Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 28 marks Data Protection Day, a date rooted in one of the earliest milestones of the digital age: the anniversary of the 1981 signing of Convention 108, the first legally binding international treaty for data protection. What began as a European initiative has since evolved into a global observance recognized across North America, parts of the Middle East, and beyond.

As Winter Storm Fern made its way across the US this weekend, children across the country were glued to phones, computers, or televisions as they tried to guess how long they would be out of school this week. Little do they know, however, the data, science, and lack thereof, that goes into that decision. School closures are the very public end of a complex and fast-changing dataset that is highly dependent on locality and can be wildly different on either side of a district line.

The EU Cyber Resilience Act (CRA) establishes mandatory cybersecurity requirements for most products with digital elements placed on the EU market. It raises the baseline for secure-by-design/default engineering and, critically, makes post-market security support and evidence production a compliance obligation.

Humans have always sought to streamline productivity through the most convenient solutions available, prioritizing speed to stay ahead and gain an edge over the competition. From the assembly line to the cloud, the goal remains the same: do more with less friction. Today, that convenience is synonymous with AI. While these tools have revolutionized how we work, the reality remains that rapid innovation always comes with a hidden cost.

Security teams collect more data today than ever before. Logs are generated from endpoints, cloud services, identities, networks, and applications. Teams are still using traditional SIEM tools to handle this growing volume of data. This puts a lot of pressure on these tools, leading to significant deterioration in their efficiency. The data will continue to grow, resulting in slower searches and limited visibility. This problem can be addressed with data lakes.

On January 28, 2026, SolarWinds released fixes for multiple vulnerabilities impacting Web Help Desk (WHD). WHD is an IT service management platform that may contain sensitive information, making it a valuable target for threat actors if compromised. Among the vulnerabilities addressed, four were rated as critical: At the time of writing, Arctic Wolf has not observed exploitation of these vulnerabilities in the wild, nor identified a publicly available proof-of-concept exploit.

On January 27, 2026, Fortinet released an advisory detailing a critical authentication bypass vulnerability affecting FortiOS, FortiAnalyzer, FortiManager, and FortiProxy products. Designated CVE-2026-24858, the vulnerability allows an unauthenticated threat actor with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices.

2025 marked a pivotal year for SafeBreach as we took our first steps in our evolution from the pioneers in Breach and Attack Simulation (BAS) to the leader in Continuous Threat Exposure Management (CTEM). The year was marked by a number of impressive highlights, all of which we could not have achieved without the partnership of our employees, customers, and partners: Read on for more in-depth insights into the year that was 2025 for SafeBreach and a sneak peak at what’s in store for 2026.