
CRITICAL: Office Zero-Day + WordPress Admin Takeover + Chrome Extensions Stealing AI Chats | EP 60
From Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary by Cipherceval
January 29, 2026 · 25 min · Season 1 · Episode 60
About this episode
The episode discusses critical cybersecurity vulnerabilities and incidents, including a Microsoft Office zero-day exploit and Chrome extensions stealing AI conversations.
Microsoft just dropped an emergency patch for an Office zero-day being exploited in the wild. A WordPress plugin has a CVSS 10.0 vulnerability — that's the golden goose of hacking. 900,000 Chrome users had their ChatGPT conversations stolen by malicious extensions with Google's Featured badge. And two cybersecurity professionals pleaded guilty to moonlighting as ransomware affiliates. Welcome to 2026. It's gonna be a fun year. In this episode: CVE-2026-21509: Microsoft Office zero-day (security feature bypass) CVE-2026-23550: WordPress Modular DS critical vulnerability Prompt Poaching: Chrome extensions stealing AI conversations Brightspeed breach: Crimson Collective claims 1M+ records Insider threat: Security pros turned BlackCat/ALPHV affiliates Key takeaway: Update your stuff. A patch does you no good if it isn't installed. Subscribe for weekly cybersecurity news, vulnerability breakdowns, and threat intelligence. https://forgeboundresearch.com/podcasts/
People in this episode
Host: Cipherceval
Topics covered
- cybersecurity
- vulnerabilities
- hacking
- zero-day exploits
- malicious extensions
- data breaches
Keywords
- Office zero-day
- WordPress vulnerability
- Chrome extensions
- AI chats
- ransomware
- cybersecurity news
- threat intelligence
Mentioned in this episode
Organizations: Microsoft, WordPress, Google
More episodes of Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary
- Dual CVSS 10.0 Cisco Flaws, AI Malware Assembly Line, Qualcomm Zero-Day & More | HN65 · March 26, 2026 · 23 min
- Cisco & Dell CVSS 10.0 Exploited for YEARS, Claude AI Jailbroken, ScarCruft Jumps Air Gaps | HN64 · March 12, 2026 · 28 min
- 600 Firewalls Breached by AI in 5 Weeks — Plus Chrome Zero-Day, CVSS 9.9 RCE & AI-Powered Malware | HN63 · March 5, 2026 · 29 min
- 6 Zero-Days Exploited NOW, Lazarus Poisons npm, AI-Generated Malware & More | HN62 · February 26, 2026 · 24 min
- State Hackers Hit 37 Countries, BeyondTrust CVSS 9.9 RCE, Signal Hijacked & More | HN Ep. 61 · February 19, 2026 · 22 min
- I'm Back and Introducing Forgebound Research | The Rebrand · January 12, 2026 · 9 min
Explore listener stats, chart rankings, contacts and more on the Exploit Brokers By Forgebound Research - Tech and Hacking News Commentary podcast page.