Quick Note MspPortal Partners could have solved issue
With only 2 products
1) Bitdefender (mdr)
2) Barracuda (Total Mail Protection)

Article:
MicroWorld Technologies, the maker of the eScan antivirus product, has confirmed that one of its update servers was breached and used to distribute an unauthorized update later analyzed as malicious to a small subset of customers earlier this month.

The file was delivered to customers who downloaded updates from the regional update cluster during a two-hour window on January 20, 2026.
Scan says the affected infrastructure has since been isolated and rebuilt, authentication credentials have been rotated, and remediation has been made available to impacted customers.

Security firm Morphisec separately published a technical report analyzing malicious activity observed on customer endpoints, which it associates with updates delivered from eScan’s update infrastructure during the same timeframe.

Morphisec states that it detected malicious activity on January 20, 2026, and later contacted eScan. MicroWorld Technologies told BleepingComputer it disputes Morphisec’s claims that it was the first to discover or report the incident.

According to eScan, the company detected the issue internally on January 20 through monitoring and customer reports, isolated the affected infrastructure within hours, and issued a security advisory on January 21. eScan says Morphisec contacted the company later, after publishing public claims about the incident.

eScan also disputes claims that affected customers were unaware of the issue, stating that it conducted proactive notifications and direct outreach to impacted customers while remediation was being finalized.
Article (https://www.bleepingcomputer.com/news/security/escan-confirms-update-server-breached-to-push-malicious-update/amp/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President

Security Software Distributor:
Bitdefender , Barracuda
“Where Service and Technical Skills Count”

Hackers Weaponized 2,500+ Security Tools to Terminate Endpoint Protection Before Deploying Ransomware
By
Tushar Subhra Dutta –
January 21, 2026

A large-scale campaign is turning a trusted Windows security driver into a weapon that shuts down protection tools before ransomware and remote access malware are dropped.

The attacks abuse truesight.sys, a kernel driver from Adlice Software’s RogueKiller antivirus, and use more than 2,500 validly signed variants to quietly disable endpoint detection and response (EDR) and antivirus solutions across Windows systems.

The threat first gained wider attention when Check Point researchers exposed how attackers were abusing legacy driver signing rules to load pre-2015 signed drivers on modern Windows 11 machines.

By doing so, they could run the vulnerable TrueSight driver with full kernel privileges, even though Microsoft’s own security controls were meant to block risky drivers. The result is a reliable way to kill security tools before any payload is delivered.

Soon after this activity surfaced, MagicSword analysts noted that the driver abuse had already spread across multiple threat groups and regions, with fresh driver variants appearing week after week.

Their telemetry showed that financially motivated actors and advanced persistent threat (APT) groups were all adopting the same method to clear the way for ransomware and remote access trojans on compromised hosts.

Article (https://cybersecuritynews.com/hackers-weaponized-2500-security-tools/)

Zendesk ticket systems hijacked in massive global spam wave
By Lawrence Abrams
January 21, 2026 06:46 PM
Article
(https://www.bleepingcomputer.com/news/security/zendesk-ticket-systems-hijacked-in-massive-global-spam-wave/)

​Information technology giant Ingram Micro has revealed that a ransomware attack on its systems in July 2025 led to a data breach affecting over 42,000 individuals.

Ingram Micro, one of the world’s largest business-to-business service providers and technology distributors, has over 23,500 associates, more than 161,000 customers, and reported net sales of $48 billion in 2024.

Ingram Micro says ransomware attack affected 42,000 people

In data breach notification letters filed with Maine’s Attorney General and sent to those affected by the incident, the company said the attackers stole documents containing a wide range of personal information, including Social Security numbers.
By Sergiu Gatlan
January 19, 2026 08:33 AM

Article
(https://www.bleepingcomputer.com/news/security/ingram-micro-says-ransomware-attack-affected-42-000-people/)

Roy Miehe | MspPortal Partners Inc. | Ceo/President
Security Software Distributor: Bitdefender , Barracuda
“Where Service and Technical Skills Count”