1) Malicious VS Code AI Extensions Exposed Stealing Source Code and Developer Secrets
Security researchers found two AI-branded Visual Studio Code extensions with over 1.5 million installs that covertly siphon source code and sensitive files to remote servers, exposing developer work, configs, and intellectual property risk across global coding communities.
2) Fortinet Patches Actively Exploited FortiOS SSO Vulnerability Affecting Enterprise Networks
Fortinet released urgent security updates to fix a critical FortiOS SSO vulnerability (CVE-2026-24858) that was being actively exploited in the wild, helping protect enterprise edge networks and remote access systems from breach risks.
3) Microsoft Releases Emergency Patch for Actively Exploited Office Zero-Day Vulnerability
Microsoft Office rolled out out-of-band fixes for a high-severity zero-day vulnerability (CVE-2026-21509) actively exploited by attackers to bypass security protections highlighting rapidly evolving enterprise threat activity.
4) Poland Accuses Russian Hackers of Cyberattacks on Energy and Critical Infrastructure
Polish authorities attributed late-December cyberattacks on renewable infrastructure to Russian state-linked actors, marking a shift toward infrastructure sabotage and raising concerns about cyber threats to critical national resources.
5) Energy Sector OT Security Study Reveals Severe Gaps in Industrial Cyber Defenses
A survey of over 100 operational technology (OT) environments revealed pervasive unpatched devices, flat networks, and critical visibility blind spots exposing energy subsector risk and urgent need for improved OT defenses.
6) AI-Driven OpenSSL Audit Discovers 12 Long-Hidden Cryptographic Vulnerabilities
AI-powered tooling helped security researchers identify 12 previously undetected vulnerabilities in the widely used OpenSSL library some dating decades underscoring AI’s value in deep code analysis and persistent risk in foundational crypto stacks.
7) January 2026 Cybersecurity Incidents Highlight Rising Ransomware and Data Breach Risks
Managed service provider reports detail a series of significant cybersecurity events, including ransomware, data theft, and major penalties (e.g., Free Mobile fined €42M), medical facility outages, and widespread vulnerability issues impacting global MSP clients.
8) Supply-Chain Attack Compromises Open VSX Extensions Used by Thousands of Developers
Four legitimate Open VSX extensions were trojanized to include the GlassWorm malware loader, resulting in thousands of compromised developer environments and highlighting ongoing software supply-chain risks.
9) New Reprompt Attack Enables Data Theft from AI Assistants Like Microsoft Copilot
Security analysts disclosed a new “Reprompt” technique allowing attackers to extract sensitive information from AI assistants like Microsoft Copilot via indirect prompt injection, bypassing traditional safeguards and raising data privacy concerns.
10) eScan Antivirus Update Infrastructure Breached, Disrupting Security Updates
eScan Antivirus experienced a compromised update service cluster that disrupted automatic updates for some customers illustrating risks when security vendor infrastructure itself is targeted.
11) Japan and UK Strengthen Cybersecurity Cooperation to Protect Critical Technologies
Japan and the United Kingdom formalized an expanded partnership on cybersecurity, energy, and critical technology resilience, aligning strategic defenses against evolving threats while strengthening bilateral infrastructure security ties.
12) Top Cybersecurity Trends for 2026: AI Risk, Regulation, and Enterprise Resilience
Industry outlook reports highlight five crucial trends shaping cyber in 2026 including AI governance as a top risk vector, regulatory disclosure reforms, evolving cyber insurance frameworks, and increasing operational resilience focus for enterprises and government sectors.
13) Nike Investigates Massive 1.4 TB Data Breach
Nike is investigating a cybersecurity incident after attackers claimed to leak 1.4 TB of internal data. Early checks indicate no customer or employee PII exposure. The case underscores a shift toward data-theft-only extortion, emphasizing reputational and intellectual-property harm over traditional ransomware encryption methods worldwide today.
14) Iran-Linked RedKitten Targets Human Rights Groups in Cyber Espionage Campaign
RedKitten has launched spear-phishing attacks against human rights NGOs and activists, using malicious documents and trusted cloud services to deploy backdoors for surveillance and data theft linked to political and civil-society monitoring.
15) Mandiant Uncovers Vishing Campaigns Hijacking MFA to Compromise Enterprise SaaS Accounts
Mandiant analysts identified advanced voice-phishing operations resembling ShinyHunters tactics, where attackers socially engineer victims to obtain MFA codes and SSO credentials, enabling direct access to cloud-based SaaS environments without deploying malware or ransomware.