Security

Cybersecurity Alert: RustFS Vulnerability, Iranian Cyber Operations, WebUI Remote Code Execution, Cloud Data Leaks, and More Critical Updates

Published

3 months ago

January 9, 2026

BTI Team

into plain text.

Open WebUI RCE Risk

The National Security Bureau (NSB) reported that China’s cyber army conducted an average of 2.63 million intrusion attempts per day targeting Taiwan’s critical infrastructure across nine main sectors. These sectors included administration and agencies, energy, communications, transportation, emergency rescue and hospitals, water resources, finance, science parks, industrial parks, and food. The energy and emergency rescue/hospitals sectors experienced a significant increase in cyber attacks from Chinese threat actors. The attacks were carried out by five Chinese hacking groups: BlackTech, Flax Typhoon, HoneyMyte, APT41, and UNC3886. These groups targeted network equipment and industrial control systems of Taiwan’s energy companies to plant malware. NSB mentioned that China has integrated military, intelligence, industrial, and technological capabilities to enhance the depth and stealth of their cyberattacks. Additionally, China’s cyber army exploited vulnerabilities in major hospitals’ websites and systems in Taiwan to drop ransomware and conduct adversary-in-the-middle attacks against communications companies to steal data.

The risk of a hostile server sending crafted server-sent events messages that trigger JavaScript code execution in browsers has been highlighted. This could lead to the theft of authentication tokens stored in localStorage, granting full access to the victim’s Open WebUI account. Chats, uploaded documents, and API keys are at risk of exposure.

Recent Cybersecurity Threats: A Recap

As cyber threats continue to evolve, it’s essential to stay informed about the latest trends and vulnerabilities. Here’s a summary of recent developments in the cybersecurity landscape:

Phishing-as-a-Service (PhaaS) Kits

The latest phishing kits come equipped with advanced anti-analysis features, MFA bypass capabilities, and stealth deployment tactics that enhance their ability to evade detection through conventional means. PhaaS kits offer a significant advantage by lowering the entry barrier, enabling even less technically skilled attackers to conduct large-scale, targeted phishing campaigns with minimal effort. Common phishing themes observed recently include fake messages related to payments, finances, legal matters, digital signatures, and HR, all designed to trick users into taking malicious actions like clicking on links, scanning QR codes, or opening attachments. These kits also employ novel techniques such as URL obfuscation, CAPTCHA integration for authenticity, malicious QR codes, exploitation of trusted online platforms, and ClickFix, among others.

Zed IDE Remote Code Execution (RCE) Vulnerabilities

Recently, two high-severity security flaws were identified in the Zed IDE, exposing users to potential arbitrary code execution when interacting with maliciously crafted source code repositories. One of the vulnerabilities (CVE-2025-68433) allowed automatic loading of MCP settings from the workspace without user confirmation, enabling a malicious project to execute arbitrary code without explicit permission. The second vulnerability (CVE-2025-68432) involved the IDE trusting project-supplied Language Server Protocol (LSP) configurations, potentially leading to arbitrary command execution when opening source code files. Following responsible disclosure, Zed released version 0.218.2-pre to address these issues promptly.

Stay vigilant and keep your systems updated to mitigate cybersecurity risks effectively. Remember, even minor vulnerabilities can escalate into significant threats if overlooked. Watch out for subtle signs of malicious activity and avoid trusting seemingly normal situations too quickly.

For more cybersecurity updates and insights, be sure to check back next Thursday for another edition of ThreatsDay, featuring highlights from the week’s major security events.