Security news weekly round-up - 30th January 2026
Source: Dev.to
In the context of cybersecurity, there are two types of developers. The first type builds applications that keep users safe, while the other creates applications to harm or steal something of value from users. It’s a never‑ending race.
As an end user, it’s your duty to stay informed. Reading the right thing at the right time might be what you need to stop an attack against yourself or your organization.
‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing
Read the full article on SecurityWeek
The real threat of this malware toolkit: you can see the legitimate website URL in the web browser address bar and you are still on a phishing page! Wild, if you say.
Drowning in spam or scam emails? Here’s probably why
Read the full article on WeLiveSecurity
“Spammers don’t just source their email lists from large‑scale data breaches. Some of them get hold of these details by using bots to scrape public‑facing websites like social media platforms. Bad bot traffic accounts for 37 % of all internet traffic. If your details were in the public domain, they may have been caught up in such a campaign.”
The article lists possible causes of the increase in spam, what to do, and what not to do in the future.
WhatsApp Rolls Out Lockdown‑Style Security Mode to Protect Targeted Users From Spyware
Read the full article on The Hacker News
If you work in a sensitive industry or believe you could be a target of a cyber attack via WhatsApp, this setting is for you.
How it works:
The lockdown‑style feature bolsters your security on WhatsApp with just a few taps by locking your account to the most restrictive settings—automatically blocking attachments and media from unknown senders, silencing calls from people you don’t know, and restricting other settings that may limit how the app works.
Apple’s New iPhone and iPad Security Feature Limits Cell Networks from Collecting Precise Location Data
Read the full article on TechCrunch
Apple continues to protect its users’ privacy with a new feature that, when enabled, limits the precision of location data that iPhones and cellular‑enabled iPads share with the carrier. Instead of a street address, the device shares a less‑precise location such as the general neighborhood, helping to protect the owner’s privacy.
LLMs Hijacked, Monetized in ‘Operation Bizarre Bazaar’
Read the full article on SecurityWeek
With the popularity of LLM‑powered chatbots, agents, and MCP servers, this development is unsurprising. The issue concerns self‑hosted LLM infrastructure with inadequate security, not cloud services like ChatGPT or Claude.
“Exploited systems include Ollama instances on port 11434 without authentication, web‑exposed OpenAI‑compatible APIs on port 8000, exposed MCP servers with no access control, development environments with public IPs, and production chatbots that lack authentication or rate limits.”
The operation is run by a threat actor using the moniker Hecker, also known as Sakuya and LiveGamer101.
Cover photo by Debby Hudson on Unsplash.