👉 What are the latest cybersecurity alerts, incidents, and news?

Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.

First time seeing this? Please Subscribe

Get BlueSleuth-Lite

🚨 Cyber Alerts

1. Cybercriminals Exploit WinRAR Flaw

Google Threat Intelligence Group reports that multiple state-sponsored and criminal organizations have spent the last six months exploiting a critical WinRAR vulnerability. Although a patch was released in July after initial zero-day use by Russian hackers, various groups continue to use the flaw to target government, military, and financial sectors globally.

2. Mustang Panda Deploys Infostealers

The Chinese espionage group Mustang Panda has upgraded its CoolClient backdoor with new capabilities to monitor clipboards and exfiltrate browser credentials. This updated malware, which has recently targeted government entities across Asia and Russia, is being deployed alongside a new, yet-to-be-analyzed rootkit via compromised legitimate software.

3. Fake PyPI Packages Spread Remote Trojan

Security researchers recently uncovered two malicious Python packages on PyPI, spellcheckerpy and spellcheckpy, which disguised themselves as spellcheckers to infect systems with a remote access trojan. Despite being removed, these packages were downloaded over 1,000 times and utilized a clever technique of hiding a base64-encoded downloader within a legitimate-looking Basque dictionary file.

For more alerts click here!

RSVP Here

💥 Cyber Incidents

4. Hacker Steals Millions From Matcha Users

A hacker stole 13.5 million dollars in cryptocurrency from users of the decentralized exchange meta aggregator Matcha Meta on January 25. The security breach targeted users who had interacted with the SwapNet aggregator and disabled one-time approval settings on their accounts.

5. Ransomware Attack Hits Winona County

Winona County officials recently discovered a ransomware attack that compromised their computer network, prompting the Board Chair to sign a formal declaration of local emergency. While the specific timeline of the breach remains undisclosed, authorities confirmed that essential public safety systems, including 911 and fire department services, continue to function without interruption.

6. London Cyber Attack Delays Home Sales

A significant cyberattack on the UK’s digital property infrastructure has frozen the London housing market by disabling the systems required for conveyancing and title searches. This disruption highlights the extreme vulnerability of modern real estate transactions to digital interference, leaving thousands of buyers and sellers in legal limbo.

For more incidents click here!

Get Help

📢 Cyber News

7. Ex CEO Allegedly Hijacked Company Domain

An ex-CEO allegedly hijacked his former game studio’s website and email systems, causing over $1 million in damages before listing the domain for sale for $6.6 million. The lawsuit claims the executive launched this retaliatory strike years after being fired, effectively paralyzing the company’s operations and communications.

8. More Charged In Ploutus ATM Scheme

The Department of Justice has indicted thirty-one individuals for their involvement in a sophisticated operation that used Ploutus malware to steal millions of dollars from automated teller machines. Operating primarily between early 2024 and late 2025, the group successfully targeted dozens of machines to illicitly withdraw over five million dollars.

9. Hackers Blackmail Best Buy Employee

A Best Buy worker in Georgia allegedly permitted the theft of dozens of PlayStation 5 consoles, claiming a hacking group coerced him through blackmail. Police remain skeptical of the story because the employee could not provide basic details about the hackers or even his own email address.

For more news click here!

Register Here

📈Cyber Stocks

Midweek trading on Wednesday, 28 January showed cybersecurity stocks trading mixed with a slight uptick in cloud and identity-centric names, while some defensive and legacy security stocks saw modest weakness. Investors continued positioning around strong enterprise security demand against ongoing macro volatility and rotation within the broader tech sector.

• Okta closed at 91.46 dollars and edged up, reflecting continued interest in identity and access management solutions.

• Zscaler closed at 219.67 dollars and advanced, with cloud security and zero-trust adoption narratives supporting performance.

• Fortinet closed at 81.71 dollars and was modestly lower, as network security hardware and services stocks lagged peers in a mixed session.

• Check Point Software Technologies closed at 182.94 dollars and eased, with legacy threat prevention demand steady but broader sector rotation affecting price action.

• SentinelOne closed at 15.11 dollars and moved higher, as AI-enabled endpoint protection stocks saw selective buying.

💡 Cyber Tip

🗂️ Cybercriminals Exploit WinRAR Flaw

Multiple threat groups are still abusing a critical WinRAR bug months after a patch was released. Specially crafted archive files can silently drop malware onto Windows systems, enabling automatic code execution. Both state sponsored actors and cybercriminals are actively using this flaw against government and financial targets.

🛠️ What You Should Do

• Update WinRAR to the latest version immediately

• Block or remove outdated archive tools

• Treat compressed files from emails as high risk

• Monitor systems for suspicious archive extraction

⚠️ Why This Matters
Old vulnerabilities remain effective attack vectors. Unpatched software continues to give attackers an easy and reliable path to compromise systems.

Visit BookClub

📚 Cyber Book

Blue Team Handbook by Don Murdoch

Get Book

That concludes today’s briefing. You can check the top headlines here!

Copyright © 2026 CyberMaterial. All Rights Reserved.

Follow CyberMaterial on:

Substack, LinkedIn, Twitter, Reddit, Instagram, Facebook, YouTube, and Medium