Instagram Denies Breach Amid Data Leak Panic; Ransomware Hits French and Japanese Giants

Iran-Linked MuddyWater APT Targets Middle East with New 'RustyWater' Rust-Based RAT

The Iranian state-sponsored advanced persistent threat (APT) group MuddyWater, also known as Mango Sandstorm and TA450, has been observed deploying a new, custom-built Remote Access Trojan (RAT) named 'RustyWater'. According to research from CloudSEK, this new implant, written in the Rust programming language, is being used in a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities across the Middle East. The shift to a Rust-based tool marks a significant evolution in the group's capabilities, aimed at enhancing stealth and evading detection during long-term espionage operations.

APTCyber EspionageRustRATSpear-phishing +2 more

6 min read

Iran's MuddyWater APT Unveils 'RustyWater' RAT in Middle East Espionage

Threat Actor

Malware

Qilin Ransomware Hits French Infra Giant Bouygues, Claims 80GB Data Theft

CRITICAL

Qilin Ransomware Group Claims Cyberattack on French Infrastructure Firm Bouygues Energies & Services, Alleges Theft of SCADA Data

The prolific Qilin ransomware group has listed French multinational infrastructure firm Bouygues Energies & Services as its latest victim on its dark web leak site. The group claims to have exfiltrated 80 GB of highly sensitive data, comprising 31,000 files. Most alarmingly, the threat actors allege the stolen data includes documents related to industrial control systems (ICS), such as SCADA interfaces and network plans for critical infrastructure projects like tunnels and tramways. This attack highlights the severe risk ransomware poses to physical safety and national security, extending beyond simple data encryption.

Double ExtortionSCADACritical InfrastructureFranceData Leak +1 more

6 min read

Ransomware

Industrial Control Systems

Apex Legends 'Remote Control' Hack Patched After Streamers Hijacked

Respawn Entertainment Patches 'Remote Control' Exploit in Apex Legends That Allowed Player Hijacking

Respawn Entertainment, the developer of the popular battle royale game Apex Legends, rapidly deployed a patch on January 10, 2026, to fix a significant security exploit. The vulnerability allowed a malicious actor to remotely take control of other players' characters during a live match, an incident that affected several high-profile streamers. The developer was quick to reassure the community that the exploit was not a Remote Code Execution (RCE) vulnerability, meaning attackers could not execute malicious code on victims' computers. The issue was resolved within a day of being publicly acknowledged.

GamingExploitAnti-CheatInput HijackingRespawn +1 more

4 min read

Apex Legends 'Remote Control' Hack Patched After Streamers Hijacked

Vulnerability

Other

Everest Ransomware Claims 900 GB Data Theft from Nissan

Everest Ransomware Group Alleges Major Breach at Nissan, Claims 900 GB of Corporate Data Exfiltrated

The Everest ransomware group has claimed a massive data breach against Japanese automotive giant Nissan Motor Co., Ltd. In a post on its dark web leak site on January 10, 2026, the group alleged it had stolen approximately 900 GB of sensitive corporate data. To back up its claim, Everest published screenshots showing internal directory structures and file names related to dealerships, finance, and audits. The group, which employs a double-extortion model, has given Nissan a five-day deadline to respond before it threatens to release the data publicly. Nissan has not yet officially confirmed the breach.

RaaSAutomotiveData ExfiltrationDark WebJapan +1 more

6 min read

Ransomware

Data Breach

High-Severity Flaw in Mailpit Dev Tool Allows Email Interception

MEDIUM

Mailpit Email Testing Tool Vulnerable to Cross-Site WebSocket Hijacking (CVE-2026-22689)

A high-severity vulnerability, tracked as CVE-2026-22689, has been discovered in Mailpit, a popular email testing tool for developers. The flaw is a Cross-Site WebSocket Hijacking (CSWSH) issue affecting all versions prior to 1.28.2. It allows a remote attacker to intercept sensitive data, including the full content of test emails, by tricking a developer running a vulnerable Mailpit instance into visiting a specially crafted malicious website. Users are strongly urged to upgrade to the patched version to mitigate the risk of data exposure.

CSWSHWebSocketDeveloper ToolCVEPatch +1 more

5 min read

High-Severity Flaw in Mailpit Dev Tool Allows Email Interception

Vulnerability

Patch Management

Security Operations

French Bank Customers Hit by 'Quishing' Scam Using Fake Physical Cards

MEDIUM

Sophisticated 'Quishing' Campaign in France Targets Bank Customers with Fake Cards and Malicious QR Codes

A highly deceptive phishing campaign, dubbed 'quishing,' is targeting bank customers in France using a blend of physical and digital tactics. Scammers are sending official-looking letters by postal mail that contain a high-quality counterfeit bank card. The letter instructs the recipient to 'activate' the new card by scanning an included QR code. This QR code directs the victim to a fraudulent website designed to mimic their bank's portal, where their banking credentials and personal information are harvested. This hybrid attack method is effective at bypassing traditional email security filters.

QuishingQR CodeSocial EngineeringBank FraudFrance +1 more

4 min read

French Bank Customers Hit by 'Quishing' Scam Using Fake Physical Cards

Phishing

Texas Health System Breach Exposes Data of Over 34,000 Patients

Vida Y Salud Health Systems Discloses Data Breach Affecting 34,504 Texas Patients

Vida Y Salud Health Systems Inc., a nonprofit health center serving rural communities in South Texas, has reported a data breach that exposed the sensitive personal and medical information of 34,504 patients. The organization detected unauthorized access to its network in October 2025, where an attacker copied files containing names, Social Security numbers, driver's license numbers, and protected health information (PHI). Vida Y Salud is notifying affected individuals and offering complimentary credit monitoring services as law firms begin to investigate the incident.

PHISSNPatient DataHealthcare BreachTexas +1 more

5 min read

Texas Health System Breach Exposes Data of Over 34,000 Patients

Data Breach

Industrial Control Systems

Financial Sector Warned of Systemic Supply Chain Risk and 'Indirect Ransomware'

Report Highlights Systemic Supply Chain Risk and Rise of 'Indirect Ransomware' in Financial Sector

A new threat intelligence report for 2025-2026 reveals a perilous cyber landscape for the financial sector, dominated by systemic supply chain risks and evolving ransomware tactics. Citing data that 97% of U.S. banks were breached via third-party suppliers in 2024, the report underscores the critical vulnerability posed by partners. It also highlights the rise of 'indirect ransomware,' where attackers compromise a supplier to bypass a bank's defenses. Geopolitical threats also persist, with pro-Russian hacktivists targeting European banks and the North Korean Lazarus Group remaining a primary state-aligned threat.

Supply ChainIndirect RansomwareDORAFinancial ServicesThreat Report +1 more

5 min read

Financial Sector Warned of Systemic Supply Chain Risk and 'Indirect Ransomware'

Threat Intelligence

Supply Chain Attack

Policy and Compliance

YARA-X Update Helps Analysts Avoid Flawed Detection Rules

INFORMATIONAL

YARA-X v1.11.0 Released with Hash Function Warnings to Prevent False Negatives

Version 1.11.0 of YARA-X, a popular tool for malware analysis, has been released with a key enhancement aimed at improving the accuracy of detection rules. The update introduces 'hash function warnings,' a feature that alerts security analysts when they make common errors in hash string comparisons, such as providing a SHA1 hash where a SHA256 hash is expected. This quality-of-life improvement helps prevent silent false negatives, where a flawed rule fails to detect malware without providing any error, thereby strengthening threat hunting and security operations.