![Cybersecurity News | Daily Recap [09 Jan 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [09 Jan 2026]")
Daily Recap, UK unveils a new national cyber action plan to close public-sector gaps and strengthen defenses across government, while the US signals broad diplomatic shifts by exiting global cyber coalitions and dozens of international treaties. In industry and innovation, CrowdStrike will buy identity-security firm SGNL for $740 million to expand identity threat coverage, Blackbird.AI raises 28 million to grow its narrative-intelligence platform and analytics, and OpenAI launches ChatGPT Health with isolated, encrypted controls for sensitive health data to support HIPAA-style protections. #UKCyberPlan #USExit #CrowdStrike #SGNL #BlackbirdAI #OpenAIHealth #AgenticAI #ChromeExtensions #jsPDF #n8n #CiscoISE #MFA #Taiwan #China #Iberia #Prosura #MicrosoftExchangeOnline #GoBruteforcer #RustFS
Tag: CRITICAL INFRASTRUCTURE
Advanced Persistent Threat groups from multiple nation-states increased activity in 2025, using social engineering, fileless and registry-based techniques, web shells, living-off-the-land tools, and bespoke malware to target governments, critical infrastructure, and enterprises. Notable incidents include Mustang Panda’s captive-portal delivery of SOGU.SEC and Sandworm’s deployment of wipers like Zerolot, reflecting continued espionage and disruptive objectives. #MustangPanda #Zerolot
Leaked internal Knownsec documents show the company functions as a state-aligned cyber contractor providing an integrated espionage stack—ZoomEye, TargetDB, GhostX, Un‑Mail, and Passive Radar—supporting PLA/MPS/public-security and critical-infrastructure targeting worldwide. The corpus includes massive breach datasets (o_data_*), detailed TargetDB asset mappings (notably Taiwan telecom/finance/energy), and tooling for browser exploitation, mailbox takeover, PCAP-driven network reconstruction, persistence, and OPSEC/anti-forensics. #Knownsec #GhostX
Hitachi Energy’s Asset Suite versions prior to 9.8 are vulnerable to a Java deserialization flaw exploited through Jasper Report, risking remote code execution. Proper mitigation and network security practices are essential to protect critical energy infrastructure from potential attacks. #JasperReport #DeserializationVulnerability…
This roundup highlights recent cybersecurity incidents including AI data violations, cyberattacks on Jaguar Land Rover, and the arrest related to the Desjardins data breach. It also discusses Chinese cyber activities against Taiwan and US congressional email hacks. #genAI #JaguarLandRover #Desjardins #SaltTyphoon #OwnCloud…
The article explains quantum readiness and post-quantum cryptography (PQC), describing the risks from future Cryptographically Relevant Quantum Computers (CRQCs), the Harvest Now, Decrypt Later threat, and the need to inventory and migrate vulnerable asymmetric cryptography. It summarizes NIST’s selected PQC standards, migration timelines and recommendations (prioritize TLS/SSH key exchange upgrades and inventorying), and describes Wiz’s “Wiz for Post-Quantum Cryptography Security Framework” and tools to detect and manage at-risk encryption. #NIST #OpenSSH
The UK government has released a Cyber Action Plan focused on strengthening its own digital resilience, but it offers limited guidance for private sector cybersecurity. While highlighting systemic vulnerabilities and the importance of resilience, the plan may inadvertently complicate private industry’s security efforts due to skills shortages and evolving threats. #CrowdStrikeIncident…
This week’s cybersecurity news highlights active threat actors using honeypots and exploiting known vulnerabilities to distribute malware. Key developments include a fake hack trap by Resecurity, cryptocurrency miners exploiting GeoServer flaws, and a surge in Chinese-backed attacks on Taiwan’s infrastructure. #LAPSUS$ Hunters #GeoServer #MuddyWater…
President Donald Trump announced the immediate withdrawal of the U.S. from key international cybersecurity and digital rights organizations, signaling a shift toward unilateral digital sovereignty. This move affects alliances like Hybrid CoE, GFCE, and FOC, potentially weakening global and trans-Atlantic cybersecurity cooperation. #HybridCoE #GFCE #FOC…
The Black Shrantac ransomware group claims to have stolen data from the National Water Authority of Peru and Schneider Prototyping India, exposing sensitive organizational information. The attack resulted in the exfiltration of 4TB of data, including water management details and internal company data. #BlackShrantac #PeruWaterAuthority #SchneiderPrototyping…
Taiwan’s National Security Bureau reports a significant increase in Chinese cyber attacks targeting Taiwan’s critical infrastructure in 2025, with energy and emergency services being primary targets. The coordinated cyber operations are closely linked to physical military activities, highlighting a hybrid threat strategy by China. #ChineseCyberAttacks #TaiwanCriticalInfrastructure…
December 2025 closed with multiple high-impact disclosures and incidents, including the unauthenticated React2Shell RCE (CVE-2025-55182), the resurfacing of the BRICKSTORM backdoor, widespread MongoBleed data exposure (CVE-2025-14847), and a novel EtherRAT campaign using Ethereum smart contracts for C2. Organizations were urged to patch vulnerable software, audit and segment MongoDB deployments, apply published IOCs and detections from NSA/CISA and Sysdig, and strengthen visibility and resilience heading into 2026. #React2Shell #BRICKSTORM
The UK government has announced a significant cybersecurity strategy with over £210 million to enhance defenses across public sector institutions. The plan includes establishing security standards, incident response improvements, and collaboration with major firms. #CyberActionPlan #NISRegulations
These vulnerabilities in Columbia Weather Systems MicroServer could allow attackers to hijack connections, gain administrative access, or execute limited shell commands. Security experts recommend remote access restrictions and network segmentation to mitigate these risks. #CVE2025-61939 #CVE2025-64305 #CVE2025-66620 #ColumbiaWeatherSystemsMicroServer…
The UK launches a significant cybersecurity initiative with a £210 million investment to enhance digital public service defenses and establish a dedicated Government Cyber Unit. This initiative aims to improve risk management, incident response, and security standards, aligning government practices with those of critical infrastructure providers. #UKCyberActionPlan #GovernmentCyberUnit…