Jan 16, 2026

Email 1 Summary:

Subject: China Fights Scam Compounds … For China

Summary:

– China has recently cracked down on scam compounds operating in Southeast Asia, particularly targeting those harming Chinese citizens.

– Key arrest: Chen Zhi, founder of the Prince Group linked to forced-labor scam compounds, was extradited from Cambodia to China following US sanctions and indictments.

– China’s action seems motivated more by domestic concerns and reputational damage than global security. The crackdown intensified after deaths of Chinese citizens at a scam center in Myanmar.

– China brokered ceasefires involving ethnic armed groups targeting scam compounds, resulting in arrests and harsh sentences, including death penalties for crime family members.

– However, these efforts mostly address scams targeting Chinese victims, with concern that scammers are shifting focus to Americans.

– The US lacks regional capabilities to address this alone and may benefit from regional partners like the Philippines or Thailand.

– Additionally, the newsletter discussed US cyber operations that disrupted Venezuelan President Maduro’s power during his capture, highlighting an increasing role of offensive cyber capabilities in military operations.

– The newsletter also covers positive developments such as the first US stalkerware conviction and prevention of North Korean fraud attempts at Amazon.

Email 2 Summary:

Subject: Microsoft took down massive cybercrime platform RedVDS

Summary:

– Microsoft, in cooperation with Europol and German authorities, disrupted RedVDS, a cybercrime-as-a-service platform that sold virtual Windows cloud servers to criminals.

– RedVDS facilitated at least $40 million in losses since March 2025 through providing disposable virtual computers for fraud and hacking.

– The platform’s operator was tracked through technical fingerprints based on a cloned Windows Server image.

– The servers were rented in several countries to evade security filters.

– Additional news:

* Security vulnerabilities found in audio devices using Google’s Fast Pair protocol allow hackers to hijack audio accessories.

* Shipping firm Bluspark Global patched significant security flaws exposing customer shipment data.

* The Kimwolf botnet may have reached its peak but still poses threats.

* French regulators fined telecom companies €42 million following a data breach affecting over 24 million individuals.

* Cyber agencies issued warnings about rising threats targeting industrial control systems (OT).

* A data breach affected Victorian government school students in Australia.

* Other stories include a DDoS attack against ICE List, FTC actions against GM and OnStar for unauthorized data collection, and UK digital ID policy changes.

– Several cybersecurity startups raised funding rounds.

– Notable highlights include concerns over AI-generated insecure code and DHS plans for improved critical infrastructure threat communication.

Email 3 Summary:

Subject: Zero Trust + AI: Security Built for AI Threats

Summary:

– Zscaler promotes Zero Trust security incorporated with AI to protect organizations from AI-powered attacks while enabling safe use of AI tools.

– Organizations like New York City Department of Education and Eaton Corporation use Zscaler solutions to monitor AI usage, detect data loss, and enhance incident response.

– The approach helps enterprises balance AI innovation with cybersecurity risk management.

– Additional educational resources on AI security and Zero Trust are available from Zscaler.

Email 4 Summary:

Subject: Verizon restores services following widespread outage | The CyberWire

Summary:

– Verizon experienced a widespread wireless outage across much of the US disrupting voice and data services, including disruption of 911 emergency calls in cities like New York and Washington DC.

– The outage was resolved; Verizon encouraged customers to restart devices. No indications of a cyberattack were found; the outage likely caused by a technical issue.

– Poland thwarted a suspected Russian cyberattack targeting its energy infrastructure in December 2025; attack targeted multiple smaller power sources.

– Microsoft disrupted the RedVDS cybercrime subscription service with legal actions and domain seizures supported by international partners.

– Upcoming cybersecurity events and selected related readings were mentioned.

Email 5 Summary:

Subject: New Attack Siphons Microsoft Copilot Data

Summary:

– A new “Reprompt” attack enables silent siphoning of data from Microsoft Copilot, raising concerns about AI security.

– Recent cybersecurity news includes:

* Data breach compromising Eurail traveler information.

* AI agents perform well on SQL injection tasks but fail on implementing security controls.

* Depthfirst raised $40 million for vulnerability management; isVerified launched voice deepfake detection; new attacks threaten confidential VMs on AMD processors.

* Central Maine Healthcare data breach exposed information of 145,000 individuals.

* VoidLink malware targets Linux cloud environments.

* Patch updates released for Siemens, Schneider, Aveva, and Phoenix Contact ICS vulnerabilities.

* Commentary on cybersecurity leadership priorities and challenges.

* Other notable incidents and company acquisitions in cybersecurity sector.

Stay Well!