Latest Internet & Cybersecurity News
CVE-2026-21858 'Ni8mare' Vulnerability Exposed 100,000 n8n Instances
Cyera disclosed CVE-2026-21858, a CVSS 10.0 unauthenticated RCE in n8n workflow automation platform, affecting ~100,000 global instances including critical infrastructure. The flaw enables full takeover via content-type confusion, with PoC exploits released January 7, 2026.
n8n patched it in November 2025 as version 1.121.0.
Instagram 17.5 Million User Records Leaked on Dark Web
A 17.5M Instagram user dataset from a mid-2024 API exposure surfaced on BreachForums January 7, 2026, sparking phishing via password-reset abuse. Malwarebytes alerted on January 9-10, with Have I Been Pwned indexing it by January 12.
Instagram patched the reset vulnerability on January 11.
Kyowon Group Ransomware Attack Disrupts South Korean Operations
South Korean conglomerate Kyowon confirmed a ransomware attack detected January 10, 2026, exfiltrating data and hitting 600 of 800 servers. Service outages affected subsidiaries; up to 9.6M accounts may be impacted.
Kyowon isolated systems and is investigating with authorities.
94% of Leaders See AI as Top Cyber Risk in 2026
World Economic Forum’s Global Cybersecurity Outlook 2026 reports 94% of leaders identify AI as the primary force reshaping cyber risk. 64% of organizations now assess AI tool security, up from 2025.
AI supercharges threats while enhancing detection and resilience.
Geopolitical Cyberattacks Now in 64% of Risk Plans
64% of organizations include geopolitically motivated attacks like espionage in 2026 risk mitigation, per WEF Outlook. Volatility centers cybersecurity strategy amid fragmentation and AI adoption.
Collaboration emphasized for resilience.
Cyber-Enabled Fraud Affects 73%, Tops CEO Concerns
73% reported personal or network impact from cyber fraud in 2025, now CEOs' top worry over ransomware, says WEF. AI scams, deepfakes, identity fraud threaten households and brands.
Fraud universalizes cyber risk.
INE's Top 2026 Trends: AI Attacks, Identity as Core Defense
INE predicts AI escalates attacks and defenses; identity emerges as primary surface needing cross-trained teams. Ransomware targets backups faster; focus on hands-on response training.
Shift to coordinated defense across environments.
Ransomware Attacks Rose 32% Globally in 2025
Comparitech reports 7,419 ransomware incidents in 2025, up 32% from 5,631 in 2024, with manufacturers as top targets. Trend continues into 2026 with OT exposure rising.
Attacks grow more targeted and disruptive.
OT Exposure to Drive Ransomware in 2026
runZero predicts ransomware targeting OT/edge systems as they connect via IT/cloud, increasing internet exposure. AI scales exploits, creating noise; new AI vulnerability class may emerge.
Vulnerability decision-making challenged by fragmentation.
Bitsight Predicts Vulnerability Ecosystem Fragmentation
Bitsight foresees 2026 fragmentation in CVE tracking by regions/polities, complicating management. Warns of AI overreach, outdated infra risks, and Y2K38 'Epochalypse' by 2038.
Focus on actionable intelligence needed.
White House New Cybersecurity Strategy Expected January 2026
Upcoming White House strategy emphasizes offensive cyber operations. Aligns with trends in AI, geopolitics shaping tech policy.
Experts roundup highlights emerging tech impacts.