CyberNews: 15/01/2026 Edition

Today’s roundup

Summary

Poland successfully repelled a major cyberattack on its power grid, attributing the sophisticated attempt to Russia.

CERT-UA reported new PLUGGYAPE malware attacks against Ukraine's defense forces by Russia-linked Void Blizzard, employing social engineering.

China has banned domestic companies from using U.S. and Israeli cybersecurity software over national security concerns, impacting major vendors.

Palo Alto Networks patched a high-severity DoS vulnerability (CVE-2026-0227, CVSS 7.7) in GlobalProtect, with a public PoC exploit available.

Fortinet addressed critical flaws: an unauthenticated RCE (CVE-2025-64155, CVSS 9.4) in FortiSIEM with public exploit code, and a sensitive data exposure (CVE-2025-47855, CVSS 9.3) in FortiFone.

Check Point Research analyzed Sicarii, a new RaaS operation possibly using false-flag Israeli/Jewish branding, known for data collection and destructive capabilities.

A novel "Reprompt" attack targets Microsoft Copilot sessions, allowing attackers to issue commands and exfiltrate sensitive data from the AI assistant.

An active malware campaign is exploiting a DLL side-loading vulnerability in the c-ares library to bypass security and deploy various trojans and stealers.

Next.js applications using `next-auth` face risk of persistent user impersonation if `NEXTAUTH_SECRET` is compromised, urging immediate secret rotation.

The FTC banned General Motors from selling drivers' location and driving data for five years after it collected and sold millions of users' data without consent.

Want to dig deeper?

Vulnerabilities

Cyber Groups