Mishcon de Reya page structure
Site header
Menu
Main content section

Monthly Cyber Threats Report - January 2026

Issue 13: January 2026

Monthly Cyber Threats Report - January 2026

Editor's note

Francisco Sanches
Francisco Sanches

Our monthly report prepares cyber security practitioners to make better tactical, operational and strategic decisions. We have distilled analysis of key events from the previous month which have learning points that can be actioned to improve security.

News
Cyber padlock

VMware ESXi zero-day exploits: over 30,000 instances at risk

In December 2025, Huntress researchers uncovered a sophisticated attack campaign targeting VMware ESXi hypervisors, revealing a threat actor had developed and weaponised exploits for three critical vulnerabilities well before their public disclosure and patching in March 2025. Forensic analysis of the toolkit revealed timestamps dating back to February 2024 - over a year before VMware’s public disclosure.

3 mins
News
a laptop with code on the screen

Malicious Chrome extensions harvest AI conversations from 900K users

In December 2025, security researchers discovered malicious Chrome browser extensions that were secretly collecting users' conversations with AI chatbots like ChatGPT and DeepSeek. These have now been removed following responsible disclosure by researchers. Over 900,000 people downloaded these extensions, believing they were legitimate productivity tools.

3 mins
News
Blue technology waves

Legacy authentication protocol puts entire networks at risk

Mandiant (Google’s incident response, digital forensics, and threat intelligence division) has publicly released a comprehensive dataset of Net-NTLMv1 rainbow tables, generated using Google Cloud's scalable compute resources.

2 mins

Subscribe

Never miss a publication by signing up to our mailing list

Monthly Cyber Threats Report - January 2026 Issues

Previous
How can we help you?
Help

How can we help you?

Subscribe: I'd like to keep in touch

If your enquiry is urgent please call +44 20 3321 7000

Crisis Hotline

I'm a client

I'm looking for advice

Something else