Jan 23, 2026

1. Email Subject: Srsly Risky Biz: You Can’t Block Space Internets

   Sender: risky-biz@ghost.io

   Summary:

2. Iran imposed an ongoing internet blackout starting January 8, 2026, amid domestic unrest.
3. Activists smuggled ~50,000 Starlink satellite terminals into Iran, enabling some internet connectivity despite government bans and jamming efforts.
4. SpaceX waived fees for these terminals and has reacted to political pressure previously, e.g., Ukraine and scam compound issues in the U.S.
5. New direct-to-cell satellite services offer promise for broader access and resistance to jamming, but require longer-term planning.
6. A nomination hearing for NSA and Cyber Command leader Joshua Rudd revealed concerns about his limited experience and vague stance on key cyber policy topics.
7. Risky Biz podcast covers 1980s hacking history and recent cybersecurity developments.
8. Other notes include crackdown on scamming marketplace Tudou Guarantee and FTC restrictions on GM’s data sharing.

9. Domain resurrection attacks threaten Canonical Snap Store and Germany is expanding intelligence hacking authorities.

10. Email Subject: Acting CISA head got grilled on mass firings at the agency

    Sender: info@metacurity.com

    Summary:

11. CISA’s acting head, Madhu Gottumukkala, faced tough questions from lawmakers regarding nearly 1,000 staff reductions since 2021 and claims of inappropriate reassignments to immigration enforcement.
12. Questions remain about CISA’s staffing adequacy, with no evidence of workforce sufficiency studies shared.
13. EU’s CIRCL launched a decentralized global CVE allocation system (GCVE) alternative to MITRE’s centralized system.
14. DeFi project Saga EVM exploited for ~$6 million via unauthorized stablecoin minting, causing network halt.
15. Fortinet FortiGate firewalls face ongoing exploitation of patch bypass vulnerabilities; admins urged to disable FortiCloud login feature as a temporary fix.
16. Cisco fixed an actively exploited critical zero-day in Unified Communications and Webex Calling that could allow root access.
17. Massive spam attacks misuse unsecured Zendesk support systems to send junk mail from trusted sources affecting many companies.
18. Threat actors exploit exposed pen-testing web apps with overly privileged cloud roles to access Fortune 500 cloud accounts.
19. Phishing campaign targets Afghan government employees with malware via forged official documents hosted temporarily on GitHub.
20. Spanish retailer PcComponentes suffered a credential stuffing attack leaking 500k customer records, though denies full data breach claims.
21. Security researchers earned over $516K exploiting Tesla infotainment and automotive systems in Pwn2Own 2026.
22. AI security and governance discussed at Davos focus on managing insider threat risks from AI agents.

23. Israeli cybersecurity company Claroty raised $150 million in funding.

24. Email Subject: Webinar Today: Rethinking Email Security for Mid-Sized Businesses

    Sender: news@securityweek.com

    Summary:

25. Invitation to January 22, 2026, live webinar focusing on new challenges in email security for mid-sized organizations.
26. Topics include AI-driven phishing, vendor fraud, multi-channel impersonation, and the need for behavioral analysis and real-time detection models to counter sophisticated threats.
27. Webinar to highlight maturity of current email security postures and emerging attack trends.

28. Recorded session available post-event for registrants.

29. Email Subject: Five Shifts That Will Shape Your Security Teams in 2026

    Sender: news@securityweek.com

    Summary:

30. Promotion for January 28, 2026, webinar by Tines and Stratascale covering security team trends and strategies for 2026.
31. Discussions to include balancing AI adoption benefits versus challenges, practical AI governance, and transforming board oversight from reactive to strategic.

32. Additional resources provided including guides and blog posts on GRC orchestration, AI governance, and intelligent workflows.

33. Email Subject: Automated attacks target Fortinet devices | The CyberWire 1.22.26

    Sender: editor@newsletter.n2k.com

    Summary:

34. Arctic Wolf reports automated attacks targeting Fortinet FortiGate firewalls since January 15, 2026, creating unauthorized accounts, modifying configurations, and exfiltrating data.
35. Exploitation likely involves bypass of patched critical authentication vulnerabilities CVE-2025-59718 and 59719.
36. A mass spam campaign leverages unsecured Zendesk support systems to send junk emails from trusted platforms including Discord, Tinder, Riot Games, and government departments.
37. Greek police arrested two foreign nationals operating an SMS blaster phishing scheme exploiting 2G vulnerabilities to harvest phone identities and send phishing messages to steal banking credentials.

38. RSA Conference 2026 announced for March in San Francisco.

39. Email Subject: Hackers Targeting Cisco Unified CM Zero-Days

    Sender: news@securityweek.com

    Summary:

40. New attacks targeting critical zero-day vulnerabilities in Cisco Unified Communications Manager (Unified CM) and related products that can lead to remote code execution and root-level access.
41. Continuation of the wave of attacks on FortiGate firewalls noted.
42. Various cybersecurity insights on identity security beyond MFA, priorities for 2026, and securing agentic AI.
43. Additional recent security patches, funding news, and research insights provided.
44. Emphasis on the need for real-time behavioral governance as AI agents become more prevalent in enterprise environments.

Stay Well!