Rapid7's research reveals China-linked kernel implants deep inside telecom signaling infrastructure. Here's what BPFdoor is, how it evolved, and what defenders need to do now ... Read More

Last week, Swedish journalists revealed that Meta sends video footage from Meta Ray-Ban smart glasses to human data annotators at Sama, a San Francisco-based outsourcing company that runs its annotation workforce out of Nairobi, Kenya. Workers described seeing footage of people in bathrooms, bedrooms, and intimate situations. The UK's Information ... Read More

On January 18, 2026, the Everest ransomware group made good on their threat and released Under Armour customer data to BreachForums. Two months earlier, Everest had added Under Armour to their leak site with a seven-day deadline. The company didn't pay. Now 72.7 million email addresses are sitting in Have I ... Read More

Recently Crimson Collective claimed they breached Brightspeed and grabbed 1 million+ customer records. The list of data they claim to have accessed includes names, billing addresses, partial payment data, and more. There was a class action filed three days later. Brightspeed says they're investigating. No confirmation of data exfiltration yet ... Read More

Inside a threat actor's critical infrastructure targeting In January 2026, 139 gigabytes of engineering data from a U.S. power infrastructure company appeared for sale on an underground forum. The seller wanted 6.5 Bitcoin. The data included LiDAR point clouds of transmission line corridors, substation configurations, and vegetation mapping for three ... Read More

How one threat actor turned stolen credentials into a global breach portfolio Between December 2025 and January 2026, a single threat actor posted 25 data sales listings on a Russian-language cybercrime forum. The victims spanned 15 countries and every major sector from aviation to critical infrastructure. Prices ranged from free ... Read More