![Cybersecurity News | Daily Recap [10 Jan 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [10 Jan 2026]")
Daily Recap, state-linked actors from China and Russia exploited VMware ESXi zero-days and edge-device flaws and deployed UAT-7290 Linux malware/ORB nodes to breach telecoms and energy-sector targets. Phishing and crypto-crime activities persisted, with the FBI warning of Kimsuky using malicious QR codes in spear-phishing and misconfigured email routing enabling internal-spoofed phishing, while the Astaroth worm spread in Brazil and the Truebit theft highlighted ongoing ransomware and crypto-exploitation alongside privacy and data-breach concerns. #UAT-7290 #ESXi #Astaroth #Truebit #Kimsuky #FBI #NSA #Cisco #Grok #X #ChatGPTHealth #EEOC #CPPA #CISA #PowerPoint #HPE #DNS
Nation-State & APTs
- State-linked actors from China and Russia have exploited VMware ESXi zero-days, edge-device flaws and deployed UAT-7290 Linux malware/ORB nodes to breach telecoms and energy-sector targets β ESXi Escape, ESXi Timeline, Telco Breach, UAT-7290, BlueDelta
Phishing & Social Engineering
- The FBI warns North Korea-linked Kimsuky is using malicious QR codes in spear-phishing against US orgs, while misconfigured email routing is enabling internal-spoofed phishing β Kimsuky QR, Kimsuky Alert, Email Spoofing
Malware & Crypto Crime
- A WhatsApp worm is propagating the Astaroth banking Trojan across Brazil, crypto platforms lost $26 million in a Truebit theft, and reported ransomware activity tops ~8,000 attacks amid arrests and swaps including a recent prisoner exchange tied to alleged ransomware links β Astaroth Worm, Truebit Theft, Ransomware Tally, Ransomware Swap
Data Breaches & Privacy
- A large US consumer-data incident exposed > 377,000 individuals at a gas-station operator, the EEOC reported contractorβs unauthorized access, the CPPA fined a broker selling Alzheimerβs lists, and critics warn ChatGPT Health could expose sensitive medical data β Gulshan Breach, EEOC Incident, CPPA Fine, ChatGPT Health
Vulnerabilities & Advisories
- CISA has retired/sunsetted 10 emergency cyber orders as its exploited-vulnerabilities catalog matured and is warning organizations about active PowerPoint and HPE vulnerabilities β CISA Retires, CISA Sunsets, CISA Warnings
Network Incidents
- A global DNS crash caused numerous Cisco Small Business switches to enter reboot loops, disrupting affected networks β Cisco DNS
Policy & Leadership
- Tim Kosiba was named deputy director of the NSA, and lawmakers urged app stores to remove Grok and X over concerns about sexualized deepfakes β NSA Deputy, App Store Push
Guides & Analysis
- An overview explains penetration testing tools, processes, and why pen testing remains essential for assessing security posture β Pen Testing