Security briefing: January 2026

January roundup: multiple high-severity issues surfaced including Ni8mare (n8n RCE allowing full server takeover), ChainLeak (file-read + SSRF exposing secrets and enabling lateral/cloud access), and VoidLink (advanced cloud-native Linux malware using server-side compiled kernel rootkits); the report also highlights CI/CD/GitHub Actions abuse, expanding LLMjacking campaigns, and a destructive attack on Polish energy infrastructure, with mitigation and detection recommendations.