Active Exploits Target Ivanti & Microsoft Office; Sandworm Deploys New Wiper in Poland

Publication Date: January 30, 2026

Summary

This cybersecurity brief for January 30, 2026, covers multiple critical threats, including actively exploited zero-day vulnerabilities in Ivanti EPMM and Microsoft Office, both requiring immediate patching. A sophisticated phishing campaign linked to the ShinyHunters alliance is targeting Okta SSO credentials at over 100 enterprises using voice phishing. Concurrently, the Sandworm threat actor has deployed a new destructive wiper, DynoWiper, against the Polish energy sector. Other major developments include a surge in DDoS attacks from new botnets, the discovery of the Sicarii ransomware operation, and a report detailing over 450,000 malicious open-source packages published in 2025.

Today New Articles

CRITICAL: Ivanti Patches Two Actively Exploited RCE Zero-Days in EPMM

Ivanti has released urgent security patches for two critical remote code execution (RCE) vulnerabilities, CVE-2026-1281 and CVE-2026-1340, affecting its Endpoint Manager Mobile (EPMM) solution, formerly MobileIron Core. Both flaws are rated 9.8 out of 10 on th...

Novel Phishing Attack Abuses Vercel and Telegram to Deliver RATs

A novel phishing campaign, observed between November 2025 and January 2026, is abusing trusted `*.vercel.app` domains to bypass email security filters and deliver malware. The attack, detailed by Cloudflare, uses financial lures like fake invoices to trick vic...

New 'Sicarii Ransomware' RaaS Emerges, Targeting U.S. Manufacturing

A new ransomware-as-a-service (RaaS) operation named 'Sicarii Ransomware' has been discovered by researchers at CYFIRMA. Active since late 2025, the group is targeting the manufacturing sector in the United States. The malware encrypts victim files using AES-G...

Industry Responds to Threats with New Tools for Supply Chain, AI, and Malware Analysis

In response to the evolving threat landscape, several cybersecurity firms have launched new products in January 2026. SpyCloud has released its Supply Chain Threat Protection solution to address identity threats within vendor ecosystems. Vectra AI has enhanced...

Global Phishing Campaign Lures Victims with Fake Job Offers

A multi-lingual phishing campaign is targeting job seekers across the United States, United Kingdom, France, Italy, and Spain. According to research from Bitdefender, attackers are impersonating well-known employers and staffing companies, sending emails with...

Apple Boosts Privacy in iOS 26.3 with 'Limit Precise Location' Feature

Apple has introduced a new privacy feature called 'limit precise location' in its iOS 26.3 update. This setting is designed to give users more control over their data by reducing the precision of location information shared with cellular networks. While carrie...