Latest Internet & Cybersecurity News
Global supply chains face surge in cyberattacks and hybrid warfare risks
Everstream Analytics’ 2026 Annual Supply Chain Risk Report recorded **2,526 cyber incidents** across industries between January and November 2025, almost double 2024’s 1,295 cases. Automotive manufacturing attacks jumped from 37 to 304 (a **722% increase**), while Everstream warns at least one multibillion‑dollar disruption is likely in 2026 due to cyber, hybrid warfare and failing critical infrastructure.
Weekly threat intel flags Kimwolf botnet and major Japanese ransomware breach
CYFIRMA’s latest weekly intelligence report highlights the **Kimwolf botnet**, which is used for massive DDoS attacks and monetized via residential proxies and bandwidth rental, exposing serious supply‑chain security gaps in compromised devices. The report also details a Qilin ransomware attack on Japan’s Logic Vein Co., Ltd., with threat actors claiming to have exfiltrated around **4 TB of highly sensitive corporate and client data**.
Jaguar Land Rover cyberattack triggers heavy financial and macroeconomic impact
Integrity360 reports that a cyberattack on **Jaguar Land Rover (JLR)** cost the company **£196 million in a single quarter**, with the Bank of England citing it as a drag on UK GDP. The attack, claimed by the Scattered Lapsus$ Hunters group, involved data theft and prolonged disruption across JLR’s supply chain and operations.
US broadband provider Brightspeed probes alleged breach affecting 1 million customers
US fiber broadband operator **Brightspeed** is investigating claims by the Crimson Collective hacking group that it breached the company and stole personal data for over **one million customers**. Because Brightspeed serves more than a million residential and business users across 20 US states, confirmation of the breach could imply large‑scale exposure of sensitive customer information.
Taiwan reports unprecedented Chinese cyber activity against critical infrastructure
Taiwan’s National Security Bureau recorded **over 960 million intrusion attempts** against critical infrastructure in 2025, averaging 2.63 million attacks per critical organization per day, with much of the activity attributed to Chinese APT groups. The energy sector saw a **tenfold increase** in attacks year‑on‑year, while hospitals and emergency services also faced substantial growth in intrusion attempts, often coinciding with military exercises and key political events.
Moody’s 2026 cyber outlook warns of AI‑driven attacks and regulatory rifts
Moody’s forecasts that 2026 will bring more dangerous **AI‑powered cyberattacks**, including model poisoning, adaptive malware and early signs of semi‑autonomous attacks as organizations deploy AI without adequate safeguards. The report also highlights growing friction between the EU’s coordinated cybersecurity regulations and a more fragmented US approach, warning that attackers will exploit regulatory gaps faster than governments can harmonize rules.
Study finds a fifth of breaches disrupt endpoints for up to two weeks
New research cited by Infosecurity Magazine shows that for **20% of serious security breaches**, endpoint disruption can last up to **two weeks**, severely impacting business operations. The study found most (87%) US and UK organizations face recovery costs running into the millions, underscoring the high operational and financial toll of endpoint‑focused attacks.
Analysts spotlight six critical cyber threats for 2026, led by agentic AI and deepfakes
Corelight’s ‘Six for 2026’ analysis highlights **agentic AI, shadow AI, AI‑driven social engineering, deepfakes, and automated ransomware** as top emerging cyber threats this year. The report notes that 75% of intrusions already involve compromised identities or valid credentials, recommending stronger Zero Trust Network Access and AI‑based content authenticity checks to counter identity‑centric and synthetic‑media attacks.
Network security trends for 2026: AI‑driven defense, Zero Trust and quantum‑ready planning
Training provider INE identifies **AI‑driven autonomous defense**, widespread **Zero Trust architectures**, and early **quantum‑prepared security** as key network security trends shaping 2026. INE argues that identity has become the primary security perimeter and that organizations must pair new architectures with upskilled staff to match the speed of AI‑enabled threats.
Identity emerges as the primary cybersecurity battleground in 2026
ConductorOne predicts that **corporate identity and access** will be universally recognized as the number‑one cyber risk vector in 2026, as nearly all major attack patterns begin with identity compromise. The company expects a shift to continuously validated access (“does this access make sense this minute?”) and major consolidation of identity‑security tooling into unified control planes for enterprises.
Maritime sector moves toward a new global Maritime Cyber Code
Cydome reports that over **40 countries and major maritime organizations** are backing discussions at the IMO’s FAL 50 meeting on a new **Maritime Cyber Code** to strengthen cybersecurity in shipping. The proposed framework aims to address rising cyber risks to vessels and port infrastructure by setting more prescriptive requirements than current IMO cyber guidelines.
Report questions long‑term viability of traditional firewalls amid evolving threats
GovInfoSecurity’s breach roundup cites a Moody’s assessment suggesting traditional **network firewalls are heading toward obsolescence** as standalone defenses, given cloud adoption and identity‑centric attack patterns. The same roundup notes recent incidents involving Romanian critical infrastructure, a Sedgwick data breach, and a D‑Link DSL vulnerability, illustrating ongoing weaknesses across legacy perimeter devices and connected systems.