BlackBerry stages epic comeback, OpenAI model faces threats, La Sapienza suffers ransomware – Cybersecurity News [February 2, 2026]
by DuoCircle
Last week was replete with cybersecurity issues, which made it quite chaotic for critical infrastructure like pipeline operators and universities. While one of the biggest European Universities still remains offline following a cyberattack, BlackBerry is eventually making a comeback as a cybersecurity solution. Meanwhile, Conpet, a Romanian oil pipeline operator, was targeted by a group of threat actors. OpenAI is also grabbing attention because of its new model, which is suspected to be full of cybersecurity vulnerabilities.
Thread Hijack Phishing, Latin America Cyberattacks, Poland Energy Breach – Cybersecurity News [January 26, 2026]
by DuoCircle
This is the 4th edition of the month. Here are the top cyber incidents that kept cybersecurity experts busy last week. While some threat actors have been using real enterprise email threads to make their phishing campaigns more credible, Latin America is experiencing a huge spike in cyber mishaps.
Chinese buses vulnerable Europe, $48M Bitcoin phishing stolen, WEF 2026 India participates – Cybersecurity News [January 23, 2025]
by DuoCircle
This is the fourth edition of the month, and here are the top cyber incidents that kept people busy last week. While Australia and Europe have discovered vulnerabilities in Chinese electric buses, South Korea lost $48 million worth of seized Bitcoin due to a phishing scam. Meanwhile, 1Password has come up with a highly effective anti-phishing feature to prevent sophisticated phishing campaigns. Also, global leaders, including India, gathered at WEF 2026 and discussed cybersecurity among other crucial topics.
This is the 4th edition of January, and last week witnessed multiple ups and downs in the cybersecurity ecosystem. Microsoft turned out to be the most mimicked brand in the last quarter of 2025, while experts realized the imminent cyber threat during the Winter Olympics. A West London council was targeted by hackers, leading to a breach of sensitive personal data. Meanwhile, a group of experts has stated that 2026 is going to witness highly sophisticated social engineering tactics over vulnerability-oriented cyberattacks.
Last week was replete with unfortunate phishing mishaps. Here are the top cyber incidents that we have covered for you to keep you updated. While Amazon, the e-commerce giant, is being targeted by phishing actors, left, right, and center, LinkedIn is also becoming a popular playground for cybercrooks. The crypto community is already in shock because of the Ledger customer data breach incident. Meanwhile, a highly sophisticated campaign is targeting the user credentials by impersonating Google Support.
This week’s cybersecurity news highlights how trust-based digital systems continue to be exploited across crypto platforms, browser ecosystems, and online marketplaces. Trust Wallet disclosed a major supply-chain attack that led to millions in stolen crypto, while researchers uncovered a long-running browser extension campaign tied to corporate espionage.
Cyber incidents this week ranged from large-scale scraping to high-impact software and supply chain risks. An activist group claims to have scraped tens of millions of tracks from a major streaming platform, raising fresh copyright concerns. Separately, a critical n8n flaw could allow code execution on exposed instances. Other reports covered a notarized macOS stealer campaign, a GitLab breach impacting a car maker’s customers, and malicious Chrome extensions abusing proxy access to steal credentials.
Cybersecurity and email security teams faced a busy week as active exploitation targeted core infrastructure and widely used platforms. Cisco warned of a critical AsyncOS zero-day affecting Secure Email appliances, while SonicWall patched an SMA 100 flaw reportedly chained for root-level takeover. HPE fixed a maximum-severity OneView RCE issue. SoundCloud also confirmed a breach exposing user emails and profile data, alongside outages, VPN blocks, and follow-on disruption.
Cyber incidents this week spanned operating systems, browsers, enterprise platforms, hardware, and developer tooling. Microsoft closed out the year patching 56 Windows flaws and three zero days, while Google rushed an emergency fix for an actively exploited Chrome bug. Fortinet, Ivanti, and SAP shipped critical updates for auth bypass and RCE risks, and new PCIe IDE weaknesses prompted firmware work from Intel and AMD. At the same time, a Gogs zero day and abused GitHub tokens highlighted ongoing threats to software supply chains.
Cyber incidents this week hit emergency alerting, e-commerce, infrastructure, and app stacks. To start with, ransomware against the CodeRED platform disrupted local emergency notifications and exposed clear-text passwords. In another incident, a five-month breach at a major East Asian retailer affected tens of millions of customer accounts. Attackers exploited a command injection bug in Array Networks gateways, an admin takeover flaw in the King Addons WordPress plugin, and the React2Shell RCE vulnerability in React and Next.js.
Cyber incidents this week included ToddyCat deploying new tools to steal email data, Harvard reporting a breach affecting its alumni community, and a vendor compromise at SitusAMC exposing corporate records tied to major banks. Alongside, Asahi confirmed data theft affecting two million individuals, and OpenAI disclosed limited user information exposure linked to a Mixpanel breach. Here are this week’s top headlines.
Logitech Data Breach, Mass Router Hijack, Android Trojan Sturnus – Cybersecurity News [November 17, 2025]
by DuoCircle
Here are this week’s cybersecurity updates, bringing you headlines that made news around the world. Princeton University reported a data breach impacting alumni and donors, and the Clop extortion gang’s activity continued, with Logitech confirming data theft linked to a third-party zero-day.
Cybersecurity headlines this week show a clear picture, and no one seems immune. Hyundai confirmed a data breach that may have exposed millions of Social Security numbers, and Google has gone on the offensive, suing a China-based group accused of running a billion-dollar phishing operation.
This week saw a surge in major cyber incidents worldwide. A ransomware attack crippled Japan’s Askul retail network, Qilin claimed Habib Bank AG Zurich, and Google uncovered AI-powered malware that rewrites its code. Cisco issued urgent fixes for firewall exploits, while Oglethorpe and NMHC disclosed healthcare data breaches.
This week’s cybersecurity highlights include a Chrome zero-day exploited by Memento Labs for spyware attacks, new npm supply chain threats like PhantomRaven and an info-stealer campaign, and active exploitation of DELMIA Apriso and XWiki flaws. Meanwhile, ransomware hit Sedgebrook and Heartland Health Center, exposing patient data and prompting renewed healthcare security concerns.
Cyber threats kept security teams busy this week. A new campaign called PassiveNeuron is spying on government and industry networks across several regions, while the Jingle Thief group is running cloud-based gift card scams.Hackers are also exploiting the SessionReaper bug in Adobe Commerce, and a critical Lanscope flaw has been flagged by CISA. In healthcare, a breach at Conduent exposed personal data from 462,000 Blue Cross Blue Shield members, underscoring how widespread and damaging these attacks have become. Here are the latest updates from this past week.
It’s been a hectic week for enterprise security, with several major companies pushing out critical fixes. F5 admitted that attackers stole its BIG-IP source code, which even triggered a federal emergency directive. Microsoft wasn’t far behind, releasing 183 patches, including three zero-days, just as Windows 10 support was ending, and it had to tighten security on Edge’s IE mode after reports of it being exploited. On top of that, successive flaws struck Oracle’s E-Business Suite, and Cisco devices were hit by a new campaign called Operation Zero Disco that used a zero-day exploit to deploy stealthy Linux rootkits.
We are once again back with fresh news pieces highlighting the important news where major platforms and giant industries have been targeted. To start with, a critical WordPress flaw is being widely exploited to hijack administrator accounts, with over 13,800 attack attempts recorded. SonicWall confirmed that firewall backup files for all cloud backup customers were exposed in a breach, overturning earlier claims of limited impact.
It was a busy week for cybersecurity threats. Hackers exploited a flaw in VMware software, giving them full control over virtual machines. At the same time, Microsoft flagged a phishing campaign that used AI written code in fake file sharing emails to trick victims. A new Android Trojan, Datzbro, also spread through fake senior community apps, letting criminals take over phones. To top it off, the Confucius group launched fresh phishing attacks, and researchers found a malicious Python package that secretly installed backdoors on Windows systems.
This week saw a wave of cyber incidents across critical sectors. A stealthy campaign used the BRICKSTORM backdoor to hide inside networks for over a year, while a flaw in Pandoc was exploited in attempts to steal AWS credentials. Libraesva patched a bug in its Email Security Gateway that attackers are already abusing. Airports across Europe faced massive disruptions after a ransomware attack, and researchers flagged ShadowV2, a new Docker-targeting botnet offering DDoS-for-hire services.
![BlackBerry stages epic comeback, OpenAI model faces threats, La Sapienza suffers ransomware – Cybersecurity News [February 2, 2026]](https://www.duocircle.com/wp-content/uploads/2026/02/Weekly-News-Updates.jpg)
![Thread Hijack Phishing, Latin America Cyberattacks, Poland Energy Breach – Cybersecurity News [January 26, 2026]](https://www.duocircle.com/wp-content/uploads/2026/02/spf-flatterning-5203.jpg)
![Chinese buses vulnerable Europe, $48M Bitcoin phishing stolen, WEF 2026 India participates – Cybersecurity News [January 23, 2026]](https://www.duocircle.com/wp-content/uploads/2026/01/email-smtp-service-7865.jpg)
![Spotify Copyright Scrape, n8n Code Execution, MacSync Stealer Installer – Cybersecurity News [December 22, 2025]](https://www.duocircle.com/wp-content/uploads/2025/12/spf-record-check-7888.jpg)
![Cisco AsyncOS Exploited, SonicWall SMA Fix, HPE OneView Patched – Cybersecurity News [December 15, 2025]](https://www.duocircle.com/wp-content/uploads/2025/12/spf-record-tester-3450.jpg)
![Microsoft 2025 Fixes, Chrome Zero-Day, Enterprise Security Flaws – Cybersecurity News [December 08, 2025]](https://www.duocircle.com/wp-content/uploads/2025/12/spf-record-3456.jpg)
![React2Shell RCE Threat, CodeRED Alert Disruption, Coupang Data Breach – Cybersecurity News [December 01, 2025]](https://www.duocircle.com/wp-content/uploads/2025/12/spf-record-generator-4560.jpg)
![ToddyCat APT Evolving, Harvard Breach Reported, SitusAMC Vendor Breach– Cybersecurity News [November 24, 2025]](https://www.duocircle.com/wp-content/uploads/2025/12/spf-validator-5634.jpg)
![Logitech Data Breach, Mass Router Hijack, Android Trojan Sturnus – Cybersecurity News [November 17, 2025]](https://www.duocircle.com/wp-content/uploads/2025/11/hosted-email-server-4002.jpg)
![Hyundai Leak Exposed, International Malware Bust, Lighthouse Phishing Lawsuit – Cybersecurity News [November 10, 2025]](https://www.duocircle.com/wp-content/uploads/2025/11/spf-record-check-3501.jpg)
![Askul Ransomware Disruption, Qilin Targets Habib, Google Exposes Malware – Cybersecurity News [November 03, 2025]](https://www.duocircle.com/wp-content/uploads/2025/11/spf-record-5602.jpg)
![Chrome Spyware Exploited, npm InfoStealer Attack, DELMIA XWiki Vulnerabilities – Cybersecurity News [October 27, 2025]](https://www.duocircle.com/wp-content/uploads/2025/11/spf-record-tester-6780.jpg)
![Silent PassiveNeuron Attacks, Jingle Thief Fraud, SessionReaper Adobe Exploit – Cybersecurity News [October 20, 2025]](https://www.duocircle.com/wp-content/uploads/2025/10/spf-validator-7800.jpg)
![F5 Breach Response, Windows 10 Patch, Oracle Security Flaws – Cybersecurity News [October 13, 2025]](https://www.duocircle.com/wp-content/uploads/2025/10/dkim-validation-5602.jpg)
![Hackers Hijack WordPress, SonicWall Backup Breach, Oracle Data Theft – Cybersecurity News [October 06, 2025]](https://www.duocircle.com/wp-content/uploads/2025/10/sendgrid-alternative-4502.jpg)
![VMware Exploit Attacks, AI Phishing Alert, Android Trojan Hijack – Cybersecurity News [September 29, 2025]](https://www.duocircle.com/wp-content/uploads/2025/10/email-smtp-service-8041.jpg)
![Ransomware Disrupts Airports, BRICKSTORM Backdoor Intrusions, Pandoc Flaw Exploited – Cybersecurity News [September 22, 2025]](https://www.duocircle.com/wp-content/uploads/2025/09/dkim-validation-5601.jpg)