Latest Internet & Cybersecurity News
January 2026 Cyber Attacks Timeline Reports 61 Events
The timeline records 61 cyber incidents, with malware at 36%, account takeover 15%, and ransomware 11%. Phishing is the top initial access at 15%, followed by public-facing app vulnerabilities at 14% and social engineering at 12%; public administrations most targeted at 14%.
Analysts urge better phishing detection, vulnerability monitoring, and security training.
Incransom Ransomware Hits TruStar Holdings LLC
On January 15, 2026, Incransom claimed a major attack on US firm TruStar Holdings, compromising 1.4 TB of data including drawings, files, and transactions. The breach highlights ongoing ransomware threats to businesses.
Robust cybersecurity is essential to protect sensitive data.
Malicious Chrome Extensions Target Workday and NetSuite Users
Five fake Chrome extensions impersonate HR/ERP tools like Workday and NetSuite to steal tokens and hijack accounts via session hijacking. They exfiltrate cookies and block admin access.
Over 840,000 installs in ad fraud scheme GhostPoster hide malware in images.
UK NCSC Warns of Russia-Linked Hacktivists' DDoS Attacks
On January 19, 2026, NCSC alerted on pro-Russian groups like NoName057(16) targeting UK critical infrastructure and local government with DDoS. Attacks aim to disrupt networks; review defenses urged.
Group hit NATO supporters including Sweden, Germany, Switzerland.
European Space Agency Suffers Massive Data Breaches
In late 2025-early 2026, hackers stole over 700 GB from ESA, including code, credentials, and mission docs from groups '888' and Scattered Lapsus$ Hunters. Data leaked on BreachForums via unpatched flaws.
Infostealer malware likely aided via employee credentials.
AI-Powered Phishing Kits Surge in Effectiveness
AI phishing kits enable scalable, personalized attacks that evade detection with better emails and timing. QR code phishing bypasses filters to steal credentials; 10 defenses recommended.
Awareness key to counter point-and-click attack tools.
WEF: AI Supercharges Cyber Arms Race in 2026
94% expect AI as top cybersecurity change driver; cloud/IoT expand OT attack surfaces. OT cyber now cyber-physical with global cascade risks from disruptions.
Emerging climate-digital crises by 2030 heighten vulnerabilities.
XSS Vulnerability in StealC Malware Exposes Hackers
Researchers exploited XSS in StealC control panel to spy on operators like YouTubeTA, stealing 390k passwords. Malware-as-a-service uses YouTube, Telegram; opsec error revealed IP.
Infostealers fuel credential theft at record rates.
Token Theft and Session Hijacking Rise in 2026
Attackers target session/OAuth tokens for persistent access bypassing MFA; Microsoft saw 147k replays in 2023. 1.8B credentials stolen in H1 2025 via infostealers.
Ransomware often starts with bought access.
ETSI Releases AI Cybersecurity Standard
New ETSI standard sets baseline cybersecurity requirements for AI systems. Aims to establish foundational protections amid rising threats.
Part of broader news roundup on January 19, 2026.
Financial Services Lag in AI Cybersecurity Adoption
WEF research shows financial firms trail in using AI for cyber operations ahead of Davos. Highlights sector gaps in tech leverage.
Urges catch-up on AI defenses.