This Week in Cybersecurity: Breaches, Critical Bugs, and Threat Actors on the Move
Jan 27, 2026•
3 min read
Share
This Week in Cybersecurity: Breaches, Critical Bugs, and Threat Actors on the Move
3:53
By Heather Walters
The cybersecurity landscape continues to shift rapidly, with major data exposures, actively exploited vulnerabilities, and emerging attack techniques dominating headlines.
Over the past week, organizations large and small have been targeted by ransomware groups, exploited because of exposed infrastructure, or forced to respond to credential theft and breach confirmations. Below is a roundup of the most significant cyber events from the past seven days, with links to more detailed reporting on each.
🔓 Crunchbase confirms data breach after hacker publication
Market intelligence firm Crunchbase confirmed that its systems were breached after hackers published allegedly stolen files online, including potentially sensitive data associated with customers and internal operations. The incident is part of a broader series of ShinyHunters-linked leaks affecting multiple services.
🛠️ Cisco Unified Communications zero-day under exploit
Cisco has released patches for another critical zero-day vulnerability (CVE-2026-20045) impacting its Unified Communications Manager and related products is being actively exploited in the wild. The flaw allows unauthenticated attackers to execute arbitrary commands and potentially gain elevated access, prompting urgent patches and advisories.
📨 SmarterMail servers exposed to account hijacking
Security researchers found that over 6,000 SmarterMail email servers remain exposed and vulnerable to a critical authentication bypass flaw (CVE-2026-23760), enabling attackers to hijack administrative accounts and take full control of affected instances. Administrators have been urged to update to the latest patched build immediately.
🔐 149 million credentials exposed in broad infostealer breach
A massive exposure of 149 million credentials, including accounts tied to platforms like Facebook and Instagram, was traced back to large-scale infostealing malware activity — underscoring ongoing threats from credential harvesting and reuse.
Nike is probing a potential data breach after the WorldLeaks cybercrime group claimed to have accessed 1.4 TB of company data — although the full scope and legitimacy of the incident are still being assessed by the organization.
⚠️ Poland power grid disruption linked to Russian actors
According to security reporting, Russian government–linked hackers were behind an attempted disruption of the Polish power grid using data-wiping malware, illustrating ongoing geopolitical threat activity against critical infrastructure.
This week’s cybersecurity headlines reflect a diverse and persistent threat environment — ranging from large-scale credential exposures and data breaches to actively exploited vulnerabilities in enterprise communications software. Developer ecosystems and cloud services remain attractive targets for cybercriminals, while attacks tied to geopolitical actors continue to underscore the importance of defending critical infrastructure.
Organizations should prioritize timely patching, secure configuration of exposed services, and robust monitoring for unusual activity. For individuals and enterprises alike, credential hygiene, multi-factor authentication, and vigilance around third-party dependencies will remain key components of a strong defense. Stay tuned for next week’s roundup as we continue tracking the stories shaping the cybersecurity landscape.
Ready to see how OpenVPN can help protect your organization from attacks?
Try the self-hosted Access Server solution or managed CloudConnexa service for free - no credit card required.
.png)