Vendors
-
AWS Payment Cryptography passes PCI PIN audit with zero findings
AWS published an updated PCI PIN compliance package for AWS Payment Cryptography. A PCI PIN Attestation of Compliance shows validation by a QSA with zero findings and a Responsibility Summary clarifies customer obligations.
-
Phishing campaign leverages stolen credentials to deploy legitimate RMM for persistent access
Researchers reported a dual-wave phishing campaign that harvests Outlook, Yahoo and AOL credentials to register with LogMeIn and deploy LogMeIn Resolve via a signed executable named GreenVelopeCard.exe to maintain persistent remote access.
-
Multi-stage AitM phishing and BEC campaign abused SharePoint to target energy organisations
Microsoft flagged a multi-stage AitM phishing and BEC campaign using SharePoint links and inbox rules to persist. One observed case sent over 600 phishing messages. Mitigation requires revoking session cookies and deleting attacker-created rules.
-
SmarterMail authentication bypass exploited days after patch enables admin reset and RCE
An authentication bypass in SmarterMail that allows resetting administrator passwords and enabling system-level command execution was exploited two days after a vendor patch. A watchTowr Labs technical analysis describes the vulnerability and exploitation timeline.
-
Mass spam wave uses unsecured Zendesk ticket systems to send hundreds of automated emails
A global spam wave beginning January 18 used unsecured Zendesk ticket systems to deliver hundreds of automated confirmation emails that bypassed filters and confused recipients. The advisory urges restricting ticket creation to verified users and removing open placeholders.
-
Password manager vendor warns of active phishing campaign urging 24 hour vault backups
A phishing campaign that began around January 19 2026 uses maintenance and backup lures to pressure users into creating local vault backups within 24 hours. The vendor advises never to disclose master passwords and is working to remove the malicious infrastructure.
-
Three flaws in Anthropic mcp-server-git could expose files and enable code execution
Three vulnerabilities in Anthropic’s mcp-server-git could expose or overwrite files and enable code execution in chained attacks. Patches were released in versions 2025.9.25 and 2025.12.18 after a technical analysis by Cyata.
-
AWS launches European Sovereign Cloud across EU with €7.8 billion investment
Amazon launched the AWS European Sovereign Cloud across the EU on 15 January 2026 with a €7.8 billion investment. The service limits infrastructure and operations to EU territory and is undergoing third-party audits.
-
Palo Alto fixes GlobalProtect DoS flaw tracked as CVE-2026-0227
Palo Alto issued updates for a high-severity GlobalProtect denial-of-service flaw CVE-2026-0227 with CVSS 7.7 on Jan 15, 2026. A proof-of-concept exists and no workarounds are available.
-
Apex Legends players report character hijacks during live matches
Players reported Apex Legends characters being controlled remotely during live matches, causing disconnects and name changes. The developer acknowledged and then resolved the incident after about six hours while saying there was no evidence of remote code execution.
