Latest Internet & Cybersecurity News
Zestix Breach Exposes 50+ Multinational Companies via Stolen Credentials
Threat actor Zestix used infostealer malware logs to access corporate file-sharing portals of over 50 companies, including Iberia Airlines and Maida Health, due to lack of MFA. No sophisticated exploits were needed; data was exfiltrated directly with valid credentials.
Affected sectors span aviation, health, and robotics.
AZ Monica Hospital Network Shut Down by Cyberattack
Belgian hospital network AZ Monica halted all servers, canceled procedures, and transferred patients after a January 13 IT outage. Investigation underway with police notified; ransomware not confirmed but suspected.
Operations disrupted across Deurne and Antwerp campuses.
Kyowon Ransomware Attack Disrupts South Korean Conglomerate
Kyowon detected abnormal network activity on January 10, 2025, isolating servers; customer data possibly leaked. Attackers entered via exposed internet server, spreading ransomware to subsidiaries.
Incident response activated promptly.
Everest Ransomware Claims McDonald's India Breach with 861GB Data
Everest group published details on January 20, 2026, claiming exfiltration of customer data and documents from McDonald's India. Demands ransom; data includes personal info for potential phishing.
McDonald's has not confirmed; follows prior incidents.
Oracle Releases January 2026 CPU with 337 Security Patches
Oracle's first 2026 Critical Patch Update addresses 337 vulnerabilities across over 30 products, resolving about 230 unique issues. Patches cover multiple product lines for enhanced security.
Released to mitigate widespread risks.
Under Armour Customer Data Exposed: 72 Million Emails Leaked
Everest ransomware incident from November 2025 led to 343GB data theft; 72 million emails, names, birthdates, and purchases published January 21, 2026. Enables AI phishing and fraud; lawsuit filed against company.
Experts warn of long-term risks.
Central Maine Healthcare Breach Impacts 145,000 Individuals
Cybersecurity incident involved theft of data affecting 145,000 patients at Central Maine Healthcare. Reported January 21, 2026; details on attack method undisclosed.
Highlights healthcare vulnerabilities.
Black Kite Report: 70% Retailers Have Exposed Credentials
2026 Wholesale & Retail Report reveals over 70% major retailers, 60% wholesalers, and 52% supply chain with exposed credentials. Shared supply chain targeted; urges patching CISA KEV vulnerabilities.
Credential theft dominant vector.
EU Commission Proposes Revised Cybersecurity Act
European Commission advances revised Act to enhance cyber resilience and secure ICT supply chains. Addresses strategic risks to democracy and economy; includes new protections.
Proposal announced January 21, 2026.
CrowdStrike Predicts Surge in AI-Generated Vulnerabilities for 2026
Experts forecast AI-driven vulnerability research becoming practical, increasing exploits market. AI fuels cyberattacks; traditional defenses may fail against acceleration.
Rise of autonomous agents and hyperscale attacks expected.
CIRO Breach Exposes 750,000 Individuals
Canadian Investment Regulatory Organization (CIRO) breach affects 750k; part of week's major incidents. Details limited but underscores regulatory sector risks.
Combined with healthcare and enterprise breaches.
Ingram Micro Ransomware Exposes Staff Records
Ingram Micro admits ransomware attack exposed employee data; incident reported recently. Highlights distributor vulnerabilities in supply chain.
Ongoing coverage in breaches category.