Latest Internet & Cybersecurity News
European Space Agency Confirms Breach of External Servers
The European Space Agency (ESA) confirmed a cybersecurity incident on external servers after a threat actor claimed week-long access and shared screenshots of JIRA and Bitbucket systems. The hacker alleges exfiltrating over 200GB of data, including private repositories, following a prior 2024 web shop compromise. ESA has not confirmed data theft.
Former Incident Response Staff Plead Guilty to BlackCat Ransomware Attacks
Two ex-employees from Sygnia and DigitalMint, Ryan Clifford Goldberg and Kevin Tyler Martin, pleaded guilty to conspiring in 2023 BlackCat (ALPHV) ransomware attacks on US organizations. They face up to 20 years in prison with sentencing in March 2026. The case underscores insider threats from cybersecurity experts.
Ransomware Attack Disrupts Romania’s Largest Coal Energy Producer
Oltenia Energy Complex, Romania's top coal electricity producer, suffered a ransomware attack encrypting files and disrupting ERP, document management, email, and website services on December 26. Multiple IT systems remain impacted.
Aflac Data Breach Exposes Personal Data of 22.6 Million People
Insurance firm Aflac disclosed a June 2025 breach by a sophisticated cybercrime group, stealing personal data of 22.65 million US individuals. Suspicious activity was detected on June 12 and publicly announced June 20.
700Credit Data Breach Impacts 5.8 Million Individuals
Credit verification provider 700Credit suffered a breach via a compromised integration partner in July 2025, exposing an API vulnerability exploited in a two-week attack starting October 25. Hackers accessed about 20% of consumer data from May to October.
Microsoft Enables Teams 'Secure by Default' Starting January 2026
Microsoft will activate default security features in Teams from January 2026, blocking risky files and malicious links to counter AI-driven threats.
New CCPA Regulations Enforce Cybersecurity Audits and AI Decision-Making Rules from January 1, 2026
California's updated CCPA requires annual cybersecurity audits, risk assessments, automated decision-making transparency, and opt-out rights for businesses. New data brokers must use a centralized deletion platform.
Salt Typhoon Chinese Hackers Target Telecom and Wiretapping Systems
Chinese state-sponsored Salt Typhoon (Operator Panda) conducted espionage on telecom giants and police wiretapping systems in 2025, using advanced techniques for long-term positioning. It remains a top threat into 2026.
React2Shell Vulnerability Ravages Cloud Providers Like Log4Shell
CVE-2025-55182 in React Server Components, with CVSS 10, enables unsafe deserialization exploits; nation-states and others targeted vulnerable cloud providers rapidly after December 2025 disclosure.
Self-Replicating Shai-Hulud Malware Infects Open-Source Packages
Emerging in September 2025, Shai-Hulud infostealer worm infects user-maintained open-source packages and auto-publishes poisoned versions with minimal attacker effort.
Salesloft GitHub Compromise Leads to Salesforce Customer Attacks
Threat actors stole OAuth tokens via Salesloft’s hacked GitHub, enabling attacks on hundreds of Salesforce instances in a 2025 supply chain assault.
AI Deepfake Scams Escalate with Automated Phishing and Ransomware
AI powers deepfakes like a $25M CEO scam and enhances ransomware targeting backups and home routers; APTs scale operations multifold in 2026 outlook.