Latest Internet & Cybersecurity News
Global law enforcement dismantles First VPN used by ransomware gangs
Operation Saffron, carried out on May 19-20, 2026, dismantled First VPN, a criminal VPN service active since 2014 and used by at least 25 ransomware groups, including Avaddon and Phobos. Authorities seized 33 servers, took down domains, and arrested the administrator in Ukraine, exposing logs and user data tied to cybercrime .
First VPN infrastructure spanned dozens of countries
Investigators said First VPN operated 32 exit-node servers across 27 countries, including the U.S., Canada, Germany, France, the Netherlands, Singapore, and the U.K. The broad footprint shows how criminal anonymization services can hide activity across multiple jurisdictions .
Authorities gained new intelligence from seized First VPN logs
Law enforcement reportedly obtained the service’s user database and criminal traffic logs during the takedown. Those records are expected to support ongoing investigations into ransomware, fraud, and data theft networks .
Organizations urged to check logs for First VPN indicators of compromise
Security teams are being advised to review historical traffic for connections to First VPN exit-node IPs and domains such as 1vpns.com, 1vpns.net, and 1vpns.org. Any matches may indicate prior malicious activity and should be investigated as potential indicators of compromise .
Taiwan expands cybersecurity drills to more critical infrastructure operators
Taiwan’s Administration for Cybersecurity said it will broaden this year’s attack-and-defense drills to include more critical infrastructure operators. The expanded exercise set will include Class B operators such as regional water agencies and hospitals, with an emphasis on external-facing asset security and vulnerability management .
UAE reports surge in confirmed cyber incidents in 2026
The UAE Cybersecurity Council has flagged 128 confirmed cyber incidents so far in 2026, most tied to financially motivated threat actors. The figure underscores the continued pressure on organizations from fraud, phishing, and other profit-driven attacks .
Hackers increasingly target SMEs with scams and low-cost attacks
Security leaders say small and medium-sized businesses are being targeted because they often have weaker defenses and fewer dedicated security staff. Recent commentary highlights how financially motivated hackers are exploiting SME gaps with phishing, credential theft, and other opportunistic tactics .
Cybersecurity remains a top operational risk for 2026
Analysts are warning that 2026 will be a difficult year for defenders as organizations face rising digital threats across business, government, and consumer environments. The broader security outlook points to the need for stronger resilience, patching, and incident response readiness .
Travel and hospitality sectors warned about AI-enabled cyber risk
Industry coverage on AI and cybersecurity in travel, tourism, and hospitality highlights new security concerns as organizations adopt more automation and digital services. The sector is being pushed to balance AI innovation with stronger data protection and threat monitoring .
Ongoing global debate over cyber resilience and preparedness
Recent cybersecurity commentary emphasizes the need for organizations to strengthen defenses through asset management, vulnerability reduction, and regular drills. This reflects a wider global focus on preparedness as threat volume and sophistication continue to rise .