Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-13 12:00 PST
- New Windows updates replace expiring Secure Boot certificates
BleepingComputer • 2026-01-13 11:57 • www.bleepingcomputer.com
Microsoft has started rolling out new Secure Boot certificates that will automatically install on eligible Windows 11 24H2 and 25H2 systems. […]
https://www.bleepingcomputer.com/news/security/microsoft-rolls-out-new-secure-boot-certificates-for-windows-devices/ - January 2026 Microsoft Patch Tuesday Summary, (Tue, Jan 13th)
SANS ISC Diary (full) • 2026-01-13 11:05 • isc.sans.eduToday, Microsoft released patches for 113 vulnerabilities. One of these vulnerabilities affected the Edge browser and was patched upstream by Chromium.
- Microsoft releases Windows 10 KB5073724 extended security update
BleepingComputer • 2026-01-13 10:56 • www.bleepingcomputer.com
Microsoft has released the KB5073724 extended security update to fix the Patch Tuesday security updates, including 3 zero-days and a fix for expiring Secure Boot certificates. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-10-kb5073724-extended-security-update/ - Windows 11 KB5074109 & KB5073455 cumulative updates released
BleepingComputer • 2026-01-13 10:53 • www.bleepingcomputer.com
Microsoft has released Windows 11 KB5074109 and KB5073455 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. […]
https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5074109-and-kb5073455-cumulative-updates-released/ - Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws
BleepingComputer • 2026-01-13 10:34 • www.bleepingcomputer.com
Today is Microsoft’s January 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities. […]
https://www.bleepingcomputer.com/news/microsoft/microsoft-january-2026-patch-tuesday-fixes-3-zero-days-114-flaws/ - Google confirms Android bug causing volume key issues
BleepingComputer • 2026-01-13 10:25 • www.bleepingcomputer.com
Google has confirmed a software bug that is preventing volume buttons from working correctly on Android devices with accessibility features enabled. […]
https://www.bleepingcomputer.com/news/google/google-confirms-android-bug-causing-volume-key-issues/ - The AI Fix #83: ChatGPT Health, Victorian LLMs, and the biggest AI bluffers
Graham Cluley • 2026-01-13 10:19 • grahamcluley.com
In episode 83 of The AI Fix, Graham reveals he’s taken up lying to LLMs, and shows how a journalist exposed AI bluffers with a made-up idiom. Meanwhile Mark invents a “Godwin’s Law” for AI, and explains how to ruin any LLM with humus.Also in this episode, a marriage is declared invalid thanks to ChatGPT, an AI barman looks for a job in a quiet pub, OpenAI finally unveils ChatGPT Health, and why news of the death of Stack Overflow may be greatly exaggerated.
All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.
https://grahamcluley.com/the-ai-fix-83/ - Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages
The Hacker News • 2026-01-13 09:30 • thehackernews.com
Cybersecurity researchers have discovered a major web skimming campaign that has been active since January 2022, targeting several major payment networks like American Express, Diners Club, Discover, JCB Co., Ltd., Mastercard, and UnionPay.
“Enterprise organizations that are clients of these payment providers are the most likely to be impacted,” Silent Push said in a report published today.
https://thehackernews.com/2026/01/long-running-web-skimming-campaign.html - Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool
The Hacker News • 2026-01-13 09:22 • thehackernews.com
Cybersecurity researchers have disclosed details of a malicious Google Chrome extension that’s capable of stealing API keys associated with MEXC, a centralized cryptocurrency exchange (CEX) available in over 170 countries, while masquerading as a tool to automate trading on the platform.
The extension, named MEXC API Automator (ID: pppdfgkfdemgfknfnhpkibbkabhghhfh), has 29 downloads and is still
https://thehackernews.com/2026/01/malicious-chrome-extension-steals-mexc.html - Betterment confirms data breach after wave of crypto scam emails
BleepingComputer • 2026-01-13 08:46 • www.bleepingcomputer.com
U.S. digital investment advisor Betterment confirmed that hackers breached its systems and sent fake crypto-related messages to some customers. […]
https://www.bleepingcomputer.com/news/security/betterment-confirms-data-breach-after-wave-of-crypto-scam-emails/ - Convincing LinkedIn comment-reply tactic used in new phishing
BleepingComputer • 2026-01-13 07:45 • www.bleepingcomputer.com
Scammers are flooding LinkedIn posts with fake “reply” comments that appear to come from the platform, warning of bogus policy violations and urging users to click external links. Some even abuse LinkedIn’s official lnkd.in shortener, making the phishing attempts harder to spot. […]
https://www.bleepingcomputer.com/news/security/convincing-linkedin-comment-reply-tactic-used-in-new-phishing/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
