Latest Internet & Cybersecurity News
149 Million Passwords Exposed in Massive Credential Leak
Cybersecurity researchers uncovered an unsecured database in late January 2026 containing 149 million usernames and passwords from services like Gmail (48M), Facebook (17M), and Netflix (3.4M). The unencrypted data, accessible without authentication, poses risks of credential stuffing, phishing, and identity theft across email, social media, banking, and government domains.
Experts urge users to change passwords and enable multi-factor authentication immediately.
Under Armour Confirms Second Major Data Breach by Everest Ransomware
Under Armour disclosed a significant data breach investigation starting November 2025, claimed by the Everest ransomware group, confirmed in January 2026. The incident highlights ongoing ransomware threats to major corporations, with details on exposed data still emerging.
Legal actions are anticipated as affected parties respond.
Nike Investigates Potential Security Incident After Hacker Claims
Nike launched a probe into a claimed data theft by the WorldLeaks cybercrime group, which threatened to leak stolen data from its systems. The incident underscores rising threats to retail giants from data extortion groups.
Nike has not confirmed the breach scope yet.
CIRO Data Breach Exposes 750,000 Canadian Investors' Information
The Canadian Investment Regulatory Organization (CIRO) confirmed a phishing-led cyber incident from August 2025 exposed personal data of 750,000 investors, disclosed publicly in January 2026. No passwords were compromised, but risks include fraud and targeted phishing; data has not surfaced on dark web per reports.
The breach illustrates how initial phishing can lead to mass data extraction.
Multi-Stage Phishing Campaign Targets Russia with Ransomware and Amnesia RAT
A sophisticated phishing operation targets Russian users using cloud services like GitHub and Dropbox to deliver Amnesia RAT for data theft and Hakuna Matata ransomware for encryption. It disables Microsoft Defender via defendnot tool and includes WinLocker for control.
The chain abuses Windows features without vulnerabilities for full compromise.
Ukraine and Germany Identify Members of Russian-Affiliated Ransomware Group
Law enforcement in Ukraine and Germany conducted searches identifying two members of a Russian-linked ransomware group. This action highlights international efforts against ransomware networks amid rising attacks.
Details on the group's operations remain under investigation.
CISA Adds VMware vCenter Flaw to Known Exploited Vulnerabilities Catalog
The U.S. CISA added a Broadcom VMware vCenter vulnerability to its KEV catalog, urging federal agencies to patch immediately. The flaw is actively exploited, posing risks to virtualization infrastructure.
Organizations worldwide should prioritize remediation.
Critical Telnetd Flaw CVE-2026-24061 Affects GNU InetUtils for 11 Years
A critical vulnerability (CVSS 9.8) in GNU InetUtils telnetd (versions 1.9.3–2.7) went undetected for nearly 11 years, enabling remote attacks. All affected versions are vulnerable to exploitation.
Users must update to mitigate risks.
Fortinet FortiCloud SSO Bypassed in Attacks on Patched Devices
Fortinet confirmed attackers bypassing FortiCloud SSO authentication even on fully patched devices, echoing recent SSO flaws. This affects enterprise security perimeters significantly.
Fortinet recommends enhanced monitoring and configurations.
New Osiris Ransomware Abuses POORTRY Driver to Disable Security Tools
Researchers identified Osiris ransomware from a November 2025 attack using BYOVD with POORTRY driver to evade defenses. It targets endpoints for encryption after disabling protections.
Detection and mitigation strategies are critical for organizations.
US Homeland Committee Examines CISA, TSA Roles in Cybersecurity Threats
House Homeland Security Republicans held a hearing on January 23, 2026, reviewing CISA, TSA, and S&T responsibilities against evolving cyber threats to infrastructure. Emphasis on foreign adversaries like China and Russia targeting digital systems.
Calls for modern tactics including private sector tech integration.
TP-Link Patches Critical Flaw in VIGI Cameras Exposing 2,500+ Devices
TP-Link fixed a high-severity vulnerability affecting over 32 VIGI camera models, with 2,500 internet-exposed devices at risk of remote hacking. Prompt patching is essential to prevent IoT compromises.
The flaw allowed unauthorized access to surveillance systems.