Latest Internet & Cybersecurity News
Engineering firm breach exposes sensitive data tied to major US utilities
A threat actor is selling about **139 GB of engineering data** allegedly stolen from Pickett USA, an engineering firm serving US power utilities. The dataset reportedly includes LiDAR scans and design files for **active transmission corridors and substations** linked to Tampa Electric, Duke Energy Florida and American Electric Power, raising concerns about downstream risks to critical infrastructure operations.
Chinese state-linked hackers reportedly compromise US congressional staff emails
A Chinese hacking group has allegedly breached **email accounts of staffers** on powerful committees in the US House of Representatives, according to reporting cited by Cybernews. The intrusion appears focused on sensitive legislative and oversight communications, reinforcing warnings that **state-sponsored espionage** campaigns continue to target democratic institutions and policymaking processes.
Global phishing surge uses domain spoofing as new critical flaws hit Veeam and n8n
A recent cyber briefing highlights a spike in **domain spoofing phishing campaigns**, where attackers impersonate legitimate domains to steal credentials at scale. At the same time, critical **remote code execution (RCE) vulnerabilities** have been disclosed in popular platforms Veeam and n8n, potentially enabling takeover of backup and automation environments if unpatched.
January ransomware wave: Quilin group claims multiple global victims
The Quilin ransomware group has listed **multiple organizations** on its data leak site in early January, including Japanese manufacturer Sugawara and other firms across sectors. Victims face both **operational disruption and data exposure**, underscoring how double-extortion tactics remain central to ransomware economics going into 2026.
Missouri state government incident shows cost of a single malicious download
An after-action report on a Missouri state cyber incident found the breach originated from a **state employee mistakenly downloading malicious software**. Containment and recovery reportedly cost at least **$1.5 million**, and disrupted access to administrative portals and services, illustrating how basic user error can trigger multimillion‑dollar public-sector impacts.
Honeypot operation tricks Lapsus$ and ShinyHunters faction, aiding law enforcement
In early January, a coalition of cybercriminals branded the **“Scattered Lapsus$ Hunters”** claimed to have hacked cybersecurity firm Resecurity, only to discover they had hit a sophisticated **honeypot**. Resecurity had spent months crafting a realistic emulated business environment and used the operation to **identify the attackers and share intelligence with law enforcement**, spotlighting defensive deception as a growing trend.
Financial sector faces evolving wave of Android banking trojans and info‑stealers
Bitsight reports that **Android banking malware** such as DoubleTrouble, Anatsa and Frogblight continues to target financial institutions and their customers worldwide, often via phishing, smishing and trojanized apps. Information‑stealing malware like **RedLine and Lumma Stealer** has compromised hundreds of thousands of devices, with millions of bank cards and credentials circulating on underground markets for account takeover and BEC schemes.
New research: one in five major breaches takes two weeks to recover from
A recent study cited by Infosecurity Magazine finds that **endpoint disruption** after a serious security breach can take **up to two weeks** to fully remediate for many organizations. For 87% of surveyed US and UK firms, such incidents cost **millions in recovery**, highlighting the sustained operational and financial toll of successful cyberattacks.
Cyber experts warn of escalating AI‑driven attacks and erosion of digital trust in 2026
Cybersecurity leaders predict **AI‑powered attacks** will sharply accelerate this year, lowering skill barriers for cybercriminals and enabling hyper‑personalized phishing, deepfakes and synthetic identities. Experts warn that authentication systems, cloud services and even everyday AI chats stored in browsers will become prime targets, risking a broader **erosion of trust in digital services** if defenses and governance do not keep pace.
Security industry hits inflection point as AI reshapes both attacks and defenses
Analysts say 2026 marks a **critical inflection point** for cybersecurity, with markets bifurcating between AI‑native and legacy vendors while spending continues to outpace broader IT budgets. Enterprises are rapidly deploying **agentic AI and RAG systems**, expanding the attack surface to include AI agents, data pipelines and proprietary training data, which are becoming key targets for espionage and data poisoning.
Global cyber spending projected to exceed $520 billion as AI agent attacks rise
Cybersecurity Ventures projects that worldwide spending on **security products and services** will surpass **$520 billion in 2026**, double 2021 levels. Much of this growth is attributed to a surge in **AI agent attacks**, including deepfake‑driven identity abuse and synthetic personas that can manipulate automated systems, pushing enterprises to invest heavily in “agentic defense” capabilities.
Predictions highlight insider threats and geopolitics as key drivers of 2026 cyber risk
Rapid7’s latest outlook stresses that **geopolitical tensions, economic stress and workforce churn** are converging to reshape attacker behavior and broaden exposure. Experts expect **insider threats and credential abuse** to dominate breach root causes, forcing organizations to integrate geopolitical risk into threat modeling and strengthen access hygiene and behavior monitoring.