Security Signals (12/30/25-01/13/26)

This document is a curated roundup of cybersecurity reports (late 2025–early 2026) summarizing multiple active threats: nation-state APT activity (APT36, Muddy Water, Kimsuky, Lazarus), diverse malware families and infostealers (VVS, MacSync, NodeCordRAT), significant data leak disclosures (Knownsec), ransomware incidents and related arrests (BlackCat, Medusa), and several high-impact vulnerabilities and exploits (D-Link, n8n, ESXi), indicating broad and ongoing cyber-espionage, crime, and exploitation activity.