Hello all,
Welcome to 2026. So far it has been relatively quiet, unless you’re using a specific brand of Chinese network equipment, or SmarterMail. Otherwise, it has been a steady stream of new malware, exploits, and breaches to start the new year. We’ve got news to get to, so onward.
Headline NEWS:
- IBM API Connect is used for managing the API lifecycle. And a critical defect has been found in it that can enable a threat actor to remotely access applications, bypassing authentication. If you use this in your enterprise anywhere, patch this quickly. If you can’t patch now, IBM does offer some mitigation guidance on their alert page.
- SmarterMail is a collaboration suite similar to Microsoft Exchange. It has been shown to have a critical defect that is triggered via a file upload, requiring no user interaction or authentication. If successful, a threat actor could gain code execution access. Update to the latest version to fix this flaw.
- X-Speeder Networking is a Chinese based maker of network hardware such as SD-WAN appliances, edge routers, and smart TV controllers. A critical remote code execution (RCE) defect was found in the django-based web application by pwn.ai that can enable a threat actor to bypass security without any authentication. Disturbingly, X-Speeder has not responded to bug reports despite being given seven months to do so prior to this being made public. Maybe the Chinese haven’t had time to fully exploit all of the X-Speeder connected networks yet. Perhaps they’ll fix the defect afterward. In the meanwhile, if you’re using their gear, replace it.
- US Cybersecurity pros admit to moonlighting as ransomware scum. I couldn’t write that any better. There should be a toasty place in hades reserved for people that violate the public trust in such an egregious manner. I’m truly heartened to see that they were caught and prosecuted. Sadly, the people and companies that these dirtbags affected in their terror campaign may never be the same again.
In Ransomware, Malware, and Vulnerabilities News:
- 2025 retrospectives and 2026 prognostication. There are about half a dozen links to articles regarding risks in 2025, top AI attacks, year in review, biggest attacks stories, and new tech laws for 2026 along with predictions for the future. They are worth reading to get a good overarching view of our industry’s prior year and upcoming changes. As the axiom says, if you don’t learn from the past, you’re doomed to repeat it.
In Other News Events of Note and Interest:
- CES is coming next week. And already there are plenty of leaks and pre-announcements of products and technology that will debut at this colossal showcase in Las Vegas. Some early reports are AI everything, which is pretty much a repeat of last year, but also news of new display technology, larger screens, bio-mechanical assistive technologies, real-time translation tech, and more. It sounds like fun!
Musings:
We’re three days into 2026. The pages of this year should still be mostly blank, with perhaps a few short words or sentences penned. What do your opening lines look like? Is yours, “There was no possibility of a walk that day…” or “It was a dark and stormy day…” or perhaps, “There was nary a cloud in the sky on that bright sunlit morning, save for a few puffy wisps on the horizon. Were they harbingers of coming mayhem, or the heralds of much needed life-giving gentle rain?” Do you see a theme here? Sometimes the interpretation of the events of our lives is a matter of the author’s perspective, and you are the author. Will your 2026 epic be one of whirlwind and chaos, or will you turn what was intended by the hordes of evil for your harm into something good and useful? Like much needed rain falling on parched ground, it can bring a flood or slake the soil’s thirst and bring life. Which will it be? I, for one, say that this is indeed the bright dawn of a new year, let’s make it a good one, and never forget…
Keep the shields up!
Viscount Jan Broucinek
Red Dot Security News
Headline NEWS
- IBM warns of critical API Connect auth bypass vulnerability
- Critical IBM API Connect Vulnerability Let Attackers Bypass Logins
- CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution
- Critical Zero-Day RCE Flaw in X-Speeder Networking Devices Exposes Over 70,000 Hosts
- Critical 0-Day RCE Vulnerability in Networking Devices Exposes 70,000+ Hosts
- US cybersecurity experts plead guilty to BlackCat ransomware attacks
- Cybersecurity pros admit to moonlighting as ransomware scum
Ransomware, Malware, and Vulnerabilities News
- Good News, Government News, and Interesting
- CISA orders feds to patch MongoBleed flaw exploited in attacks
- Feds are hunting teenage hackers
- An arrest has been made in the Coinbase ransomware breach
- King Charles gives award to LockBit takedown architect
- NASA sends thank-you letter to Turkish researcher for exposing security gaps
- Executives say cybersecurity has outgrown the IT department
- Rather than fully cracking down on scam ads, Meta worked to make them harder to find
- The biggest cybersecurity and cyberattack stories of 2025
- Cloudflare Year in Review
- The 2025 Cloudflare Radar Year in Review
- Meet the new tech laws of 2026
- Security coverage is falling behind the way attackers behave
- Vulnerabilities and Exploits
- Top 10 High-Risk Vulnerabilities Of 2025 that Exploited in the Wild
- Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks
- ‘Heartbleed of MongoDB’ under active exploit
- MongoBleed Critical Memory Leak in MongoDB Allowing Attackers to Extract Sensitive Data
- RondoDox botnet exploits React2Shell flaw to breach Next.js servers
- RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
- The Real-World Attacks Behind OWASP Agentic AI Top 10
- OpenAI Hardened ChatGPT Atlas Against Prompt Injection Attacks
- Windows LPE Vulnerabilities via Kernel Drivers and Named Pipes Allows Privilege Escalation
- New Vulnerabilities in Bluetooth Headphones Let Hackers Hijack Connected Smartphone
- Hackers Exploit Copilot Studio’s New Connected Agents Feature to Gain Backdoor Access
- Zoom Stealer browser extensions harvest corporate meeting intelligence
- DarkSpectre quietly infected millions through seemingly legit browser extensions
- Traditional Security Frameworks Leave Organizations Exposed to AI-Specific Attack Vectors
- New ErrTraffic service enables ClickFix attacks via fake browser glitches
- The IoT Security Crisis
- Hackers drain $3.9M from Unleash Protocol after multisig hijack
- Threat Actors Manipulating LLMs for Automated Vulnerability Exploitation
- Self-Propagating GlassWorm Weaponizing VS Code Extensions to Attack macOS Users
- Fake emails target Cardano users with remote access malware
- Phishing, Malware, and similar
- Malware in 2025 spread far beyond Windows PCs
- Infostealers Enable Attackers to Hijack Legitimate Business Infrastructure for Malware Hosting
- Chinese state hackers use rootkit to hide ToneShell malware activity
- EmEditor Editor Website Hacked to Deliver Infostealer Malware in Supply Chain Attack
- Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry
- Trust Wallet links $8.5 million crypto theft to Shai-Hulud NPM attack
- New Spear-Phishing Attack Targeting Security Individuals in Israel Region
- Cybercriminals Abuse Google Cloud Email Feature in Multi-Stage Phishing Campaign
- Researchers identify new ToneShell backdoor targeting government agencies
- Warren County loses $3 million to phishing scam
- VVS Discord Stealer Using Pyarmor for Obfuscation and Detection Evasion
- ‘GhostPairing’ Attacks Are Taking Over WhatsApp Accounts
- Breaches, Leaks, and Ransomware
- ‘Why should we pay these criminals?’: the hidden world of ransomware negotiations
- ESET Warns AI-driven Malware Attack and Rapidly Growing Ransomware Economy
- Two Banks Issue Urgent Data Breach Alerts, Warn 69,662 Customers After Hacker Hits Third-Party Vendor
- Top US Accounting Firm Sax Discloses 2024 Data Breach Impacting 220,000
- Hackers Claim Breach of WIRED Database Containing 2.3 million Subscriber Records
- European Space Agency confirms breach of “external servers”
- Hackers Allegedly Steal Access Tokens, Confidential Documents From European Space Agency
- Korean Air data breach exposes data of thousands of employees
- Massive data breach affects 16 billion accounts in the U.S.
- Over 22M were impacted by data breach: Aflac
- 22 Million Affected by Aflac Data Breach
- Condé Nast Hack Exposes 40 Million Users’ Data
- Hernando County, FL ‘Notices’ Cybersecurity Breach 21 Months Later
- SCDCA warns more than 236,000 residents potentially impacted by lending company data breach
- Romanian energy provider hit by Gentlemen ransomware attack
- Best of 2025: Oracle Breach: The Impact is Bigger Than You Think
- Hackers claim to hack Resecurity, firm says it was a honeypot
Other News Events of Note and Interest
- Tis the season when tech leaders rub their crystal balls
- The most durable tech is boring, old, and everywhere
- The cassette tape made a comeback in 2025 thanks to a DNA upgrade
- 10 Cool Tech Products Revealed Ahead Of CES 2026
- What is Bluetooth 6.0? How the new audio connectivity standard changes the way you listen
- Chrome for Android rolling out Reading mode redesign
- Google now lets admins restrict Apple Intelligence Writing Tools on iOS
- IPv6 just turned 30 and still hasn’t taken over the world
- Got a Galaxy Watch 4? You May Not Want to Install the One UI 8 Update Yet
- NYC mayoral inauguration bans Flipper Zero, Raspberry Pi devices
- Building a DIY Rubber Ducky with Raspberry Pi Pico
- AI, LLM’s, and Skynet
- Artificial intelligence setting cybersecurity trends in 2026
- All The Best AI Tools So YOU Too Can Become Superhuman
- Five Things to Know About Nvidia’s $20 Billion Licensing Deal
- I took Harvard’s free online coding classes to better catch AI’s errors – and they’re legit
- OpenAI is offering $20 ChatGPT Plus for free to some users
- Microsoft
- Microsoft Copilot is rolling out GPT 5.2 as “Smart Plus” mode
- Microsoft announces new security features to boost Teams defenses
- Quick Share on Windows is finally good (and I use it every day)
- Every Windows feature Microsoft removed or deprecated in 2025
- Microsoft’s 2026 end-of-support wave includes Windows 11 24H2, Office 2021, and more
- Microsoft quietly kills official way to activate Windows 11/10 without internet