APT28 Leverages CVE-2026-21509 in Operation Neusploit

A ThreatLabz writeup on a campaign attributed to APT28 using weaponized RTF files to exploit CVE-2026-21509 and drop multiple payloads. Notes include targeting in Ukraine, Slovakia, and Romania, plus timelines around Microsoft’s out-of-band fix and observed exploitation.

Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)

Exploitation details and practical remediation notes for Ivanti EPMM, including the impact of the two CVEs and the existence of a public working PoC as of Jan 30.

FCC urges telecoms to boost cybersecurity amid growing ransomware threat

Federal Communications Commission warning that ransomware has been disrupting a growing number of small and mid-sized telecoms, with emphasis on resilience expectations and sector pressure.

Tulsa, Okla., Airport Tech Teams Contain Ransomware Attack

Tulsa International Airport confirms a ransomware incident, states operations were not impacted, and describes immediate containment and law enforcement engagement.

CVE-2026-24061 – GNU InetUtils telnetd Authentication Bypass Vulnerability

A clear technical breakdown of how CVE-2026-24061 can yield immediate root access via argument injection during telnet NEW-ENVIRON negotiation, plus mitigation guidance (patch, disable telnet, block port 23)

Malicious Chrome extensions can spy on your ChatGPT chats

Coverage of 16 malicious browser extensions that steal session tokens to hijack accounts, with a concrete removal list and practical user guidance.