Ingram Micro Breach Exposes 42k; UK Warns of Pro-Russia DDoS; New Ransomware Threats Emerge

Publication Date: January 20, 2026

Summary

In the last 24 hours, the cybersecurity landscape has been dominated by major data breach disclosures, state-sponsored threat alerts, and the evolution of the ransomware ecosystem. IT distributor Ingram Micro confirmed a ransomware attack from mid-2025 impacted over 42,000 individuals, exposing sensitive PII. Simultaneously, the UK's NCSC issued a formal warning about persistent DDoS attacks from Russian-aligned hacktivists targeting critical infrastructure. New malware campaigns like 'PDFSIDER' and 'Evelyn Stealer' showcase increasingly sophisticated evasion techniques, while emerging threat groups like DragonForce signal a consolidation in the RaaS market.

Today New Articles

Ingram Micro Breach Exposes Data of 42,000 After Safepay Ransomware Attack

Global IT distributor Ingram Micro has officially notified 42,521 individuals that their personal and sensitive information, including Social Security numbers, was stolen during a ransomware attack in July 2025. The incident, attributed to the Safepay ransomwa...

CEOs Optimistic, CISOs Wary: Survey Reveals Deep Divide on AI's Cybersecurity Impact

A new survey by specialty insurer AXIS Capital, released on January 20, 2026, reveals a significant perception gap between CEOs and CISOs regarding the role of artificial intelligence in cybersecurity. While CEOs are largely optimistic about AI's productivity...

North Korean 'Konni' APT Weaponizes Google Ads to Deliver EndRAT Malware

The North Korean state-sponsored threat group Konni is conducting a sophisticated spear-phishing campaign dubbed "Operation Poseidon." The advanced persistent threat (APT) actor is weaponizing Google advertising URLs to make malicious links appear legitimate,...

Stealthy 'PDFSIDER' Backdoor Uses DLL Side-Loading to Bypass EDR and AV

Security researchers at Resecurity have uncovered a new stealthy backdoor, dubbed 'PDFSIDER,' that uses a DLL side-loading technique to evade EDR and antivirus solutions. The malware masquerades as a legitimate PDF application to load a malicious DLL, establis...

South Korean Giant Kyowon Group Hit by Ransomware, 9.6 Million Accounts at Risk

The South Korean conglomerate Kyowon Group has confirmed it suffered a significant ransomware attack that disrupted operations and resulted in data exfiltration. The attack, detected on January 10, 2026, compromised approximately 600 of the company's 800 serve...

Fake Ad Blocker Crashes Chrome, Tricks Users into Installing 'ModeloRAT' Malware

A novel malware campaign dubbed "CrashFix" is using a malicious Google Chrome extension that impersonates the 'uBlock Origin Lite' ad blocker to intentionally crash victims' browsers. The attack, attributed to a group called 'KongTuke,' then uses social engine...

GTMaritime Launches 'GT Identify' to Tackle Maritime Cybersecurity and Compliance

Maritime technology firm GTMaritime has launched GT Identify, a new cybersecurity system designed to help ship operators comply with increasingly stringent regulations. Announced on January 20, 2026, the system provides fleet-wide hardware and software asset i...

Threat Landscape Converges as Attackers Target ICS and AI Systems

New research from Cyble highlights a dangerous convergence of threats, as both hacktivists and financially motivated cybercriminals are increasingly targeting Industrial Control Systems (ICS), Operational Technology (OT), and enterprise AI systems. The report,...

'DragonForce' Emerges as New Ransomware Cartel Built on LockBit and Conti DNA

A new Ransomware-as-a-Service (RaaS) operation named DragonForce has emerged, positioning itself as a "ransomware cartel." The group is reportedly building its operations on the leaked source code of the notorious LockBit 3.0 and Conti ransomware variants. Ope...