Cybersecurity News | Daily Recap [16 Jan 2026]

AI voice cloning, Wi‑Fi kill switches and PLC vulnerabilities among a roundup of threats and research affecting ML systems and infrastructure – ThreatsDay Bulletin
Argues that the real risk is workflow security rather than model security in ML deployments – Workflow Risk
Researchers warn that AI agents are increasingly being used as privilege‑escalation paths in real environments – AI Agents
Popular Python libraries used in Hugging Face models can be weaponized via poisoned metadata attacks on dependencies – Poisoned Libs
The World Economic Forum lists AI security as the top cyber concern globally – WEF Concern

X will block Grok from generating sexual images and the California AG is opening a probe into nonconsensual deepfakes tied to Grok – Grok Block, Grok Probe

Palo Alto warns of a DoS bug that can let attackers disable customer firewalls – PAN DoS
Public exploit code emerged for a critical FortiSIEM command‑injection flaw – FortiSIEM Flaw

The VoidLink Linux malware framework is being used to target cloud environments and stealthy Linux deployments – VoidLink
Researchers null‑routed over 550 command servers for the Kimwolf and Aisuru botnets, disrupting operations that had infected over 2 million devices – Kimwolf Takedown

Traveler personal information was stolen in a breach affecting Eurail systems – Eurail Breach
South Korean education giant Kyowon confirms data theft following a ransomware attack – Kyowon Ransom
France fined Free Mobile €42 million over a 2024 data breach incident, highlighting regulatory penalties for poor data protection – Free Mobile Fine

Microsoft seized servers and disrupted the RedVDS cybercrime virtual desktop service tied to roughly $40 million in scam losses – RedVDS Takedown, RedVDS Takedown, RedVDS Takedown
A Verizon Wireless outage left phones in SOS mode without cellular service for affected users – Verizon Outage
Ugandan authorities cut internet access on the eve of national elections, disrupting connectivity nationwide – Uganda Shutdown

Siemens, Schneider, Aveva and Phoenix Contact issued patches in this ICS “Patch Tuesday” to fix multiple OT/ICS vulnerabilities – ICS Patch

Four outdated habits are harming SOCs and increasing MTTR in 2026, urging modernization of detection and response practices – SOC MTTR
Guide on automating just‑in‑time application access using Tines to reduce standing privileges and improve access controls – JIT Access
Survey finds CISOs flagging significant gaps in third‑party and AI vendor risk management programs – Vendor Risk

Ukraine’s CERT‑UA attributes recent cyberattacks on defense forces to the PLUGGYAPE actor, detailing targeted campaigns against military networks – PLUGGYAPE Attacks

The FTC banned General Motors from selling drivers’ location data for five years as part of an enforcement action over privacy violations – GM Data Ban
France levied a €42 million fine on Free Mobile for a 2024 data breach, reinforcing regulatory consequences for breaches – Free Mobile Fine

Aikido Security raised $60 million at a $1 billion valuation, signaling continued investor interest in identity and access management startups – Aikido Raise
An investor lawsuit over a major CrowdStrike outage was dismissed, closing litigation tied to service disruption claims – CrowdStrike Suit