Daily Security Briefing #148
- DjediTech
- Security , Newsletter
- January 28, 2026
Table of Contents
January 28, 2026 | Read Online
SolarWinds critical flaws, Fortinet SSO exploits, Google disrupts large proxy network…
Executive Summary
Today’s cybersecurity landscape is marked by significant vulnerabilities in widely used enterprise software, including multiple critical flaws in SolarWinds Web Help Desk and a severe authentication bypass in Fortinet’s FortiCloud SSO actively exploited in the wild. Google’s collaborative takedown of a major residential proxy network disrupts malicious operations on a global scale. Meanwhile, cloud and email security continue evolving with Microsoft extending timelines for deprecating legacy protocols. Malware campaigns now include malicious AI tools masquerading as coding assistants. Additionally, state-level cyberattacks highlight ongoing risks to critical infrastructure, such as Poland’s energy grid. Organizations must remain vigilant amidst increasingly automated, complex threats.
Top Articles
Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
SolarWinds disclosed four critical vulnerabilities in its Web Help Desk product that allow remote unauthenticated code execution and authentication bypass. These flaws pose a high risk as they affect IT ticketing and asset management systems widely deployed in enterprises. No known exploits are publicly reported yet, but immediate patching is strongly advised.
Rapid7
Fortinet Warns of Actively Exploited FortiCloud SSO Flaw (CVE-2026-24858)
Fortinet issued an urgent advisory for a critical authentication bypass vulnerability impacting FortiCloud Single Sign-On across multiple Fortinet products including FortiOS and FortiManager. The flaw (CVE-2026-24858) has been actively exploited, compromising enterprise security. Users are encouraged to apply updates and mitigation controls immediately.
CyberPress
No Place Like Home Network: Disrupting the World’s Largest Residential Proxy Network
Google Threat Intelligence Group and partners dismantled IPIDEA, one of the largest residential proxy networks enabling a range of malicious activities. The takedown included legal actions and technical disruption, significantly impacting criminal infrastructure and limiting proxy-based abuse worldwide.
Google Cloud
The Trends Defining Cyber Security in 2026: Cyber Security Report 2026
Checkpoint’s report highlights how attackers are leveraging AI-driven tools, coordinated ransomware campaigns, and multi-channel social engineering to breach increasingly complex enterprise environments. Defenders must adapt to the expanding attack surface and faster, more automated intrusion methods.
Checkpoint
Cal.com Broken Access Controls Lead to Account Takeover and Data Exposure
Critical access control flaws in Cal.com allowed complete account takeover and unauthorized access to organizational booking data. The vulnerabilities have since been patched, but the incident underscores the risks associated with open-source platforms handling sensitive user data.
GBHackers
Microsoft Exchange Online to End Support for SMTP AUTH Basic Authentication
Microsoft updated its depreciation schedule for SMTP AUTH Basic Authentication in Exchange Online, extending support through 2027. This extension helps organizations transition legacy email workflows while pushing toward more secure modern authentication protocols.
GBHackers
Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
A malicious Visual Studio Code extension impersonating an AI coding assistant named ClawdBot has been discovered distributing malware. This highlights growing risks of supply chain attacks via developer marketplaces and the need for vigilant extension vetting.
The Hacker News
eScan Confirms Update Server Breached to Push Malicious Update
Antivirus vendor eScan acknowledged a breach of its update server, which was exploited to deliver a malicious update to a limited group of customers. The incident emphasizes the continued threat of compromised security software supply chains.
BleepingComputer
Cyberattack on Polish Energy Grid Impacted Around 30 Facilities
A coordinated cyberattack targeted approximately 30 distributed energy resource sites across Poland, including combined heat and power plants and renewable energy management systems in late December. This event raises concerns over the vulnerability of critical infrastructure to sophisticated state-linked threat actors.
BleepingComputer
Patch Tuesday and the Enduring Challenge of Windows’ Backwards Compatibility
The ongoing challenge of maintaining backwards compatibility in Windows continues to affect patching processes and system security. Drawing lessons from past malware like the “I LOVE YOU” worm, this article discusses how legacy systems often present exploitable risk vectors.
Rapid7
10 Tendencies of Data Governance Technologies Every Bank Enterprise Must Know in 2026
Facing tougher cyber threats and stricter regulations, banks must adopt advanced data governance technologies to control client information effectively, avoid penalties, and reduce risk. This analysis outlines key trends shaping banking data security in 2026.
CyberPress
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.