Cybersecurity funding reached nearly $14 billion in 2025, marking a strong rebound after a contraction since 2021, with growth focused on governance, identity, and AI security. Investors are now favoring vendors with proven outcomes, emphasizing strategic links to operational disciplines and evolving buyer needs. #CybersecurityFunding #AIProtection…
Tag: CRITICAL INFRASTRUCTURE
The telecommunications sector remains a prime target for ransomware attacks, nation-state espionage, and hacktivist disruptions in 2025. Key threat actors include groups like Qilin, Akira, and state-sponsored campaigns, highlighting the need for enhanced security measures. #Qilin #SaltTyphoon…
Taiwan’s National Security Bureau reports a tenfold increase in Chinese cyberattacks targeting the energy sector in 2025, with overall threat activity rising significantly. The attacks included hardware and software vulnerabilities, DDoS, social engineering, and supply-chain incidents, mainly aimed at critical infrastructure and government agencies. #BlackTech #MustangPanda
Taiwan experienced a significant increase in Chinese cyberattacks in 2025, targeting critical infrastructure and intensifying around military drills and political events. The cyber campaign aims to weaken Taiwan’s defenses, support China’s strategic ambitions, and disrupt daily operations across key sectors. #ChineseCyberattacks #TaiwanInfrastructure #HybridWarfare…
A cybercriminal claims to have stolen sensitive engineering data from Pickett and Associates, a Florida-based utility engineering firm, and is selling it for nearly $585,000 in Bitcoin. The breach involves files related to major American utilities like Tampa Electric, Duke Energy Florida, and American Electric Power, raising concerns about the security…
A cyberattack on La Poste and La Banque Postale caused significant service disruptions, affecting their websites and mobile banking platforms. The incident is linked to the pro-Russian hacker group NoName057(16), raising concerns about the security of France’s critical infrastructure. #NoName057(16) #LaPosteCyberattack…
This week’s cybersecurity roundup highlights recent legal updates, insider threats, and global ransomware campaigns, emphasizing the evolving threat landscape in 2025. Key topics include China’s new cybersecurity law, TikTok’s disinformation issues in Poland, and GDPR enforcement in France. #ChinaCybersecurityLaw #BlackCatRansomware #TikTokDisinformation #GDPRFrance #CL0PRansomware…
China’s new cybersecurity law, effective from January 1, 2026, significantly enhances incident reporting requirements, penalties, and extraterritorial jurisdiction. The law emphasizes rapid response, accountability, and AI governance, impacting both domestic and global organizations operating in or with China. #ChinaCybersecurityLaw #IncidentReporting…
![Cybersecurity News | Daily Recap [01 Jan 2026]](https://www.hendryadrian.com/tweet/image/DailyRecap.png "Cybersecurity News | Daily Recap [01 Jan 2026]")
Daily Recap, The Shai-Hulud supply-chain attack on a Trust Wallet Chrome extension drained $8.5 million and spawned worm variants testing payloads on npm, while attackers drained $3.9 million from Unleash Protocol after hijacking a multisig wallet. Other major items include the RondoDox botnet exploiting the React2Shell flaw to breach IoT devices and Next.js deployments, the DarkSpectre campaign affecting about 8.8 million users, IBM’s API Connect vulnerability enabling remote authentication bypass, HoneyMyte’s rootkit infiltrating Asian governments, Finland’s seizure of a ship suspected of damaging a subsea cable in the Baltic Sea, and NYC banning Flipper Zero and Raspberry Pi devices at the mayoral inauguration. #ShaiHulud #DarkSpectre
Finnish authorities have seized a suspect ship believed to have damaged a subsea telecommunications cable in the Baltic Sea, amid rising concerns over Russian sabotage activities. Recent incidents involve cable faults possibly linked to Russian vessels, prompting increased NATO patrols and investigations into potential sabotage efforts. #SubseaCableDamage #RussianSabotage…
The Shai-Hulud 2.0 worm exploited the NPM ecosystem to leak information and infect packages, leading to a $8.5 million theft from Trust Wallet. This industry-wide supply chain attack affected multiple sectors, highlighting the need for better security measures. #ShaiHulud #TrustWallet #NPM #SupplyChainAttack…
Cybercriminals are increasingly using sophisticated ClickFix tools like ErrTraffic v2 to trick users into executing malicious scripts through visual deceptions and fake glitches. These tools are sold cheaply, with high conversion rates, and can target multiple platforms while bypassing modern defenses. #ErrTraffic #ClickFix
Cybersecurity experts have uncovered a targeted spear-phishing campaign using malicious npm packages to facilitate credential theft across critical infrastructure sectors. Attackers leveraged package hosting for resilient, embedded phishing elements that mimic secure document-sharing platforms, with a focus on organizations in manufacturing, healthcare, and industrial automation. #Evilginx #npmsecurity…
The European Space Agency (ESA) has allegedly suffered a data breach carried out by threat actor “888,” resulting in the theft of approximately 200GB of sensitive data. This breach exposes critical infrastructure, source codes, and confidential documents, posing significant security risks for space operations. #ESA #CyberBreach…
The U.S. National Institute of Standards and Technology is partnering with MITRE to establish two research centers aimed at advancing AI and safeguarding critical infrastructure against AI-enabled cyber threats. These initiatives focus on fostering AI-driven innovation in manufacturing and infrastructure sectors, emphasizing collaboration with industry stakeholders. #NIST #MITRE #AIResearchCenters #CriticalInfrastructure #CyberThreats…