The Canadian Investment Regulatory Organization (CIRO) disclosed that hackers stole personal data from 750,000 individuals during a sophisticated phishing attack in August 2025. The compromised information includes social insurance numbers, dates of birth, government ID numbers, income details, and investment account information.

CIRO says the breach didn't affect critical operations and there's no evidence the stolen data has been misused or appeared on the dark web. The organization is providing two years of free credit monitoring to affected individuals and has started mailing notification letters to impacted clients.

Source: Security Week

Higham Lane School in Nuneaton shut down Monday after hackers targeted its IT systems, affecting 1,400 students aged 11-18. The Central England Academy Trust school will remain closed until Wednesday as a precautionary measure while cyber security specialists investigate.

The school immediately activated incident response protocols and secured its systems when the attack was discovered. Parents received letters explaining the "difficult decision" was made following expert advice. Students and staff are banned from accessing school systems like Google Classroom and SharePoint during the investigation.

The Department for Education's Cyber Incident Response Team is assisting with the investigation alongside IT experts from the trust.

Source: BBC

Cybercriminals and hacktivists dramatically escalated attacks on industrial control systems in 2025, with vulnerability disclosures jumping from 1,690 to 2,451 across 152 vendors, according to Cyble's latest threat report.

Siemens topped the list with 1,175 reported vulnerabilities, though Schneider Electric faced more severe threats with 70% classified as high or critical. Manufacturing and healthcare bore the brunt of ransomware attacks, seeing 600 and 477 entities compromised respectively.

Hacktivist groups like Z-Pentest increasingly targeted human-machine interfaces and SCADA systems, while geopolitical tensions fueled cyber operations. The Israel-Iran conflict alone sparked activity from 74 hacktivist groups, generating 1.5 million intrusion attempts tied to India-Pakistan tensions.

Cyble warns that exposed industrial systems will face even more aggressive targeting in 2026.

Source: Infosecurity Magazine

Microsoft partnered with international law enforcement to shut down RedVDS, a cybercrime marketplace that enabled attackers to steal millions from businesses worldwide. The $24-per-month service provided criminals with disposable virtual computers to launch phishing campaigns and business email compromise attacks.

RedVDS facilitated major thefts, including $7.3 million from Alabama pharmaceutical company H-2 Pharma and nearly $500,000 from a Florida condominium association. The service operated at massive scale, with 2,600 virtual machines sending 1 million phishing messages daily to Microsoft customers alone.

Since September, attackers compromised over 191,000 organizations globally using RedVDS infrastructure. Microsoft seized two key domains and laid groundwork to identify the operators behind the service.

Source: Dark Reading

Kensington and Chelsea Council suffered a major cyber attack that may have compromised the personal details of hundreds of thousands of residents. The west London authority is warning people to watch for scams using their stolen information and to be suspicious of unexpected calls or messages claiming to be from the council.

The attack also affected shared services with Westminster City Council and Hammersmith and Fulham Council. Cybersecurity experts say local authorities are prime targets because they hold valuable data including social care and housing records, while operating under tight budgets that can leave security gaps.

Council leader Elizabeth Campbell called the breach "serious" and said it could take months to fully assess what data was accessed. The Met's Cyber Crime Unit is investigating, but no arrests have been made yet.

Source: BBC

Cyber fraud has surpassed ransomware as CEOs' biggest digital threat concern, according to the World Economic Forum's 2026 Global Cybersecurity Outlook released Monday. The shift marks a dramatic change from previous years when ransomware dominated executive fears.

A striking 73% of CEOs were personally affected by cyber fraud or knew someone who was in 2025, while 77% believe these attacks increased over the past year. The new top three CEO concerns are cyber fraud, AI vulnerabilities, and software exploitation—notably pushing ransomware off the list entirely.

Interestingly, CISOs still rank ransomware as their primary worry, suggesting different priorities between financial and operational leaders. AI concerns have also evolved, with executives now more worried about employees accidentally exposing data through internal AI tools than hackers weaponizing artificial intelligence.

Source: Security Week

Microsoft released its largest January security update ever, fixing 112 vulnerabilities—nearly double December's count. The standout concern is CVE-2026-20805, a zero-day flaw in Desktop Window Manager that hackers are already exploiting to steal memory information and potentially escalate attacks.

Eight vulnerabilities are flagged as likely exploitation targets, including two critical Windows NTFS buffer overflow bugs that could allow remote code execution. Security experts warn these third-party-reported flaws may soon become public, creating urgency for patches.

Two Microsoft Office vulnerabilities stand out for enabling code execution through the Preview Pane without user interaction—meaning simply viewing a file could trigger an attack.

Source: Dark Reading

SAP dropped 17 security patches on January 13, 2026, targeting dangerous vulnerabilities that could let attackers take complete control of enterprise systems. Four critical flaws scored up to 9.9 on the severity scale, including a SQL injection bug in S/4HANA financials (CVE-2026-0501) that lets low-level users steal financial data.

The scariest issue hits SAP's monitoring tool - unauthenticated attackers can remotely execute code just by tricking users into clicking something malicious. Two other code injection flaws in S/4HANA and Landscape Transformation scored 9.1, allowing privileged users to run malicious code remotely.

SAP urges administrators to patch the SQL injection and remote code execution vulnerabilities within 24 hours. Companies should test updates in staging environments first, focusing on S/4HANA and HANA systems that power most enterprise operations.

Source: Cyber Security News

Instagram users worldwide received unexpected password reset emails this week, sparking fears of a security breach. The company denied any system compromise, claiming it fixed an issue that allowed "an external party" to trigger legitimate password reset requests.

However, cybersecurity firm Malwarebytes contradicted Instagram's statement, alleging hackers stole data from 17.5 million accounts including usernames, addresses, and phone numbers. The firm linked the emails to an ongoing sale of Instagram user data on hacker forums, though some researchers believe it's old publicly available information from 2022.

Instagram hasn't explained who the "external party" was or how they gained this capability. Users should change passwords directly through Instagram's official app or website.

Source: BBC News

Meta fixed an Instagram vulnerability that let third parties send password reset emails to users, causing confusion across the platform. The company insists no breach occurred and accounts remain secure.

Separately, cybersecurity firm Malwarebytes warned that hackers leaked data from 17.5 million Instagram accounts, including usernames, emails, phone numbers, and addresses. However, experts clarified this isn't new data—it's from a 2022 leak that resurfaced in November 2024.

The two incidents appear unrelated despite their timing. Users can safely ignore the password reset emails.

Source: SecurityWeek