<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 1/5/2026

Cadre
Mon, Jan 5, 2026
SHARE

Breaches

Condé Nast user database reportedly breached

Earlier this month, a hacker named Lovely claimed to have breached a Condé Nast user database and released a list of more than 2.3 million user records from our sister publication WIRED. The released materials contain demographic information (name, email, address, phone, etc.) but no passwords. The hacker also says that they will release an additional 40 million records for other Condé Nast properties, including our other sister publications Vogue, The New Yorker, Vanity Fair, and more. READ MORE...

Covenant Health says May data breach impacted nearly 478,000 patients

The Covenant Health organization has revised to nearly 500,000 the number of individuals affected by a data breach discovered last May. The healthcare entity initially reported in July that the data of 7,864 people had been exposed, but further analysis has revealed a larger impact. After completing "the bulk of its data analysis," Covenant Health now says that 478,188 individuals were affected. READ MORE...

Hacking

Cryptocurrency theft attacks traced to 2022 LastPass breach

Blockchain investigation firm TRM Labs says ongoing cryptocurrency thefts have been traced to the 2022 LastPass breach, with attackers draining wallets years after encrypted vaults were stolen and laundering the crypto through Russian exchanges. In 2022, LastPass disclosed that attackers breached its systems by compromising a developer environment, stealing portions of the company's source code and proprietary technical information. READ MORE...

Trends

Cyber risks grow as manufacturers turn to AI and cloud systems

In August, a cyberattack forced automobile manufacturing giant Jaguar Land Rover to shut down production for a month. The company reported around $260 million in cybersecurity costs in addition to $650 million in losses owing to the production disruption, U.S. tariffs on imported cars and the phasing out of older models. The unexpected halt of the manufacturer's highly automated production lines in the UK also disrupted a broader global supply chain. READ MORE...

Pharma's most underestimated cyber risk isn't a breach

Chirag Shah, Global Information Security Officer & DPO at Model N examines how cyber risk in pharma and life sciences is shifting beyond traditional breaches toward data misuse, AI-driven exposure and regulatory pressure. He explains why executives still underestimate silent control failures, how ransomware groups are weaponizing compliance risk, and why proof of security will increasingly require real-time governance, not audits, as cybersecurity and compliance continue to converge. READ MORE...

Malware

Kimwolf Android Botnet Grows Through Residential Proxy Networks

The Kimwolf botnet has infected over 2 million Android devices, mainly through residential proxy networks, cybersecurity firm Synthient says. Active since at least August 2025, the Kimwolf botnet was recently detailed by XLab, which warned that it could launch massive distributed denial-of-service (DDoS) attacks. Mainly consisting of Android TV set-top boxes deployed on residential networks, Kimwolf provides its operators with other monetization opportunities as well. READ MORE...

Exploits/Vulnerabilities

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

The US cybersecurity agency CISA is now aware of 1,484 software and hardware vulnerabilities that have been exploited in the wild. Throughout 2025, the agency added 245 security defects to its Known Exploited Vulnerabilities (KEV) list, including 24 bugs that have been exploited in ransomware attacks. CISA's KEV list has been growing steadily since its public release in November 2021, and last year marked its largest expansion rate over a three-year period, at 20%. READ MORE...

AI security risks are also cultural and developmental

Security teams spend much of their time tracking vulnerabilities, abuse patterns, and system failures. A new study argues that many AI risks sit deeper than technical flaws. Cultural assumptions, uneven development, and data gaps shape how AI systems behave, where they fail, and who absorbs the harm. The research was produced by a large international group of scholars from universities, ethics institutes, and policy bodies. READ MORE...

On This Date

  • ...in 1914, "Adventures of Superman" actor George Reeves is born in Woolstock, IA.
  • ...in 1932, philosopher and author Umberto Eco ("The Name of the Rose", "Foucault's Pendulum") is born in Piedmont, Italy.
  • ...in 1933, construction on the Golden Gate Bridge begins.
  • ...in 1941, Academy Award-winning animation director Hayao Miyazaki ("Spirited Away", "My Neighbor Totoro") is born in Tokyo, Japan.

Cadre

Related posts

IT Security Newsletter - 12/15/2023

Food Giant Kraft Heinz Targeted by Ransomware Group The ransomware group named Snatch publicly...
Read more

IT Security Newsletter - 7/29/2024

97% of CrowdStrike systems are back online, Microsoft suggests Windows changes CrowdStrike CEO...
Read more

IT Security Newsletter - 1/4/2024

Over 900k Impacted by Data Breach at Defunct Boston Ambulance Service Transformative Healthcare is...
Read more