CISA and the UK National Cyber Security Centre (NCSC-UK), in collaboration with federal and international partners, have released Secure Connectivity Principles for Operational Technology (OT) guidance to help asset owners address increasing business and regulatory pressures for connectivity into operational technology (OT) networks.

A critical unauthenticated Remote Code Execution (RCE) vulnerability affecting n8n workflow automation platform has been observed. The critical vulnerability, tracked as CVE-2026-21858, allows unauthenticated threat actors to access sensitive files on the underlying server through execution of certain form-based workflows leading to RCE. This vulnerability is assessed as CVSS 10.0.

ASD’s ACSC is aware of active global exploitation affecting MongoDB servers CVE-2025-14847. ASD’s ACSC recommends that organisations take immediate action to mitigate affected products, apply the latest patches and investigate for potential compromise.

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of a critical vulnerability in WatchGuard Firebox devices.

The Cybersecurity and Infrastructure Security Agency (CISA) and National Institute of Standards and Technology (NIST) have released an initial draft of Interagency Report (IR) 8597 Protecting Tokens and Assertions from Forgery, Theft, and Misuse for public comment through January 30, 2026. This report is in response to Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144, providing implementation guidance to help federal agencies and cloud service providers (CSPs) protect identity tokens and assertions from forgery, theft, and misuse.  

Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Canadian Centre for Cyber Security released an update to the Malware Analysis Report BRICKSTORM Backdoor with indicators of compromise (IOCs) and detection signatures for additional BRICKSTORM samples. This update provides information on additional samples, including Rust-based samples. These samples demonstrate advanced persistence and defense evasion mechanisms, such as running as background services, and enhanced command and control capabilities through encrypted WebSocket connections.

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland Security Systems Engineering and Development Institute (HSSEDI), operated by the MITRE Corporation, has released the 2025 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses. This annual list identifies the most critical weaknesses adversaries exploit to compromise systems, steal data, or disrupt services. 

CISA released 12 Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. 

Today, CISA released updated Cross-Sector Cybersecurity Performance Goals (CPG 2.0) with measurable actions for critical infrastructure owners and operators to achieve a foundational level of cybersecurity. 

This guide will help you protect your business from cyber attacks by supporting you to embed Cyber Essentials in your supply chain.