🚨 Major Breaches & Incidents – Ransomware fallout, MFA failures, infostealer-driven access

🧨 Emerging Threats & Vulnerabilities – Old vulns, new exploitation, malware, messaging abuse

🕵️ APTs & State‑Sponsored Attacks – China, North Korea, and telecom targeting

🤖 AI in Cyber – Shadow AI, fake tools, shrinking job roles

🏛️ Policy & Regulation – Big money, bigger scrutiny, extended downtimes

Infostealers and Lack of MFA Fuel Wave of Enterprise Breaches
A new analysis shows infostealer malware and missing multi-factor authentication are behind a growing number of recent enterprise breaches. Stolen credentials are giving attackers easy initial access, often without triggering alerts.
👉 Key takeaway: No MFA in 2026 isn’t a gap, it’s an open door.

377,000 Impacted by Data Breach at Texas Gas Station Firm
A Texas-based gas station operator disclosed a breach impacting over 377,000 people after attackers gained unauthorized access to internal systems. Regulatory filings point to ransomware activity and exposure of both personal and operational data, not exactly great news for critical infrastructure.
👉 Key takeaway: If attackers can shut down fuel, they can shut down trust.

CISA Flags Old PowerPoint Flaw as Actively Exploited
CISA warned that a long-standing Microsoft PowerPoint vulnerability is now being actively exploited in the wild. The bug has been around for years, but plenty of organizations never bothered to patch it, and attackers are happily taking advantage.
👉 Key takeaway: Legacy software isn’t “low risk”, it’s just forgotten.

Fake AI Chrome Extensions Steal Data From 900K Users
Threat actors pushed malicious Chrome extensions disguised as AI productivity tools, quietly siphoning data from nearly a million users. Most installs were voluntary, proving once again that users will install just about anything labeled “AI.”
👉 Key takeaway: Browser extensions remain a wildly underestimated attack surface.

WhatsApp Worm Spreads Astaroth Banking Malware
Researchers uncovered a WhatsApp-based worm that abuses message forwarding to spread Astaroth banking malware. The campaign leans heavily on social engineering to steal banking credentials, no zero-days required.
👉 Key takeaway: Encrypted messaging apps are now full‑blown malware delivery channels.

FBI Warns North Korean Hackers Are Using New Malware and Social Engineering
The FBI warned that North Korean threat actors are combining custom malware with aggressive social engineering to compromise organizations. Financial institutions and crypto platforms remain top targets as the group blends espionage with straight-up theft.
👉 Key takeaway: DPRK operations continue to fund the state as much as they spy on it.

China‑Linked UAT‑7290 Targets Global Telecom Networks
Researchers report that China-aligned group UAT-7290 has been actively targeting global telecom providers using custom malware and living-off-the-land techniques. Access to telecom networks offers long-term surveillance and intelligence advantages.
👉 Key takeaway: Telecom networks remain prime real estate for state‑level espionage.

Taiwan Reports 2.6M Chinese Cyberattacks Per Day in 2025
Taiwan’s National Security Bureau reports that Chinese-linked cyber activity averaged 2.6 million attacks per day in 2025. Government agencies and critical infrastructure bore the brunt, with sheer volume used as a pressure tactic.
👉 Key takeaway: Persistent pressure can be just as damaging as sophisticated exploits.

Shadow AI Still a Governance Nightmare for Enterprises
Despite widespread awareness, unsanctioned AI tools continue spreading across enterprises with little to no oversight. Security teams are now stuck playing catch-up to tools employees already rely on.
👉 Key takeaway: If you don’t manage AI usage, it will manage your risk.

AI Tools Begin Replacing Entry‑Level Cybersecurity Tasks
Automation and AI-driven security platforms are taking over more detection and triage work across security teams. Entry-level roles are feeling the impact first as hiring priorities shift.
👉 Key takeaway: The cyber skills gap isn’t gone, it’s changing shape.

Non‑Human Identities Are the New IAM Headache
Bots, services, and AI agents now outnumber human users in many enterprise environments. Traditional IAM tools weren’t designed for this scale, leaving massive identity blind spots.
👉 Key takeaway: Zero trust needs to apply to machines too.

Learn how HubSpot's engineering team achieved 15-20% productivity gains with AI

Learn how AI-driven emails achieved 94% higher conversion rates

Discover 7 ways to enhance your marketing strategy with AI.

UK Pledges £210M for New National Cyber Action Plan
The UK government admitted cyber risk levels are now “critically high” and announced £210M for national cyber defenses. Critics note that execution, not funding announcements, will determine whether this actually helps.
👉 Key takeaway: Governments are finally saying the quiet part out loud, cyber risk is national risk.

EU to Decide on Google’s $32B Wiz Deal
EU regulators are reviewing Alphabet’s proposed $32B acquisition of cloud security firm Wiz. Antitrust concerns could shape not just this deal, but future consolidation across the cybersecurity market.
👉 Key takeaway: Cybersecurity consolidation is officially a regulatory issue.

Weeks‑Long Downtime Becoming the Norm After Breaches
New research shows more organizations are taking two weeks or longer to recover from major cyber incidents. The longer systems stay down, the more damage piles up — financially, operationally, and reputationally.
👉 Key takeaway: Detection is only half the battle, recovery speed matters.