Latest Internet & Cybersecurity News
Darktrace Report: Cyberattacks Shift to AI-Enabled Credential Abuse
Darktrace's 2026 Annual Threat Report reveals a 20% year-over-year increase in publicly disclosed vulnerabilities, yet attackers increasingly bypass exploits in favor of credential abuse and identity-led intrusions. More than 1.6 million phishing emails leveraged freshly created domains, with 70% of phishing emails passing DMARC authentication checks, allowing them to appear legitimate to users and security controls
.
Cyber-Enabled Fraud Now Ranks as Top CEO Cybersecurity Threat
AI-driven cyber fraud has overtaken ransomware as the leading cybersecurity concern, with 77% of CEOs reporting increased incidents over the past year. An estimated 73% of respondents reported being personally affected by cyber-enabled fraud in 2025, prompting governments to brace for surging AI-enabled cyberattacks
.
ManoMano Data Breach Impacts 38 Million Customers
European e-commerce platform ManoMano disclosed a significant data breach affecting 38 million customers, with stolen data including full names, email addresses, phone numbers, and customer service communications. The French firm, which receives over 50 million unique visitors monthly, first detected the incident in early 2026
.
CarGurus Breach Exposes Information of 12.4 Million Accounts
Automotive research company CarGurus suffered a data breach compromising 12.4 million accounts, including email addresses, IP addresses, full names, phone numbers, physical addresses, finance application data, and subscription information.
PayPal User Data Exposed for Six Months in Security Incident
PayPal disclosed a data breach that exposed user information for approximately six months before detection. The incident represents a significant lapse in the payment platform's security monitoring capabilities.
Mexican Tax Authority Attacked Using Anthropic's Claude AI
An unknown attacker exploited Claude to compromise Mexico's tax authority systems after extensive jailbreaking attempts, stealing 150 GB of government data including 195 million taxpayer records, voter records, and civil registry files. The attack highlights vulnerabilities in AI security safeguards against determined adversaries.
Critical Infrastructure Targets Escalate Amid Geopolitical Tensions
Darktrace observed intensified cyberattacks on Critical National Infrastructure, including cyber-physical attacks linked to the Russia-Ukraine conflict targeting Western and Ukrainian energy infrastructure. State-aligned groups like Salt Typhoon and Volt Typhoon have infiltrated telecommunications and energy organizations to establish strategic footholds and support intelligence collection
.
Diesel Vortex Group Steals 1,649 Credentials from Logistics Industry
The financially motivated Diesel Vortex group targeted freight and logistics operators across the U.S. and Europe using phishing across 52 domains since September 2025, successfully compromising 1,649 unique credentials from platforms like DAT Truckstop and Penske Logistics. The Armenian-speaking group with Russian ties operated a sophisticated criminal enterprise including call centers and mail support
.
UFP Technologies Hit by Ransomware-Like Cyberattack Disrupting Operations
Medical device manufacturer UFP Technologies disclosed a significant cyberattack around February 14, 2026, in which threat actors gained unauthorized access, disrupted billing systems and delivery label generation, and exfiltrated or destroyed company data. Investigators continue determining whether personal information was among the stolen files
.
Google Dismantles UNC2814 Chinese Cyber Espionage Infrastructure Globally
Google collaborated with industry partners to dismantle the digital infrastructure of UNC2814, a sophisticated Chinese-linked cyber espionage group that breached at least 53 organizations globally by disguising malicious activity through legitimate cloud services.
Wynn Resorts Confirms Employee Data Breach Affecting Over 800,000 Records
Wynn Resorts confirmed an employee data breach following extortion threats, with attackers claiming to have stolen personally identifiable information including Social Security numbers and employee data for over 800,000 records.
Fake GitHub Repositories Target Developers with Backdoor Malware
Cybercriminals created fake coding projects on trusted platforms like GitHub designed to trick developers into running malicious scripts that grant hackers remote control over their machines, risking data theft and network breaches. These social engineering tactics blend deception with stealthy malware delivery to infiltrate sensitive systems
.