TikTok finalizes deal to spin off US operations.

Summary

By the CyberWire staff

TikTok finalizes deal to spin off US operations.

TikTok has finalized a deal to divest its US operations and create a new American entity, following years of bipartisan US pressure regarding security concerns stemming from the app's Chinese ownership. The Biden Administration passed a law in 2024 that would ban TikTok in the US unless its parent company, China-based ByteDance, spun off the app as an American-controlled venture. NPR says US investors, including Oracle, Silver Lake, and MGX, will own more than eighty percent of the new entity, while ByteDance will retain just under twenty percent. Former TikTok executive Adam Presser will lead the new company.

President Trump, in a Truth Social post, thanked China's President Xi "for working with us and, ultimately, approving the Deal." TikTok said in a statement, "The majority American-owned Joint Venture will operate under defined safeguards that protect national security through comprehensive data protections, algorithm security, content moderation, and software assurances for U.S. users."

Experience the Power of Community at RSAC 2026 Conference

RSAC™ 2026 Conference returns to San Francisco March 23–26, bringing together the global cybersecurity community for four days of expert insights, hands-on learning, and breakthrough innovation. Join thousands of practitioners, executives, and innovators as they tackle today’s toughest challenges and explore solutions shaping tomorrow. From cutting-edge ideas to immersive programs and vibrant networking, this is where meaningful progress happens. Register today and be part of the conversations driving cybersecurity forward.

Fortinet confirms exploitation of previously patched FortiCloud SSO flaw.

Fortinet has confirmed that attackers are using a new attack patch to exploit a critical FortiCloud SSO flaw (CVE-2025-59718), BleepingComputer reports. Arctic Wolf published a report on the exploitation on Wednesday. The vulnerability, which received an initial patch in December 2025, can allow "an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message."

Fortinet stated yesterday, "Fortinet product security has identified the issue, and the company is working on a fix to remediate this occurrence. An advisory will be issued as the fix scope and timeline is available. It is important to note that while, at this time, only exploitation of FortiCloud SSO has been observed, this issue is applicable to all SAML SSO implementations." The company has shared mitigations in the meantime, which include restricting access or disabling the FortiCloud SSO feature.

Under Armour investigates alleged data breach.

Activewear company Under Armour is investigating an alleged data breach affecting more than 72 million accounts, TechCrunch reports. The Everest ransomware group listed Under Armour as a victim in November 2025 and claimed to have stolen 343GB of data. The alleged data was posted to a hacker forum on January 28th, and Have I Been Pwned added the breach to its database on Wednesday.

An Under Armour spokesperson told TechCrunch, "Our investigation of this issue, with the assistance of external cybersecurity experts, is ongoing. Importantly, at this time, there’s no evidence to suggest this issue affected UA.com or systems used to process payments or store customer passwords. What we know at this time is the number of affected customers with any sort of information that could be considered sensitive is a very small percentage."

Notes.

Today's issue includes events affecting , and China the United States.

Attacks, Threats, and Vulnerabilities

Okta SSO accounts targeted in vishing-based data theft attacks (BleepingComputer) Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks. BleepingComputer has learned that these kits are being used in active attacks to steal Okta SSO credentials for data theft.

Legislation, Policy, and Regulation

Ireland plans law allowing law enforcement to use spyware (The Record) The Irish government plans to draft legislation that would make it legal for law enforcement to use spyware, Minister of Justice Jim O’Callaghan said.

US Officials Urge Congress to Reauthorize Key Quantum Law (BankInfoSecurity) Federal scientists told Congress that failure to reauthorize the National Quantum Initiative threatens to unravel coordinated research and development progress,

Litigation, Investigation, and Law Enforcement

2 Venezuelans Convicted in US for Using Malware to Hack ATMs (SecurityWeek) Dozens of Venezuelan nationals have been charged by the US for their role in ATM jackpotting attacks.

Industry Events

For a complete running list of events, please visit the Event Tracker.

Events

SpaceCom | Space Congress: The Global Conference & Expo for the Commercial Space Industry (Orlando, Florida, USA, Jan 28 - 30, 2026) SpaceCom | Space Congress is where the business of space gets done. As the flagship event of Commercial Space Week—co-located with the Space Mobility Conference and the GSA Spaceport Summit—this event unites aerospace, defense, and commercial leaders for three days of deal-making, partnership building, and technology discovery on the expo floor, in the conference program, and through curated networking that drives real results.

HIP Europe 26 (Frankfurt, Germany, Feb 10, 2026) Get ready to elevate your identity security skills at HIP Europe — your gateway to becoming a Hybrid Identity Protection (HIP) Hero. With the departure of original Active Directory experts and the rise of identity as the primary attack surface, the need for identity threat detection and response (ITDR) talent has never been greater. This event is the perfect opportunity to enhance your (or your team's) ITDR strategy and strengthen your organization's operational resilience.

Wild West Hackin’ Fest @ Mile High 2026 (Denver, Colorado, USA, Feb 11 - 13, 2026) More than just a conference, Wild West Hackin’ Fest (WWHF) is committed to offering high quality information security education to beginners and seasoned professionals alike. With reasonably priced training, conferences, hands-on labs, and workshops, WWHF lowers the barrier to entry for those seeking to enter into the world of information security. WWHF also offers a venue for those already established in the industry to share ideas, give back, and continue learning.

AI SOC Summit (Tysons, Virginia, USA, Mar 3, 2026) For Security Teams who use AI and defend AI deployments: There is a lot of AI hype for Sec Ops. Come hang out as early adopters of AI dive into the good, the bad and the ugly . No vendor pitches, no AI theory. If you are trying out AI products for Sec Ops or building them in house, this is the place for you.

Sponsor & Support

Grow your brand, generate leads, and fill your funnel.

With the industry’s largest B2B podcast network, popular newsletters, and influential readers and listeners all over the world, companies trust the CyberWire to get the message out. Learn more.

Daily Briefing for 01.23.26

Top stories.

TikTok finalizes deal to spin off US operations.

Fortinet confirms exploitation of previously patched FortiCloud SSO flaw.

Under Armour investigates alleged data breach.

Notes.

Attacks, Threats, and Vulnerabilities

Legislation, Policy, and Regulation

Litigation, Investigation, and Law Enforcement

Events