Daily Digest

Actively Exploited Zero-Days in Microsoft Office & Fortinet; Major Brands Hit by Cyberattacks

Actively Exploited Zero-Days in Microsoft Office & Fortinet; Major Brands Hit by Cyberattacks

January 29, 2026
8 articles (7 new, 1 updated)
24 min read

Summary

This 24-hour period saw critical cybersecurity developments, including the active exploitation of zero-day vulnerabilities in Microsoft Office (CVE-2026-21509) and Fortinet's FortiCloud SSO (CVE-2026-24858), both added to CISA's KEV list. A wave of social engineering attacks impacted major brands like Bumble, Match, Panera, and Crunchbase, attributed to the 'ShinyHunters' group. Additionally, significant data breaches were reported at SoundCloud, affecting 29.8 million users, and the Illinois Department of Human Services, exposing data of 700,000 individuals. Research reports from Check Point and Sonatype highlight the increasing use of AI by attackers and a 75% surge in open-source malware, underscoring the escalating complexity of the threat landscape.

Filter by Category

New Articles (7)

Critical 1-Click RCE Flaw in IDIS Cloud Manager Puts Users at Risk

CRITICAL

IDIS Cloud Manager Viewer Vulnerable to Critical RCE via Malicious Link (CVE-2025-12556)

A critical remote code execution (RCE) vulnerability, CVE-2025-12556, has been discovered in the IDIS Cloud Manager (ICM) viewer by researchers at Claroty's Team82. The flaw, which has a CVSS v4 score of 8.7, allows an attacker to execute arbitrary code on a user's machine by convincing them to click a specially crafted link. This '1-click RCE' vulnerability bypasses the browser sandbox, making it a potent weapon for spear-phishing campaigns. IDIS has released version 1.7.1 to address the issue and urges users to upgrade or uninstall the software immediately.

January 29, 2026
4 min read
RCEargument injection1-click exploitspear-phishingURL handler
Critical 1-Click RCE Flaw in IDIS Cloud Manager Puts Users at Risk

AI-Fueled Cyberattacks Surge by 70%, Check Point's 2026 Report Reveals

INFORMATIONAL

Check Point 2026 Cyber Security Report: AI Drives 70% Surge in Global Cyberattacks

Check Point's 14th annual Cyber Security Report highlights a dramatic escalation in the global threat landscape, revealing a 70% increase in cyberattacks since 2023. The 2026 report, analyzing trends from 2025, found that organizations faced an average of 1,968 attacks per week. A primary driver of this surge is the weaponization of Artificial Intelligence (AI), which attackers are using to enhance social engineering, accelerate malware development, and automate reconnaissance. The report also notes a shift in ransomware tactics towards data-only extortion and an increase in attacks targeting network edge devices like VPNs and IoT.

January 29, 2026
5 min read
AIArtificial Intelligencethreat landscaperansomwareedge security +1 more
AI-Fueled Cyberattacks Surge by 70%, Check Point's 2026 Report Reveals

Canada's Cyber Security Centre Warns of AI-Fueled Ransomware Evolution

INFORMATIONAL

Canadian Centre for Cyber Security Report Warns of AI-Enhanced Ransomware Threats

The Canadian Centre for Cyber Security has issued a new 'Ransomware Threat Outlook,' warning that the ransomware threat to Canadian organizations is growing and evolving rapidly. The report highlights that criminals are increasingly leveraging artificial intelligence (AI) to make their attacks more sophisticated, easier to execute, and harder to detect. A key trend identified is the shift towards 'multi-extortion' tactics, where attackers steal data and threaten to leak it in addition to encrypting it. The report stresses that despite the advanced tactics, strong cyber hygiene remains a primary defense.

January 29, 2026
5 min read
ransomwareAImulti-extortionthreat outlookCanada +1 more
Canada's Cyber Security Centre Warns of AI-Fueled Ransomware Evolution

Clop Ransomware Group Claims Attack on Canadian Helicopter Company

HIGH

Clop Ransomware Targets Canadian Company CMHHELI.COM, Threatens Data Leak

The notorious Clop ransomware group has claimed responsibility for a cyberattack against CMHHELI.COM, a Canadian company. On January 29, 2026, the group added the company to its dark web leak site, threatening to publish stolen data if a ransom is not paid. This incident highlights the persistent and indiscriminate nature of major ransomware gangs, who continue to target organizations of all sizes. Security experts advise victims to initiate incident response, validate backups, and engage professionals before considering any communication with the attackers.

January 29, 2026
5 min read
Clopransomwaredouble extortiondata leakTA505
Clop Ransomware Group Claims Attack on Canadian Helicopter Company

Open-Source Malware Skyrockets by 75%, Sonatype's 2026 Report Warns

INFORMATIONAL

Sonatype 2026 Report: Open-Source Malware Surges 75% Amid AI-Driven Development

Sonatype's 2026 'State of the Software Supply Chain' report reveals an alarming 75% increase in malicious open-source packages, with over 1.233 million identified. The report connects this surge to the rapid adoption of AI and automation in software development, which has accelerated open-source consumption to 9.8 trillion downloads across major registries. This increased velocity expands the attack surface, making it easier for attackers to inject malware into the software supply chain. The report also notes that 86% of traffic from Maven Central, a key Java repository, now comes from automated cloud services, amplifying the risk of widespread compromise from a single malicious package.

January 29, 2026
5 min read
open sourcesupply chain securityDevSecOpsmalwareAI +1 more
Open-Source Malware Skyrockets by 75%, Sonatype's 2026 Report Warns

Convergence of Identity and Data Security Creates New Attack Vectors, Netwrix Warns

INFORMATIONAL

Netwrix Report: Attackers to Exploit Identity and Data Security Convergence

A new report from Netwrix warns that the next wave of cyber threats will arise from the convergence of identity and data security. As organizations increasingly rely on automated workflows to manage data access, attackers are shifting their focus from stealing individual credentials to exploiting misconfigured identity orchestration and automation. The report predicts that failures in identity automation will directly lead to data exposure. With the rise of agentic AI, which can autonomously perform actions, securing the identity of these non-human agents becomes paramount. Netwrix concludes that unified visibility across both identity management and data security is now essential to mitigate these emerging risks.

January 29, 2026
5 min read
identity securitydata securityIAMAIautomation +1 more
Convergence of Identity and Data Security Creates New Attack Vectors, Netwrix Warns

SoundCloud Breach Exposes Private Emails of 29.8 Million Users

HIGH

Massive SoundCloud Data Breach Leaks Personal Details of 29.8 Million Users

A significant data breach at the music streaming service SoundCloud has resulted in the public release of a database containing the personal details of 29.8 million users. The data was leaked in January 2026 after the company reportedly refused to pay a ransom demand. The primary risk from this breach stems from the linking of users' private email addresses with their public profile metadata. This combination provides a rich source of data for attackers to launch targeted phishing, credential stuffing, and social engineering campaigns. The breach has been indexed by the notification service HaveIBeenPwned.

January 29, 2026
5 min read
data breachSoundCloudPIIemail leakcredential stuffing +1 more
SoundCloud Breach Exposes Private Emails of 29.8 Million Users

Updated Articles (1)

ShinyHunters Claims Breach of Crunchbase, Betterment via Okta Vishing Attacks

HIGH

Extortion Group ShinyHunters Alleges Compromise of Crunchbase and Betterment Using Okta Voice Phishing

Update:

The ShinyHunters cyber extortion group's campaign has expanded, now claiming breaches against Bumble Inc., Panera Bread Co., and Match Group Inc., in addition to previously reported incidents. Bumble confirmed a contractor's account was phished, leading to brief network access, while Match Group acknowledged limited user data exposure. Panera Bread reported access to customer contact information. Crucially, Crunchbase, previously unconfirmed, has now reported that corporate network documents were affected in a contained incident. These new disclosures highlight the broader impact of ShinyHunters' social engineering tactics, which primarily target credentials and contact data for potential follow-on attacks.

January 25, 2026
Updated: January 29, 2026
5 min read
ShinyHuntersvishingsocial engineeringOktaMFA bypass +2 more
ShinyHunters Claims Breach of Crunchbase, Betterment via Okta Vishing Attacks

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.