Infosec bits for 2026 week 05

Zoya Vilakazi | Jan. 30, 2026, 1:11 p.m.

Cybersecurity News:

Fortinet Disables FortiCloud SSO Following 0-day Vulnerability Exploited in the Wild [Abinaya, Cyber Security News]

New WhatsApp lockdown feature protects high-risk users from hackers [Sergiu Gatlan, Bleeping Computer]

Arctic Wolf expands leading Security Operations Warranty to South Africa [Arctic Wolf, TechCentral]

AI Is Rewriting Compliance Controls and CISOs Must Take Notice [Token Security, Bleeping Computer]

Vulnerabilities & Patches:

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code [Ravie Lakshmanan, The Hacker News]

Python-Powered PyRAT RAT Bypasses Defenses For Seamless Multi-OS Remote Access [Varshini, Cyber Press]

Gemini MCP Tool 0-day Vulnerability Allows Remote Attackers to Execute Arbitrary Code [Abinaya, Cyber Security News]

OpenSSL issued security updates to fix 12 flaws, including Remote Code Execution [Pierluigi Paganini, Security Affairs]

Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509) [Zeljka Zorz, Help Net Security]

Stanley' Toolkit Turns Chrome Into Undetectable Phishing Vector [Jai Vijayan, DarkReading]

OPNsense 26.1 brings updates to open-source firewall management [Anamarija Pogorelec, Help Net Security]

New sandbox escape flaw exposes n8n instances to RCE attacks [Bill Toulas, Bleeping Computer]

Fortinet patches actively exploited FortiOS SSO auth bypass (CVE-2026-24858) [Pierluigi Paganini, Security Affairs]

Cyber Attacks and Breaches:

eScan Antivirus Update Server Hacked to Push Malicious Update packages [Guru Baran, Cyber Security News]

CISA Warns of Critical VMware vCenter RCE Vulnerability Exploited in Attacks [Guru Baran, Cyber Security News]

Crunchbase Confirms Data Breach After Hacking Claims [Eduard Kovacs, SecurityWeek]