Latest Internet & Cybersecurity News
Europol and Microsoft Dismantle Tycoon 2FA Phishing-as-a-Service Platform
An international coalition led by Microsoft and Europol has taken down Tycoon 2FA, a phishing-as-a-service platform responsible for over 64,000 attacks targeting nearly 100,000 organizations worldwide since 2023. Microsoft seized 330 active domains used by the service, which enabled cybercriminals to bypass multi-factor authentication and compromise accounts across education, healthcare, finance, and government sectors
. The platform had generated tens of millions of phishing emails monthly and impacted more than 55,000 Microsoft customers, with particular harm to medical facilities causing diverted ambulances and disrupted hospital operations
.
Cisco Confirms Active Exploitation of Catalyst SD-WAN Manager Vulnerabilities
Cisco disclosed that two vulnerabilities (CVE-2026-20122 and CVE-2026-20128) in Catalyst SD-WAN Manager are actively exploited in the wild, with patches released across multiple software versions. The company became aware of the active exploitation in March 2026, though it did not specify the scale of attacks or threat actors responsible
. This disclosure follows a previous critical vulnerability (CVE-2026-20127) exploited by sophisticated threat actor UAT-8616 to establish persistent access to high-value organizations
.
INC Ransomware Compromises Japanese Energy Services Company
CYFIRMA observed that JA Akita Kita Life Service, K.K., a Japanese firm providing energy and lifestyle services, was compromised by INC Ransomware. The attack resulted in the exfiltration of approximately 43.1GB of data including internal records, financial information, and client lists
. The compromised data was discovered in underground forums, indicating potential sale or publication of the sensitive information.
Gentlemen Ransomware Attacks Japanese Industrial Machinery Manufacturer
Sando Tech, a Japanese company specializing in machinery development and manufacturing, was compromised by the Gentlemen Ransomware, according to reports from underground forums. The ransomware attack aimed at data theft, encryption, and financial gain, resulting in operational disruption, data loss, and potential reputational damage
. This represents another significant threat to Japanese manufacturing infrastructure.
Space Bears Ransomware Targets Taiwanese Motor Company Kymco
Space Bears Ransomware attacked Kymco (Kwang Yang Motor Co., Ltd.), a Taiwanese manufacturing company, resulting in data leaks and operational disruption. The attack caused significant financial loss and reputational damage to the automotive manufacturer
. The incident demonstrates continued targeting of Asia-Pacific manufacturing and industrial sectors by ransomware threat actors.
Iran Experiences Nationwide Internet Blackout Affecting 96% of Connectivity
Iran experienced a dramatic nationwide internet blackout with connectivity dropping to just 4% of normal levels, later declining to near 1% according to NetBlocks monitoring. The disruption, persisting for over 48 hours in many areas, severely limited information flow, government operations, and civilian coordination
. The extent of connectivity loss indicates a significant infrastructure-level incident affecting the country's digital infrastructure.
AI-Driven Insider Risk Emerges as Critical Business Threat
Mimecast's State of Human Risk Report 2026 warns that insider threats have become a critical business threat, with malicious insiders and negligent employees creating significant cybersecurity risks. Attackers increasingly exploit insiders as entry points to bypass perimeter defenses, while both malicious insiders and threat actors use AI tools to enhance phishing effectiveness and automate data exfiltration
. Internal cybersecurity risks have grown across the board, requiring organizations to treat insider threats with heightened priority.
Cisco Releases Maximum-Severity Updates for Firewall Management Center
Cisco released updates to address two maximum-severity vulnerabilities (CVE-2026-20079 and CVE-2026-20131, CVSS score 10.0) in Secure Firewall Management Center. These vulnerabilities could allow unauthenticated remote attackers to bypass authentication and execute arbitrary Java code as root on affected devices
. The critical nature of these flaws underscores the importance of timely patching across Cisco's security infrastructure.
Virginia Implements Strict Age Verification Requirements for Social Media
Effective January 1, 2026, Virginia law requires social media platforms to employ commercially reasonable methods such as neutral age screen mechanisms to verify user age. The enforcement action reflects heightened scrutiny of platforms affecting children and teens, including messaging apps, gaming platforms, and AI chatbots
. Virginia's Attorney General issued dozens of violation notices and resolved multiple data breach settlements in 2025.
U.S. Establishes Data Transfer Agreements with Argentina and Bangladesh
The United States signed reciprocal trade agreements with Argentina and Bangladesh that include provisions for free cross-border data transfers. The Argentina agreement allows the country to deem the United States as adequate for data transfers while committing to prevent restrictions on U.S. technology innovation
. These agreements facilitate expanded digital trade while establishing trusted border data movement frameworks.
New Jersey County Government Systems Disrupted by Malware Attack
One of New Jersey's largest counties experienced a cyberattack that disrupted phone lines and IT systems across government offices. The malware attack impacted critical government infrastructure, creating operational challenges for county services
. The incident highlights vulnerabilities in local government cybersecurity defenses.
Microsoft Praises New Zealand's Cyber Security Strategy 2026-2030
Microsoft applauds New Zealand's new Cyber Security Strategy 2026-2030 for providing a clear roadmap to safeguard the nation's digital infrastructure amid increasingly sophisticated cyber threats. The strategy represents a comprehensive national approach to cybersecurity in the AI era, with Microsoft committing to support New Zealand's efforts through cloud, AI, and threat intelligence expertise
. The strategy signals growing international recognition of cybersecurity as essential to national digital security.