We’ve launched an exclusive WhatsApp group with local chapters in New York, Dubai, Saudi - and more coming soon. Join our WhatsApp Group here: LINK

A new Google Cloud threat intelligence analysis highlights a significant escalation in cyber threats targeting the Defense Industrial Base (DIB) — the network of contractors, suppliers, and technology partners that support military and national security systems. The report finds that state-aligned threat actors and sophisticated criminal groups are increasingly focusing on supply chains, development infrastructures, and cloud environments integral to defense operations. Adversaries are exploiting poorly secured software repositories, CI/CD pipelines, and third-party services to pivot into sensitive environments, bypassing perimeter defenses and gaining long-term persistence. Cloud providers note that attackers are blending traditional espionage with data exfiltration and disruption techniques, often leveraging stolen credentials, misconfigurations, and unpatched systems to achieve their goals. The analysis underscores that the DIB is no longer a peripheral target but a central focus for nation-state and hybrid cyber operations, compelling stakeholders to elevate defensive postures, improve telemetry collection, and strengthen collaboration with cloud service partners.

LINK: Threats to the Defense Industrial Base | Google Cloud Blog

Apple Fixes First Actively Exploited Zero-Day of 2026: Apple patched what it described as the first actively exploited zero-day vulnerability of 2026, urging users to update devices immediately amid evidence of in-the-wild exploitation. https://securityaffairs.com/187890/security/apple-fixed-first-actively-exploited-zero-day-in-2026.html

Substack Data Breach Added to Have I Been Pwned: Substack’s recent data breach was catalogued by Have I Been Pwned, confirming exposure of subscriber information and increasing visibility into the scale of the incident. https://haveibeenpwned.com

Regulator Launches Inquiry Into Nova Scotia Utility Cyberattack: Canadian regulators announced a two-part investigation into last year’s cyberattack on a Nova Scotia utility, examining operational impact and regulatory compliance failures. https://www.nsnews.com

CNIL 2025 Report Highlights Sanctions and Enforcement Trends: France’s CNIL detailed enforcement actions and corrective measures taken in 2025, showing increased regulatory scrutiny and significant financial penalties for privacy violations. https://www.cnil.fr

BBC Reports on Major Cyber Incident: A newly reported cyberattack detailed by the BBC highlights continued disruptions affecting public services, reinforcing concerns over critical infrastructure resilience. https://www.bbc.co.uk/news/articles/cy4wnw04e8wo

Odido Breach Exposes 6.2 Million Customer Records: Dutch telecom Odido confirmed a breach impacting 6.2 million customers, with exposed personal data raising identity theft and fraud concerns. https://www.bleepingcomputer.com/news/security/odido-data-breach-exposes-personal-info-of-62-million-customers/

Romanian Pipeline Operator Confirms Data Theft: Conpet confirmed attackers stole data in a recent cyberattack, intensifying scrutiny over security protections in Europe’s energy infrastructure sector. https://www.bleepingcomputer.com/news/security/romanias-oil-pipeline-operator-conpet-confirms-data-stolen-in-attack/

Volvo Group Impacted in Expanding Conduent Breach: Volvo Group was among companies affected by the widening Conduent data breach, demonstrating supply-chain exposure risks across industrial enterprises. https://securityaffairs.com/187875/security/volvo-group-hit-in-massive-conduent-data-breach.html

Fintech Firm Figure Discloses Employee-Linked Breach: Figure confirmed a phishing attack targeting an employee led to a data breach, reinforcing ongoing risks posed by social engineering in financial services. https://securityaffairs.com/187988/data-breach/fintech-firm-figure-disclosed-data-breach-after-employee-phishing-attack.html

Georgia Healthcare Firm Breach Impacts 620,000: A Georgia-based healthcare provider disclosed a cyber incident affecting more than 620,000 individuals, adding to mounting healthcare-sector breach totals. https://therecord.media/georgia-healthcare-company-data-breach-impacts-620000

BridgePay Confirms Ransomware Behind Service Outage: Payments platform BridgePay attributed a recent outage to a ransomware attack, underscoring continued targeting of financial transaction providers. https://www.bleepingcomputer.com/news/security/payments-platform-bridgepay-confirms-ransomware-attack-behind-outage/

Singapore Mounts Largest Multi-Agency Operation Against APT UNC3886: Singapore authorities disclosed their largest coordinated cyber defense operation to counter advanced persistent threat actor UNC3886, which targeted the country’s telecommunications sector using sophisticated intrusion techniques. The campaign involved cross-agency collaboration to contain activity, strengthen sector resilience, and share threat intelligence with partners, underscoring rising nation-state risks to critical communications infrastructure. https://www.csa.gov.sg

Hacktivist Leaks 500,000 Stalkerware Customer Records: A self-described hacktivist scraped and exposed payment records of more than 500,000 customers linked to stalkerware services, revealing names, emails and transaction data tied to controversial surveillance tools. The breach raises legal and ethical concerns over spyware operators and the users purchasing monitoring software. https://techcrunch.com

Microsoft Details Windows Security Enhancements on User Transparency: Microsoft outlined updates aimed at strengthening trust in Windows by improving user consent, visibility into application behavior, and system-level transparency controls. The move reflects broader industry pressure to harden operating systems against abuse while maintaining usability. https://blogs.windows.com

Russia Restricts Telegram in Latest Internet Control Push: Russian authorities moved to further restrict Telegram’s operations as part of ongoing efforts to tighten control over online communications, signaling escalating state oversight of encrypted messaging platforms. https://www.reuters.com

U.S. Justice Department Highlights Ongoing Cyber Enforcement Efforts: The Department of Justice reiterated its focus on disrupting cybercrime networks and prosecuting threat actors through coordinated domestic and international enforcement actions. https://www.justice.gov

Lotus Blossom Linked to Notepad Supply Chain Espionage: DomainTools researchers tied the Lotus Blossom threat group to a supply-chain espionage campaign involving compromised Notepad software, illustrating how trusted tools are leveraged for covert intelligence collection. https://dti.domaintools.com/research/lotus-blossom-and-the-notepad-supply-chain-espionage-campaign

Ivanti EPMM ‘Sleeper Shells’ Signal Persistent Access Risks: Researchers identified stealthy web shells embedded in Ivanti Endpoint Manager Mobile environments, highlighting long-term persistence risks in enterprise mobile device management systems. https://defusedcyber.com/ivanti-epmm-sleeper-shells-403jsp

Fake AI Chrome Extensions Infect 300,000 Users: Malicious Chrome extensions masquerading as AI tools were found stealing credentials and email data from more than 300,000 users, underscoring the growing abuse of AI branding in malware distribution. https://www.bleepingcomputer.com/news/security/fake-ai-chrome-extensions-with-300k-users-steal-credentials-emails/

Ring Ends Partnership With Flock After Surveillance Scrutiny: Ring terminated its partnership with Flock following controversy around surveillance data practices, reflecting mounting public pressure on companies involved in law enforcement technology ecosystems. https://therecord.media/ring-ends-partnership-with-flock-superbowl-ad

Luxury Brands Fined €25 Million Over Data Breaches: Louis Vuitton, Dior and Tiffany were collectively fined €25 million by regulators for failing to adequately safeguard customer data, reinforcing stricter enforcement of privacy and security obligations. https://www.bleepingcomputer.com/news/security/louis-vuitton-dior-and-tiffany-fined-25-million-over-data-breaches/

Nigeria Moves to Strengthen Cyber Defenses Amid AI Threat Surge: Nigeria announced plans to bolster national cyber defenses as AI-enabled attacks and financial losses increase, reflecting broader global concern over automated cybercrime capabilities. https://www.bloomberg.com

U.S. Air Force Updates Dress and Appearance Regulations: The Air Force released updates to dress and appearance regulations, part of broader institutional policy adjustments. https://www.af.mil

Google Cloud Warns of Growing Threats to Defense Industrial Base: Google Cloud detailed escalating cyber threats targeting the defense industrial base, warning that state-backed actors are increasingly focusing on contractors and supply chains to access sensitive data. Threats to the Defense Industrial Base | Google Cloud Blog

Generative AI is transforming cybersecurity at unprecedented speed. For UK organisations, it represents a powerful opportunity to modernise Security Operations Centres (SOCs) through intelligent automation, predictive threat detection, and faster decision-making.

At the same time, it is enabling a new class of highly sophisticated cyber threats, AI-driven phishing, adaptive malware, and LLM-engineered exploits that challenge traditional defences.

REGISTER HERE

If you would like to sponsor any of our future in person or virtual events then please email us on [email protected]

We hope you enjoyed our email briefing! ☕🥮If you want to sponsor our next edition or advertise on our site, drop us an email [email protected].

Thank you for being a part of our newsletter community and you can be part of the community by joining our LinkedIn Group.