Medium

Attacks are Evolving: 3 Ways to Protect Your Business in 2026

The Hacker News

Overview

In 2025, small and medium-sized businesses (SMBs) faced a surge in cyberattacks that challenged assumptions about which sectors were at risk. Cybercriminals increasingly targeted these businesses, breaching networks to steal sensitive data and sell it on the dark web, leading to significant financial losses. As the tactics used by attackers evolve, businesses need to rethink their security strategies to protect themselves from these threats. The article outlines three key measures companies should adopt to safeguard their operations in 2026. This shift in focus to SMBs is crucial, as many may not have the resources to defend against sophisticated attacks, making them more vulnerable.

Key Takeaways

  • Action Required: Companies should enhance their cybersecurity protocols, invest in employee training, and implement advanced threat detection systems.
  • Timeline: Ongoing since 2025

Original Article Summary

Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and selling it on the dark web has become a reliable payday. But in 2025, the data breaches that affected small and medium-sized businesses (SMBs) challenged our perceived wisdom about exactly which types of businesses cybercriminals are targeting.

Impact

Not specified

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Ongoing since 2025

Remediation

Companies should enhance their cybersecurity protocols, invest in employee training, and implement advanced threat detection systems.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Data Breach.

Related Coverage

Cyberattack Disrupts Operations of Japanese Frozen Food Giant Nichirei

SecurityWeek

Nichirei, a major Japanese frozen food company, faced a cyberattack on July 13, which forced the company to disconnect its systems. As a result, operations were significantly disrupted, impacting their ability to process and distribute their products. The company is now in the process of gradually restoring its systems, but the incident raises concerns about the security of supply chains in the food industry. Cyberattacks on food companies can disrupt not only business operations but also affect food availability and consumer trust. Nichirei's experience serves as a reminder for companies in all sectors to prioritize cybersecurity to protect against similar threats.

Jul 17, 2026

US charges two over laundering $43 million from investment fraud

BleepingComputer

U.S. prosecutors have charged a New York couple with laundering $43 million gained from cyber investment fraud schemes. The duo is accused of being part of a larger crime ring that exploited unsuspecting investors through fake investment opportunities online. This case highlights the ongoing issues surrounding cyber fraud, where victims are often tricked into handing over their money under false pretenses. The charges serve as a reminder of the importance of vigilance when it comes to online investments and the need for law enforcement to pursue those who facilitate such crimes. With increasing sophistication in these scams, it is crucial for individuals to be aware of potential red flags when considering investment opportunities.

Jul 17, 2026

U.S. CISA adds KNX Association KNX Protocol Connection Authorization Option 1 and Oracle flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included new vulnerabilities in its Known Exploited Vulnerabilities catalog, specifically targeting the KNX Protocol Connection Authorization Option 1 from the KNX Association and various flaws related to Oracle products. This update is crucial as it indicates that these vulnerabilities could be actively exploited by attackers, posing risks to organizations using affected systems. The inclusion of these vulnerabilities serves as a warning to IT departments and security teams to prioritize patching and mitigation efforts. Notably, CISA also added vulnerabilities from SonicWall and Microsoft to the catalog, emphasizing the ongoing need for vigilance in cybersecurity practices. Companies should review their systems and apply necessary updates to safeguard against potential attacks.

Jul 17, 2026

CISA Adds Exploited SharePoint RCE Zero-Day CVE-2026-58644 to KEV

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Microsoft SharePoint Server to its list of Known Exploited Vulnerabilities. This flaw, identified as CVE-2026-58644, has a high severity score of 9.8, indicating that it poses a significant risk. Federal Civilian Executive Branch agencies are mandated to implement necessary patches by July 19, 2026. The vulnerability involves a deserialization issue that could allow attackers to execute remote code on affected systems, making it crucial for organizations using SharePoint to take immediate action. By addressing this vulnerability, agencies can help prevent potential exploitation by malicious actors.

Jul 17, 2026

Russian hackers use fake CAPTCHA to infect Ukrainian targets

SCM feed for Latest

The Sandworm group, which is associated with Russia's military intelligence agency, the GRU, is targeting Ukrainian organizations using a deceptive approach called ClickFix. This technique involves creating fake CAPTCHA challenges that trick users into downloading malware. By exploiting social engineering tactics, the attackers aim to gain access to sensitive information. This method poses a significant risk to Ukrainian entities, as it can lead to data breaches and further cyber operations. The use of such sophisticated tactics reflects the ongoing cybersecurity threats faced by Ukraine amid its geopolitical tensions with Russia.

Jul 16, 2026

Period tracking app Stardust shares sensitive user data with third parties, report finds

SCM feed for Latest

A recent investigation by Mozilla has found that the period tracking app Stardust is sharing sensitive user data with third-party service RudderStack. This data is linked to a unique identifier rather than personal names, which raises privacy concerns for users. The sharing of such information can potentially expose users to unwanted marketing and other privacy risks. Given the nature of period tracking apps, which often contain sensitive health data, this incident highlights the need for greater transparency and user control over personal information. Users of Stardust may want to reconsider their use of the app or review its privacy settings to protect their data.

Jul 16, 2026