The Cyber Express Weekly Roundup: Jan 2026 Threats & Trends
Briefly

The Cyber Express Weekly Roundup: Jan 2026 Threats & Trends
"On January 26, 2026, Delta, a Russian alarm and vehicle security provider, suffered a major cyberattack, disrupting alarms, vehicle systems, and company communications for tens of thousands of customers. While no confirmed customer data breach occurred, an unverified leak circulated online."
"Ad fraud is escalating, costing the digital advertising industry billions and eroding consumer trust. Experts like Dhiraj Gupta of mFilterIt emphasize that brands can no longer rely on platform-reported metrics alone. Independent verification, real-time audits, and continuous monitoring of data flows are now essential to ensure privacy, enforce purpose limitations, and maintain accountability across complex advertising ecosystems."
"Ivanti released emergency fixes for two critical zero-day code injection vulnerabilities (CVE-2026-1281 and CVE-2026-1340) in Endpoint Manager Mobile. These flaws allow attackers to execute arbitrary code, access sensitive device and user data, and track locations. CISA added CVE-2026-1281 to its KEV catalog with a two-day remediation deadline for federal agencies."
Organizations worldwide experienced high-profile cyberattacks, emerging AI and ad-fraud threats, critical software vulnerabilities, and intensified regulatory scrutiny across public and private sectors. A January 26 attack on Delta, a Russian alarm and vehicle security provider, disrupted alarms, vehicle systems, and communications for tens of thousands; an unverified data leak circulated online. Ad fraud escalated, costing billions and undermining consumer trust, prompting calls for independent verification, real-time audits, and continuous monitoring of data flows to protect privacy and enforce purpose limitations. Ivanti released emergency patches for two zero-days in Endpoint Manager Mobile; CISA added one to KEV with a two-day remediation deadline. Cyble identified ShadowHS, a fileless, in-memory Linux persistence framework enabling long-term operator-controlled access.
#cyberattacks #ad-fraud #vulnerabilities #threat-intelligence
Read at The Cyber Express
Unable to calculate read time
[
|
]