We’ve launched an exclusive WhatsApp group with local chapters in New York, Dubai, Saudi - and more coming soon. Join our WhatsApp Group here: LINK
EU Proposes Updated Cybersecurity Act
The European Commission has put forward a proposal for a revised EU Cybersecurity Act, aiming to strengthen and modernize the bloc’s cyber resilience framework in response to escalating digital threats and fragmenting regulatory landscapes. The updated regulation is designed to harmonize cybersecurity certification, simplify compliance, and reduce risks in information and communication technologies (ICT) supply chains, particularly from third-country suppliers of concern. It reinforces the role of the EU Agency for Cybersecurity (ENISA), empowering it to support Member States and stakeholders in threat management, incident response, and resilience building. The proposal also works alongside targeted updates to the NIS2 Directive, aligning legal clarity on risk management and cybersecurity obligations for companies operating across the EU. By enhancing common standards and easing certification processes for digital products and services, the initiative aims to bolster trust in the EU digital single market and make it easier for organisations to meet evolving security requirements within a cohesive regulatory framework.
Key Points
Proposed in January 2026 to further strengthen EU cybersecurity resilience in the face of rising hybrid and cyber threats.
Aims to modernise the 2019 Cybersecurity Act with clearer roles, streamlined procedures, and stronger supply-chain safeguards.
Seeks to harmonise cybersecurity certification across the EU, reducing duplicative testing and boosting product and service trust.
Enhances the mandate of ENISA to provide threat alerts, vulnerability services, and coordinated incident support to Member States.
Works in tandem with amendments to the NIS2 Directive to clarify risk-management responsibilities for EU operators.
💻 Malware and Vulnerabilities
Attack on Poland’s Power Grid Disrupts Communications: An attack targeting communication devices at multiple Polish grid sites disrupted operations, underscoring vulnerabilities in critical infrastructure communications and the ongoing cyber-physical risk to energy systems. https://www.zetter-zeroday.com/attack-against-polands-grid-disrupted-communication-devices-at-about-30-sites/
Microsoft Patches Actively Exploited Office Zero-Day: Microsoft released an emergency update addressing an Office zero-day already exploited in the wild, reinforcing the urgency of rapid patching in enterprise environments. https://securityaffairs.com/187349/hacking/emergency-microsoft-update-fixes-in-the-wild-office-zero-day.html
📈 Breaches and Incidents
eScan Supply Chain Attack Compromises Antivirus Software: Researchers revealed a supply-chain attack targeting eScan, where attackers leveraged compromised update mechanisms to distribute malicious code, highlighting persistent risks in trusted security software ecosystems and the downstream impact on enterprise customers. https://securelist.com/escan-supply-chain-attack/118688/
South Korea to Notify Citizens of Suspected Data Leaks: The South Korean government plans to require notifications not only for confirmed breaches but also for suspected data leaks, signalling a more precautionary and transparent approach to personal data protection. https://koreajoongangdaily.joins.com/news/2026-01-28/national/socialAffairs/Govt-to-notify-people-of-possible-data-leaks-not-just-confirmed-cases/2510657
Ireland’s Data Protection Commission Owed Over €4 Billion in Fines: Ireland’s privacy regulator disclosed that more than €4 billion in GDPR fines remain unpaid, raising questions about enforcement effectiveness against major multinational technology firms. https://www.irishtimes.com/business/2026/01/12/data-protection-commission-owed-more-than-4-billion-in-fines/
ShinyHunters Linked to Match Group Breach Claims: Cybercrime group ShinyHunters resurfaced with claims tied to Match Group data exposure, reinforcing concerns over repeat offender groups monetising stolen consumer data. https://www.theregister.com/2026/01/29/shinyhunters_match_group/
Manage My Health Breach Leads to Phishing Campaigns: Following a healthcare data breach, attackers launched targeted phishing campaigns against affected individuals, demonstrating how breaches quickly translate into secondary exploitation. https://thecyberexpress.com/manage-my-health-data-breach-phishing/
🚨 Threat Intel & Info Sharing
Apple Releases Security Updates Across Platforms: Apple issued coordinated security updates addressing multiple vulnerabilities across iOS, macOS, and watchOS, urging users to patch amid active exploitation risks. https://support.apple.com/en-us/126101)
US Officials Warn of Election-Linked Hacking and Disinformation: Intelligence agencies warned that hacking and influence operations remain a central threat to election security, blending cyber intrusions with disinformation campaigns. https://edition.cnn.com/2026/01/28/politics/hacking-disinformation-election-security
EU Cyber Chief Warns Bloc Is ‘Losing Massively’ to Hackers: Europe’s top cyber official cautioned that fragmented defenses and underinvestment are leaving the EU increasingly exposed to sophisticated threat actors. https://www.politico.eu/article/we-are-losing-massively-against-hackers-eu-cyber-chief-warns/
Google Disrupts Massive Residential Proxy Network: Google detailed the takedown of one of the world’s largest residential proxy networks, commonly abused for fraud, account takeovers, and anonymized attacks. https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network
Iranian APT Activity Expands Across Sectors: Analysis of Iranian state-linked threat actors shows expanding targeting across government, critical infrastructure, and private sector organisations through espionage and disruptive operations. https://falconfeeds.io/blogs/inside-irans-apt-network-most-active-iranian-state-linked-threat-actors-2024-2025
⚖️ Laws, Policies and Regulations
CISA Official Discusses AI Use and Risk at Agency: A senior CISA official addressed how generative AI tools like ChatGPT are being evaluated internally, balancing operational benefits with security and data-handling risks. https://www.politico.com/news/2026/01/27/cisa-madhu-gottumukkala-chatgpt-00749361
Google to Pay $135M to Settle Android Data Lawsuit: Google agreed to a $135 million settlement over claims it improperly collected Android user data, marking another major privacy enforcement milestone. https://news.bloomberglaw.com/privacy-and-data-security/google-to-pay-135-million-to-settle-android-phone-data-suit
FBI Seizes Ramp Cybercrime Forum: US authorities seized infrastructure linked to the Ramp cybercrime forum, a key marketplace used by ransomware and fraud actors to trade tools and services. https://www.bleepingcomputer.com/news/security/fbi-seizes-ramp-cybercrime-forum-used-by-ransomware-gangs/
Spain Closes Pegasus Spyware Probe: Spanish prosecutors closed their Pegasus spyware investigation, citing a lack of cooperation from Israel, highlighting jurisdictional limits in cross-border surveillance cases. https://www.reuters.com/technology/spain-closes-pegasus-spyware-probe-again-saying-israel-has-not-responded-2026-01-22/
EU Proposes Updates to Cybersecurity Act: The European Commission proposed revisions to the EU Cybersecurity Act aimed at strengthening certification schemes and supply-chain security oversight. https://digital-strategy.ec.europa.eu/en/library/proposal-regulation-eu-cybersecurity-act
📊 Trends, Reports, Analysis
Unpacking The Latest Scattered Lapsus$ Hunters (SLH) Campaigns
Push Security’s latest analysis reveals a highly coordinated and evolving Scattered Lapsus$ Hunters (SLH) campaign that blends voice phishing (vishing) with attacker-in-the-middle (AiTM) phishing to compromise enterprise identities at scale. Unlike traditional phishing operations, SLH relies on live operator-driven attacks, where threat actors impersonate IT support over phone calls to socially engineer employees into completing malicious login flows. These attacks successfully bypass MFA by stealing session cookies, MFA tokens, and SSO credentials in real time, enabling attackers to pivot rapidly across corporate SaaS environments. The campaign demonstrates a shift away from email-centric intrusion methods toward human-centric identity compromise, exploiting trust, urgency, and helpdesk workflows. Researchers warn that this model significantly reduces the effectiveness of legacy email security and MFA-only defenses.
Key Points
SLH combines vishing and AiTM phishing to hijack SSO and SaaS accounts
Attackers impersonate internal IT support via phone calls
Victims are guided to real-time phishing panels that capture MFA tokens and session cookies
Stolen SSO access enables lateral movement across cloud applications
Campaigns leverage breach data to increase credibility during calls
Traditional email security tools provide limited visibility into these attacks
Highlights growing risk from identity-first, human-operated intrusions
Reinforces need for browser-level controls, phishing-resistant MFA, and identity monitoring
📅 Upcoming Events
UK Edition: Generative AI & Cybersecurity: Risks and Opportunities
Generative AI is transforming cybersecurity at unprecedented speed. For UK organisations, it represents a powerful opportunity to modernise Security Operations Centres (SOCs) through intelligent automation, predictive threat detection, and faster decision-making.
At the same time, it is enabling a new class of highly sophisticated cyber threats, AI-driven phishing, adaptive malware, and LLM-engineered exploits that challenge traditional defences.
We are looking for sponsors for our 2026 events.
If you would like to sponsor any of our future in person or virtual events then please email us on [email protected]
We hope you enjoyed our email briefing! ☕🥮If you want to sponsor our next edition or advertise on our site, drop us an email [email protected].
Thank you for being a part of our newsletter community and you can be part of the community by joining our LinkedIn Group.
