Weekly threat briefing: January 18-23, 2026

This week brought a wave of significant cybersecurity developments, from AI-generated malware making its debut to mass exploitation of enterprise firewalls. Here's what security teams need to know.

VoidLink: The first major AI-generated malware framework

The cybersecurity community is analyzing VoidLink, a new Linux malware framework that shows clear indicators of being AI-generated. The malware uses custom-built cloud infrastructure for command and control operations, representing a significant evolution in threat actor capabilities.

Researchers noted the code structure and commenting patterns suggest heavy use of large language models in development. VoidLink targets cloud systems with sophisticated evasion techniques that adapt to different environments.

This marks a concerning milestone: attackers are now using AI not just to write phishing emails but to generate functional malware at scale.

Sources: Hackread, Dark Reading, BleepingComputer, The Hacker News

Fortinet firewalls under mass attack

Fortinet administrators are reporting widespread compromises of FortiGate firewalls, with attackers stealing configurations and making malicious changes even on devices running patched firmware.

The automated attacks exploit vulnerabilities to extract firewall configurations, which contain sensitive network architecture details and credentials. Organizations using Fortinet devices should immediately audit their configurations, rotate credentials, and verify no unauthorized changes have been made.

Fortinet has acknowledged the incidents and is working with affected customers, but the scale of exploitation suggests this campaign has been running longer than initially detected.

Sources: Dark Reading, BleepingComputer, The Hacker News

Pwn2Own automotive 2026: Tesla hacked, 37 zero-days demonstrated

The Pwn2Own Automotive 2026 competition in Tokyo yielded 37 zero-day vulnerabilities across automotive systems, with Tesla being successfully compromised by multiple research teams.

Day two alone saw researchers exploit 29 previously unknown vulnerabilities in vehicle infotainment systems, charging infrastructure, and connected car platforms. The competition highlights the expanding attack surface as vehicles become increasingly software-defined.

Tesla's security team is reportedly already working on patches for the demonstrated exploits.

Sources: BleepingComputer

LastPass customers targeted in sophisticated phishing campaign

A phishing campaign is targeting LastPass users with fake emails posing as password vault backup alerts. The messages warn recipients of supposed maintenance or security issues requiring immediate action.

The campaign is notable for its attention to detail, with emails closely mimicking legitimate LastPass communications. Victims who click through are directed to credential harvesting pages designed to capture master passwords.

LastPass has issued warnings and reminds users that the company will never ask for master passwords via email. Users should access their vaults only through official apps or by typing lastpass.com directly.

Sources: Dark Reading, BleepingComputer, The Hacker News

North Korean hackers abuse VS Code tunnels for remote access

North Korean threat actors, tracked as part of the "Contagious Interview" and "PurpleBravo" campaigns, are exploiting Visual Studio Code's remote tunnel feature to maintain persistent access to compromised systems.

The technique abuses legitimate VS Code functionality to create encrypted tunnels that bypass traditional network monitoring. Attackers target developers through fake job interviews and malicious npm packages, then use the VS Code tunnels for long term espionage.

The campaigns have been linked to DPRK's ongoing efforts to generate revenue and steal intellectual property from technology companies.

Sources: Dark Reading, The Hacker News

LinkedIn DMs weaponized to deliver trojans

Attackers are using LinkedIn direct messages to distribute malware disguised as PDF tools. The campaign targets professionals with messages about document sharing or collaboration opportunities.

Victims who download the offered "PDF reader" or "document viewer" receive trojanized applications that establish backdoor access. The social engineering leverages LinkedIn's professional context to increase credibility.

Security teams should remind employees to verify software downloads through official channels only, regardless of how legitimate the recommendation source appears.

Sources: Hackread, The Hacker News

Critical flaws in Anthropic MCP servers

Security researchers disclosed three vulnerabilities in Anthropic's Model Context Protocol (MCP) Git server implementations that could allow complete server takeovers.

The flaws affect how MCP servers handle authentication and authorization, potentially allowing attackers to access sensitive data or execute arbitrary code. Organizations using MCP integrations should review their deployments and apply available patches.

Microsoft has also flagged risks in MCP server configurations that could expose enterprise environments.

Sources: Dark Reading, The Hacker News

Google Gemini tricked into leaking Calendar data

A vulnerability in Google's Gemini AI assistant allowed researchers to extract private Google Calendar data through carefully crafted prompts.

The attack demonstrated how AI assistants with access to user data can be manipulated into revealing sensitive information. Google has patched the specific vulnerability, but the research highlights broader risks in AI systems with deep integration into productivity tools.

Sources: Dark Reading, BleepingComputer

Zendesk ticket systems hijacked in global spam campaign

Attackers are hijacking Zendesk instances in a massive spam wave, abusing the ticket system to send malicious messages that appear to come from legitimate businesses.

The campaign exploits misconfigurations in Zendesk deployments to create support tickets that trigger email notifications to arbitrary addresses. Because messages originate from legitimate Zendesk infrastructure, they bypass many email security filters.

Organizations using Zendesk should audit their configuration settings and implement stricter controls on ticket creation.

Sources: Dark Reading, BleepingComputer

CrashFix and ClickFix scams deploy malware via fake Chrome Extensions

Two related campaigns, dubbed CrashFix and ClickFix, are crashing browsers and delivering malware through fake Chrome ad-blocker extensions.

The CrashFix variant deliberately crashes browsers to display fake error messages directing users to malicious "support" sites. ClickFix uses deceptive ad-blocker extensions to inject malicious code. Both campaigns have been linked to the ModeloRAT backdoor.

Over 840,000 installations of related malicious "GhostPoster" browser extensions have been identified, with many targeting enterprise HR platforms for credential theft.

Sources: Hackread, Dark Reading, BleepingComputer

Microsoft Teams adding brand impersonation warnings

Microsoft announced that Teams will soon display warnings when calls originate from external users who may be impersonating trusted brands or organizations.

The feature responds to increasing vishing attacks that abuse Teams for social engineering. Combined with recent Okta SSO accounts being targeted in vishing-based data theft attacks, the update reflects growing concern about voice-based phishing in enterprise environments.

Sources: BleepingComputer

Ransomware roundup

Everest ransomware claims McDonald's India breach: The Everest gang claims to have breached McDonald's India operations, allegedly exfiltrating customer data. The fast-food giant is investigating the claims. (Hackread)

RansomHouse targets Apple contractor Luxshare: RansomHouse claims a data breach at Luxshare, a major Apple manufacturing partner. The potential exposure of Apple supply chain data raises concerns about downstream impacts. (Hackread)

Ingram Micro confirms ransomware attack: Technology distributor Ingram Micro disclosed that a ransomware attack affected 42,000 individuals. The company is notifying affected parties and offering credit monitoring. (BleepingComputer)

INC ransomware operational security failure: An operational security mistake by INC ransomware operators allowed data recovery for 12 US organizations. The error provided decryption capabilities without ransom payment. (BleepingComputer)

Black Basta leader identified: New reporting has identified leadership within the Black Basta ransomware operation, potentially aiding law enforcement efforts. (The Hacker News)

Additional vulnerabilities and incidents

SmarterMail Auth Bypass exploited: A critical authentication bypass vulnerability in SmarterMail is being actively exploited to hijack administrator accounts. Organizations should patch immediately. (BleepingComputer, The Hacker News)

GitLab 2FA Bypass and DoS flaws: GitLab released patches for high-severity vulnerabilities including two-factor authentication bypass and denial-of-service conditions. (BleepingComputer)

Chainlit AI framework vulnerabilities: Bugs in the Chainlit AI framework could allow attackers to breach cloud environments. Organizations using Chainlit should update to patched versions. (BleepingComputer, The Hacker News)

ACF Plugin WordPress Bug: A vulnerability in the Advanced Custom Fields plugin gives attackers admin access on approximately 50,000 WordPress sites. (BleepingComputer)

PDFSider malware hits Fortune 100: A new Windows malware called PDFSider, deployed via exploits in PDF24 applications, has been found on Fortune 100 company networks. (Hackread, BleepingComputer)

CIRO data breach affects 750,000: A data breach at the Canadian Investment Regulatory Organization exposed information on 750,000 Canadian investors. (BleepingComputer)

Nation-State activity

Mustang Panda targets Venezuela: Chinese APT group Mustang Panda is targeting Venezuelan news organizations with LotusLite malware, continuing its focus on media and government entities in Latin America. (Hackread)

UK Government warns of Russian hacktivists: The UK government issued warnings about ongoing attacks from Russian hacktivist groups targeting critical infrastructure and government services. (BleepingComputer)

Iranian TV transmission hacked: Exiled Iranian opposition figures hacked state television transmissions to broadcast messages, demonstrating continued cyber capabilities among dissident groups. (Hackread)

Key takeaways for security teams

Patch Fortinet devices immediately and audit for unauthorized configuration changes, even if already running updated firmware.

Warn users about LastPass phishing and reinforce that legitimate services never request master passwords via email.

Review AI tool integrations following Gemini and MCP vulnerabilities. AI assistants with data access present new attack surfaces.

Audit browser extensions across the organization. The GhostPoster campaign shows extensions remain a significant threat vector.

Implement callback verification for any requests received via Teams or other collaboration platforms, given increasing vishing attacks.

Monitor for VS Code tunnel abuse in developer environments, particularly if your organization could be targeted by nation-state actors.

---

This roundup covers major cybersecurity news from January 18-23, 2026. Sources include Hackread, Dark Reading, BleepingComputer, and The Hacker News.