January 12th TJS Weekly Security Intelligence Briefing Week of January 12th, 2026Classification: TLP: PublicWeekly Security Intelligence Briefing 1. Executive Summary The week of January 6-12, 2026 presented an elevated risk posture driven by actively exploited vulnerabilities affecting MongoDB, Chrome, VMware, React/Next.js, Veeam, and Gogs. The most urgent priorities are: Additional threats include VMware ESXi zero-days […]
Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. “The infection chain follows a tightly orchestrated execution path: an obfuscated VBS launcher executed via wscript.exe invokes a Read More
January 5th TJS Weekly Security Intelligence Briefing Week of January 5th, 2026Classification: TLP: PublicPrepared: January 5, 2026 SECTION A: EXECUTIVE OVERVIEW For Leadership and Management A.1 Executive Summary Risk Posture: ELEVATED This week’s threat landscape is defined by three operationally significant developments: Bottom Line: MongoDB patching is the highest-priority technical action. Phishing awareness requires immediate […]
University of Hawaii says a ransomware gang breached its Cancer Center in August 2025, stealing data of study participants, including documents from the 1990s containing Social Security numbers. […] Read More
Microsoft has started retiring the Microsoft Lens PDF scanner app for Android and iOS devices on Friday, January 9th, with plans to remove it from app stores next month. […] Read More
CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in zero-day attacks. […] Read More
The Amsterdam Court of Appeal sentenced a 44-year-old Dutch national to seven years in prison for multiple crimes, including computer hacking and attempted extortion. […] Read More
Massive data dump reveals real identities and details of administrators and members of the notorious hacker forum. Read More
Anthropic is bringing Claude for healthcare, following a similar move by OpenAI for ChatGPT. […] Read More
Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online. […] Read More