Thread Hijack Phishing, Latin America Cyberattacks, Poland Energy Breach – Cybersecurity News [January 26, 2026]

This is the 4th edition of the month. Here are the top cyber incidents that kept cybersecurity experts busy last week. While some threat actors have been using real enterprise email threads to make their phishing campaigns more credible, Latin America is experiencing a huge spike in cyber mishaps.

Another unfortunate incident involves 30 Polish energy facilities being targeted by cybercrooks. Lastly, Bumble and other dating apps were on the radar of threat actors in the US.

Phishing actors are misusing real enterprise email threads to carry out malicious activities

A highly sophisticated supply chain phishing attack came to light recently when a group of cybercrooks managed to penetrate an already existing email thread. The thread involved a group of senior executives who were waiting for the final approval of a document.

The hacker posed as a real participant and shared a phishing link as their reply. The malicious link looked almost like a Microsoft authentication form. 

Researchers believe that the hacker had targeted a sales manager’s account first, and once they managed to hack into it, the compromised account was used to share the malicious phishing link. This increased the credibility of the reply, and the phishing link actually looked genuine.

Researchers state that this is not an isolated cyber incident and that the same tactic is being used globally to target senior-level execs. Threat actors are relying on real enterprise communications instead of developing phishing content from scratch. Cybersecurity experts believe that this comparatively new phishing tactic has been quite active since December 2025. The major target of this group is the Middle Eastern firms.

The structure of this phishing campaign looks a bit intricate as it involves multiple layers of social engineering. First, the threat actor sends a malicious email to one of the employees in an organization, which further leads to seven forwards. Soon, the threat actor embeds the final reply that looks otherwise harmless but comprise of a phishing link.

This type of cyberattacks rely more on human errors rather than technical vulnerabilities.

The level of risk increases manifold in such cyberattacks since more and more employees now work remotely, away from the original brick-and-mortar enterprise.

Latin America witnessing an abrupt spike in cyberattacks

Latin America and the Caribbean region is gradually turning into a thriving ground for cybercrooks. 2025 witnessed a whopping 3065 attacks every week. About 76% of enterprises experience information disclosure attacks. Some of the enterprises also experienced authentication bypass attempts and a remote code execution strategy. If compared to the global statistics, Latin America experiences 40% more threat attacks as compared to rest of the world. There are multiple factors that have contributed to the boosted cyber incidents across Latin America. More and more threat actors are using AI and focusing on credential-stealing campaigns. Ransomware attack is also likely to accelerate in the upcoming months. Experts believe that the manufacturing and healthcare sectors will be the primary targets of threat actors.

The concerned authorities and governments across the Latin America and Caribbean region are trying their best to strengthen cyber resilience. However, experts believe that working with Chinese technology vendors for domestic surveillance may not be a wise decision. In fact, experts feel that this might eventually open the gate wide to more threat actors to enter the Latin American landscape.

Threat attack on Polish energy grid affected 30 facilities

A coordinated cyberattack took place on Poland’s power grid last December. The threat attack impacted distributed energy resource sites, combined heat and power facilities as well as solar dispatch systems.

The cybercrooks managed to damage the “key equipment beyond repair” but were unable to affect the power supply. 

Researchers see this attack as highly irresponsible. Also, the fact that the cyberattackers chose winter to carry out this malicious activity clearly shows that they want to heighten the gravity of the attack.

After a thorough investigation, the researchers at Dragos, a renowned security company, have revealed that the threat actors were highly knowledgeable and experienced. The attack strategy clearly states that these cybercrooks knew exactly how to deploy and operate the tools to cause a massive impact.

Bumble and Tinder users, you need to see this!

If you use dating apps like Bumble, Badoo, or BFF, then this can be concerning. Bumble Inc. has just been targeted by a series of threat attacks. A cybercrook managed to carry out a successful phishing attack on Bumble. They got a brief period of access to a part of Bumble’s network. A spokesperson from Bumble has, however, clarified that the hacker could not gain access to sensitive data like member accounts, member database, direct messages and profiles.

Match too suffered a threat attack on January 16. The dating app believes that the attackers have impacted a “limited amount of user data.” Match has already started notifying its userbase about the cyber mishap.

Experts have warned against a group of cybercrooks named ShinyHunters. This group of cybercrooks are running a social engineering campaign with US-based companies as their primary targets. They have claimed responsibility for the attacks on Bumble and Match. 

Besides these two dating apps, ShinyHunters claims that it has also targeted companies like CrunchBase and Panera Bread. 

ShinyHunters is known for its highly dynamic attack strategies. Earlier, these hackers used to run extensive ransomware campaigns. But now they have gradually shifted their focus to data exfiltration and extortion. Their primary targets include cloud-based infrastructural setups and large enterprises.

Bumble has already started working on bolstering its security mechanisms. Meanwhile, Match is assured that no financial data, login credentials, or internal employee communications have been compromised.

This calculative threat attack on multiple US companies serve as a bleak reminder that enterprises are not yet investing on cybersecurity awareness training, especially the ones that would help the employees to stay protected against sophisticated vishing and phishing tactics.