Tudou Guarantee, a prominent illicit marketplace operating on Telegram, has reportedly halted all transactions in its public groups. According to blockchain security firm Elliptic, this marketplace has facilitated over $12 billion in transactions, primarily serving users in Southeast Asia. While the public groups are no longer active, Elliptic notes that other associated services may still be operational, suggesting that the full extent of Tudou Guarantee's shutdown is yet to be determined. This development highlights ongoing challenges in combating illegal online marketplaces, which continue to pose significant risks to cybersecurity and financial systems. The cessation of transactions may impact users who relied on the platform for illicit goods and services, but it also raises questions about the future of similar marketplaces on encrypted platforms.
Latest Cybersecurity Threats
Real-time threat intelligence from trusted sources
Security Affairs
The UK government's National Cyber Security Centre (NCSC) has issued a warning about ongoing Distributed Denial of Service (DDoS) attacks carried out by Russia-linked hacktivists. These attacks are targeting critical infrastructure and local government systems across the UK. The NCSC's alert, released on January 19, 2026, emphasizes the potential disruption these attacks can cause, putting essential services at risk. The government urges organizations to bolster their defenses against such incidents, highlighting that the threat remains persistent. This situation is particularly concerning as it could impact public safety and the functionality of vital services during times of crisis.
Help Net Security
A recent global study by ISACA reveals that privacy teams are facing significant challenges as they grapple with the risks of data breaches, the integration of new technologies like AI, and tight budgets. Although AI is increasingly being applied to privacy tasks such as data discovery and risk assessment, only a small fraction of organizations have adopted these tools effectively. The study emphasizes that the use of AI in privacy work is more about the maturity of the organization rather than an urgent necessity. This situation is concerning because it indicates that many privacy programs may struggle to keep up with evolving threats and compliance requirements. As organizations continue to navigate these pressures, the effectiveness of their privacy programs is at stake, which could lead to greater risks for personal data security.
BleepingComputer
The U.K. government has issued a warning about ongoing attacks from Russian-aligned hacktivist groups that are targeting the country's critical infrastructure and local government entities. These attacks primarily involve disruptive denial-of-service (DDoS) tactics, which can overwhelm systems and render them inoperable. As these groups continue their campaigns, organizations may face significant operational challenges and potential data breaches. It’s crucial for affected entities to bolster their cybersecurity measures to mitigate the risks associated with these aggressive actions. The situation highlights a growing trend of politically motivated cyberattacks that can impact essential services and public safety.
Infosecurity Magazine
The UK's National Cyber Security Centre (NCSC) has issued a warning about an increase in disruptive cyber attacks carried out by Russian hacktivists. These attacks are primarily targeting critical infrastructure across the UK, raising concerns about the potential for significant disruptions to essential services. The NCSC has not specified the exact organizations or sectors being targeted, but the implications could be serious for public safety and national security. As these attackers become more aggressive, organizations must remain vigilant and enhance their cybersecurity measures to prevent potential breaches. This development comes amid heightened geopolitical tensions, making it crucial for all sectors to be prepared for potential cyber threats.
A vulnerability affecting TP-Link's VIGI cameras has been patched after a researcher identified over 2,500 devices that were exposed to potential remote hacking. This flaw allowed unauthorized access to the cameras, raising serious security concerns for users. The issue underscores the risks associated with Internet of Things (IoT) devices, which are often targeted due to their connectivity and sometimes weak security measures. Users of VIGI cameras should ensure they apply the latest updates from TP-Link to protect their devices from exploitation. This incident serves as a reminder for all IoT device owners to regularly check for firmware updates and vulnerabilities.
Researchers have identified a cross-site scripting (XSS) vulnerability in the control panel of StealC malware, an infostealer that has been operating since at least 2023. This malware, which is sold as a service, targets and extracts sensitive information like cookies and passwords from victims. The flaw in the control panel has exposed important details about the attackers behind the malware, raising concerns about the ongoing threat to users' data security. Since its update to StealC v2 in 2025, the malware has continued to pose risks to individuals and organizations alike. The discovery emphasizes the need for vigilance against such malware, as the information leak could lead to further malicious activities by the attackers.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Researchers at Miggo Security discovered a vulnerability in Google Gemini that allows attackers to exploit calendar invites to extract private user data. This flaw enables a silent attack method, where the malicious actor can trick the AI into leaking sensitive information without raising alarms. The implications of this vulnerability are significant, as it could compromise users' personal schedules and confidential details stored within their calendar apps. Google users relying on Gemini for scheduling and other functions may be particularly at risk. It's crucial for users and organizations to be aware of this issue and take necessary precautions to safeguard their data.
SecurityWeek
A new information-stealing malware called 'SolyxImmortal' has emerged, which utilizes legitimate APIs and libraries to gather sensitive data. The malware sends this stolen information to Discord webhooks, making detection challenging. This type of attack can affect anyone who unwittingly downloads the malware, potentially compromising personal and financial information. As cybercriminals increasingly exploit trusted platforms and tools, users need to be vigilant about the software they install and the permissions they grant. This incident serves as a reminder of the evolving tactics used by attackers to bypass security measures.
BleepingComputer
Ingram Micro, a major player in the information technology sector, experienced a ransomware attack in July 2025 that compromised the personal data of over 42,000 individuals. The breach raises serious concerns about data security and the potential misuse of sensitive information, as attackers often seek to exploit such data for financial gain or identity theft. The scale of the incident highlights the ongoing risks that companies face from cyber threats, particularly in the IT sector, which is often targeted due to its critical role in global infrastructure. Affected individuals should remain vigilant for signs of identity theft and consider monitoring their accounts for unusual activity. Organizations must strengthen their cybersecurity measures to prevent similar incidents in the future.
The Hacker News
This week, several significant cybersecurity incidents have emerged, showcasing the vulnerabilities within various systems. Notably, flaws in Fortinet products have come to light, potentially exposing users to exploitation. Additionally, researchers have identified the RedLine Clipjack malware, which can hijack browser sessions, affecting users who may not realize their data is being compromised. The discovery of a method to crack NTLM authentication raises concerns for organizations relying on this protocol, as it could lead to unauthorized access. Furthermore, a new attack targeting AI tools like Copilot illustrates how these advancements can be manipulated, posing risks to users and their data. These incidents emphasize the need for robust security measures as technology continues to evolve rapidly.
Hackread – Cybersecurity News, Data Breaches, AI, and More
Researchers from Resecurity have uncovered a new malware called PDFSIDER that takes advantage of the legitimate PDF24 application to steal sensitive data and provide attackers with remote access to compromised systems. This malware is part of a sophisticated campaign targeting corporate networks, utilizing spear-phishing tactics to lure victims and encrypted communications to evade detection. Companies using PDF24 should be particularly vigilant as this attack leverages a trusted application, making it easier for attackers to bypass security measures. The implications are serious, as this could lead to significant data breaches and unauthorized access to sensitive corporate information.
Infosecurity Magazine
Ukrainian authorities recently conducted a raid targeting individuals linked to the Black Basta ransomware group, a notorious criminal organization responsible for various cyberattacks. Among those arrested was Oleg Evgenievich Nefedov, who is believed to be one of the group's founders and has been placed on both Europol’s and Interpol’s Most Wanted lists. Black Basta has gained notoriety for deploying ransomware that encrypts victims' files and demands a ransom for their release. The group's activities have affected numerous businesses and organizations worldwide, raising concerns about the growing threat posed by such cybercriminals. This operation underscores the ongoing efforts by law enforcement to combat ransomware and bring perpetrators to justice.
Ingram Micro, a major IT distribution company, recently suffered a ransomware attack that has affected approximately 42,000 individuals. The breach compromised sensitive personal information, including names, dates of birth, Social Security numbers, and employment-related data. This incident raises significant concerns about data security and the potential misuse of personal information. It highlights the ongoing risks that companies face from cyberattacks and the importance of robust security measures to protect sensitive data. Affected individuals may face identity theft and other consequences stemming from this data exposure.
Help Net Security
The British Army is investing £279 million to establish a permanent base for its cyber regiment at Duke of Gloucester Barracks in Gloucestershire. This base will be home to the 13 Signal Regiment, which plays a key role in protecting Army networks and conducting cyber operations. The new facilities will enhance training and intelligence capabilities, as well as house the Army's Cyber, Information and Security Operations Centre. This move emphasizes the Army's commitment to strengthening its cybersecurity posture and preparing for future cyber threats. Given the increasing reliance on digital systems, this investment is crucial for maintaining operational security and effectiveness.