Cyber Briefing: 2026.01.13
A wave of cyberattacks and data breaches hit various sectors, from web3 developers and Chrome users to veterinary offices and global ports...
👉 What’s happening in cybersecurity today?
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please Subscribe
🚨 Cyber Alerts
1. China Linked Hackers Exploit VMware ESXi
Chinese-speaking threat actors are suspected of using a compromised SonicWall VPN to deploy a VMware ESXi exploit that may have been developed nearly a year before its public disclosure. Security researchers at Huntress intervened in December 2025 to stop the attack, which utilized a sophisticated toolkit designed for virtual machine escapes and potential ransomware deployment.
2. Fake Interview Tools Target Web3 Developers
Cybersecurity experts are tracking a new trend called inbound social engineering where attackers lure high-value targets into malicious schemes through fake job postings. By posing as legitimate cryptocurrency firms and conducting professional interviews, threat actors trick victims into installing malware that provides full access to personal wallets and corporate systems.
3. Facebook Login Thieves Use Browser Trick
Recent trends show that cybercriminals are increasingly using the browser-in-the-browser phishing technique to steal Facebook login credentials from unsuspecting users. This sophisticated method, originally created by a security researcher in 2022, allows attackers to bypass traditional visual red flags by creating a fake browser window within a legitimate site.
For more alerts click here!
💥 Cyber Incidents
4. BreachForums Database Leak Hits 323,986 Users
On January 9, 2026, a database from the cybercrime platform BreachForums was leaked online, exposing the personal details and digital footprints of over 320,000 users. This massive data release originated from internal systems and has been verified as authentic through a valid digital signature historically linked to the forum’s operators.
5. Chrome Extensions Steal AI Chats
Security researchers have identified two malicious Chrome extensions that steal user conversations from ChatGPT and DeepSeek while monitoring general browsing activity. These extensions, which have nearly one million combined users, trick individuals into sharing data by posing as legitimate AI tools and sending the harvested information to remote servers.
6. Lancaster County Vet Hit By RansomwareRecent trends show that cybercriminals are increasingly using the browser-in-the-browser phishing technique to steal Facebook login credentials from unsuspecting users. This sophisticated method, originally created by a security researcher in 2022, allows attackers to bypass traditional visual red flags by creating a fake browser window within a legitimate site.
For more incidents click here!
📢 Cyber News
7. BreachForums Database Leak Hits 323,986 Users
On January 9, 2026, a database from the cybercrime platform BreachForums was leaked online, exposing the personal details and digital footprints of over 320,000 users. This massive data release originated from internal systems and has been verified as authentic through a valid digital signature historically linked to the forum’s operators.
8. Chrome Extensions Steal AI Chats
Security researchers have identified two malicious Chrome extensions that steal user conversations from ChatGPT and DeepSeek while monitoring general browsing activity. These extensions, which have nearly one million combined users, trick individuals into sharing data by posing as legitimate AI tools and sending the harvested information to remote servers.
9. Lancaster County Vet Hit By Ransomware
Metro Pet Vet in Lancaster County is currently navigating a ransomware attack that has locked staff out of essential patient records and medical histories. While the clinic remains open for appointments, the staff is operating manually as they work toward a resolution expected by next week.
For more news click here!
📈Cyber Stocks
On Tuesday, 13th January, cybersecurity stocks traded with mixed results as broader market caution and profit-taking influenced defensive tech names. Ongoing enterprise investment in cloud security, identity protection and perimeter defenses provided sector support, though rotation into other areas and macro uncertainty limited widespread gains.
Check Point Software Technologies closed at 190.00 dollars and eased, as mixed sentiment in defensive names kept gains modest even though demand for perimeter and firewall defenses continued.
SentinelOne closed at 15.04 dollars and declined slightly, reflecting broader market pressure on high-growth endpoint detection and response stocks.
Rapid7 closed at 13.91 dollars and dipped, with profit-taking and rotation into other sectors tempering near-term momentum despite steady enterprise spending on vulnerability management.
CyberArk Software closed at 456.85 dollars and was largely flat, supported by continued demand for privileged access management and identity security even as defensive names faced broader caution.
Tenable Holdings closed at 23.10 dollars and eased slightly, with broader market volatility limiting gains despite ongoing enterprise emphasis on vulnerability scanning and risk prioritisation.
💡 Cyber Tip
📧 Facebook Login Thieves Use Browser-in-Browser Trick
Attackers are using fake browser pop-ups embedded inside websites to convincingly steal Facebook login credentials.
🔐 What You Should Do
Never log in through pop-up windows—open a new tab and go directly to Facebook
Check that the login page is a real browser window, not an embedded frame
Be wary of urgent security or legal messages pushing immediate action
Use multi-factor authentication and review active sessions regularly
⚠️ Why This Matters
Browser-in-browser attacks bypass visual warning signs, making even experienced users vulnerable to account takeover and downstream scams.
📚 Cyber Book
Permanent Record by Edward Snowden
That concludes today’s briefing. You can check the top headlines here!
Copyright © 2026 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium