ShinyHunters Targets Approximately 100 Organisations in Okta Single Sign-On Credential Theft Campaign

Jan 30, 2026 | Podcast

https://www.okta.com/blog/threat-intelligence/phishing-kits-adapt-to-the-script-of-callers ShinyHunters has targeted around 100 organisations in its latest Okta single sign-on credential stealing campaign using evolved voice-phishing techniques to compromise SSO...

Extortion Group WorldLeaks Claims 1.4 Terabyte Data Theft From Nike in Manufacturing-Focused Breach

Jan 29, 2026 | Podcast

Nike confirmed it is investigating a potential cybersecurity incident after extortion crew WorldLeaks claimed to have stolen 1.4 terabytes containing 188,347 files from the sportswear giant’s systems and posted samples on its leak site. The published data...

WhatsApp Launches Strict Account Settings to Shield High-Risk Users From Advanced Spyware Attacks

Jan 28, 2026 | Podcast

https://blog.whatsapp.com/whatsapps-latest-privacy-protection-strict-account-settings Meta announced it is adding Strict Account Settings on WhatsApp to secure certain users against sophisticated cyber attacks, functioning similarly to Apple’s Lockdown Mode and...

JavaScript Package Managers Vulnerable to Supply Chain Attacks Despite npm’s Shai-Hulud Security Measures

Jan 27, 2026 | Podcast

https://www.koi.ai/blog/packagegate-6-zero-days-in-js-package-managers-but-npm-wont-act Defence mechanisms that npm introduced following the Shai-Hulud supply-chain attacks contain critical weaknesses allowing threat actors to bypass protections through Git...

Nearly 800,000 Telnet Servers Exposed Globally as Critical Authentication Bypass Vulnerability Faces Active Exploitation

Jan 26, 2026 | Podcast

https://www.bleepingcomputer.com/news/security/nearly-800-000-telnet-servers-exposed-to-remote-attacks Internet security watchdog Shadowserver is tracking nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication...

Predictable Password Patterns Persist as Billions Continue Using Easily Cracked Credentials

Jan 23, 2026 | Podcast

https://www.welivesecurity.com/en/cybersecurity/old-habits-die-hard-2025-most-common-passwords The password “123456” continues to reign as the most commonly used password globally across all age groups, with a full 25 percent of the top 1,000 most-used...

Attackers Weaponise Zendesk Support Systems in Massive Global Spam Campaign

Jan 22, 2026 | Podcast

Your Inbox Is Under Attack — Even Trusted Support Emails Are Being Abused A widespread spam campaign exploited unsecured Zendesk customer support systems to flood users worldwide with hundreds of automated emails from legitimate companies beginning around January 18....

AI-Powered Browsers Reverse Decades of Web Security Advances, Researchers Warn

Jan 21, 2026 | Podcast

https://www.darkreading.com/application-security/ai-agents-undermine-progress-browser-security Agentic browsers powered by artificial intelligence are undermining years of progress in web security by reintroducing vulnerabilities that modern browsers had largely...

GitLab Releases Emergency Patches for Two-Factor Authentication Bypass and Denial-of-Service Vulnerabilities

Jan 20, 2026 | Podcast

https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/#cve-2026-0723—unchecked-return-value-issue-in-authentication-services-impacts-gitlab-ceee GitLab has addressed a critical security issue that permitted attackers with knowledge of...

Fortune 500 Companies Compromised Through Vulnerable Security Testing Applications

Jan 19, 2026 | Podcast

When the Lab Door Stays Open: Exposed Training Apps Exploited for Fortune 500 Cloud Breaches Cybercriminals are targeting intentionally vulnerable web applications that organisations use for security training and penetration testing, gaining unauthorised access to...