This Month in Cybersecurity - January 2026 edition 
January brought some headlines, from privacy debates in the hybrid workplace to critical vulnerabilities in the devices we use every day. Here is a roundup of the key cybersecurity developments reshaping the the industry this month:
Global Cybersecurity Outlook 2026
The World Economic Forum’s Global Cybersecurity Outlook 2026 report, produced in collaboration with Accenture, highlights how the convergence of accelerating AI adoption, geopolitical fragmentation, and widening cyber inequity is fundamentally reshaping the global risk landscape. As cyberattacks become faster, more complex, and unevenly distributed, the report warns that cyber-enabled fraud has emerged as one of the most pervasive global threats, pressuring organizations and governments to adapt despite persistent sovereignty challenges and capability gaps. Drawing on insights from global leaders, the outlook underscores the urgent need for strategic investment and policy shifts to bridge these divides and build resilience against an increasingly volatile digital environment.
| Date: | Jan 12, 2026 |
|---|---|
| Source: | The World Economic Forum |
| Author: | The World Economic Forum |
Signal creator Moxie Marlinspike wants to do for AI what he did for messaging
Moxie Marlinspike, the creator of the encrypted messaging app Signal, is launching a new project called Confer that aims to bring the same level of privacy to artificial intelligence. Confer is an open-source AI assistant designed to ensure that user data and queries remain completely private, inaccessible even to the platform’s operators, law enforcement, or hackers. By utilizing trusted execution environments (TEEs) and passkey-based encryption, the service allows users to interact with large language models in the cloud while keeping the actual content of those interactions encrypted and secure, effectively offering a “Signal for AI” alternative to data-mining platforms like ChatGPT.
| Date: | Jan 13, 2026 |
|---|---|
| Source: | ARS Technica |
| Author: | Dan Goodwin |
Never-before-seen Linux malware is “far more advanced than typical”
Researchers have uncovered a highly sophisticated, modular Linux malware framework dubbed VoidLink, which stands out for its advanced capabilities and professional-grade design. Identified by Check Point Research, VoidLink targets public cloud environments and containerized platforms with a toolkit of over 30 modules that enable stealthy reconnaissance, privilege escalation, and credential harvesting while actively evading detection. Unlike typical opportunistic Linux threats, this “never-before-seen” framework appears to be the work of a well-resourced actor, potentially leveraging AI generation, aimed at maintaining long-term, persistent access to compromised infrastructure.
| Date: | Jan 13, 2026 |
|---|---|
| Source: | ARS Technica |
| Author: | Dan Goodwin |
Your headphones may be tracking you – how a Google Fast Pair exploit lets hackers spy in seconds
A critical set of vulnerabilities dubbed “WhisperPair” in Google’s Fast Pair technology, allows hackers to turn Bluetooth headphones and speakers into tracking devices. By exploiting flaws in the pairing process, an attacker within Bluetooth range can bypass security protocols to pair with a victim’s device without authentication, potentially accessing the microphone, eavesdropping on conversations, or tracking the user’s location via Google’s “Find My Device” network. The exploit affects dozens of popular models from brands like Sony, JBL, and OnePlus, and while some manufacturers are rolling out firmware updates, many users remain vulnerable unless they manually install these patches through specific companion apps.
| Date: | Jan 16, 2026 |
|---|---|
| Source: | Tech Radar |
| Author: | Alex Blake |
GitLab warns of high-severity 2FA bypass, denial-of-service flaws
GitLab has released urgent security updates to address a high-severity vulnerability (CVE-2026-0723) that allows attackers to bypass Two-Factor Authentication (2FA) by submitting forged device responses, potentially leading to unauthorized account access. The update also resolves multiple Denial-of-Service (DoS) flaws found in the Jira Connect integration and Releases API, which could enable unauthenticated users to crash GitLab instances. These vulnerabilities affect the 18.x branch, prompting GitLab to release patched versions 18.8.2, 18.7.2, and 18.6.4, with self-managed users advised to upgrade immediately to prevent unauthorized access and service disruptions.
| Date: | Jan 21, 2026 |
|---|---|
| Source: | Bleeping Computer |
| Author: | Sergiu Gatlan |
Microsoft Teams to Share your Location With Your Employer Soon Based on Wi-Fi Network
Microsoft is set to release a feature in March 2026 that allows Teams to automatically detect and display a user’s specific office location based on their Wi-Fi connection. Designed to facilitate hybrid collaboration by letting colleagues know which building someone is working from, the feature includes privacy protections such as being off by default, requiring user opt-in, and only operating during working hours. However, despite these safeguards, the update has sparked privacy concerns regarding potential workplace surveillance, as it offers employers granular data on employee attendance and physical location without requiring manual reporting.
| Date: | Jan 24, 2026 |
|---|---|
| Source: | Cyber Security News |
| Author: | Guru Baran |
That’s a wrap! 
We’d love to hear your thoughts. Don’t hesitate to share any comments or additional news we might have missed in the Passbolt community forum.