Latest Internet & Cybersecurity News
European Space Agency Confirms Breach of External Servers
The European Space Agency (ESA) confirmed a cybersecurity incident on external servers after a threat actor claimed access for a week and shared screenshots of JIRA and Bitbucket systems. The attacker alleges exfiltrating over 200GB of data, including private repositories, following a prior 2024 web shop compromise. ESA has not confirmed data theft.
Former Cybersecurity Staff Plead Guilty to BlackCat Ransomware Attacks
Two ex-employees from Sygnia and DigitalMint pleaded guilty to BlackCat (ALPHV) ransomware conspiracies against US organizations in 2023, facing up to 20 years in prison. The case underscores insider risks in cybersecurity firms. Sentencing is set for March 2026.
Ransomware Disrupts Romania’s Largest Coal Energy Producer
Oltenia Energy Complex suffered a ransomware attack encrypting files, disrupting ERP, email, document systems, and its website on December 26. The incident highlights vulnerabilities in critical energy infrastructure. Recovery efforts are ongoing.
Aflac Data Breach Exposes 22.6 Million People’s Information
Insurance firm Aflac disclosed a June 2025 breach by a sophisticated cybercrime group, stealing personal data of 22.65 million US individuals. Suspicious activity was detected on June 12, with public notice on June 20. The breach targeted the insurance sector.
Blaze Credit Union Notifies 235K Members of Third-Party Data Breach
Minnesota's Blaze Credit Union informed 235,000 members of a data breach via vendor Marquis Software Solutions in August 2025, exposing names, DOB, addresses, and SSNs. Victims receive 12 months of credit monitoring; Blaze is pursuing legal action against the vendor.
Knownsec Data Breach Reveals Chinese Espionage Tools and Stolen Data
Over 12,000 documents from Chinese firm Knownsec leaked in 2025, exposing RATs, hacking tools, and stolen data like 95GB Indian records and 3TB South Korean logs. Targets included 20+ countries; leak likely from insider activity, sold on Dark Web.
Bybit Crypto Exchange Hit by $1.4B Hack from North Korea’s Lazarus Group
North Korea's Lazarus Group stole $1.4 billion from Bybit in late 2025, prompting regulatory probes and highlighting crypto security risks. The incident contributed to market disruptions and global scrutiny of DeFi platforms.
F5 and Coupang Breaches Trigger Regulatory Probes and Stock Drops
Q4 2025 breaches at F5 and Coupang led to investor lawsuits and probes over delayed disclosures; F5's stock fell 13.9% after revealing operational impacts and lowered 2026 forecasts. Nation-state and social engineering caused major losses.
10 New Ransomware Groups Emerge in 2025, Threatening 2026
Groups like Global, Warlock, and The Gentlemen rose in 2025, emphasizing double extortion, Linux/ESXi targeting, and identity compromises. Rebrands and RaaS resilience expected to accelerate, with identity as primary attack vector in 2026.
Teen Hacking Groups Like Scattered Spider Target Major Companies
US feds hunt teenage groups like Scattered Spider, who attacked 120 firms including Nike and News Corp by posing as IT staff. The groups exploit social engineering in high-profile breaches.
DDoS Attack Knocks French Postal Service La Poste Offline
A DDoS attack on December 24, 2025, disrupted central systems at France's La Poste, delaying packages and payments. Cybercriminals continue targeting critical services.
Cybersecurity M&A Deals in 2025 Exceed $84 Billion
Total disclosed value of cybersecurity mergers and acquisitions in 2025 surpassed $84 billion, reflecting sector consolidation amid rising threats. Trends continue into 2026.