Latest Internet & Cybersecurity News
Cybersecurity Outlook: 2026 Will Force a New Operating Model
Attackers are exploiting vulnerabilities at machine speed while developers ship AI-generated code, demanding a dramatic shift in cybersecurity models for 2026. This evolution is driven by rapid AI integration in development and attack vectors.
Organizations must adapt to maintain defenses against accelerating threats.
Biggest Cybersecurity Stories of 2025: $1.5 Billion ByBit Crypto Heist
North Korea's Lazarus Group stole $1.5 billion in Ethereum from ByBit's cold wallet via a compromised developer machine. The breach involved manipulating transaction approvals to drain funds.
FBI confirmed Lazarus responsibility, highlighting ongoing crypto threats.
2025 Crypto Thefts Surge Beyond ByBit
Additional heists included $85M from Phemex, $223M from Cetus Protocol, $27M from BigONE, and $7M impacting Trust Wallet users. Pro-Israel hackers also burned $90M in Iran's Nobitex exchange.
These incidents underscore persistent vulnerabilities in crypto infrastructure.
AI Tools Vulnerable to Prompt Injection Attacks in 2025
Microsoft 365 Copilot suffered zero-click data leakage via hidden prompt injection in emails. Google Gemini was exploited through email summaries and calendar invites for phishing.
AI coding assistants were manipulated to execute harmful code.
Insider Threats Hit High-Profile Targets in 2025
A CrowdStrike insider attempt was detected before network access. FinWise Bank breach affected 689,000 customers due to insider activity.
A bank employee sold credentials for $920, enabling a $140M heist at Brazil鈥檚 Central Bank.
Zero-Day Flaws Exploited Across Major Vendors in 2025
Zero-days hit Cisco, Fortinet, Citrix NetScaler, Ivanti, SonicWall, FreePBX, and CrushFTP. Microsoft SharePoint was targeted by Chinese actors and ransomware via ToolShell flaw.
These enabled web shells, data theft, and persistence in networks.
Lithuanian Hacker Arrested for $1.2M Clipboard Malware Scheme
A 29-year-old extradited to South Korea infected 2.8M systems with KMSAuto-disguised clipper malware from 2020-2023. Stole $1.2M in virtual assets from 3,100 addresses.
Malware stole clipboard data for crypto wallet swaps.
Coordinated ColdFusion Exploit Spree Targets Servers
Holiday campaign from Japan-based infrastructure exploited 10+ ColdFusion CVEs from 2023-2024. GreyNoise attributed ~98% of traffic to single actor CTG Server Limited.
Systematic attacks hit exposed Adobe ColdFusion servers.
Unleash Protocol Smart Contract Upgrade Exploited for $3.9M Theft
Unauthorized admin control via multisig governance led to contract upgrade and $3.9M fund withdrawal. PeckShield confirmed the blockchain exploit on the IP platform.
Incident highlights DeFi governance risks.
New IPCola Proxy Botnet Offers 1.6M IPs from Infected Devices
Global network includes IoT, desktop, mobile from 100+ countries, mainly India, Brazil, Mexico, US. Sold as proxy service for illicit activities.
Underscores rise in large-scale botnets.
Manage My Health Cyber Breach Update: 7% of 1.8M Patients Affected
Incident detected Dec 30, 2025; unauthorized access to specific documents for ~126,000 patients. Forensic analysis ongoing with Privacy Commissioner and NZ Police notified.
Platform secured, no further access reported.
Maritime Cybersecurity Bulletin Highlights Latest Threats
Jan 1, 2026 bulletin covers recent vulnerabilities and attacks targeting maritime fleets. Aims to help operators stay protected amid evolving risks.
Focuses on sector-specific cyber news.