Latest Interesting Cybersecurity News of the Week Summarised – 19-01-2026

I go through about 25 cybersecurity news portals and blogs every week and pull out the most interesting stories. Then I turn them into this short, digestible summary, so you can stay up to date without trying to follow 25 different sources yourself. 😱

My aim is to create a summary that gives you the gist without needing to open up the source article. But if you do want to dig deeper, all the sources covering the event are linked below each story.

This week I also included two long form reads. These were just interesting articles rather than breaking news.

If you enjoy these, come back next Monday

scroll to the bottom to subscribe to the e-mail newsletter.

1. Why Mandiant Put an NTLMv1 Rainbow Table in the Cloud. Enabling Admin Password Cracking in <12 Hours

Security firm Mandiant has released a cloud-hosted rainbow table that can crack Net-NTLMv1 administrative passwords in under 12 hours using consumer-grade hardware, spotlighting the continued risk of the deprecated protocol. 
Despite its known weaknesses and the availability of NTLMv2 since 1998, NTLMv1 remains in use across legacy and mission-critical systems, enabling trivial credential theft and account takeover. 
Mandiant is hoping that this tool will allow security experts to demonstrate the weakness of the protocol even easier, allowing them finally push companies away from Net-NTLMv1.

Key Details

• Rainbow table hosted on Google Cloud cracks Net-NTLMv1 in <12 hours on hardware under $600
• NTLMv1 introduced in the 1980s; NTLMv2 released in 1998; Microsoft just announced Win11 deprecation
• Attackers leverage already have tools like Responder, PetitPotam, and DFSCoerce against Net-NTLMv1 hashes
• Table exploits known plaintext challenge (1122334455667788) to recover passwords per byte

Next Steps

• Upgrade legacy systems to NTLMv2 or Kerberos

Read more at Ars Technica

2. Malicious npm Packages Steal OAuth Tokens and API Keys via n8n Community Nodes

Researchers from Endor Labs have uncovered eight malicious npm packages posing as n8n community nodes that decrypt and exfiltrate OAuth tokens and API keys from enterprise workflows to attacker servers.  
By leveraging n8n’s trust model, where community nodes run with full platform privileges, threat actors gained access to centralized credential vaults without triggering traditional supply chain defenses. 

Key Details

• Eight fake n8n nodes (e.g., “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit”) amassed over 28,000 downloads before removal. 
• Installed packages decrypt credentials using n8n’s master key, then exfiltrate tokens and API keys to attacker-controlled C2 endpoints.
• npm does not review community node code; all nodes inherit n8n’s full OS and network privileges.
• Packages promise useful functionality, like a Google Ads integration.

Next Steps

• Disable installing community nodes (set N8N_COMMUNITY_PACKAGES_ENABLED=false).
• Enforce code review of community node source before installation.
• Monitor outbound traffic from n8n instances for unusual C2 connections.

Read more at CSO Online, Cybersecurity News, The Hacker News

3. Telegram Mobile Apps Leak Real IPs via One-Click Proxy Links

A flaw in Telegram’s Android and iOS clients lets attackers expose a user’s real IP by clicking a crafted proxy link, bypassing all configured proxies or VPNs. The app’s automatic proxy validation pings attacker-controlled servers before adding them, allowing silent tracking, deanonymization, or targeted attacks against privacy-sensitive users.

Key Details

• The MTProto proxy test uses the device’s native network stack, ignoring SOCKS5 or VPN tunnels.
• No extra prompts or permissions are needed, one click triggers the leak.
• Telegram says it will warn users before opening proxy links but hasn’t provided a release date.

Next Steps

• Disable auto-proxy validation in Telegram’s settings until patched
• Train users to verify links: avoid clicking unknown usernames in chats

Read more at CybersecurityNews, Bleeping Computer, Reddit

4. Anthropic launches Claude Cowork preview, introducing new data exfiltration risks

Anthropic’s new Claude Cowork preview extends its AI coding assistant 
to non-developers by granting folder-level read/write access via chat 
interfaces, simplifying document and file automation tasks. 
Security teams should note the risks of prompt injection and unrestricted 
deletion, and enforce strict access controls and monitoring.

Key Details

• Uses Claude Agent SDK, allowing multi-step actions without explicit commands
• Users grant Cowork access to specific folders for reading, editing, creating and deleting files
• Currently in research preview for Max subscribers; waitlist open for other plans
• Anthropic highlights prompt injection and file deletion as primary security risks

Next Steps

• Review risks related to Cowork and provide guidance to employees
• Isolate AI tasks in secure, monitored directories
• Backup folders where Cowork runs before a Cowork session

Read more at SiliconANGLE

5. Researchers found a single-click attack that turns Microsoft Copilot into a data exfiltration tool

Security researchers at Varonis have uncovered “Reprompt,” a novel attack that uses a malicious URL parameter to inject prompts into Microsoft Copilot Personal and exfiltrate user data in a single click.
 By chaining Parameter-to-Prompt injection, a double-request bypass, and dynamic follow-up queries, attackers can harvest session data undetected even after the Copilot window closes. Microsoft has since patched the vulnerability for Copilot Personal, with enterprise Microsoft 365 Copilot customers unaffected.

Key Details

• Parameter-to-Prompt (P2P) injection abuses the “q” URL parameter to auto-execute prompts.
• Double-request technique circumvents initial data-leak safeguards by repeating requests.
• Chain-request method enables continuous, server-driven follow-up queries for unlimited exfiltration.
• Patch released on January 13, 2026; only Copilot Personal was affected.

Next Steps

• Apply January 2026 Windows and Edge updates immediately.
• Train users to avoid unexpected Copilot links and review pre-filled prompts.

Read more at SecurityWeek, CybersecurityNews, BleepingComputer, TheHackerNews, Varonis

6. Everest Group Claims 900 GB Data Breach at Nissan Motor Co.

Everest ransomware operators allege they exfiltrated roughly 900 GB of internal data from Nissan Motor Co., 
publishing proof-of-compromise samples and a directory structure on their dark-web leak site. 
The incident underscores ongoing double-extortion tactics targeting supply chains and high-value industrial data.

Key Details

• Claim published January 10, 2026, with six screenshots and folder trees.
• Stolen data formats include .csv, .xls, .txt and .pgp—spanning financial, engineering and dealer records.
• Group set a five-day deadline for Nissan’s response before wider data leak.
• Nissan has faced multiple breaches since 2021, including Qilin and source-code leaks.

Next Steps

• Run a dual-extortion tabletop exercise involving legal and PR teams

Read more at Cybersecurity News, Hackread

7. Microsoft Seizes RedVDS Infrastructure, Disrupting Major Cybercrime Marketplace

Microsoft, in partnership with Europol, German authorities and U.K. law enforcement, seized the infrastructure behind RedVDS—a subscription-based service selling disposable Windows RDP servers. This disrupts a cybercrime marketplace that facilitated over $40 million in U.S. fraud and compromised more than 191,000 accounts. 

Key Details

• Since March 2025, RedVDS-enabled fraud in the U.S. exceeded $40 million.
• Over 2,600 RedVDS VMs sent an average of 1 million phishing emails/day.
• More than 191,000 Microsoft accounts across 130,000 organizations were targeted.
• Victim losses include $7.3 million at H2 Pharma and $500,000 at Gatehouse Dock.

Next Steps

• Audit RDP usage for disposable VM fingerprints
• Harden BEC (Business E-mail Compromise) defenses around invoice and payment workflows
• Adjust geolocation filters to flag cloud-hosted IP traffic

Read more at CyberScoop, The Hacker News, The Record

8. LONG FORM READ: AI Agents Are Becoming Authorization Bypass Paths

Organizational AI agents often run under shared, high-privilege service accounts, allowing users to indirectly perform actions or access data beyond their individual permissions. 

Because system logs attribute activity to the agent’s identity rather than the initiating user, traditional IAM controls and audit trails fail to enforce least privilege or provide clear attribution. 

Key Details

• Agents use long-lived API keys or OAuth grants with broad, organization-wide permissions.
• User requests execute under the agent’s identity, hiding who initiated each action.
• Traditional IAM and logging models cannot enforce user-level restrictions or provide reliable attribution.

Next Steps

• Inventory all AI agents and review their service-account permissions.
• Map each agent’s access to corresponding user roles and critical assets.

Read more at The Hacker News

9. LONG FORM READ: Southeast Asia CISOs Outline Top 2026 Cybersecurity Predictions: Hardening AI, Identity, and Resilience

In a CSO Online feature, Southeast Asian CISOs forecast that by 2026 attackers will increasingly target cloud and AI-powered infrastructure, exploit identity weaknesses, and leverage OT and supply-chain vulnerabilities. They urge organizations to tighten cloud and AI configurations, embed continuous identity verification, and operationalize resilience both as strategic defense and as a potential service offering.

Read more at CSO Online

Subscribe

Subscribe to receive this weekly cybersecurity news summary to your inbox every Monday.