Top 5 Cybersecurity News Stories January 30, 2026

Cybersecurity threats are constantly evolving as threat actors seek access to your data and money. To help you stay secure, we have searched the internet for the top five cybersecurity news stories of the week that we think you should be aware of.  No story is too big or small as we look at threats from espionage to security flaws in everyday devices:

1. Malicious Microsoft VSCode AI extensions might have hit over 1.5 million users

Two popular AI coding extensions on the VS Code Marketplace, “ChatGPT – 中文版” and “ChatMoss (CodeMoss),” were found to exfiltrate developer code and sensitive files to China-based servers as part of a campaign dubbed “MaliciousCorgi.”

Researchers report the extensions appear to be legitimate AI assistants but embed spyware that captures all opened files and source code modifications, can remotely retrieve up to 50 workspace files on command, and loads hidden analytics trackers to fingerprint users. Developers’ proprietary code, configs, and credentials are at risk. Microsoft is investigating while both extensions remain listed on the VS Code Marketplace.
Read more on TechRadar
For technical details read more on BleepingComputer

2. Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

A study of more than 100 energy operational technology (OT) environments has highlighted pervasive cybersecurity weaknesses in substations, power plants, and control centers worldwide. Passive intrusion detection deployments by OMICRON using its StationGuard IDS exposed consistent issues such as unpatched devices, insecure external connections, weak network segmentation, and incomplete asset inventories, often identified within minutes of assessment.

Organizational challenges like IT/OT silos, lack of dedicated OT security personnel, and limited security resources further compound these risks. The findings suggest that as IT and OT converge, existing security measures struggle to keep pace with the complexity of energy networks, making tools that provide deep visibility and tailored protections increasingly essential.
Read more on The Hacker News

3. Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Researchers disclosed two high-severity vulnerabilities in the n8n workflow automation platform that could enable authenticated users to achieve remote code execution. The more severe flaw, CVE-2026-1470 (CVSS 9.9), is an eval injection issue that allows bypassing the JavaScript expression sandbox protections, while CVE-2026-0863 (CVSS 8.5) impacts the Python task executor’s sandbox. Both could let attackers who can create workflows take over an entire n8n instance.

Users are advised to update to the patched versions specified by the vendor. These issues follow another recent critical vulnerability and underline the risk inherent in automation platforms that span core organizational workflows and data systems.
Read more on The Hacker News

4. Aisuru botnet sets new record with 31.4 Tbps DDoS attack

The Aisuru (also known as Kimwolf) botnet launched a massive distributed denial-of-service attack that peaked at 31.4 terabits per second and 200 million requests per second, setting a new public record. Cloudflare mitigated the attack, dubbed “The Night Before Christmas,” which targeted telecommunications providers and related infrastructure on December 19, 2025.

Aisuru’s previous record was 29.7 Tbps, with earlier campaigns also linked to multi-terabit attacks attributed by Microsoft. Cloudflare’s Q4 2025 DDoS Threat Report also noted a significant year-over-year rise in large-scale DDoS activity, with most attacks falling in the 1–5 Tbps range.
Read more on BleepingComputer

5. AI Is Rewriting Compliance Controls and CISOs Must Take Notice

Traditional compliance frameworks like SOX, GDPR, PCI DSS, and HIPAA were built around predictable human actions and decision points. Increasingly, AI agents, embedded directly in business workflows, are executing regulated tasks autonomously, challenging the assumptions underlying these controls.

Unlike human actors, AI performs probabilistic, context-dependent operations that can drift over time, complicating auditability and accountability. As a result, CISOs are now confronting governance, identity, access, and compliance risks tied to AI behavior, and must treat AI agents as non-human identities subject to least-privilege access, monitoring, and documented change control, similar to human users.
Read more on BleepingComputer

At DIESEC, our experts are ready to assist with all your cybersecurity needs. We ensure your system is safe and secure and provide training for your employees to avoid falling victim to social engineering tactics.

For more information, please contact us now!