The cybersecurity world is grappling with a significant shift as the National Institute of Standards and Technology (NIST) begins to scale back its National Vulnerability Database (NVD) data enrichment efforts. This move creates a critical void in the actionable CVE intelligence that security teams have long relied upon for vulnerability management and risk prioritization. In response, industry leaders and ad hoc coalitions are rapidly forming to develop alternative solutions and fill this essential data gap.

New findings reveal that WhatsApp metadata, even without direct interaction, can expose surprising details about users to non-contacts. This capability allows strangers to infer limited yet potentially valuable information, raising concerns beyond typical privacy settings and highlighting a subtle but significant vector for data gathering. The implications extend to how widely used messaging platforms inadvertently contribute to the broader digital footprint available for passive observation.

Vercel, the company behind the popular Next.js framework, recently disclosed an expanded data breach, revealing unauthorized access to its internal systems and additional compromised customer accounts. The incident's root cause has been linked to stolen OAuth tokens, stemming from an employee's interaction with an AI tool, Context.ai. This incident highlights the evolving threat landscape where third-party AI tools can inadvertently become vectors for sophisticated supply chain attacks.

Chinese Advanced Persistent Threat (APT) groups have significantly escalated their surveillance of India's financial sector, employing "stale TTPs" that suggest either a low-effort approach or a high degree of confidence in these known methods. These same actors are also observed actively monitoring Korean policy circles, indicating a broader, multifaceted intelligence gathering operation across key Asian nations. The seemingly outdated tactics raise questions about the immediate objectives and the perceived value of the targeted information.

Google has addressed a critical Remote Code Execution (RCE) vulnerability within its 'Antigravity' AI agent, a sophisticated prompt-injection sanitization issue that allowed attackers to escape the product's sandbox. This flaw granted arbitrary code execution capabilities, particularly during filesystem operations, highlighting a significant security exposure in advanced AI systems. The successful patch mitigates a direct threat to Google's AI infrastructure and user data.

A critical remote code execution (RCE) flaw, identified as CVE-2026-1731, has been discovered in Bomgar's Remote Monitoring and Management (RMM) tools, posing an immediate and severe threat to organizations globally. This vulnerability allows attackers to execute arbitrary code on compromised systems, opening the door for widespread supply chain exploitation and devastating ransomware attacks. The flaw's potential for pervasive impact on IT infrastructure cannot be overstated, demanding urgent attention from cybersecurity teams.

North Korea is intensifying its cyber operations, weaponizing sophisticated fake job scams to infiltrate organizations and deploy malware. These campaigns exploit trusted platforms, with compromised developer repositories acting as insidious, worm-like vectors to spread Remote Access Trojans (RATs) and other malicious payloads. The strategy leverages social engineering alongside supply chain vulnerabilities, posing a significant threat across industries.

German defense giant Rheinmetall has secured a multibillion-dollar framework contract with the Bundeswehr for its FV-014 loitering munitions, marking a significant investment in Germany's autonomous strike capabilities. The deal, which includes an initial call-off worth approximately €300 million and an option for a five-figure number of units, will see deliveries of the 100km-range, 70-minute endurance drones commence in H1 2027.

Microsoft's built-in security platform, Windows Defender, is being actively weaponized by three proof-of-concept exploits, two of which remain unpatched and pose ongoing critical risks. These sophisticated attacks transform the very tool designed to protect Windows systems into an attacker's asset. This development highlights a severe escalation in adversarial tactics, as attackers leverage trusted security software against its users.

Microsoft has issued urgent out-of-band updates to address CVE-2026-40372, a critical privilege escalation vulnerability in ASP.NET Core with a severe CVSS score of 9.1. This flaw allows an unauthorized attacker to gain SYSTEM privileges, disclose sensitive files, and modify data, primarily impacting Linux/macOS applications that utilize specific versions of Microsoft.AspNetCore.DataProtection.

On January 31, 2026, Moltbook, a social network designed for AI agents, was found to have left its database exposed, leaking 35,000 email addresses and a staggering 1.5 million agent API tokens. Critically, the breach also included plaintext third-party credentials, such as OpenAI API keys, shared within private messages, revealing a severe permission breakdown at the intersection of interconnected AI services.

Cybersecurity researchers have uncovered a new and highly destructive data wiper, dubbed Lotus Wiper, which has been actively targeting Venezuela's critical energy and utilities sectors since late last year. This previously undocumented malware is engineered to obliterate systems by overwriting physical drives, deleting recovery mechanisms, and erasing files, leaving affected infrastructure inoperable.