🎢 This week’s cybersecurity rollercoaster: where Wi-Fi crashes with one packet, Chrome extensions cosplay as your HR portal, and ZIP files contain more layers than a lasagna made by someone with commitment issues.

The big picture? Attackers are getting sophisticated (looking at you, Predator spyware that learns from failure), infrastructure is falling over (RIP Verizon, enjoy your $20), and apparently two missing characters almost took down AWS. Two. Characters.

Meanwhile, cybercrime groups are running tighter operations than most Fortune 500 companies, complete with KPIs and customer support. The irony is painful.

Check out the full wrap-up for all the gory details on this week’s digital chaos.

#CyberSecurity #ThreatIntelligence #InfoSec #Malware #Ransomware #DataBreach #FWU #fridaywrapup

Malware & Vulnerabilities

This week’s vulnerability buffet features everything from Chrome extensions masquerading as HR tools to Wi-Fi bugs that can knock your network offline with a single packet.

• 🎭 Fake n8n workflow packages on npm tricked developers into revealing OAuth credentials by posing as legitimate Google Ads integrations. (Published on 12-Jan-2026, The Hacker News). Read More

• 📸 Instagram patched a password reset flaw that let third parties spam users with reset emails and potentially leak user data. (Published on 12-Jan-2026, SecurityWeek). Read More

• 🐧 VoidLink malware framework discovered targeting Linux cloud servers with custom loaders, rootkits, and plugins designed for modern cloud environments. (Published on 13-Jan-2026, BleepingComputer). Read More

• 📡 Broadcom Wi-Fi chipset flaw allows attackers to crash 5GHz networks with one malicious frame, requiring manual router reboots to restore connectivity. (Published on 13-Jan-2026, CSO Online). Read More

• 🤖 ServiceNow patched critical AI Platform vulnerability (CVE-2025-12420) that allowed unauthenticated attackers to impersonate users and perform arbitrary actions. (Published on 13-Jan-2026, The Hacker News). Read More

• 🪟 Microsoft’s January Patch Tuesday addressed 112 vulnerabilities, including one actively exploited Windows zero-day disclosed publicly before patches were available. (Published on 13-Jan-2026, SecurityWeek). Read More

• 🎣 Browser-in-the-browser phishing attacks surge, tricking Facebook users into surrendering login credentials through convincing fake authentication windows. (Published on 13-Jan-2026, Infosecurity). Read More

• 💰 Fake PayPal payment notices deployed remote monitoring tools to steal credentials and maintain persistent access to victim systems. (Published on 14-Jan-2026, Infosecurity). Read More

• 🔥 Palo Alto Networks patched high-severity DoS vulnerability letting unauthenticated attackers disable firewall protections remotely. (Published on 15-Jan-2026, BleepingComputer). Read More

• 🤖 Microsoft Copilot vulnerability allowed “Reprompt” attack to silently exfiltrate session data even after chat windows were closed. (Published on 15-Jan-2026, SecurityWeek). Read More

• ☁️ AWS CodeBuild misconfiguration exposed core repositories to potential supply chain attacks affecting the entire AWS Console. (Published on 15-Jan-2026, Infosecurity). Read More

• 📧 Cisco patched maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway appliances since November 2025. (Published on 16-Jan-2026, BleepingComputer). Read More

• 🌐 Five malicious Chrome extensions impersonated Workday, NetSuite, and SuccessFactors to steal authentication tokens and hijack enterprise accounts. (Published on 16-Jan-2026, The Hacker News). Read More

• 📦 GootLoader malware now concatenates 500-1,000 ZIP archives to create malformed files that evade detection by most unarchiving tools. (Published on 16-Jan-2026, The Hacker News). Read More

Major Cyberattacks & Incidents

Canadian financial regulators join the breach club with three-quarters of a million records exposed.

• 🇨🇦 Canadian Investment Regulatory Organization suffered data breach impacting personal information of 750,000 member firms and registered employees. (Published on 16-Jan-2026, SecurityWeek). Read More

Espionage & Data Extraction A

dvanced spyware learns from its failures, turning unsuccessful attacks into reconnaissance for future exploits.

• 🕵️ Predator spyware revealed to possess sophisticated anti-analysis features, converting failed attack attempts into intelligence for future zero-day exploits. (Published on 14-Jan-2026, SecurityWeek). Read More

Cybersecurity Tools & Techniques

This week defenders fought back, null-routing botnets and dismantling cybercrime infrastructure through coordinated legal action.

• 🤖 Black Lotus Labs null-routed over 550 command-and-control nodes for AISURU/Kimwolf botnet since October, disrupting massive DDoS infrastructure. (Published on 14-Jan-2026, The Hacker News). Read More

• ⚖️ Microsoft’s coordinated legal action in US and UK disrupted RedVDS cybercrime subscription service linked to millions in fraud losses. (Published on 15-Jan-2026, The Hacker News). Read More

DDoS, Outages & Infrastructure

Verizon’s nationwide outage left millions phoneless, but at least they’re getting $20 credits for their trouble.

• 📱 Verizon Wireless suffered massive nationwide outage leaving customers in SOS mode without cellular service across the US. (Published on 14-Jan-2026, BleepingComputer). Read More

• 💵 Verizon began issuing $20 account credits via text message following last week’s nationwide wireless outage. (Published on 16-Jan-2026, BleepingComputer). Read More

Vulnerability Research & Industry Analysis

Deep dives into how cybercrime has become more organized than most IT departments, and why npm has become ground zero for supply chain attacks.

• 🏢 Cybercrime groups now operate with corporate-level structure, offering ransomware-as-a-service with support forums, KPIs, and profit-sharing models. (Published on 14-Jan-2026, CSO Online). Read More

• 📦 npm supply chain attacks evolved from simple typosquatting to coordinated credential theft campaigns targeting maintainers and CI/CD pipelines. (Published on 15-Jan-2026, CSO Online). Read More

• ☁️ Two missing characters in AWS CodeBuild configuration nearly compromised entire AWS Console in critical supply chain vulnerability. (Published on 16-Jan-2026, Hackread). Read More

AI & Policy

Tech giants team up while regulators crack down on deepfakes and data brokers.

• 🤝 Apple confirmed multi-year partnership with Google to power next-generation Siri using Gemini AI and Google Cloud infrastructure. (Published on 12-Jan-2026, BleepingComputer). Read More

• 🏥 California CPPA cracked down on unregistered data brokers illegally trading personal health data without proper authorization. (Published on 12-Jan-2026, Infosecurity). Read More

• 🇬🇧 UK regulator Ofcom launched investigation into X (formerly Twitter) for allegedly facilitating nonconsensual deepfake pornography of adults and children. (Published on 12-Jan-2026, CyberScoop). Read More

Stay informed and secure in the tech and cybersecurity world. Have a great weekend, and remember to patch and protect your systems!