Ransomware DataBreachToday.com

eSync Alliance Chair Shrikant Acharya on How Standardization Can Prevent Breaches
Over-the-air updates are an irreplaceable part of software-defined vehicles, giving manufacturers a convenient way of remotely fixing and upgrading vehicles. If not appropriately secured, over-the-air updates can become a gateway for data theft, malware injection, vehicle theft and even injury.

AI Agent Can Access File Upload API to Exfiltrate Documents
Security researchers have demonstrated how Anthropic's new Claude Cowork productivity agent can be tricked into stealing user files and uploading them to an attacker's account, exploiting a vulnerability the company allegedly knew about.

Analysts Say Pentagon Must Add Guardrails to Musk's Grok in Military Systems
Cybersecurity analysts said Elon Musk's Grok artificial intelligence model lacks compliance with key federal AI risk frameworks, which will likely force the Pentagon to rely on containment measures while conducting adversarial testing and restricting access to prevent unpredictable or unsafe behavior when embedding the model across its systems.

Israeli Startup Novee's Custom AI Agents Mimic Human Attackers to Scale Detection
Novee launched with $51.5 million in funding to build AI agents trained to find and fix vulnerabilities. Its proprietary model combines human-led research, prompt engineering and simulations to offer scalable penetration testing as AI-fueled threats outpace traditional tools.

Suit Alleges Competitor Lets 'Shell Firms' Exploit National Data Exchanges
Electronic health records giant Epic Systems is accusing a rival health information network vendor, Health Gorilla, of enabling a syndicate of "sham" entities "masquerading" as healthcare providers to improperly access patient records from national health data exchanges in pursuit of money.

Lumen Spotted More Than 500 Command and Control Servers Since October
A major U.S. internet service provider said it's blocked incoming traffic to more than 550 command and control servers botnets identified over the past four months that administer the Kimwolf and Aisuru botnets.

Joint US, UK and Five Eyes Guidance Flags OT Exposure as National Risk
U.S. and allied cyber agencies issued new guidance warning that insecure operational technology connectivity - driven by remote access, third-party vendors and IT integration - remains a major threat vector, enabling cyber intrusions to escalate into physical disruptions.

Also, Venezuela Cyberattack, Endesa Confirms Breach and Telegram IP Leak
This week, a software flaw caused the Verizon outage. U.S. cyberattack in Venezuela. ICE identities published online. BreachForums users leaked. Spanish energy provider Endesa data breach. Telegram privacy risk. A MuddyWater upgrade. Dutch man sentenced for hacking a maritime port. A ServiceNow patch.

Funding at $1.2B Valuation to Propel Federal Market Entry and R&D in GenAI
Torq secured $140 million in Series D funding at a $1.2 billion valuation to expand its generative AI-powered security operations platform. With backing from Merlin Ventures, Torq will grow internationally, deepen AI research and pursue U.S. federal opportunities including FedRAMP certification.

Forrester's Sandy Carielli on Quantum Readiness, Key Steps for Successful Migration
Quantum security migrations are multi-year, cross-functional projects that touch product, infrastructure and supply chains. While the scope of migration can be daunting, CIOs can follow several practical steps to make the project more manageable, said Forrester's Sandy Carielli.

How to Deal With Having Influence Without Authority in Cybersecurity Roles
In some cybersecurity organizations, expertise and visible leadership don't reside in the same role. Usually, the person with the most influence on cybersecurity decisions is the owner, but it does not always work out that way. Fortunately, there are things you can do to change that for your career.

New Agency Focuses on Public Programs, Ignores Private Sector Fraud
Citing recent high-profile arrests of fraud rings in Minnesota, President Donald Trump announced the creation of National Fraud Enforcement division in the Department of Justice. Sounds nice, but will it make a difference without deeper coordination with banks, payment platforms and businesses?

Cause Unknown But Many Previous Outages Due to Software Misconfiguration
Verizon customers along the Eastern Seaboard and Southern parts of the United States lost mobile phone connectivity Wednesday in an incident that appears to have peaked around 1 p.m. Eastern Standard Time.

Scenario Planning Must Model Disruption, Strengthen Cyber Basics, Build Redundancy
IT organizations know how to plan for outages, but even the most rigorously designed strategy is vulnerable to the shifting winds of geopolitics. CIOs and technology leaders need to know how their organizations will respond to geopolitical disruptions, and scenario planning needs to be a priority.

Despite Some Well-Known Groups Disappearing, Ransomware Competition Remains Fierce
Here's unwelcome ransomware news: Groups' victim listings and underground chatter suggest that the count of victims and number of criminal groups behind such attacks have both risen over the past 12 months, despite repeat disruptions by law enforcement, fierce competition and fewer victims paying.

Also: NodeCordRAT Malware, North Korean QR-Phishing Campaign
This week, U.K. crypto exchanges linked to Iranian sanctions evasion, NodeCordRAT malware spread via npm, an FBI alert on North Korean QR-code phishing, illicit crypto hit $154 billion in 2025 and U.S. President Donald Trump said he won't pardon Sam Bankman-Fried.

How UX Decisions Are Becoming Regulatory Liabilities for CISOs
Children's data is entering a new regulatory era where dark patterns, defaults and monetization choices can signal breached fiduciary duty. As privacy, safety and consumer laws converge globally, CISOs must treat manipulative UX, consent flows and retention practices as core security and governance risks.

Analysts Warn Foreign Adversaries Gaining Footholds in US Networks
Cyber policy analysts told lawmakers that the United States' cyber deterrence efforts are failing, allowing China and others to embed in critical infrastructure networks with minimal cost, while calling for faster, coordinated offensive actions across federal agencies.

Experts on How CIOs Can Avoid 'Geopolitical Lock-In' in AI, Cloud and Supply Chains
Geopolitical instability is a part of reality in 2026, and the stakes are high for CIOs who must rely on global supply chains to develop IT, artificial intelligence, cloud and cybersecurity strategies.

Stealthy Group Taps Blockchain 'EtherHiding' to Facilitate Victim Communications
The DeadLock ransomware group, a newly emerged digital extortion group, is using blockchain smart contracts to store proxy server addresses for facilitating ransomware negotiations with victim organizations. The technique suggests the group is made up of experienced cybercriminals.