The third week of 2026 saw active exploitation of a supposedly patched FortiOS 7.4.9 vulnerability alongside continuing ransomware breaches that exposed sensitive data at major organizations. Rising hacktivist attacks on industrial and government systems and new EU rules to phase out high-risk non-EU telecom products highlight the need for integrated technical defenses and strategic risk management. #FortiOS #IngramMicro
Keypoints
- Administrators report active exploitation of CVE-2025-59718 in FortiOS 7.4.9 using forged FortiCloud SSO to create persistent admin access.
- An Ingram Micro ransomware attack exposed personal data for 42,521 individuals and disrupted logistics operations.
- Over 10% of UK business leaders fear their organizations could fail after a major cyberattack, while less than half provide basic cyber-awareness training.
- The European Commission proposed phasing out high-risk telecom and ICT products from non-EU suppliers, with mobile networks given 36 months to comply.
- Hacktivist activity surged in 2025, with groups like Z-Pentest, Dark Engine, and NoName057(16) targeting ICS, OT, and critical infrastructure, often aligned with state interests.
Read More: https://thecyberexpress.com/tce-january-2026-cybersecurity-roundup/