Here is the most recent Cybersecurity news for the past week:
🏨 Hyatt Hotels Targeted by NightSpire Ransomware Group
A ransomware group known as “NightSpire” claims to have breached Hyatt Hotels, stealing approximately 48.6GB of sensitive corporate data, including employee credentials and financial records. After the hospitality giant reportedly refused to pay the ransom, the attackers began leaking portions of the stolen data on dark web forums to prove the authenticity of the breach.
📦 Ingram Micro Confirms Data Breach Affecting 42,000 Individuals
IT distributor Ingram Micro has begun notifying over 42,000 people that their personal information was compromised during a ransomware attack that occurred in July 2025. While operations were restored quickly at the time, a recent investigation revealed that the attackers exfiltrated files containing names, Social Security numbers, and passport details, which have now been linked to the “Safepay” ransomware gang.
https://www.securityweek.com/42000-impacted-by-ingram-micro-ransomware-attack
💶 French Regulator Fines Free Mobile €42 Million for Data Security Failures
France’s data protection authority, CNIL, has imposed fines totaling €42 million on telecom operators Free and Free Mobile following a massive data breach that affected millions of subscribers. The regulator cited the companies’ failure to implement adequate security measures and their ineffective handling of the breach notification process as primary reasons for the significant penalty.
https://www.cnil.fr/en/sanction-free-2026
🐛 Microsoft Patches Actively Exploited Windows Zero-Day
In its first security update of 2026, Microsoft has patched 114 vulnerabilities, including a critical information disclosure flaw (CVE-2026-20805) in the Desktop Window Manager that is currently being exploited in the wild. The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, ordering federal agencies to patch it immediately to prevent attackers from bypassing security controls.
https://thehackernews.com/2026/01/microsoft-fixes-114-windows-flaws-in.html
🏭 Cybercriminals Weaponizing AI Against Critical Infrastructure
A new report from Cyble Research Labs reveals a sharp increase in hacktivists and cybercriminals targeting industrial control systems (ICS) and operational technology (OT) using artificial intelligence. The research highlights how adversaries are now using AI for prompt injection and supply chain poisoning to automate attacks against critical sectors, marking a dangerous evolution in cyber warfare tactics.
