Threat Note

From Cyber Security News – eSkimming Attacks Fuelled with Persistent Threats, Evolving Tactics, and Unfinished Recovery

eSkimming attacks, commonly known as Magecart attacks, continue to plague e-commerce websites across the globe, stealing payment card data from unsuspecting customers at checkout. These malicious campaigns inject JavaScript code…

Samir K January 29, 2026

News

From Security Week – Google Disrupts IPIDEA Proxy Network

[[{"value":"One of the largest residential proxy networks, IPIDEA enrolled devices through SDKs for mobile and desktop. The post Google Disrupts IPIDEA Proxy Network appeared first on SecurityWeek."}]] Read More

Samir K January 29, 2026

News

From Cyber Security News – Threat Actors Using AI Generated Malicious Job Offers to Deploy PureRAT

A Vietnamese cybercrime group is using artificial intelligence to write malicious code in an ongoing phishing campaign that distributes the PureRAT malware through fake job opportunities. The campaign, initially detected…

Samir K January 29, 2026

News

From Cyber Security News – BlackIce – A Container Based Red Teaming Toolkit for AI Security Testing

Databricks has officially announced the release of BlackIce, an open-source, containerized toolkit designed to streamline AI security testing and Red Teaming. Originally introduced at CAMLIS Red 2025, BlackIce addresses the…

Samir K January 29, 2026

News

From The Hacker News – 3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026

Beyond the direct impact of cyberattacks, enterprises suffer from a secondary but potentially even more costly risk: operational downtime, any amount of which translates into very real damage. That’s why for CISOs, it’s key to prioritize decisions that reduce dwell time and protect their company from risk. Three strategic steps you can take this year for better results: 1. Focus on today's

Samir K January 29, 2026

News

From Cyber Security News – Critical IDIS IP Cameras One-Click Vulnerability Leads to full Compromise of Victim’s Computer

A severe security flaw in IDIS IP cameras has emerged, allowing attackers to gain complete control over a victim’s computer with just one click. The vulnerability, tracked as CVE-2025-12556, targets…

Samir K January 29, 2026

News

From Cyber Security News – eScan Antivirus Update Server Hacked to Push Malicious Update packages

A critical supply chain compromise affecting MicroWorld Technologies’ eScan antivirus product, wherein threat actors successfully hijacked the vendor’s legitimate update infrastructure to distribute malware. Discovered on January 20, 2026, by…

Samir K January 29, 2026

News

From The Hacker News – SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds has released security updates to address multiple security vulnerabilities impacting SolarWinds Web Help Desk, including four critical vulnerabilities that could result in authentication bypass and remote code execution (RCE). The list of vulnerabilities is as follows - CVE-2025-40536 (CVSS score: 8.1) - A security control bypass vulnerability that could allow an unauthenticated

Samir K January 29, 2026

News

From Cyber Security News – Microsoft Exchange Online to Deprecate SMTP AUTH Basic Authentication for Tenants

Microsoft is preparing a major security shift for cloud email customers as Exchange Online moves toward deprecating SMTP AUTH Basic Authentication for all tenants. The change targets one of the…

Samir K January 29, 2026

News

From Cyber Security News – Critical Solarwinds Web Vulnerability Allows Remote Code Execution and Security Bypass

Multiple critical vulnerabilities in SolarWinds Web Help Desk (WHD), culminating in unauthenticated remote code execution (RCE) via Java deserialization in CVE-2025-40551, were uncovered by Horizon3.ai researchers. These flaws chain static…

Samir K January 29, 2026

News

From Cyber Security News – Attackers Targeting Canadian Citizens by Exploiting Their Reliance on Digital Services

Attackers are increasingly targeting Canadian citizens by abusing their heavy dependence on online government and commercial services. From paying traffic fines and renewing licenses to tracking parcels and booking flights,…

Samir K January 29, 2026

News

From Security Week – PwC and Google Cloud Ink $400 Million Deal to Scale AI-Powered Defense

[[{"value":"The announcement comes just weeks after Palo Alto Networks and Google Cloud announced a multibillion-dollar AI and cloud security deal. The post PwC and Google Cloud Ink $400 Million Deal…

Samir K January 29, 2026

News

From The Hacker News – Google Disrupts IPIDEA — One of the World’s Largest Residential Proxy Networks

Google on Wednesday announced that it worked together with other partners to disrupt IPIDEA, which it described as one of the largest residential proxy networks in the world. To that end, the company said it took legal action to take down dozens of domains used to control devices and proxy traffic through them. As of writing, IPIDEA's website ("www.ipidea.io") is no longer accessible. It

Samir K January 29, 2026

News

From Cyber Security News – Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence

Praetorian Inc. has publicly released Swarmer, a tool enabling low-privilege attackers to achieve stealthy Windows registry persistence by sidestepping Endpoint Detection and Response (EDR) monitoring. Deployed operationally since February 2025,…

Samir K January 29, 2026

News

From Cyber Security News – New Semantic Chaining Jailbreak Attack Bypasses Grok 4 and Gemini Nano Security Filters

Following the recent Echo Chamber Multi-Turn Jailbreak, NeuralTrust researchers have disclosed Semantic Chaining, a potent vulnerability in the safety mechanisms of multimodal AI models like Grok 4 and Gemini Nano…

Samir K January 29, 2026

From Cyber Security News – Moltbook AI Vulnerability Exposes Email Addresses, Login Tokens, and API Keys

From Security Week – eScan Antivirus Delivers Malware in Supply Chain Attack

From The Hacker News – Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

From Graham Cluley – FBI takes notorious RAMP ransomware forum offline

From Cyber Security News – AutoPentestX – Automated Penetration Testing Toolkit Designed for Linux systems

From Cyber Security News – SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations

From The Hacker News – Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms

From The Hacker News – CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms

From Cyber Security News – Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail

From Dark Reading – Torq Moves SOCs Beyond SOAR With AI-Powered Hyper Automation

From Cyber Security News – Moltbook AI Vulnerability Exposes Email Addresses, Login Tokens, and API Keys

From Security Week – eScan Antivirus Delivers Malware in Supply Chain Attack

From The Hacker News – Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

From Graham Cluley – FBI takes notorious RAMP ransomware forum offline

From Cyber Security News – AutoPentestX – Automated Penetration Testing Toolkit Designed for Linux systems

From Cyber Security News – SCADA Vulnerability Triggers DoS, Potentially Disrupting Industrial Operations

From Cyber Security News – eSkimming Attacks Fuelled with Persistent Threats, Evolving Tactics, and Unfinished Recovery

From Security Week – Google Disrupts IPIDEA Proxy Network

From Cyber Security News – Threat Actors Using AI Generated Malicious Job Offers to Deploy PureRAT

From Cyber Security News – BlackIce – A Container Based Red Teaming Toolkit for AI Security Testing

From The Hacker News – 3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026

From Cyber Security News – Critical IDIS IP Cameras One-Click Vulnerability Leads to full Compromise of Victim’s Computer

From Cyber Security News – eScan Antivirus Update Server Hacked to Push Malicious Update packages

From The Hacker News – SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

From Cyber Security News – Microsoft Exchange Online to Deprecate SMTP AUTH Basic Authentication for Tenants

From Cyber Security News – Critical Solarwinds Web Vulnerability Allows Remote Code Execution and Security Bypass

From Cyber Security News – Attackers Targeting Canadian Citizens by Exploiting Their Reliance on Digital Services

From Security Week – PwC and Google Cloud Ink $400 Million Deal to Scale AI-Powered Defense

From The Hacker News – Google Disrupts IPIDEA — One of the World’s Largest Residential Proxy Networks

From Cyber Security News – Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence

From Cyber Security News – New Semantic Chaining Jailbreak Attack Bypasses Grok 4 and Gemini Nano Security Filters

From Cyber Security News – Moltbook AI Vulnerability Exposes Email Addresses, Login Tokens, and API Keys

From Security Week – eScan Antivirus Delivers Malware in Supply Chain Attack

From The Hacker News – Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists

From Graham Cluley – FBI takes notorious RAMP ransomware forum offline