Experts warn machine-speed threats, deepfake extortion and supply chain chaos will define the new year. The year 2026 is set to be a watershed moment for cybersecurity, defined by the convergence of Artificial Intelligence, identity fraud, and global geopolitical tension. Industry forecasts indicate that cybercrime has shifted from human-paced operations to machine-speed, autonomous attacks, forcing security teams to abandon traditional defense playbooks and fully commit to A

FBI warns that Kimsuky, a North Korean hacker outfit, is using quishing to lure targets. The North Korean state-sponsored hacking group Kimsuky (also tracked as APT43) has significantly adapted its spear-phishing tactics, deploying malicious QR codes (quishing) to breach the defenses of high-value targets. The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert, warning that this technique is specifically designed to bypass traditional email security controls

Bitfinex hacker sentenced to five years in November 2024, released after just 14 months behind bars. Ilya Lichtenstein, the Russian-American convicted of masterminding the 2016 hack of the Bitfinex cryptocurrency exchange and laundering the stolen funds, announced his early release from federal custody, crediting a key criminal justice reform law. Lichtenstein, who was sentenced to five years in prison in November 2024, was released after serving approximately 14 months behin

Koi Security unmasks 'The Zoom Stealer,' a rogue extension operation targeting corporate intelligence from 28+ conferencing platforms. Cybersecurity firm Koi Security has exposed an advanced, highly focused corporate espionage campaign, dubbed "The Zoom Stealer," which utilised a network of rogue browser extensions to steal sensitive meeting data from over 2.2 million users across Chrome, Edge, and Firefox. The operation is attributed to a sophisticated Chinese-linked threat

Cybercriminals abuse Google Cloud feature to execute highly convincing phishing campaign Check Point uncovers multi-stage attack using application iIntegration service to send emails from trusted Google address. Cybersecurity firm Check Point has uncovered details of a highly convincing and sophisticated phishing campaign that leverages a legitimate workflow feature within Google Cloud to bypass traditional email security filters and impersonate genuine Google notifications.