State of (in)security - Week 5, 2026
Take action: This week focus on patching MS Office. Hackers attack with malicious MS Office documents. Restart all Microsoft 365 and Office 2021 applications immediately to trigger the service-side security fix. For older versions like Office 2016, apply registry workarounds until Microsoft releases a formal patch.
Learn More
In the week between Jan. 26, 2026, midnight and Feb. 2, 2026, midnight we witnessed a total of:
- 15 advisory/vulnerability events
- 18 incident/data breach events
Week over Week comparison of week 5 2026 vs week 4 2025 :
- Advisories remain the same and incidents are down. Advisories remain the same, 15 in week 4 2026 and in week 5 2026. Incidents are down from 20 in week 4 2026 to 18 in week 5 2026.
- The number of known impacted individuals is down - from 149.7 million in week 4 2026 to 154 thousand in week 5 2026.
We also shared 5 practical knowledge items
Total impacted individuals via the events of the week
There were a total of 153,850 impacted individuals across 6 incidents, with the largest breach being the StopICE Activist Platform Breach Exposes 100,000 Users to Federal Agencies incident exposing 100,000 individuals. Since not all incidents report a number of impacted individuals, the real number is definitely higher than that.
Cause breakdown of incidents
| Cause | Number of incidents |
|---|
Industry breakdown of incidents
| Industry | Number of incidents |
|---|---|
| Healthcare | 4 |
| IT/Software/Technology | 3 |
| Consulting/Professional Services | 2 |
| Government | 2 |
| Retail | 1 |
| Finance | 1 |
| Education | 1 |
| Media | 1 |
| Non-profit/Charity | 1 |
| Other | 1 |
| Food and Beverage | 1 |
Read the Event Details of the Week
Knowledge
- active exploit | Fortinet Patches Critical FortiOS SSO Authentication Bypass Under Active Attack
- active exploit | Ivanti Patches Critical Zero-Day RCE Flaws in EPMM
- active exploit | Microsoft Issues Emergency Patch for Actively Exploited Office Zero-Day
- active exploit | SmarterTools Patches Critical Unauthenticated RCE and Active Exploits in SmarterMail
- active exploit | WinRAR Path Traversal Bug Actively Exploited in New Campaign
Vulnerabilities
- data breach | Apache Hadoop HDFS Native Client Vulnerability
- critical vulnerability | Clawdbot Security Issues: Over 1,000 AI Agent Servers Exposed to Unauthenticated Access
- critical vulnerability | Critical Cellbreak Vulnerability in Grist-Core Enables Remote Code Execution
- critical vulnerability | Critical File System Vulnerability Patched in iba Systems ibaPDA
- critical vulnerability | Critical Flaws in Dormakaba Access Systems Allow Remote Door Control
- critical vulnerability | Critical n8n Sandbox Escapes Enable Remote Code Execution
- critical vulnerability | Critical Remote Code Execution Vulnerability Reported in Python PLY Library
- critical vulnerability | Critical Sandbox Escape in vm2 Library Allows Remote Code Execution
- critical vulnerability | Festo Didactic SE MES PCs Vulnerable to 140 Security Flaws via XAMPP
- critical vulnerability | Instagram Silently Patches Server-Side Flaw Exposing Private Posts
- critical vulnerability | Johnson Controls Patches Critical SQL Injection Flaw in Metasys Building Automation
- critical vulnerability | KiloView Encoder Account Takeover Vulnerability
- critical vulnerability | NetSupport Manager Zero-Day Flaws Enable Unauthenticated Remote Code Execution
- critical vulnerability | Security Flaws in Pix-Link LV-WR21Q Routers Expose Wi-Fi Passwords
- critical vulnerability | SolarWinds Patches Critical RCE and Auth Bypass Flaws in Web Help Desk
Incidents
- data breach | Nova Ransomware Group Claims Breach of KPMG Netherlands
- data breach | 360 Dental PC Data Breach Impacts 11,000 Patients
- data breach | Crunchbase Data Breach: ShinyHunters Exfiltrate 2 Million Records via Vishing
- data breach | ABC News Facebook Page Compromised via Staff Account Takeover
- data breach | Ransomware Attack Cripples New Britain City Systems
- data breach | Canada Computers Notifies Customers of Web-Based Data Theft Incident
- data breach | Long Island Weight Loss Institute Reports Data Breach Exposing Patient Health Records
- data breach | CFD Investments Reports Data Breach Following Employee Email Compromise
- data breach | StopICE Activist Platform Breach Exposes 100,000 Users to Federal Agencies
- data breach | Urology Associates of Green Bay Reports Patient Email Exposure
- data breach | Hackers Claim Breach of 14 Million Records From Panera Bread
- data breach | Multiple Health Groups in Central Oregon Report breach Through TriZetto Incident
- data breach | ShinyHunters Group Claim Breach of Match Group, Leaks Data
- data leak | Bangladesh Election Commission Website Leak Exposes Data of 14,000 Journalists
- data leak | Researcher Reports that AI Social Network Moltbook Leaks All AI Agent Authentication Keys
- ransomware | Melwood Ransomware Attack and Data Breach
- ransomware | Anubis Ransomware Group Targets New Zealand Law Firm Langley Twigg
- ransomware | Trocaire College Ransomware Incident Exposes Data of 23,436 Individuals
