Latest Internet & Cybersecurity News
APAC Energy Firm Hit by Dire Wolf Ransomware
Malaysia’s Perdana Petroleum Berhad suffered a ransomware attack where Dire Wolf published 150 GB of financial, supplier, legal, and customer data, disrupting the oil & gas sector. The breach has severe operational and reputational impacts on the energy supply chain.
Urgent patching and monitoring are recommended for affected entities.
Cisco Unified Communications Zero-Day Actively Exploited
Cisco confirmed a critical RCE vulnerability (CVE-2026-20045) in Unified Communications Manager, Unity Connection, and Webex Calling under active attack. Unauthenticated attackers can execute arbitrary code, threatening global enterprise voice systems.
No workarounds exist; immediate patching is essential.
SmarterMail Authentication Bypass Exploited in the Wild
SmarterTools’ SmarterMail faces active exploits via a force-reset-password API bug, allowing attackers to reset admin credentials. Attackers gain full control post-patch release; deploy build 9511 immediately.
Organizations must monitor for unusual admin resets.
Microsoft Patch Tuesday Addresses 114 Vulnerabilities, Including Zero-Days
Microsoft's January 2026 Patch Tuesday fixed 114 flaws across Windows, Office, Azure, and Edge, with three zero-days, one exploited. Vulnerabilities include privilege escalation and RCE; enterprises urged to patch promptly.
This underscores ongoing patch urgency in 2026.
AI-Led Espionage Campaign Uses Autonomous Agents
Anthropic reported a state-linked APT using AI agents for 80-90% of intrusion lifecycle, from recon to exploits, targeting 30 organizations. The campaign accelerates attacks and evades human detection.
Heightened vigilance needed against AI-driven threats.
ShinyHunters Claims Voice Phishing Attacks on Okta, Google, Microsoft
ShinyHunters claimed credit for five voice phishing attacks using custom kits targeting SSO environments, intercepting credentials and bypassing MFA. Okta disclosed the social engineering campaign; Sophos tracks 150 related domains.
Companies like Google and Microsoft report no direct impacts.
ESET Attributes DynoWiper Attack on Poland's Power Grid to Sandworm
ESET linked Russia-aligned Sandworm to a December 2025 cyberattack using DynoWiper malware on Poland's power grid. The data-wiping attack marks the 10th anniversary of Sandworm's Ukrainian blackout.
No successful disruptions confirmed, but TTPs match prior operations.
INE Releases Top 5 Cloud Security Trends for 2026
INE highlights identity-first security, misconfigurations, and AI-driven detection as key 2026 trends amid rising cloud breaches. Skills gaps in identity, config, and ops drive incidents; cross-training essential.
Attackers exploit human and machine credentials in multi-cloud setups.
Dormakaba Access System Flaws Allow Remote Door Unlocking
Vulnerabilities in Dormakaba physical access controls enabled hackers to remotely open doors at major European firms. The flaws compromise physical security tied to digital systems.
Organizations urged to patch and review access configs.
IBM Issues Critical Security Advisories for Multiple Products
IBM published advisories from Jan 19-25, 2026, addressing critical vulns in Big SQL, Concert Software, DataStax, Guardium, and Watsonx. Updates cover IBM Cloud Pak for Data and other enterprise tools.
Apply patches immediately per Cyber Centre guidance.
Cybercrime Economy Predicted to Plateau at $12.2 Trillion by 2031
Cybersecurity Ventures forecasts cybercrime costs rising to $12.2T by 2031 at 2.5% annual growth, plateauing from prior explosive rates. Factors include declining legacy threats offset by AI attacks like deepfakes.
Costs encompass data loss, IP theft, and remediation.
Google Gemini Prompt Injection Leaks Calendar Data
A prompt injection flaw in Google Gemini allows leakage of sensitive calendar data. Attackers exploit AI interfaces for unauthorized access.
Users should apply updates and limit AI data exposure.