Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

outpost 24

The 2026 Cybersecurity Threat Landscape: Persistent Adversaries, Repeatable Playbooks

Jan 19, 2026 By Lidia López Sanz In Outpost 24
As a threat intelligence team, our job is to separate noise from persistence in the cybersecurity threat landscape. In this article, we assess the threats most likely to remain and evolve through 2026 based on the threat actors, campaigns, and malware we have tracked and researched during the last year. Our work centers on tracking adversaries with a strong footprint in the underground ecosystem: forums, Telegram channels, data leak sites, and marketplaces where cybercriminals operate.
Read Post
cloudflare

How we mitigated a vulnerability in Cloudflare's ACME validation logic

Jan 19, 2026 By Hrushikesh Deshpande In Cloudflare
On October 13, 2025, security researchers from FearsOff identified and reported a vulnerability in Cloudflare's ACME (Automatic Certificate Management Environment) validation logic that disabled some of the WAF features on specific ACME-related paths. The vulnerability was reported and validated through Cloudflare’s bug bounty program. The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*).
Read Post

Testing MiniMax M2.1 for AI Coding: The Results Might Surprise You

Jan 19, 2026 By Snyk In Snyk
Can "lesser-known" AI models actually keep up with the giants like Google, OpenAI, and Anthropic? In today’s video, we put MiniMax M2.1 to the ultimate test: building a production-ready, secure Node.js note-taking application from a single prompt. We’ll explore how to access MiniMax natively in the Windsurf IDE, walk through the debugging process for common errors (like environment variables and OS-specific dependencies), and perform a deep-dive security audit using Snyk. Stick around until the end to learn how to integrate MiniMax M2.1 into VS Code using OpenRouter.
View Video

Why Vulnerability Management Falls Short - And How Exposure Management Fixes It

Jan 19, 2026 By Reach Security In Reach Security
Vulnerability management identifies weaknesses. Exposure management helps prioritize them based on real-world risk and context. Ed and Garrett unpack why traditional vulnerability programs struggle to drive real risk reduction. The challenge isn’t discovery. It’s prioritization and follow-through. Too often, vulnerabilities are treated as isolated IT tasks—handed off, tracked by SLAs, and stripped of the context that explains why they matter in the first place.
View Video
foresiet

CVE-2026-23745: A Deep Dive into the node-tar Arbitrary File Overwrite Vulnerability

Jan 19, 2026 By foresiet In Foresiet
CVE-2026-23745 is a high-severity path traversal flaw in node-tar (the tar library for Node.js). Versions ≤7.5.2 fail to sanitize linkpath in hardlink and symlink entries when preservePaths is false (default secure mode). Malicious tar archives bypass extraction root restrictions, enabling arbitrary file overwrite via hardlinks and symlink poisoning via absolute targets. Discovered January 2026, patched in 7.5.3. Impacts npm ecosystems, CI/CD pipelines, and apps extracting untrusted archives.
Read Post
indusface

CodeBreach: Critical AWS CodeBuild Misconfiguration Enabling Supply Chain Repository Takeover

Jan 16, 2026 By Aayush Vishnoi In Indusface
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed attackers to gain complete control over GitHub repositories used in AWS CI/CD pipelines, including the widely used AWS JavaScript SDK, introducing a severe software supply chain risk. This vulnerability, codenamed CodeBreach, stemmed from insufficiently restrictive CI pipeline configurations, build triggers, and webhook filters.
Read Post
indusface

Critical Node.js Vulnerabilities Expose Uninitialized Memory (CVE-2025-55131)

Jan 16, 2026 By Aayush Vishnoi In Indusface
CVE-2025-55131 is a high-severity buffer allocation race condition vulnerability in Node.js that can lead to uninitialized memory exposure when using the vm module with execution timeouts. This vulnerability is part of a coordinated Node.js security update addressing eight vulnerabilities across all active release lines.
Read Post
Arctic Wolf

CVE-2025-64155: FortiSIEM Remote Unauthenticated Command Injection Vulnerability

Jan 15, 2026 By Andres Ramos In Arctic Wolf
On January 13, 2025, Fortinet released fixes for a critical-severity FortiSIEM vulnerability (CVE-2025-64155) that stems from improper neutralization of special elements used in OS commands within the phMonitor service (TCP/7900). An unauthenticated, remote threat actor can exploit this vulnerability via crafted TCP requests to execute unauthorized code or commands on affected systems.
Read Post
outpost 24

New attack analysis: What you need to know about the Endesa data breach

Jan 15, 2026 By Lydia Atienza In Outpost 24
Following the recent cyberattack on Endesa, one of Spain’s largest electricity and gas providers, Outpost24’s threat intelligence team has compiled a comprehensive analysis of the incident based on publicly available evidence from underground forums, leaked dataset listings, and the threat actor’s own statements.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.