Author: V Diwahar

This cybersecurity weekly report for 11–17 January 2026 documents a week defined by scale, speed, and systemic exposure. Across industries, attackers demonstrated that exploiting trust relationships—APIs, third-party vendors, and automation platforms—remains more effective than breaching hardened perimeters. High-impact data exposures in social media, healthcare, and e-commerce created immediate downstream risks, particularly phishing, identity fraud, and account takeover attempts. At the same time, defendersansomware operators accelerated activity despite declining ransom payments, signaling a shift toward volume-driven campaigns, double- and triple-extortion models, and monetization through data resale rather than encryption alone. The disclosure of a critical unauthenticated remote code execution vulnerability in…

Microsoft Patch Tuesday January 2026 is a big one. This month’s update fixes 112 security vulnerabilities across Windows, Microsoft Office, SharePoint, and several core Windows components. More importantly, it includes three zero-day vulnerabilities, along with multiple critical remote code execution (RCE) and privilege escalation flaws. For organizations and IT teams, this is not a “patch later” update. Several of the issues affect authentication services, file sharing, update infrastructure, and Office documents areas attackers actively target. What Changed in January 2026? Here’s a quick snapshot of what Microsoft fixed: 112 total vulnerabilities 3 zero-days 12 critical vulnerabilities The majority are Elevation…

A newly disclosed n8n supply chain attack has revealed how threat actors abused community-maintained npm packages to steal sensitive OAuth credentials from developers and organizations, according to a report published this week by Endor Labs. The attackers uploaded malicious packages to the npm registry that posed as legitimate n8n community nodes, including a fake Google Ads integration. Once installed, these packages captured OAuth tokens during normal workflow execution and transmitted them to attacker-controlled servers, researchers confirmed. The incident highlights growing security risks associated with third-party integrations in workflow automation platforms increasingly used for business-critical operations. How the Attack Was Discovered…

Cybersecurity weekly report: This weekly cybersecurity roundup makes one thing clear right away 2026 did not start quietly. Instead of flashy, highly technical attacks, many threat actors leaned into trust abuse, third-party exposure, and identity compromise. According to multiple intelligence providers, a claimed NordVPN development-environment exposure, a confirmed Global-e incident affecting Ledger customers, and Russia-aligned activity abusing consumer messaging apps set the tone for the week. At the same time, ransomware attacks January 2026 continued at a familiar pace, reinforcing patterns already visible across recent data breach news 2026 and the latest threat intelligence report releases. Weekly cybersecurity roundup: what…

Malicious Chrome Extensions Secretly Copy ChatGPT DeepSeek Chats of 900k Users. A sneaky web browser scheme has been caught by security experts. This setup used fake Chrome add-ons to grab private talks from ChatGPT and DeepSeek. Information pulled wasn’t limited to chats – full surfing records were taken too. The digital theft affected over nine hundred thousand people across the globe. Most victims had no idea their data was being siphoned away. Researchers at OX Security spotted the activity while checking browser add-ons. Notably disturbing – these fake tools looked just like real AI helpers people trust. Their realistic design…

Workflow automation tools are designed to save time, reduce manual effort, and quietly power business operations behind the scenes. But when these tools break, the damage can be far from quiet. That’s exactly the concern surrounding CVE-2025-68668, a newly disclosed critical n8n vulnerability that allows authenticated users to execute arbitrary system commands on the host server. With a CVSS score of 9.9, this flaw is among the most severe issues reported in automation platforms in recent years. What makes CVE-2025-68668 especially dangerous isn’t just its technical severity, it’s where n8n sits in modern organizations. From startups automating marketing workflows to…