Latest Internet & Cybersecurity News
WorldLeaks Claims 1.4TB Nike Data Theft, Posts Samples After Ransom Deadline
Extortion group WorldLeaks claimed to have stolen 1.4TB of Nike data, including 188,347 files on designs and manufacturing, posting samples after the January 24, 2026 deadline. Nike is investigating the potential breach but has not confirmed the data's legitimacy.
The leak raises risks of IP theft and counterfeits, with no customer PII observed in samples.
Russia-Linked Sandworm APT Targets Poland's Power Grid with DynoWiper Malware
ESET attributes a December 2025 wiper malware attack on Poland's energy grid to Sandworm, using new DynoWiper on the 10-year anniversary of Ukraine grid attack. The attack failed to cause disruption despite destructive intent.
Tactics overlap with prior Sandworm operations in Ukraine.
GCVE Launches as Decentralized Alternative to Fragile CVE Vulnerability Program
GCVE emerges amid CVE funding crises, aiming for decentralized tracking of software flaws to boost collaboration. Europe's initiative raises concerns over potential fragmentation and duplicate entries in databases.
It seeks to enhance efficiency for global defenders.
Edmunds Data Breach Exposed on BreachForums by ShinyHunters Affiliate
Hacker Wadjet published Edmunds user data on BreachForums on January 25, 2026, linked to ShinyHunters, including PII and behavioral data. The leak heightens risks of identity theft, phishing, and fraud.
Data spans engagement metrics, account metadata, and partial messaging logs.
CISO Predictions for 2026: AI Governance, SME Ransomware Surge, Quantum Prep
Cyber leaders foresee AI accelerating attacks via automation while defenders scale governance and resilience. SMEs face rising targeted ransomware; attackers hoard data for quantum decryption.
Post-quantum readiness enters audits amid state-sponsored threats.
Hundreds of Millions of Audio Devices Vulnerable to Bluetooth Fast Pair Flaws
Flaws in Google's Fast Pair protocol on 17 headphone/speaker models enable wireless hacking, eavesdropping, and tracking. Vendors must patch to prevent stalkers and eavesdroppers.
Affects devices using one-tap pairing.
Cybercrime Groups Evolve into Business-Like Structures Challenging CISOs
2026 sees cybercriminals organizing like legitimate firms, intensifying threats to executives. Rise in sophisticated BEC and payment fraud using AI for impersonation.
State actors expand beyond Iran via hybrid operations.
MSC Cruises Bans Smart Glasses to Prevent Covert Surveillance
MSC Cruises updated policy banning Ray-Ban Meta smart glasses to curb hidden recording on ships. Addresses privacy risks from wearable surveillance tech.
Travelers advised to avoid if reliant on such devices.
Everest Ransomware Gang Hits Under Armour, Exposes Millions of Accounts
Following Nike claims, Everest ransomware breached Under Armour, leaking 72.7M accounts with PII, locations, and purchase data. Part of trend targeting sportswear firms.
Have I Been Pwned tracked the exposure.
AI-Powered Attacks Evade EDR Using Steganography and Automation
Threat actors leverage AI for steganography, AV abuse, and automated attacks bypassing endpoint detection. Defenders urged to combine NDR and EDR for countermeasures.
Signals shift in AI-cyber defense strategies.
Fincantieri Secures Cyber Resilience Contracts with Italian Navy
Shipbuilder Fincantieri signed deals to bolster cyber protections for naval units against threats. Enhances resilience in modern warships.
Reflects growing maritime cybersecurity focus.
Arcadis Achieves International Cybersecurity Certification
Global engineering firm Arcadis earned certification, strengthening defenses in sustainable design sector. Milestone on January 26, 2026.
Demonstrates commitment to cyber standards.