Cyber Security Badge

CyberNetSec.io

Daily Cybersecurity Threat Briefings

Home Publications

Security Advisories & Threat Intelligence

Real-time cybersecurity alerts, vulnerability advisories, and threat analysis

Filter by Category

Showing 1 - 10 of 676 articles
1 / 68
Per page:

Massive 149 Million Credential Leak Exposes Gmail, Facebook, and Financial Service Users

HIGH

Unprotected Database Exposes 149 Million Unique Login Credentials from Infostealer Malware Logs

A publicly accessible, unencrypted 96 GB database containing 149.4 million unique login credentials has been discovered by a security researcher. The data, believed to be compiled from various infostealer malware logs and past breaches, impacts an estimated 48 million Gmail accounts, alongside users of Facebook, financial services, government portals, and numerous other online platforms. The leak includes usernames, passwords, and the direct login URLs, posing a significant risk of account takeover and fraud for millions of individuals globally.

Jan 25, 2026
5 min read
Data Breach
Malware
Threat Intelligence
credential leakinfostealerdata exposurepassword securityaccount takeover
Massive 149 Million Credential Leak Exposes Gmail, Facebook, and Financial Service Users

Nike Probes Data Breach Claim by 'WorldLeaks' Extortion Group

HIGH

Extortion Group 'WorldLeaks' Targets Nike, Threatens to Leak Stolen Corporate Data

Global apparel giant Nike has launched an investigation into a potential data breach after being listed as a victim by the 'WorldLeaks' data extortion group. The group, which emerged in 2025 and focuses on data theft without deploying ransomware, threatened to publish stolen Nike data on January 24. Nike has confirmed it is assessing the situation. The type and volume of the allegedly stolen data have not been disclosed by the attackers.

Jan 25, 2026
4 min read
Data Breach
Threat Actor
Cyberattack
WorldLeaksextortiondata theftcybercrimeretail
Nike Probes Data Breach Claim by 'WorldLeaks' Extortion Group

Sandworm Deploys New 'DynoWiper' Malware in Failed Attack on Polish Power Grid

CRITICAL

Russian State-Sponsored Group Sandworm Linked to 'DynoWiper' Attack on Poland's Energy Infrastructure

The Russian state-sponsored hacking group Sandworm has been attributed with a major, albeit unsuccessful, cyberattack against Poland's power system in late December 2025. Poland's energy minister described it as the 'largest cyber attack' on their energy infrastructure in years. Cybersecurity firm ESET linked the attack to Sandworm and discovered the use of a previously undocumented destructive malware, which has been named 'DynoWiper'. This incident underscores Sandworm's continued focus on targeting critical infrastructure with new cyber weapons.

Jan 25, 2026
6 min read
Cyberattack
Threat Actor
Malware
SandwormDynoWiperwiper malwarecritical infrastructurePoland +4 more
Sandworm Deploys New 'DynoWiper' Malware in Failed Attack on Polish Power Grid

Phishing Campaign Hits Russia with Amnesia RAT, Uses GitHub and Dropbox for Payload Delivery

HIGH

Multi-Stage Phishing Attack on Russian Users Deploys Amnesia RAT and Ransomware, Disables Microsoft Defender

A sophisticated, multi-stage phishing campaign is targeting users in Russia, delivering a combination of the Amnesia remote access trojan (RAT) and ransomware. The attack, analyzed by Fortinet FortiGuard Labs, is notable for its use of public cloud services like GitHub and Dropbox to host payloads and its use of a tool called 'defendnot' to disable Microsoft Defender antivirus. The campaign relies on social engineering and abuse of native Windows features rather than software exploits to achieve system compromise.

Jan 25, 2026
5 min read
Phishing
Malware
Ransomware
phishingAmnesia RATransomwareMicrosoft DefenderGitHub +2 more
Phishing Campaign Hits Russia with Amnesia RAT, Uses GitHub and Dropbox for Payload Delivery

ShinyHunters Claims Breach of Crunchbase, Betterment via Okta Vishing Attacks

HIGH

Extortion Group ShinyHunters Alleges Compromise of Crunchbase and Betterment Using Okta Voice Phishing

The notorious cyber extortion syndicate ShinyHunters has claimed responsibility for breaching business intelligence firm Crunchbase and financial advisory company Betterment. According to the threat actor, the initial access was gained by using sophisticated voice phishing (vishing) attacks to socially engineer employees and compromise their Okta single sign-on (SSO) credentials. This method allows attackers to bypass weaker forms of multi-factor authentication. Neither of the targeted companies has publicly confirmed the breach.

Jan 25, 2026
5 min read
Phishing
Data Breach
Threat Actor
ShinyHuntersvishingsocial engineeringOktaMFA bypass +2 more
ShinyHunters Claims Breach of Crunchbase, Betterment via Okta Vishing Attacks

Everest Ransomware Group Leaks 343GB of Under Armour Customer Data

HIGH

Russia-Linked Everest Group Leaks 343 GB of Data Allegedly Stolen from Under Armour

The Russia-linked Everest ransomware group has leaked 343 GB of data allegedly stolen from global sportswear brand Under Armour. The massive data dump, which occurred on January 24, 2026, followed a failed extortion attempt. The leaked data is reported to contain the personally identifiable information (PII) of millions of customers, highlighting the 'double extortion' tactic where data publication is the primary threat. Under Armour has not yet commented on the incident.

Jan 25, 2026
5 min read
Ransomware
Data Breach
Threat Actor
Everestransomwaredata leakUnder ArmourPII +1 more
Everest Ransomware Group Leaks 343GB of Under Armour Customer Data

Warning: Fully Patched FortiGate Firewalls Are Being Compromised via New SSO Bypass

CRITICAL

New Attack Path Allows Compromise of Fully Patched FortiGate Firewalls with SAML SSO Enabled

Security analysts are warning of a new wave of attacks compromising even fully patched Fortinet FortiGate firewalls. The activity, observed since January 15, 2026, allows attackers to bypass SAML-based single sign-on (SSO) authentication to gain administrative access. The attacks result in unauthorized configuration changes, creation of persistent user accounts, and exfiltration of device configurations. Fortinet has reportedly identified a new, distinct attack path related to previously disclosed vulnerabilities (CVE-2025-59718, CVE-2025-59719), suggesting existing patches may not be fully effective.

Jan 25, 2026
6 min read
Vulnerability
Cyberattack
Patch Management
FortiGateFortinetSSOSAMLauthentication bypass +2 more
Warning: Fully Patched FortiGate Firewalls Are Being Compromised via New SSO Bypass

Trend Micro Details New RCE Flaw in MetaGPT (CVE-2026-0761)

HIGH

New High-Severity RCE Vulnerability (CVE-2026-0761) in Foundation Agents MetaGPT Detailed by Trend Micro

Trend Micro has published details and a detection rule for a new high-severity remote code execution (RCE) vulnerability in Foundation Agents MetaGPT, tracked as CVE-2026-0761. The exploit, which occurs over HTTP, can be leveraged by an attacker for initial access into a network or for lateral movement. Trend Micro has released DDI RULE 5627 to detect exploitation attempts and advises organizations to update security products and scan for signs of compromise.

Jan 25, 2026
4 min read
Vulnerability
Threat Intelligence
CVE-2026-0761RCEMetaGPTTrend Microvulnerability +1 more
Trend Micro Details New RCE Flaw in MetaGPT (CVE-2026-0761)

Microsoft Issues Emergency Out-of-Band Patches for Flawed January Updates

MEDIUM

Microsoft Releases Out-of-Band Updates to Fix Remote Desktop and Cloud Storage Bugs from January Patches

Microsoft has released several emergency out-of-band (OOB) updates on January 24, 2026, to address significant bugs introduced by its January 13 Patch Tuesday release. The faulty updates caused a range of issues, including Remote Desktop connection failures, application hangs when accessing cloud storage like OneDrive, and system restart failures. The new cumulative updates, including KB5078136 and KB5078238, are available for various Windows versions and are intended to restore stability and functionality for affected users.

Updated: Jan 24, 2026
4 min read
Patch Management
Security Operations
MicrosoftWindows UpdatePatch TuesdayOut-of-BandKB5078136 +3 more
Microsoft Issues Emergency Out-of-Band Patches for Flawed January Updates

Pwn2Own Automotive: Hackers Earn $1M+ Exposing 76 Zero-Days in Tesla and Other Vehicle Systems

HIGH

Researchers Demonstrate 76 Zero-Day Exploits Against Tesla and Others at Pwn2Own Automotive 2026

At the Pwn2Own Automotive 2026 event, security researchers earned over $1 million by successfully demonstrating 76 unique zero-day exploits against a range of modern vehicle systems. A major focus was Tesla, where researchers chained multiple vulnerabilities to gain root access to an infotainment system, accounting for $516,500 of the total prize money. The competition also targeted EV chargers and other in-vehicle infotainment (IVI) systems, highlighting the expanding and critical attack surface of the connected automotive industry. Vendors have been given a 90-day disclosure deadline to patch the flaws.

Jan 24, 2026
5 min read
Vulnerability
Cyberattack
Threat Intelligence
Pwn2OwnAutomotive SecurityCar HackingTeslaZero-Day +3 more
Pwn2Own Automotive: Hackers Earn $1M+ Exposing 76 Zero-Days in Tesla and Other Vehicle Systems
Showing 1 - 10 of 676 articles
1 / 68