Cyber Briefing: 2026.01.22
Critical camera and WordPress takeovers, FortiGate attack surges, major public sector breaches, supply-chain ransomware, auto zero-days, and arrests.
👉 What’s going on in the cyber world today?
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
First time seeing this? Please Subscribe
🚨 Cyber Alerts
1. Critical TP Link VIGI Camera Takeover
TP-Link has addressed a critical security vulnerability affecting more than 32 models of its VIGI C and VIGI InSight professional surveillance cameras. The flaw allowed attackers on a local network to bypass authentication by exploiting a weakness in the password recovery process, potentially giving them full administrative control over the devices.
2. ACF Plugin Bug Grants Admin Access
A critical vulnerability in the Advanced Custom Fields: Extended WordPress plugin allows unauthenticated attackers to remotely gain administrative access to affected websites. The flaw exists in versions 0.9.2.1 and earlier and can lead to total site takeover if certain form configurations are present.
3. Arctic Wolf Sees FortiGate Attack Surge
Arctic Wolf has identified a new surge of automated attacks targeting Fortinet FortiGate devices to modify firewall configurations without authorization. These intrusions involve the creation of persistent accounts and the theft of device settings, likely building upon exploits of critical authentication bypass flaws first observed in late 2025.
For more alerts click here!
💥 Cyber Incidents
4. Zendesk Ticket Systems Hijacked Globally
A massive spam wave is currently exploiting unsecured Zendesk support systems to flood global inboxes with hundreds of automated ticket confirmations. Although these emails often feature alarming or bizarre subject lines, they appear to be a high-volume trolling campaign rather than a direct phishing threat.
5. Minnesota DHS Data Breach Hits 300K
The Minnesota Department of Human Services recently notified nearly 304,000 residents that their demographic and personal data were compromised due to unauthorized system access by an affiliated user. While the breach involved sensitive information such as Medicaid IDs and partial Social Security numbers for over 1,200 individuals, state officials report no current evidence of data misuse.
6. Key Apple Nvidia Tesla Supplier Breached
Apple supplier Luxshare has reportedly fallen victim to a ransomware attack by a group called RansomHub, which claims to have stolen sensitive product designs and employee data. The attackers are threatening to leak 3D models and internal timelines unless the company pays a ransom to prevent the public disclosure of these confidential files.
For more incidents click here!
📢 Cyber News
7. Tesla Hacked At Pwn2Own Automotive 2026
Security researchers successfully breached the Tesla Infotainment System and secured $516,500 in prizes after exploiting 37 zero-day vulnerabilities during the opening of the Pwn2Own Automotive 2026 competition. Various hacking teams demonstrated multiple exploits against vehicle charging stations and navigation systems, leading to significant cash awards and a 90-day window for vendors to patch the discovered flaws.
8. Greek Police Arrest Fake Cell Tower Gang
Greek authorities recently dismantled a sophisticated mobile scam operation that utilized a deceptive cellular transmitter concealed within a vehicle to target residents in Athens. The criminal group specialized in sending mass phishing messages by tricking nearby mobile devices into connecting to their illicit equipment.
9. Snapchat Expands Parental Contact Insights
Snapchat is expanding its Family Center features to provide parents with specific context about their children’s new connections, such as mutual friends or shared school communities. These updates also include a detailed breakdown of how much time teenagers spend across various sections of the app like messaging, the map, and video features.
For more news click here!
📈Cyber Stocks
Thursday trading on 22nd January saw cybersecurity equities hold mostly steady after a bout of short-term volatility in the broader tech sector. Investor focus continues to balance strong enterprise demand for security solutions with rotation pressures affecting growth names. Cloud-centric and identity security stocks showed resilience while more cyclical or legacy-oriented names experienced modest softness.
Okta closed at roughly 88.94 dollars and moved up, with identity and access management stocks showing relative strength in a mixed session.
Zscaler closed near 208.66 dollars and was modestly higher, reflecting ongoing demand for zero-trust cloud security offerings despite broader market sluggishness.
Fortinet finished around 75.75 dollars and held near flat, with network security hardware and services maintaining steady demand.
Check Point Software Technologies closed near 174.36 dollars and was lower, with legacy firewall and threat prevention names lagging modestly relative to cloud-centric peers.
SentinelOne closed at approximately 13.80 dollars and ticked up, as smaller AI-driven endpoint security stocks showed selective buying interest.
💡 Cyber Tip
🧩 ACF Plugin Bug Grants Admin Access
A critical flaw in the Advanced Custom Fields: Extended WordPress plugin allows unauthenticated attackers to gain full administrator access on vulnerable sites. The issue affects older versions and can be exploited when user-facing forms allow role assignment without proper server-side validation, leading to complete site takeover.
🔐 What You Should Do
Update the plugin immediately to the latest patched version
Audit all user registration and profile update forms
Remove any public facing role selection fields
Monitor logs for unusual account creation or role changes
Keep all WordPress plugins and themes up to date
⚠️ Why This Matters
Admin access means total control. Even a single vulnerable form can let attackers take over a website, inject malware, steal data, or lock out legitimate owners. Prompt patching and form reviews are essential defenses.
📚 Cyber Book
Cybersecurity Education for Awareness and Compliance by Ismini Vasileiou , Steven Furnell
That concludes today’s briefing. You can check the top headlines here!
Copyright © 2026 CyberMaterial. All Rights Reserved.
Follow CyberMaterial on:
Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium











This briefing really drives home how fragmented the threatlandscape has become! The FortiGate surge combined with Zendesk hijacking shows attackers are simultaneously going after infrastructure and social systems. I dunno if enterprises realize these aren't isolated incidents but coordinated probing of differnt attack surfaces. Last month our team tracked similiar patterns targeting both edge devices and ticketing plaforms within the same victim org.