Cybersecurity News | Daily Recap [09 Jan 2026]

hendryadrian.com

hendryadrian.com

Policy & International

• UK unveils a new national cyber action plan to close public-sector gaps and strengthen defenses across government – UK Cyber Plan, UK Cyber Plan
• US orders exits from global cyber and hybrid-threat coalitions, pulling back from multilateral cybersecurity cooperation – US Exit Orders
• US announces withdrawals from dozens of international treaties and organizations, signaling broad diplomatic shifts with cyber implications – US Withdrawals

Industry & Funding

• CrowdStrike will buy identity-security firm SGNL for $740 million in cash to expand identity threat coverage – CrowdStrike Buy
• Blackbird.AI raises $28 million to grow its narrative-intelligence platform and analytics offerings – Blackbird Raise
• OpenAI launches ChatGPT Health with isolated, encrypted controls for sensitive health data to support HIPAA-style protections – OpenAI Health

AI & Privacy

• Security researchers urge rethinking defenses for agentic AI, warning of new attack surfaces from autonomous models – Agentic AI
• Multiple Chrome extensions with 900,000 downloads were found stealing AI chat content, exposing user conversations and data to third parties – Chrome Extensions
• Opinion pieces and analysis examine influence dynamics in security commentary and the evolving trust model for open source projects – Security Voices, Trusted OSS

Vulnerabilities & Exploits

• A critical jsPDF flaw that lets attackers exfiltrate secrets via crafted PDFs has been disclosed and patched — researchers and vendors urge urgent updates – jsPDF Flaw, jsPDF Flaw
• n8n webhook vulnerability CVE-2026-21858 allows unauthenticated file access and RCE, exposing instances to takeover — apply vendor fixes immediately – n8n Takeover, n8n Takeover
• Cisco ISE flaws with public PoC/exploit code prompted emergency patches and warnings after active exploitation was reported – Cisco ISE, Cisco ISE
• CISA flags actively exploited bugs in Microsoft Office and tags a max-severity flaw in HPE OneView, with vendors and admins urged to patch now – Actively Exploited, HPE OneView
• Threat roundup highlights a wide set of issues including a RustFS flaw, Iranian operations, WebUI RCEs and cloud leaks — investigators warn of ongoing multi-front campaigns – ThreatsDay Bulletin
• New wave of GoBruteforcer attacks targeting crypto and blockchain projects is underway; custodians should harden credentials and node access – GoBruteforcer Wave

Incidents & Outages

• Australian insurer Prosura confirms a cyber incident and has taken online services offline while investigating customer impact – Prosura Incident
• Spanish airline Iberia says recent breach claims relate to a November incident as it investigates data-exposure allegations – Iberia Breach
• Microsoft Exchange Online outage disrupted mailbox access via IMAP4, blocking some users from legacy mail clients during an incident window – Microsoft Outage
• Analysis shows dozens of major breaches were enabled by info-stealers and the absence of MFA, underscoring the need for stronger identity controls – Infostealer Breaches
• Microsoft announces enforcement of MFA for Microsoft 365 admin center sign‑ins to reduce account takeover risk for administrators – M365 MFA

Nation‑State & Threat Metrics

• Taiwan is reportedly hit with about 2.6 million cyberattacks daily attributed to operations from China, highlighting persistent nation-state pressure on critical infrastructure – Taiwan Attacks

Cybersecurity News | Daily Recap – hendryadrian.com