Microsoft patches 100+ vulnerabilities in January update, including multiple actively exploited zero days
Microsoft released the January 2026 Patch Tuesday updates addressing over 100 vulnerabilities, among them multiple actively exploited zero-day and critical remote code execution flaws that pose imminent risk to enterprise Windows deployments.
The breadth of patched components included kernel subsystems, security features and networking protocols — areas that attackers frequently target to gain initial access or escalate privileges after phishing or malware delivery.
Delayed patch application in large or distributed environments significantly increases the window of exposure and the likelihood of successful exploitation by both opportunistic and targeted adversaries.
Kyowon Group reports major ransomware incident affecting hundreds of servers and exposing data
South Korean conglomerate Kyowon Group confirmed that its network was hit by a ransomware attack causing widespread service outages across numerous subsidiaries and prompting emergency response measures, with indications of data exfiltration under investigation.
The cyber incident disrupted operations across education, media and property divisions, affecting roughly 600 of the company’s 800 servers and prompting notification to the Korea Internet & Security Agency (KISA) as part of the response.
Although the specific threat actor and exact scope of customer data exposure are still being evaluated, local authorities estimate that millions of user accounts may be at risk, raising extortion and identity compromise concerns.
Grubhub admits breach after hackers access internal systems and exfiltrate sensitive data
Grubhub acknowledged a security breach in which unauthorized access to its internal systems resulted in the theft of data, and extortion demands have been reported as part of the incident response process.
Initial analysis suggests that attackers gained access via compromised credentials or weak access controls, maintaining persistence long enough to extract information before detection.
The incident underscores that credential abuse and inadequate access governance continue to be principal vectors for breaches in cloud-enabled enterprise services.
France’s Free Mobile hit with €42 million CNIL penalty for security failures in massive 2024 data breach
The French data protection authority (CNIL) imposed a cumulative €42 million penalty on Free Mobile and its parent company Free following a 2024 breach that exposed sensitive customer data of nearly 23 million mobile and fixed subscribers due to inadequate security controls.
The breach involved attackers compromising a management tool to steal personal information, including IBANs, highlighting operational gaps in access controls and data retention practices that violated multiple GDPR obligations.
CNIL’s findings included failures to ensure data security, insufficient breach notification details to affected customers, and excessive retention of personal data beyond business needs.
Belgian hospital AZ Monica goes offline after attack disrupts medical records and operations
Belgian hospital AZ Monica was forced to shut down all servers and cancel scheduled procedures after a cyberattack disrupted IT systems in its Antwerp and Deurne campuses, forcing manual patient registration and critical transfers for urgent care.
The attack impacted access to electronic medical records, causing widespread operational disruption and forcing staff to manage patient information on paper while hospital leadership coordinated recovery and investigation efforts.
Health care environments are particularly vulnerable due to their reliance on digital workflows and the critical nature of access to clinical data, making continuity planning essential.