Top 5 Cybersecurity News Stories January 16, 2026

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Trend Micro researchers describe “EvilAI,” a global malware campaign that disguises trojans as legitimate AI and productivity applications. Attackers distribute convincing installers, often digitally signed, through look-alike vendor sites, malicious ads, SEO abuse, and promoted downloads on forums and social media.

Once installed, the software behaves normally while covertly performing reconnaissance, stealing browser data, and maintaining AES encrypted command and control communications to receive instructions and deploy additional payloads. Infections span multiple regions and industries, reflecting an active, evolving operation that exploits user trust and code signing to evade detection and persist. Affected sectors include manufacturing, government, healthcare, technology, and retail.
Read more on The Hacker News

2. Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud

Microsoft says it joined partners in coordinated legal action in the U.S. and U.K. to seize infrastructure and take RedVDS offline, disrupting a crimeware subscription service that rented disposable Windows RDP servers for as little as $24 a month.

RedVDS allegedly enabled high-volume phishing, account takeovers, and business email compromise, contributing to about $40 million in reported U.S. fraud losses since March 2025 and impacting over 191,000 organizations worldwide. The service offered global server locations, reseller panels, Telegram management, and no activity logs, and operators paired it with generative AI impersonation tools to scale scams.
Read more on The Hacker News

3. Palo Alto Networks warns of DoS bug letting hackers disable firewalls

Palo Alto Networks patched a high-severity denial-of-service flaw that can let unauthenticated attackers disrupt firewall protections. Tracked as CVE-2026-0227, it affects PAN-OS 10.1 and later on next-generation firewalls and Prisma Access when the GlobalProtect gateway or portal is enabled. Repeated attempts can drive the firewall into maintenance mode, causing downtime and requiring manual recovery.

Palo Alto says most cloud Prisma Access instances are already upgraded, with remaining customers scheduled. Shadowserver tracks nearly 6,000 exposed firewalls online, and the vendor reported no exploitation evidence when the advisory was published. Admins should upgrade to fixed releases and reduce exposure by limiting access.
Read more on BleepingComputer

4. FTC bans GM from selling drivers’ location data for five years

The U.S. Federal Trade Commission finalized an order with General Motors and OnStar, resolving claims that they collected and sold drivers’ precise location and driving-behavior data without consent. The agency said the discontinued Smart Driver feature captured geolocation and driving metrics every three seconds and sold them to third parties, including consumer reporting agencies that passed insights to insurers, affecting rates and coverage.

The order bans such sharing with consumer reporting agencies for five years. For 20 years, GM must obtain express consent for collecting, using, or sharing connected-vehicle data, with emergency exceptions, and offer access, deletion, and opt-out controls.
Read more on BleepingComputer

5. France fines Free Mobile €42 million over 2024 data breach incident

France’s data protection authority, the CNIL, fined Free Mobile and parent Free a combined €42 million after an October 2024 breach exposed customer data for nearly 23 million subscribers. Attackers hit a management tool and later tried to sell the haul online, claiming 19.2 million victims and IBANs for some accounts.

After more than 2,500 complaints, CNIL said the companies breached GDPR by failing to implement basic security, citing weak VPN authentication and poor monitoring, providing inadequate breach notifications, and retaining former-subscriber data too long. Regulators ordered security improvements within three months and data cleanup within six months.
Read more on BleepingComputer

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!