Cyber Briefing: 2026.01.16
Copilot Reprompt flaw, VoidLink cloud malware, Fast Pair Bluetooth bugs, Verizon outage; FTC bans GM data sales; RSAC names Easterly.
👉 What’s going on in the cyber world today?
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please Subscribe
🚨 Cyber Alerts
1. Reprompt Attack Steals Microsoft Copilot Data
Security researchers at Varonis identified a critical vulnerability in Microsoft Copilot that allowed attackers to steal user data through a single malicious link. Known as Reprompt, this attack utilized prompt injection techniques to bypass safety filters and maintain a hidden, persistent connection for data exfiltration.
2. VoidLink Linux Malware Targets Cloud Systems
A sophisticated Linux malware framework called VoidLink has emerged with a modular design specifically optimized for infiltrating and persisting within major cloud environments. Security researchers have discovered that this tool targets software engineers to facilitate credential theft and potential supply-chain attacks across platforms like AWS, Azure, and Kubernetes.
3. Millions Of Audio Devices Need Security Patch
Researchers have identified security vulnerabilities in the Fast Pair Bluetooth protocol used by 17 different models of headphones and speakers. These flaws allow unauthorized individuals to remotely access microphones and speakers or track a user’s physical location without their knowledge.
For more alerts click here!
💥 Cyber Incidents
4. ICE Agents Data Leak Site Taken Offline
An activist’s website intended to expose the private data of US immigration officials was recently targeted by a significant cyberattack. The site’s founder suggests the digital assault may have been launched from Russia following a surge of suspicious traffic.
5. Anchorage Police Take Servers Offline
The Anchorage Police Department is responding to a security incident involving Whitebox Technologies, a data migration vendor that alerted officials of a breach on January 7. While there is currently no evidence that police data was stolen or systems compromised, the city has disconnected all third-party access and wiped its remaining data from the vendor’s servers.
6. Verizon Users Unhappy With Outage Credit
A software malfunction caused a widespread Verizon outage that lasted more than six hours across the United States. A company spokesperson confirmed the technical error as the primary reason for the disruption of cellular and data services nationwide.
For more incidents click here!
📢 Cyber News
7. FTC Bars GM From Selling Driver Location Data
The Federal Trade Commission has finalized a settlement with General Motors and OnStar over allegations that the company sold the driving and location data of millions of motorists to third parties without their permission. The agreement prohibits the automaker from sharing specific driver data with insurance-related agencies for five years and mandates a strict consent process for all data collection over the next two decades.
8. Jen Easterly Named CEO Of RSAC
RSA Conference LLC has appointed former CISA Director Jen Easterly as its new Chief Executive Officer to lead the organization as artificial intelligence and cybersecurity increasingly converge. Easterly will oversee the global portfolio of the premier cybersecurity platform, including its flagship San Francisco event and its expanding international and professional programs.
9. Dutch Police Arrest AVCheck Operator
A software malfunction caused a widespread Verizon outage that lasted more than six hours across the United States. A company spokesperson confirmed the technical error as the primary reason for the disruption of cellular and data services nationwide.
For more news click here!
📈Cyber Stocks
On Friday, 16th January, cybersecurity stocks mostly traded lower as broader market volatility, profit-taking and geopolitical risk weighed on defensive tech names. Continued enterprise demand for cloud security, identity protection and perimeter defenses provided some support, but macro uncertainty and sector rotation limited broad upside.
Zscaler closed at 214.50 dollars and declined slightly, with light selling pressure limiting gains even as adoption of cloud-delivered security and zero-trust architectures continued.
Fortinet closed at 76.38 dollars and eased, pressured by broader tech rotation even though persistent interest in zero-trust and network-security solutions underpinned its longer-term demand profile.
Check Point Software Technologies closed at 188.92 dollars and moved lower, with mixed sentiment in defensive names offsetting ongoing demand for perimeter and firewall defenses.
SentinelOne closed at 14.30 dollars and declined modestly, reflecting broader market pressure on high-growth endpoint detection and response names despite ongoing investor interest in AI-augmented solutions.
Rapid7 closed at 13.42 dollars and dipped, as profit-taking and rotation into cyclicals tempered near-term momentum even though enterprise investment in vulnerability management and detection-response services remained steady.
💡 Cyber Tip
🎧 Millions of Audio Devices Need a Security Patch
Researchers found serious flaws in the Bluetooth Fast Pair protocol used by popular headphones and speakers. Attackers could remotely connect to affected devices to access microphones, play audio, or even track a user’s physical location without consent. The issue impacts multiple brands and can affect users across both Android and iOS.
🔐 What You Should Do
Update headphone and speaker firmware as soon as patches are available
Turn off Bluetooth when not actively in use
Avoid pairing devices in public or crowded places
Regularly review paired devices and remove anything unfamiliar
Be cautious using audio devices in sensitive environments
⚠️ Why This Matters
Wearable audio devices are always nearby and often trusted. If compromised, they can become silent surveillance tools, turning everyday convenience into a serious privacy risk.
📚 Cyber Book
AI Data Privacy and Protection: The Complete Guide to Ethical AI, Data Privacy, and Security by Justin Ryan, Mario Lazo
That concludes today’s briefing. You can check the top headlines here!
Copyright © 2026 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium
Great roundup of current threats. The Fast Pair vulnerability is particularly concerning because people never think about patching their headphones untill something goes wrong. I've seen enterprises with solid device management completely ignore audio peripherals in their firmware update policies. The surveillance risk alone should be enough to make consumer electronics manufacturers take firmware security way more seriuosly.