Major Cyberattack on Russian Security Firm Delta Disrupts Services

On January 26, 2026, Delta, a leading Russian alarm and vehicle security provider, suffered a substantial cyberattack that has severely disrupted services for tens of thousands of customers. Although there are unverified reports circulating online suggesting a potential data breach, Delta has not confirmed any unauthorized access to customer data. This incident underscores the vulnerabilities that even critical security providers face in the evolving threat landscape.

In a separate alarming trend, two malicious extensions masquerading as AI-driven coding assistants for Microsoft Visual Studio Code were discovered, boasting over 1.5 million installs. These extensions were secretly capturing and exfiltrating developers' source code without consent, raising serious concerns about supply chain security and the integrity of software development tools.

Also In Security Today

Critical Vulnerabilities in Cisco and VMware: A zero-day vulnerability (CVE-2026-20045) in Cisco Unified Communications has been reported as actively exploited, allowing remote code execution. Similarly, CISA warns of a critical flaw in VMware vCenter Server also being exploited in the wild, urging immediate security measures for federal agencies.

Data Breach Involving Crunchbase: Crunchbase has confirmed a data breach linked to the ShinyHunters group, with over 2 million user records compromised, highlighting the ongoing risks to platforms dealing with business intelligence data.

Phishing Campaign Targeting Indian Users: A phishing campaign delivering Blackmoon malware is targeting Indian users, using fake emails from the Income Tax Department. The attack employs multi-stage backdoors aimed at data exfiltration, showcasing sophisticated tactics against unsuspecting victims.

Analyst's Take

Today's events illustrate the critical need for heightened vigilance and proactive defenses in cybersecurity. The attack on Delta serves as a reminder that even established security firms are not immune to breaches. Organizations must prioritize patch management, particularly with the newly disclosed vulnerabilities in Cisco and VMware. Additionally, developers should be cautious when integrating third-party tools, as the malicious VS Code extensions demonstrate a significant threat to source code integrity. As cyber threats evolve, continuous education and robust incident response plans remain essential for safeguarding sensitive data and maintaining operational resilience.