Latest Internet & Cybersecurity News
US Cyber Operations Disrupt Venezuela Power and Radar in Maduro Capture
U.S. authorities deployed offensive cyber operations to disable power and radar systems in Caracas during a January operation to capture Venezuela’s president Nicolás Maduro. Effects were reversible with minimal civilian impact, marking overt use of cyber tools for law enforcement. This signals normalization of cyber as tactical statecraft against weak infrastructure.
APT28 Targets Global Energy and Nuclear Organizations
Russia-linked APT28 ran campaigns against energy, nuclear research, and policy groups for credential harvesting and long-term access. High-value targets provide intel on infrastructure and strategies, often preceding geopolitical actions.
Mustang Panda Spearphishes US Government on Venezuela Policy
China-linked Mustang Panda used Venezuela policy lures in spearphishing against U.S. government entities, focusing on credentials rather than disruption. Telecom and policy bodies remain prime espionage targets.
Ransomware Strikes Romanian CET Oltenia Energy Producer
Romanian energy firm CET Oltenia suffered a ransomware attack amid rising incidents in energy sector. Attacks exploit update windows, reflecting criminal and state pressure on energy stability.
Chilean Copec Confirms Ransomware on Internal Systems
Chile's Copec energy firm reported ransomware affecting internal operations, varying in impact but part of global energy targeting pattern. Geopolitical risks amplify ransomware threats to national infrastructure.
Taiwan Energy Sector Faces Tenfold Cyberattack Surge
Taiwan reported a 10x increase in energy sector attacks, with foes exploiting software updates. Sustained pressure from state-aligned actors threatens economic continuity.
Threat Actors Scan LLM Servers for Vulnerabilities
Large-scale scanning targets exposed LLM servers for API flaws, weak auth, enabling data theft or model compromise. AI infrastructure now high-value as governance lags.
Grubhub Data Theft Linked to Salesloft Supply Chain Attack
Grubhub confirmed data download from systems in Jan 2026, tied to Salesloft Drift/Salesforce token incident; financials spared. Confirmed publicly Jan 16, scale unquantified.
Oracle CVE-2026-20805 Actively Exploited for RCE
Critical Oracle vuln in Jan 2026 Patch Update allows remote code execution and unauthorized access, already exploited in wild. Prioritizes enterprise databases in patching urgency.
SAP S/4HANA SQL Injection Exposes ERP Data
High-severity SQL injection in SAP S/4HANA private cloud/on-prem enables data exposure and manipulation of business processes. Additional high-risk flaw allows unauthorized access.
CISA Adds VMware vCenter Vuln to Known Exploited List
Critical VMware vCenter Server flaw actively exploited, added to CISA KEV catalog requiring BOD 22-01 remediation. Part of broader exploit chains.
ShinyHunters Phishing Campaign Hits Over 100 Organizations
ShinyHunters group targeted 100+ major orgs in recent cybercrime phishing campaign, per Silent Push analysis. Focuses on widespread credential and access theft.