The year got off to a busy start, with January offering an early snapshot of the challenges that (not just) cybersecurity teams are likely to face in the months ahead. It's therefore time for ESET Chief Security Evangelist Tony Anscombe to look back on some of the month's most impactful cybersecurity stories. Here's some of what caught Tony's eye:
- the IT service management firm ServiceNow has patched what is the most severe AI-driven security vulnerability found to date; if exploited, CVE-2025-12420 could have let unauthenticated attackers pose as admins on the company's AI platform,
- how unsecured Zendesk support systems were abused to launch a massive spam campaign,
- cyber-fraud has displaced ransomware as the top concern among CEOs across the world, according to the World Economic Forum,
- US sports brand Nike is investigating an alleged cybersecurity incident after a ransomware gang claimed to have stolen 1.4 TB worth of data from the company's systems.
What are some of the lessons businesses should take away from these incidents? Be sure to check out the video, as well as watch the December 2025 edition of Tony's security news roundup for more news and insights.
