Estimated to have infected 7,000 systems, the botnet uses a mass-compromise pipeline, deploying various scanners and malware.
The post New ‘SSHStalker’ Linux Botnet Uses Old Techniques appeared first on SecurityWeek.
CISA Releases Guide to Help Critical Infrastructure Users Adopt More Secure Communication
ZAST.AI Raises $6M Pre-A to Scale “Zero False Positive” AI-Powered Code Security
January 5, 2026, Seattle, USA — ZAST.AI announced the completion of a $6 million Pre-A funding round. This investment came from the well-known investment firm Hillhouse Capital, bringing ZAST.AI’s total funding close to $10 million. This marks a recognition from leading capital markets of a new solution: ending the era of high false positive rates in security tools and making every alert
BeyondTrust Patches Critical RCE Vulnerability
Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication.
The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek.
Warlock Ransomware Breaches SmarterTools Through Unpatched SmarterMail Server
SmarterTools confirmed last week that the Warlock (aka Storm-2603) ransomware gang breached its network by exploiting an unpatched SmarterMail instance.
The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company’s Chief Commercial Officer, Derek Curtis, said.
“Prior to the breach, we had approximately 30 servers/VMs
The incident took place on January 29, 2026, when a mail server that was not updated to the latest version was compromised, the company’s Chief Commercial Officer, Derek Curtis, said.
“Prior to the breach, we had approximately 30 servers/VMs
Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms
China-linked UNC3886 targeted all four major telecom providers, but did not disrupt services or access customer information.
The post Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms appeared first on SecurityWeek.
Dutch Authorities Confirm Ivanti Zero-Day Exploit Exposed Employee Contact Data
The Netherlands’ Dutch Data Protection Authority (AP) and the Council for the Judiciary confirmed both agencies (Rvdr) have disclosed that their systems were impacted by cyber attacks that exploited the recently disclosed security flaws in Ivanti Endpoint Manager Mobile (EPMM), according to a notice sent to the country’s parliament on Friday.
“On January 29, the National Cyber Security Center (
“On January 29, the National Cyber Security Center (
Fugitive behind $73M ‘pig butchering’ scheme gets 20 years in prison
A dual Chinese and St. Kitts and Nevis national was sentenced to 20 years in prison in absentia for his role in an international cryptocurrency investment scheme (also known as pig butchering or romance baiting) that defrauded victims of more than $73 million. […]
RSAC Releases Quantickle Open Source Threat Intelligence Visualization Tool
Quantickle is a browser-based tool designed for creating visual representations of threat research.
The post RSAC Releases Quantickle Open Source Threat Intelligence Visualization Tool appeared first on SecurityWeek.
Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution
Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems.
The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0.
The vulnerability, tracked as CVE-2026-21643, has a CVSS rating of 9.1 out of a maximum of 10.0.
“An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in FortiClientEMS may