Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-09 12:00 PST
- Hackers target misconfigured proxies to access paid LLM services
BleepingComputer • 2026-01-09 11:56 • www.bleepingcomputer.com
Threat actors are systematically hunting for misconfigured proxy servers that could provide access to commercial large language model (LLM) services. […]
https://www.bleepingcomputer.com/news/security/hackers-target-misconfigured-proxies-to-access-paid-llm-services/ - China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
The Hacker News • 2026-01-09 09:43 • thehackernews.com
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024.
Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage, said it may have resulted in a ransomware
https://thehackernews.com/2026/01/chinese-linked-hackers-exploit-vmware.html - Illinois Department of Human Services data breach affects 700K people
BleepingComputer • 2026-01-09 07:37 • www.bleepingcomputer.com
The Illinois Department of Human Services (IDHS), one of Illinois’ largest state agencies, accidentally exposed the personal and health data of nearly 700,000 residents due to incorrect privacy settings. […]
https://www.bleepingcomputer.com/news/security/illinois-department-of-human-services-data-breach-affects-700k-people/ - Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations
The Hacker News • 2026-01-09 07:28 • thehackernews.com
Russian state-sponsored threat actors have been linked to a fresh set of credential harvesting attacks targeting individuals associated with a Turkish energy and nuclear research agency, as well as staff affiliated with a European think tank and organizations in North Macedonia and Uzbekistan.
The activity has been attributed to APT28 (aka BlueDelta), which was attributed to a “sustained”
https://thehackernews.com/2026/01/russian-apt28-runs-credential-stealing.html - Email security needs more seatbelts: Why click rate is the wrong metric
BleepingComputer • 2026-01-09 07:01 • www.bleepingcomputer.com
Click rate misses the real email security risk: what attackers can do after they access a mailbox. Material Security explains why containment and post-compromise impact matter more than phishing metrics. […]
https://www.bleepingcomputer.com/news/security/email-security-needs-more-seatbelts-why-click-rate-is-the-wrong-metric/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
