{"id":206703,"date":"2026-01-26T06:55:00","date_gmt":"2026-01-26T11:55:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/01\/26\/firewall-flaws-ai-built-malware-browser-traps-critical-cves-more\/"},"modified":"2026-01-26T14:20:07","modified_gmt":"2026-01-26T19:20:07","slug":"firewall-flaws-ai-built-malware-browser-traps-critical-cves-more","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/01\/26\/firewall-flaws-ai-built-malware-browser-traps-critical-cves-more\/","title":{"rendered":"Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs &#038; More"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/01\/weekly-recap-firewall-flaws-ai-built.html\">Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs &#038; More<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/01\/weekly-recap-firewall-flaws-ai-built.html\">https:\/\/thehackernews.com\/2026\/01\/weekly-recap-firewall-flaws-ai-built.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-01-26 06:55:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p><span class=\"p-author\">\ue804<span class=\"author\">Ravie Lakshmanan<\/span>\ue802<span class=\"author\">Jan 26, 2026<\/span><\/span><span class=\"p-tags\">Hacking News \/ Cybersecurity<\/span><\/p>\n<p>Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week&#8217;s recap shows that pattern clearly.<\/p>\n<p>Attackers are moving faster than defenses, mixing old tricks with new paths. &#8220;Patched&#8221; no longer means safe, and every day, software keeps becoming the entry point.<\/p>\n<p>What follows is a set of small but telling signals. Short updates that, together, show how quickly risk is shifting and why details can&#8217;t be ignored.<\/p>\n<h2 style=\"text-align: left;\"><strong>\u26a1 Threat of the Week<\/strong><\/h2>\n<p><strong>Improperly Patched Flaw Exploited Again in Fortinet Firewalls <\/strong>\u2014 Fortinet confirmed that it&#8217;s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. &#8220;We have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the time of the attack, which suggested a new attack path,&#8221; the company said. The activity has been found to exploit an incomplete patch for CVE-2025-59718 and CVE-2025-59719, which could allow unauthenticated bypass of SSO login authentication via crafted SAML messages if the FortiCloud SSO feature is enabled on affected devices. In the absence of a fix, users are advised to restrict administrative access of edge network devices and turn off FortiCloud SSO logins by disabling the &#8220;admin-forticloud-sso-login&#8221; setting.<\/p>\n<h2 style=\"text-align: left;\"><strong>\ud83d\udd14 Top News<\/strong><\/h2>\n<ul>\n<li><strong>TikTok Forms New U.S. Entity to Avoid Federal Ban <\/strong>\u2014 TikTok officially announced that it formed a joint venture that will allow the hugely popular video-sharing application to continue operating in the U.S. The new venture, named TikTok USDS Joint Venture LLC, has been established in compliance with the Executive Order signed by U.S. President Donald Trump in September 2025, the platform said. The new deal will see TikTok&#8217;s Chinese parent company, ByteDance, selling the majority of&#8230;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/01\/weekly-recap-firewall-flaws-ai-built.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs &#038; More https:\/\/thehackernews.com\/2026\/01\/weekly-recap-firewall-flaws-ai-built.html Publish Date: 2026-01-26 06:55:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":206704,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhcilIguxvzDODT4rcvO6MxiCqaxrO-__efMroo0PnuIHh189dVEamSzAvGqVGDycJAHQj_Mq1wlskwsKomv4UIwShUlyl6wlOuyXxWp4sqeNWK-xn3cwrTpXYTD-cZSBW6cRV5WGjKv_K534pbFIBJA5cjvqm3cYh5JE5ZpFwiYGsautuvOmcbOnowEbP4\/s1700-e365\/jan-recap.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,32,27],"class_list":["post-206703","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-malware","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/206703"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=206703"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/206703\/revisions"}],"predecessor-version":[{"id":206705,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/206703\/revisions\/206705"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/206704"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=206703"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=206703"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=206703"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}