Latest Internet & Cybersecurity News
FortiSIEM Critical Vulnerability CVE-2025-64155 Exploited in the Wild
Fortinet disclosed a 9.4 CVSS OS command injection flaw in FortiSIEM on Jan. 13, 2026, enabling unauthenticated RCE via crafted TCP requests. Defused reported immediate exploitation by China-nexus groups detected in honeypots. A PoC exploit was released shortly after.
Jordanian Access Broker Pleads Guilty to Selling Network Access
A 40-year-old Jordanian national admitted to operating as an access broker, breaching 50+ company networks via firewall exploits in 2023. He pleaded guilty on January 15, 2026, per U.S. Justice Department. Sales targeted commercial firewall products.
Microsoft Disrupts RedVDS Cybercrime Platform Linked to $40M Losses
Microsoft shut down RedVDS, a cybercrime subscription service causing $40M+ U.S. losses since March 2025, via lawsuits in US/UK with Europol and German authorities. Infrastructure including marketplace was seized on January 14, 2026. Targets included appliances attributed to China-linked UAT-9686 APT.
Benzona Ransomware Claims Attack on Emergent International Holdings
Ransomware group Benzona claimed a cyberattack on U.S.-based Emergent International Holdings on January 17, 2026, threatening data release without contact. The business services firm faces data leak unless negotiations start. DeXpose urges compromise assessments and MFA enforcement.
Cisco Patches Spam Quarantine HTTP Vulnerability in Email Gateways
Cisco updated advisory on January 15, 2026, for a flaw in AsyncOS Spam Quarantine on Secure Email Gateway due to poor HTTP request validation. Patches are available for affected products. No exploitation details reported yet.
Black Basta Leader Oleg Nefedov Added to EU Most Wanted List
Ukrainian/German police identified Black Basta suspects, adding alleged leader Oleg Nefedov (aka Tramp) to EU Most Wanted and INTERPOL Red Notice. Group hit 500+ orgs since 2022, earning millions; raids seized crypto/devices. Suspects acted as hash crackers for intrusions.
Central Maine Healthcare Data Breach Exposes 145K Patients
Hackers accessed Central Maine Healthcare systems for over two months, stealing SSNs, treatment, and insurance data of 145K patients. Breach impacts Maine's largest health network. Full scope under investigation.
European Space Agency Suffers Major Cyberattack, Data Stolen
Hackers breached ESA systems, stealing hundreds of GB of scientific data in a significant incident. Attack details and attribution pending. Impacts space research operations.
Instagram Denies Data Breach Amid 17.5M Account Credential Claims
Meta refuted breach claims after reports of 17.5M stolen Instagram accounts causing password reset surges. Cybercriminals allegedly stole credentials; no system compromise confirmed. Users reported unusual activity last week.
WEF Global Cybersecurity Outlook 2026 Warns of AI, Geopolitics Risks
World Economic Forum report highlights accelerating threats from AI misuse, geopolitical fragmentation, cybercrime, and supply chain attacks through 2026. Enterprise security faces multi-front war. Calls for shared responsibility.
Ransomware Activity Multiplies Despite Group Disruptions in 2025
Symantec/Carbon Black study shows ransomware attacks rose in 2025 as groups reformed with diversified extortion. Disruptions slowed activity briefly only. Trends persist into 2026.
CyberCube Study Predicts Cyber Risk Evolution Through 2026
Global CyberCube analysis examines regulatory/market changes impacting cyber insurance and risks to 2026. Focuses on enterprise security challenges. Influences include AI and geopolitics.