Attackers can manipulate process objects and hide malicious activity, rendering the endpoint defenseless despite the presence of security software. This allows for encryption, credential theft, and lateral movement without interference.

A trojanized version of the open-source FTP client FileZilla 3.69.5 has been discovered, circulating online with a malicious `version.dll`. This attack is part of a growing trend where trusted software is used to distribute malware.

A ransomware attack by the Rhysida group targeted the local government of Southold, NY, disrupting critical systems and demanding a ransom of 10 bitcoin. The attack was announced on November 24, 2025, with recovery efforts ongoing as of mid-January.

The University of Hawaii Cancer Center experienced a ransomware attack, leading to a data breach affecting up to 1.2 million individuals. The breach involved data from the Multiethnic Cohort Study and three other epidemiological studies.

Google has released a security update addressing 129 vulnerabilities in Android devices, including an actively exploited zero-day vulnerability, CVE-2026-21385, affecting Qualcomm components.

The Scattered LAPSUS$ Hunters (SLH) are actively recruiting women for IT help desk vishing attacks, offering $500–$1,000 per call. Recruits are provided with pre-written scripts to enhance the success of these social engineering attacks.

APT37, a North Korean cyber espionage group, has launched a new campaign named "Ruby Jumper" targeting air-gapped networks. The campaign introduces five new tools: Restleaf, SnakeDropper, ThumbSBD, VirusTask, and FootWine.

Madison Square Garden (MSG) has reported a data breach that exposed names and Social Security numbers due to a zero-day vulnerability in Oracle’s E-Business Suite, managed by a third-party vendor.

Microsoft has identified a campaign involving trojanized gaming utilities, Xeno.exe and RobloxPlayerBeta.exe, which deploy a Remote Access Trojan (RAT). The RAT connects to a command and control (C2) server at IP address 79.110.49[.]15.

A significant security lapse by South Korea's National Tax Service led to the theft of $4.8 million in cryptocurrency. The incident underscores the critical importance of safeguarding mnemonic recovery phrases.