News

Evelyn Stealer Malware Targets Developers via VS Code Extensions

Luciano Ferrari

20 Jan 2026 — 2 min read

Tuesday, January 20, 2026

Top 5 Cybersecurity Stories You Should Know

Evelyn Stealer Malware Targets Developers via VS Code Extensions — tl;dr: A new malware campaign named Evelyn Stealer is targeting software developers by exploiting vulnerabilities in Microsoft Visual Studio Code (VS Code) extensions. This malware is designed to exfiltrate sensitive information, including developer credentials and cryptocurrency data, potentially allowing attackers to breach organizational systems. Companies with development teams using VS Code and third-party extensions are particularly at risk. To mitigate this threat, developers should review and secure their VS Code environments, avoid untrusted extensions, and implement robust credential management practices.
↪ https://thehackernews.com/
Ingram Micro Ransomware Attack Affects Over 42,000 Individuals — tl;dr: Ingram Micro disclosed that a ransomware attack in July 2025 compromised the personal data of more than 42,000 individuals, including Social Security numbers and employment records. The incident, attributed to the SafePay ransomware group, resulted in a significant outage of the company's internal systems. Affected individuals have been notified, and the company is investigating the breach's scope. Organizations should enhance their cybersecurity measures, including regular data backups and employee training on phishing threats, to mitigate the risks of similar attacks.
↪ https://www.bleepingcomputer.com/news/security/ingram-micro-says-ransomware-attack-affected-42-000-people/
Ingram Micro Ransomware Attack Exposes Data of 42,000 Individuals — tl;dr: Ingram Micro, a global technology distributor, suffered a ransomware attack that compromised the personal data of approximately 42,000 individuals, including names, birth dates, Social Security numbers, and employment details. The breach occurred between July 2 and 3, 2025, prompting Ingram Micro to contain the threat and notify law enforcement. The Safepay ransomware group claimed responsibility, alleging the theft of 3.5 TB of sensitive data. Affected individuals are being offered two years of free credit monitoring and identity protection services. It is advisable for those impacted to monitor their financial accounts and consider additional security measures.
↪ https://securityaffairs.com/187083/data-breach/ransomware-attack-on-ingram-micro-impacts-42000-individuals.html
Daily Cyber Threat Alert: Latest Data Breaches and Cyberattacks — tl;dr: Stay informed with the latest updates on data breaches and cyberattacks impacting organizations worldwide. This daily alert is tailored for executives, including CIOs, CSOs, and CISOs, providing critical insights into ongoing cyber threats. Understanding these incidents is vital for enhancing cybersecurity measures and protecting sensitive data. Organizations should prioritize robust security protocols and employee training to mitigate risks. For detailed reports on specific incidents, visit Cybersecurity Ventures for comprehensive coverage and analysis.
↪ https://cybersecurityventures.com/intrusion-daily-cyber-threat-alert/
Check Point Reports 60% Surge in Ransomware Amid Gen AI Data Risks — tl;dr: Check Point's December 2025 report reveals a staggering 60% increase in ransomware attacks, with North America and Europe being primary targets. The rise in cyber incidents is attributed to the rapid adoption of generative AI tools, which expose sensitive data and create vulnerabilities. Education, government, and non-profit sectors are the most affected, facing thousands of attacks weekly. Organizations are urged to implement robust security measures, prioritize prevention-first strategies, and enhance governance over AI tool usage to mitigate these escalating risks.
↪ https://cybermagazine.com/news/checkpoint-ransomeware-up-60-as-gen-ai-data-risk-soars