Latest Internet & Cybersecurity News
Nike Investigates Cybersecurity Incident After Extortion Group Leaks Alleged Stolen Files
Nike is probing a potential cybersecurity breach following leaks by an extortion group claiming stolen data. The incident highlights ongoing ransomware extortion tactics targeting major brands. This comes amid rising corporate data thefts.
HCIactive Health Data Theft Affects 3.1 Million People
AI-powered services firm HCIactive reported a cyber incident expanding to impact 3.1 million individuals' health data. Responders emphasize locking down identities, preserving audits, and preparing notifications. The breach underscores large-scale health data exposure risks.
FBI Seizes RAMP Cybercrime Forum Infrastructure
U.S. authorities took down domains of the RAMP forum, a hub for ransomware, malware, and initial access sales. The action disrupts criminal affiliates but may prompt forum migrations and retaliations. Defenders should monitor for new mirrors and intelligence leaks.
ShinyHunters Claims Leak of 10M Records from Match Group Dating Apps
ShinyHunters alleges possession of over 10 million records from Hinge and OkCupid, including user and transaction data. Match Group is investigating amid risks of coercion and fraud from dating info. Users urged to reset passwords and enable MFA.
Silent Push Uncovers ShinyHunters-Led Phishing Campaign Targeting Okta SSO
ShinyHunters' SLSH group runs human-led vishing attacks on Okta and SSO platforms for over 100 enterprises, using live phishing panels to bypass MFA. Targets include Atlassian, Canva, and Epic Games, leading to data exfiltration and ransomware. Attackers gain skeleton key access to connected apps.
Fortinet Issues Critical Advisory; n8n Sandbox Escape Vulnerability
Fortinet released a critical advisory alongside an n8n sandbox escape exploit in threat intelligence updates. These vulnerabilities demand urgent patching to prevent exploitation. They join rising exploits tracked in daily roundups.
Quorum Cyber Reports 30% Rise in New Ransomware Groups for 2026
AI and RaaS drove a 30% increase in new ransomware groups, with vulnerability disclosures over 35,000 and nation-states automating 90% of intrusions. Ransom demands surged 179% in finance; North Korea earned $2B from cybercrime. Barriers to attacks are collapsing.
Eye Security Analyzes 630 Incidents: BEC and Phishing Dominate
Across 630 European incidents, BEC caused 70%, phishing 33%, with manufacturing and real estate hit hardest. Ransomware response averaged 39-71 hours; MFA bypassed in 62% of cases since 2025. Attackers exploit trust over technical flaws.
AI-Driven Cyber Threats Explode: Deepfakes, North Korean IT Infiltration
2025 saw AI-weaponized fraud, deepfakes like Arup's $25M scam, and North Korean operatives infiltrating 320+ firms via fake IT jobs, funding WMDs. Amazon blocked 1800 suspect applications; autonomous AI agents conducted espionage.
OpenSSF Prepares for FOSDEM 2026 and EU Cyber Resilience Act
OpenSSF gears up for FOSDEM with GVIP Summit on vulnerability intelligence and EU Open Source Policy Summit on CRA readiness, digital sovereignty, and trusted AI. Builds on 2025 initiatives for open source security compliance.
HKCERT: Hong Kong Cybersecurity Incidents Hit Record High, AI Phishing Surges
HK saw 27% rise in incidents, phishing at 57-60%, with AI-enhanced attacks and supply chain risks topping concerns. Nearly 30% of enterprises lack dedicated cybersecurity staff. Generative AI boosts phishing sophistication.
Global Outlook: AI Risks Gap Closing, More Firms Secure AI Tools
By 2026, 64% of organizations assess AI security, up from 37% in 2025, per Global Cybersecurity Outlook. Focus shifts to governance amid deepfakes and AI attacks; privacy concerns shape cyber strategies.