Cyber: ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More
Some weeks in cybersecurity feel routine. This one doesn’t.
Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech companies also drew attention.
Together, these updates offer a useful snapshot of what is happening behind the scenes in the cyber world right now. From new tactics and campaigns to security and policy changes that could affect millions of users, there is a lot unfolding at once.
Below is a quick roundup of the most notable stories making headlines this week.
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a hacking campaign targeting Ukrainian government institutions using phishing emails containing a ZIP archive (or a link to a website vulnerable to cross-site scripting attacks) to distribute SHADOWSNIFF and SALATSTEALER information-stealing malware and a Go backdoor called DEAFTICKK. The agency attributed the activity to a threat actor tracked as UAC-0252. The development comes as a suspected Russian espionage campaign is targeting Ukraine with two previously undocumented malware strains, BadPaw and MeowMeow, according to ClearSky. While the campaign is likely said to be the work of APT28, the cybersecurity company did not identify the targets of the campaign or say whether the attacks were successful.
A new malware-as-a-service (MaaS) dubbed TrustConnect ("trustconnectsoftware[.]com") masqueraded as a legitimate remote monitoring and management (RMM) tool for $300 per month. It's assessed that the threat actor behind TrustConnect was also a prominent user of RedLine Stealer. According to email security firm Proofpoint, multiple threat actors have been observed distributing the malware via phishing emails as of January 27, 2026. The emails claim to be event invites or bid proposals, tricking recipients into clicking on links that lead to the downlo
