Live Threat Feed

ThreatWatch

Curated cybersecurity news, vulnerabilities, and threat intelligence. Stay informed without the noise.

Last updated: Jan 30, 2026 • 01:40 UTC

Critical
High
Medium
Low
🔓
criticalVulnerabilityJan 29

Ivanti EPMM Zero-Days Actively Exploited (CVE-2026-1281, CVE-2026-1340)

Two critical vulnerabilities in Ivanti Endpoint Manager Mobile are being actively exploited in zero-day attacks. Patch immediately.

#ivanti#zero-day#mdm#epmm
via BleepingComputer
💥
highData BreachJan 29

Match Group Breach Exposes Tinder, Hinge, OkCupid User Data

Match Group confirmed a cybersecurity incident compromising user data across Tinder, Match.com, Meetic, OkCupid, and Hinge dating platforms.

#data-breach#dating-apps#pii
via BleepingComputer
⚠️
highThreatJan 29

175,000 Ollama AI Servers Exposed Across 130 Countries

SentinelOne reveals massive exposure of Ollama AI infrastructure. Nearly half have tool-calling enabled for code execution. 30% located in China.

#ai#ollama#exposure#llm
via The Hacker News
📰
infoNewsJan 28

FBI Seizes RAMP Cybercrime Forum Used by Ransomware Gangs

FBI takes down notorious RAMP forum, one of the few remaining platforms openly promoting ransomware operations and malware services.

#fbi#takedown#ransomware#darknet
via BleepingComputer
🔓
criticalVulnerabilityJan 28

n8n Workflow Automation RCE via Sandbox Escape

Two sandbox escape vulnerabilities in n8n workflow automation allow attackers to execute arbitrary code on the underlying host.

#n8n#rce#sandbox-escape#automation
via BleepingComputer
⚠️
highThreatJan 28

Polish Energy Grid Cyberattack Hit 30 Facilities

Coordinated attack on Poland's power grid in December targeted CHP facilities and wind/solar dispatch systems across multiple DER sites.

#ics#energy#poland#infrastructure
via BleepingComputer
⚠️
highThreatJan 29

Hugging Face Abused for Android Malware Distribution

Threat actors using Hugging Face ML platform to host thousands of Android malware APK variants targeting financial and payment services.

#android#malware#huggingface#credentials
via BleepingComputer
⚠️
highThreatJan 29

Aisuru Botnet Sets DDoS Record at 31.4 Tbps

Aisuru/Kimwolf botnet launched record-breaking DDoS attack in December 2025, peaking at 31.4 Tbps and 200 million requests per second.

#ddos#botnet#record
via BleepingComputer
⚠️
highThreatJan 28

Mustang Panda Deploys Updated COOLCLIENT Backdoor

China-linked APT targeting government entities in Myanmar, Mongolia, Malaysia, and Russia with updated COOLCLIENT backdoor alongside PlugX.

#apt#china#mustang-panda#espionage
via The Hacker News
💥
criticalData BreachJan 28

eScan Antivirus Update Server Breached, Pushed Malware

MicroWorld Technologies confirms eScan update server was compromised and used to distribute malicious updates to customers.

#supply-chain#antivirus#escan#update-hijack
via BleepingComputer

Want In-Depth Analysis?

Check out my editorial articles for detailed breakdowns and practical advice.

Read Security Articles