X-Industry

The US Federal Bureau of Investigation (FBI) has issued a recent advisory, dated 8 January 2026, warning about an emerging and sophisticated cyber threat: North Korean state-sponsored actors, notably the group Kimsuky, are employing malicious QR codes in spear-phishing campaigns.  The FBI's flash alert highlights that, as of 2025, Kimsuky actors, also known by aliases such as APT43, have consistently targeted organizations by embedding malicious QR codes.

These attacks, termed "quishing," are de

The world of automotive retail, including commercial vehicles, is changing fast, and digital adoption, once optional, is now central to every dealership.  From online purchases to always-on laptops and cloud systems, dealerships today operate in a far more connected world than they did just a few years ago.  But with this rapid digital shift comes a new kind of challenge: cybersecurity.[1]

Mr. Gokul Rajan, Chief Digital Officer, Hinduja Leyland Finance said, cybersecurity is no longer a technica

Major sporting events are popular targets for cyber attackers.  There are therefore plenty of risks for the Winter Olympics, which will take place next month in the Italian cities of Milan and Cortina d’Ampezzo.  What can we expect from the digital battle taking place behind the scenes of the sport?  Unit 42 from Palo Alto Networks has provided an excellent overview.[1]

Critical infrastructure is under constant pressure both domestically and internationally.  Global events, from climate summits

The Trump administration is considering a range of measures against Iran in response to the regime's crackdown on anti-government protests, which has reportedly resulted in hundreds/thousands of deaths.  Protests in Iran began in late December 2025, initially sparked by economic grievances including soaring prices and currency collapse.  They have since evolved into widespread anti-government demonstrations challenging the Islamic Republic's theocratic system.[1]

Human rights groups, such as the

According to a recent report by Check Point Software, the number of publicly disclosed ransomware incidents increased approximately 60% year over year as of December.  In fact, there were nearly 1,000 reported incidents in December alone. This marks a clear increase in the consistency and scale of ransomware growth.

A potential contributor to this increase is the fact that ransomware is becoming more and more of an industrialized business model. Ransomware as a service (RaaS) ecosystems allows

In a significant cyber intrusion, Chinese hackers linked to the Salt Typhoon group have accessed email systems used by staff in key US House of Representatives committees. The breach, reported by the Financial Times and covered by Reuters, affects aides on the House Select Committee on China, as well as those handling foreign affairs, intelligence, and armed services.  Detected in December 2025, the incident raises concerns over the security of sensitive government communications.[1]

The hackers

It looks like Google is opening its wallet again.  The tech giant has agreed to pay $8.25 million to settle a class-action lawsuit that claimed it was secretly collecting data from children.  This case focused on how the tech giant handled the personal details of kids under the age of 13 who used apps from the Google Play Store.

Why the Lawsuit Was Filed - The legal trouble centered on a program called “Designed for Families” (DFF).  This was supposed to be a safe space where parents could find

Cyber operations are increasingly viewed as a preparatory measure to influence the battlespace before conventional air or ground forces engage.  Critical infrastructure such as power grids, communication networks, and information systems has become a strategic target.  Disrupting these can impede decision-making, degrade defensive capabilities, and create openings for traditional military units.  Recent reports from events concerning US cyber-attacks on Caracas in Venezuela and speculation about

Has your phone been prompting you for months to log into certain sites with a "passkey"?  Security writer Kim Key of PC Mag explains why you might want to ditch your passwords in favor of passkeys.

JUANA SUMMERS, HOST: For months now, my phone has been nudging me to create passkeys.  And every time it happens, I sort of pause because I don't actually know what a passkey is or whether it's something I actually need.  I actually keep almost all of my passwords written down in the back of a secre

UDPGangster is a UDP-based backdoor associated with the MuddyWater threat group, which is known for its cyber espionage operations across the Middle East and neighboring regions.  This malware enables remote control of compromised systems by allowing attackers to execute commands, exfiltrate files, and deploy additional payloads, all communicated through UDP channels designed to evade traditional network defenses.

Link to full report:  IR-26-021-002_UDPgangster.pdf

FortiGuard Labs recently identified a multi-stage malware campaign primarily targeting users in Russia.  The attack begins with social engineering lures delivered via business-themed documents crafted to appear routine and benign.  These documents and accompanying scripts serve as visual distractions, diverting victims to fake tasks or status messages while malicious activity runs silently in the background.

As the attack chain progresses, it escalates into a full-system compromise that includes

military

In July 2025, Russian President Vladimir Putin proudly added a new nuclear submarine, the Knyaz Pozharsky, to the country’s fleet. He celebrated it as proof that Russia could still build powerful weapons despite Western sanctions. But the celebration didn’t last long. Only days later, Ukrainian cyber experts managed to hack into Russian military networks. They stole and leaked secret documents that revealed the submarine’s technical details, including its design, systems, and crew infor

A new warning has been issued over continued disruptive cyber-attacks against UK organizations, with local government bodies and operators of critical national infrastructure remaining key targets.  Russian-aligned hacktivist groups are continuing to target UK and global organizations by attempting to disrupt operations, take websites offline and disable services.  The activity is largely focused on denial-of-service (DoS) attacks intended to overwhelm websites and online systems, preventing acc

A US House subcommittee was warned on 13 January that without federal action, the automotive aftermarket faces an existential threat that would lead to a vertically integrated industry, reduced competition, higher prices, diminished quality and fewer choices for consumers.[1]

In a hearing with the United States House Committee on Energy and Commerce’s Subcommittee on Commerce, Manufacturing, and Trade (CMT), Auto Care Association President and CEO Bill Hanvey emphasized that safe, affordable, an

AI coding assistants are no longer just autocompleting lines of code, they are quietly making decisions for you.  Tools like Claude Code are able to read projects, plan multi-step changes, install dependencies, and modify files with minimal human oversight.  To make this possible, these assistants rely on plugin marketplaces, where third-party developers can enable ‘skills’ that teach the agent how to manage infrastructure, testing, and dependencies.  Though powerful, the model requires a high d

Cybercriminals are increasingly proving they do not need software vulnerabilities to compromise organizations; they need convincing deception.  Researchers at Securonix are warning of a sophisticated phishing campaign targeting the hospitality sector that uses fake Booking.com reservation cancellations, deceptive CAPTCHA pages, and a panic-inducing fake Windows Blue Screen of Death (BSOD) to deploy a remote access trojan (RAT).  The campaign, named PHALT#BLYX, highlights how attackers are blendi

Large language models have become the engines behind some of the most impressive feats in contemporary computing.  They write complex software, summarize scientific papers, and navigate intricate chains of reasoning.  Yet as a recent study shows, these same systems falter on a task that most ten-year-olds can perform with pencil and paper.  According to a new article from TechXplore and the accompanying research paper Why Can’t Transformers Learn Multiplication?  Reverse-Engineering Reveals Long

AI coding assistants are no longer just autocompleting lines of code, they are quietly making decisions for you.  Tools like Claude Code are able to read projects, plan multi-step changes, install dependencies, and modify files with minimal human oversight.  To make this possible, these assistants rely on plugin marketplaces, where third-party developers can enable ‘skills’ that teach the agent how to manage infrastructure, testing, and dependencies.  Though powerful, the model requires a high d

Amazon has prevented more than 1,800 suspected North Korean operatives from securing employment since April 2024, as the Pyongyang regime continues efforts to place IT workers in remote roles at Western companies to generate revenue for the regime.  Amazon's Senior Vice President and Chief Security Officer, Stephen Schmidt, revealed the figures in a LinkedIn post, noting a 27% quarter-on-quarter increase in the number of detected DPRK-affiliated applications this year. The aim, he said, is for o

In a bold military exploit on 3 January 2026, US forces captured Venezuelan President Nicolás Maduro in Caracas, employing sophisticated cyber tactics to disable key infrastructure and facilitate the raid.  The operation, named Absolute Resolve, involved coordinated efforts across cyber, space, and conventional domains, resulting in Maduro's arrest on charges of drug-trafficking and terrorism.  President Donald Trump confirmed the use of cyber capabilities to induce a blackout in the capital, al