Breaking News – Cyber Threats – 2026-01-27 16:00 PST

Breaking News – Cyber Threats (last 6h)

Generated: 2026-01-27 16:00 PST

• Fortinet blocks exploited FortiCloud SSO zero day until patch is ready
  BleepingComputer • 2026-01-27 15:19 • www.bleepingcomputer.com
  Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. […]
  https://www.bleepingcomputer.com/news/security/fortinet-blocks-exploited-forticloud-sso-zero-day-until-patch-is-ready/
• Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor
  BleepingComputer • 2026-01-27 14:26 • www.bleepingcomputer.com
  The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard. […]
  https://www.bleepingcomputer.com/news/security/chinese-mustang-panda-hackers-deploy-infostealers-via-coolclient-backdoor/
• WinRAR path traversal flaw still exploited by numerous hackers
  BleepingComputer • 2026-01-27 11:38 • www.bleepingcomputer.com
  Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious payloads. […]
  https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/

Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.