Latest Internet & Cybersecurity News
Threat Actors Claim Breaches of Hyatt Hotel, Nike, McDonald's India, and Under Armour
Threat actors have claimed breaches against major brands including Hyatt Hotel, Nike, McDonald's India, and Under Armour, exposing sensitive data. This wave of high-profile incidents underscores vulnerabilities in global hospitality and retail sectors. Law enforcement is monitoring these claims closely.
UK Launches 'Report Fraud' Service to Combat Cybercrime
The UK introduced 'Report Fraud', a new online portal replacing Action Fraud, to streamline cybercrime and fraud reporting for faster investigations. The platform aims to improve victim support and visibility amid criticisms of the previous system. It enhances authorities' ability to process cases efficiently.
Law Enforcement Raids Initial Access Brokers Linked to Black Basta
Ukrainian and German authorities raided homes of two Ukrainians suspected of providing initial access for Black Basta ransomware, identifying Russian ringleader Oleg Nefedov. Separately, Jordanian broker 'r1z' pleaded guilty to selling access to 50+ companies. These actions disrupt cybercrime supply chains.
Tennessee Man Pleads Guilty to Hacking US Supreme Court, Posts on Instagram
A 24-year-old Tennessee man admitted hacking the US Supreme Court, Veterans Administration, and Americorps systems in 2023 using stolen credentials. He accessed restricted areas multiple times and boasted on Instagram. The case highlights risks of insider credentials and social media bravado.
Critical Vulnerabilities Exposed in GitLab and Fortinet
GitLab and Fortinet face critical vulnerabilities making them prime hacker targets, with GitLab already patched. These flaws enable severe exploits in widely used platforms. Organizations urged to apply updates immediately.
AI-Generated Malware and Stealthy Attacks on the Rise
Individual hackers are leveraging AI to rapidly create sophisticated malware like VoidLink Linux framework in under a week for cloud access. This trend lowers barriers for advanced threats. Security firms warn of increasing stealthy cyber operations.
North Korean PurpleBravo Targets IT Supply Chains in Phishing Campaign
North Korean hackers (PurpleBravo) launched 'Contagious Interview' phishing targeting 3,136 IPs in AI, crypto, IT sectors via malicious Visual Studio Code projects. Linked to espionage and theft, using Astrill VPN for C2 obfuscation. Overlaps with Wagemole fake job campaigns.
Ongoing FortiGate SSO Exploitation Campaign Despite Patches
A sustained campaign exploits FortiGate firewalls via FortiCloud SSO vulnerability since mid-January 2026, involving unauthorized logins and super-admin creation. Likely automated, it persists post-patching. Admins must monitor for config exports and persistence.
New Zealand Faces Major Health Portal Ransom Hack
Hackers hit ManageMyHealth, New Zealand's largest health portal, stealing 400,000+ documents from 126,000 patients and demanding $60,000. NCSC proactively warned 26,000 users of Lumma Stealer malware. Highlights state-sponsored threats and supply chain risks.
US House Hearing Probes Cyber, Drone, AI Threats to Critical Infrastructure
House Homeland Security oversight examined CISA, TSA responses to escalating cyber, AI, drone threats in transportation and infrastructure. CISA focuses on mission-first initiatives, EDR scaling, and emergency directives. Emphasizes public-private collaboration.
AI Governance Emerges as Top Cybersecurity Trend for 2026
AI risks rank second in global business concerns, driving focus on governance and guardrails amid US-China race and rapid adoption. Trends include operational resilience post-2025 disruptions like Marks & Spencer hack. Expect stricter parameters for critical infrastructure.
Global Cybersecurity Spending to Hit $240 Billion in 2026
Gartner forecasts 12.5% growth to $240B, with healthcare, tech, finance leading investments. Shift to growth-focused budgets emphasizes Adversarial Exposure Validation for ROI. Addresses sophisticated threats and regulations.