This month in security with Tony Anscombe – January 2026 edition

WeLiveSecurity T2 clear 30 Jan 2026 362 words ORIGINAL
Classification
SEV 3/10
This month in security with Tony Anscombe – January 2026 edition Video The trends from January offer useful clues about the risks and priorities that security teams are likely to contend with throughout the year Editor 30 Jan 2026 The year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to face in the months ahead. It's therefore time for ESET Chief Security Evangelist Tony Anscombe to look back on some of the month's most impactful cybersecurity stories. Here's some of what caught Tony's eye: the IT service management firm ServiceNow has patched what is the most severe AI-driven security vulnerability found to date; if exploited, CVE-2025-12420 could have let unauthenticated attackers pose as admins on the company's AI platform, how unsecured Zendesk support systems were abused to launch a massive spam campaign , cyber-fraud has displaced ransomware as the top concern among CEOs across the world, according to the World Economic Forum , US sports brand Nike is investigating an alleged cybersecurity incident after a ransomware gang claimed to have stolen 1.4 TB worth of data from the company's systems.
CONFIDENCE41%
Categories
vulnerabilityransomwareiot_ot_security
Threat Actors
Target Sectors

This month in security with Tony Anscombe – January 2026 edition Video The trends from January offer useful clues about the risks and priorities that security teams are likely to contend with throughout the year Editor 30 Jan 2026 The year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to face in the months ahead. It's therefore time for ESET Chief Security Evangelist Tony Anscombe to look back on some of the month's most impactful cybersecurity stories.

Here's some of what caught Tony's eye: the IT service management firm ServiceNow has patched what is the most severe AI-driven security vulnerability found to date; if exploited, CVE-2025-12420 could have let unauthenticated attackers pose as admins on the company's AI platform, how unsecured Zendesk support systems were abused to launch a massive spam campaign , cyber-fraud has displaced ransomware as the top concern among CEOs across the world, according to the World Economic Forum , US sports brand Nike is investigating an alleged cybersecurity incident after a ransomware gang claimed to have stolen 1.4 TB worth of data from the company's systems.

What are some of the lessons businesses should take away from these incidents? Be sure to check out the video, as well as watch the December 2025 edition of Tony's security news roundup for more news and insights. Let us keep you up to date Ukraine Crisis newsletter Regular weekly newsletter Subscribe Video This month in security with Tony Anscombe – April 2026 edition Video This month in security with Tony Anscombe – April 2026 edition Video This month in security with Tony Anscombe – March 2026 edition Video This month in security with Tony Anscombe – March 2026 edition Video RSAC 2026 wrap-up – Week in security with Tony Anscombe Video RSAC 2026 wrap-up – Week in security with Tony Anscombe Similar Articles Digital Security Drowning in spam or scam emails?

Here’s probably why Video This month in security with Tony Anscombe – December 2025 edition Share Article Discussion

Extracted Entities (1)
CVEs
CVE-2025-12420
ID: 268Lang: enType: article