news Stories mentioned in today's briefing: - Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers https://securityaffairs.com/186616/hacking/hackers-actively-exploit-critical-rce-flaw-in-legacy-d-link-dsl-routers.html - Unpatched TOTOLINK EX200 Flaw Enables Root-Level Telnet Access, CERT/CC Warns https://thecyberexpress.com/cve-2025-65606-totolink-ex200-firmware/ - Veeam resolves CVSS 9.0 RCE flaw and other security issues https://securityaffairs.com/186630/security/veeam-resolves-cvss-9-0-rce-flaw-and-other-security-issues.html - Google fixes critical Dolby Decoder bug in Android January update https://securityaffairs.com/186591/security/google-fixes-critical-dolby-decoder-bug-in-android-january-update.html - UK Unveils £210M Cyber Overhaul as Nation Faces “Critically High” Digital Threat https://thecyberexpress.com/uk-unveils-210m-cyber-action-plan/ - Phishing campaign abuses Google Cloud services to steal Microsoft 365 logins https://www.malwarebytes.com/blog/news/2026/01/phishing-campaign-abuses-google-cloud-services-to-steal-microsoft-365-logins - One million customers on alert as extortion group claims massive Brightspeed data haul https://www.malwarebytes.com/blog/news/2026/01/one-million-customers-on-alert-as-extortion-group-claims-massive-brightspeed-data-haul