Daily Security Briefing #121

January 1, 2026 | Read Online

Top cybersecurity stories of 2025, RondoDox IoT botnet exploits, GlassWorm returns targeting Macs…

Executive Summary

As 2026 begins, the cybersecurity landscape continues to evolve rapidly, reflecting lessons learned in 2025’s high-profile breaches and emerging threats. Notably, a critical vulnerability in React2Shell has enabled the RondoDox botnet to compromise IoT devices and web applications for nearly a year, signaling the persistent risks in widespread software components. Mac users face renewed risks from a fourth wave of GlassWorm malware delivering trojanized crypto wallets via malicious extensions. Additionally, AI security is increasingly focusing on human roles in defense strategies as automation reshapes traditional security functions. Threat actors remain active and innovative without pause, requiring constant vigilance and adaptation by defenders.

Top Articles

The biggest cybersecurity and cyberattack stories of 2025
2025 saw numerous impactful cyber incidents, data breaches, and threat actor evolutions that shaped the security landscape. This comprehensive review covers 15 major stories that defined the year, highlighting trends such as the rise of zero-day exploitations and growing notoriety among threat groups. It offers valuable insights into how last year’s events set the stage for current and future challenges.
BleepingComputer

ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories
The first ThreatsDay bulletin of 2026 details a diverse range of ongoing cyber threats including newly observed behaviors in malware, botnets, and cloud infrastructure attacks. It underscores how cybercriminals continuously adapt with subtle changes in tactics, from code modifications to employment scams, emphasizing that threats do not adhere to holidays or calendar resets.
TheHackerNews

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
A persistent nine-month campaign has been uncovered where the RondoDox botnet leverages the severe React2Shell vulnerability (CVE-2025-55182) to infect IoT devices and web servers. This exploit enables attackers to enroll compromised targets into the botnet, demonstrating the ongoing exploitation of critical zero-day weaknesses in widely deployed software frameworks.
TheHackerNews

New GlassWorm malware wave targets Macs with trojanized crypto wallets
The latest wave of the GlassWorm campaign focuses on macOS developers by distributing malicious Visual Studio Code and OpenVSX extensions. These extensions install trojanized versions of cryptocurrency wallet applications, posing a significant risk to users relying on such tools for secure crypto transactions. Awareness and caution are essential when using third-party extensions.
BleepingComputer

OpenAI is offering $20 ChatGPT Plus for free to some users
OpenAI is allowing some existing ChatGPT Plus subscribers, normally paying $20 monthly, to receive one month of free access by cancelling their current subscription upon request. This temporary offer may encourage wider adoption and experimentation with ChatGPT’s premium features.
BleepingComputer

Humans at the Center of AI Security
AI is reshaping security roles rather than replacing them, emphasizing the importance of human judgment and intervention in AI-driven defense strategies. This perspective highlights the evolving collaboration between human analysts and AI technologies in effective cybersecurity management.
SecurityMagazine

How To Browse Faster and Get More Done Using Adapt Browser
Web browsing can become sluggish due to feature bloat and background processes. This article explores how adopting a lightweight browser like Adapt enhances performance and productivity, especially for users relying heavily on browsers as work environments. Simplification and focus can reduce friction and speed up workflows.
TheHackerNews

AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.