In this January threat briefing, Nathanael Iversen covers the cybersecurity developments that matter right now.
We begin with Microsoft’s January Patch Tuesday, which fixes over 100 vulnerabilities, including multiple critical remote code execution flaws affecting Windows, Office, and core services. Patching remains one of the few controls that actually eliminates risk — not just manages it.
Next, we examine leaked internal communications from the BlackBasta ransomware group, exposing how modern cybercrime operates as a professional supply chain backed by hosting providers and cover companies — and how the leak enabled real law-enforcement disruption.
Finally, we look at the growing security risk of Agentic AI. OpenAI has acknowledged that prompt injection remains an unresolved challenge. We discuss what that means for enterprise data and why identity-based access and segmentation are emerging as practical safeguards.
Topics covered:
Stay informed, reduce exposure, and make it harder for attackers to succeed.