Latest Internet & Cybersecurity News
China Bans U.S. and Israeli Cybersecurity Software
Beijing ordered Chinese firms to stop using cybersecurity tools from vendors like VMware, Palo Alto Networks, Fortinet, and CrowdStrike due to national security concerns over data leaks. This escalates tech decoupling and geopolitical tensions. Organizations in China must reassess supply chains urgently.
Microsoft Patch Tuesday Fixes Actively Exploited Zero-Days
Microsoft addressed 114 vulnerabilities, including CVE-2026-20805 in Desktop Window Manager under active exploitation, and others added to CISA's Known Exploited Vulnerabilities catalog. Updates cover Windows, affecting all supported versions. Urgent patching is recommended for enterprises.
Spanish Energy Giant Endesa Discloses Massive Data Breach
Endesa reported a breach exposing data of 22 million customers, with threat actors claiming theft of full customer data. This impacts personal information of millions. Investigations continue amid ongoing threats.
Ransomware Attack Disrupts South Korean Kyowon Group
A ransomware incident at Kyowon exposed over 9 million user accounts and halted operations at the conglomerate. It highlights vulnerabilities in complex supply chains. Recovery efforts are underway.
CIRO Confirms Data Breach Affecting 750,000 Canadian Investors
Canada's CIRO disclosed a phishing attack from August 2025 impacting 750,000 investors, exposing sensitive data like SINs, incomes, and account details after nine months of investigation. Notifications began January 14, 2026. Protection services offered to affected individuals.
CISA Adds Gogs Git Service Flaw to Known Exploited Vulnerabilities
U.S. CISA directed federal agencies to patch a remote code execution vulnerability in Gogs due to active exploitation. Software development organizations urged to prioritize updates. This affects enterprise networks.
BreachForums Hacking Forum Database Leaked
The BreachForums user database, exposing 324,000 accounts, was leaked, giving the community a taste of its own medicine. This incident reveals internal vulnerabilities in hacking forums. Further leaks possible.
Europol and Spanish Police Arrest 34 Black Axe Members
Authorities dismantled parts of the Black Axe criminal network involved in cyber fraud and money laundering across Europe and Africa. Arrests highlight international cooperation against cybercrime. Operations disrupted.
Instagram Data Scraping Affects 17.5 Million Users
A massive scraping incident compromised data of 17.5 million Instagram users, alongside a password reset flaw fixed by Meta, which denied a breach. Users advised to check suspicious emails. Phishing risks elevated.
Cisco Patches Critical AsyncOS Zero-Day Exploited by Chinese APT
Cisco addressed a critical zero-day in AsyncOS (UAT-8837) exploited by Chinese actors, part of ongoing infrastructure vulnerabilities. Immediate patching essential. Supply chain risks persist.
Palo Alto Networks Fixes GlobalProtect Flaw with PoC
Palo Alto addressed a critical GlobalProtect vulnerability where a PoC exploit exists, enabling potential admin takeover. Despite China's ban, patches issued promptly. Users urged to update.
Iran Slows Cyber Attacks on UK Amid Domestic Protests
Cyber attacks on the UK from Iran decreased noticeably during recent Iranian protests, as reported by British defense executives. Geopolitical distractions shift threat priorities. Monitoring continues.