Chinese Hackers Caught Exploiting VMware Zero-Days for Over a Year; FBI Warns of North Korean 'Quishing' Attacks

Publication Date: January 10, 2026

Summary

This cybersecurity brief for January 10, 2026, covers several critical developments. A sophisticated Chinese-linked threat actor was discovered exploiting a trio of VMware ESXi zero-days for more than a year before they were patched, enabling full VM escapes. The FBI has issued a warning about the North Korean Kimsuky APT using QR code phishing ('quishing') to bypass email security and steal credentials. Additionally, major data breaches have been disclosed by the Illinois Department of Human Services, affecting 700,000 residents, and online gambling firm BetVictor. CISA has also added a critical, actively exploited HPE OneView vulnerability to its KEV catalog, mandating urgent patching.

Today New Articles

Illinois DHS Exposes Data of 700,000 Residents in Massive Misconfiguration Breach

The Illinois Department of Human Services (IDHS) has disclosed a major data breach affecting approximately 705,000 state residents. The breach was caused by incorrect privacy settings on internal planning maps that were inadvertently made public on a mapping w...

Chinese State Hackers 'Salt Typhoon' Breach U.S. Congressional Committee Emails

The Chinese state-sponsored hacking group known as Salt Typhoon has reportedly compromised the email systems of staff members for several key U.S. House of Representatives committees. The cyberespionage campaign, detected in December 2025, targeted aides on in...

Cisco Patches Medium-Severity Flaws in Snort 3 Engine That Could Lead to DoS and Data Leaks

Cisco has disclosed two medium-severity vulnerabilities, CVE-2026-20026 and CVE-2026-20027, in its widely used Snort 3 detection engine. The flaws exist in the processing of DCE/RPC traffic and can be triggered by a remote, unauthenticated attacker. CVE-2026-2...

Google Patches High-Severity Chrome Flaw That Could Allow Attackers to Bypass Security Policies

Google has issued a security update for its Chrome browser, patching a high-severity vulnerability tracked as CVE-2026-0628. The flaw, which affects Chrome on Windows, macOS, and Linux, is described as an "insufficient policy enforcement" issue within the WebV...

Online Betting Giant BetVictor Discloses Major Data Breach, Customer Data Compromised

BetVictor, a major European online gambling company, has officially disclosed a significant data breach that compromised sensitive customer information. The security incident was first detected on January 8, 2026, during routine security audits and has caused...

Data of 17.5 Million Instagram Users Leaked on Hacker Forum After Scraping Attack

The personal data of approximately 17.5 million Instagram users has been leaked on the BreachForums hacking forum. The data, posted by a user named 'Solonik,' was allegedly obtained via automated data scraping from public APIs. The leaked information includes...

Critical OpenSSH Flaw Exposes Moxa Industrial Switches to Remote Code Execution

Industrial networking vendor Moxa has issued a security advisory for a critical vulnerability, CVE-2023-38408, affecting its EDS-G4000 and RKS-G4000 series industrial Ethernet switches. The flaw resides in the OpenSSH service integrated into the device firmwar...

Article Updates

HPE OneView Flaw Scores Perfect 10.0, Grants Attackers 'Keys to the Kingdom'

Update:CISA has officially confirmed that the critical HPE OneView RCE vulnerability, CVE-2025-37164, is now being actively exploited in the wild. This update follows the initial disclosure and CISA's previous KEV listing, which indicated high risk. The confirmation...