Cyber Threats & Infrastructure Exploitation
9h ago.
[Briefing]
A significant cyberattack targeting London's transportation infrastructure has compromised personal data for approximately 10 million users, including names and other sensitive information. The breach represents a critical vulnerability in essential public services and poses substantial risks to affected individuals regarding identity theft and fraud. The situation is currently escalating as authorities investigate the attack's scope and attribution while working to contain further data exposure. Immediate response measures are underway to notify affected parties and strengthen system security across the transport network.
[Key figures]
Verified 9h agoRECORDS EXPOSED
10,000,000
SYSTEMS BREACHED
1
DATA TYPES COMPROMISED
3
[Situation map]
[Timeline]
London Transport Cyberattack Exposes Data of 10 Million People
A significant cyberattack on London's transportation system has resulted in the leak of personal data for approximately 10 million people, including names, email addresses, phone numbers, and postal addresses, according to Le Figaro. The BBC obtained access to the stolen data through sources in the hacking community, highlighting major security vulnerabilities in public transportation infrastructure.
Dual CVE Chain Enables Persistent Access in Cisco SD-WAN Attacks, Agencies Say
CISA Alerts detail that threat actors are executing a two-stage exploitation chain against Cisco SD-WAN infrastructure, first leveraging the newly catalogued authentication bypass CVE-2026-20127 — described as a previously undisclosed zero-day — before pivoting to the privilege escalation flaw CVE-2022-20775 to entrench themselves within targeted environments. The joint advisory, co-signed by the Five Eyes intelligence alliance, characterizes the activity as a broad, global campaign with victims spanning multiple sectors and regions. Network defenders are urged to apply available patches immediately and audit SD-WAN management interfaces for indicators of compromise outlined in the guidance.
CISA, Five Eyes Partners Warn of Active Global Cisco SD-WAN Exploitation
According to CISA Alerts, the U.S. Cybersecurity and Infrastructure Security Agency, the NSA, and international partners from Australia, Canada, New Zealand, and the United Kingdom have issued joint guidance warning of an ongoing global campaign targeting Cisco SD-WAN systems. CISA reports that malicious cyber actors are exploiting a previously undisclosed authentication bypass vulnerability tracked as CVE-2026-20127 to gain initial access, then chaining the attack with CVE-2022-20775 to escalate privileges and establish long-term persistence inside victim networks. CISA has added both vulnerabilities to its Known Exploited Vulnerabilities catalog and issued an Emergency Directive compelling federal agencies to take immediate remediation action.
[Articles]
London Transport Cyberattack Exposes Data of 10 Million People
A significant cyberattack on London's transportation system has resulted in the leak of personal data for approximately 10 million people, including names, email addresses, phone numbers, and postal addresses, according to Le Figaro. The BBC obtained access to the stolen data through sources in the hacking community, highlighting major security vulnerabilities in public transportation infrastructure.
Cyberattack on London Transport Leaks Data of 10 Million People
A cyberattack on London's transportation system has leaked the data of approximately 10 million people, including names, email addresses, phone numbers, and postal addresses. The BBC obtained access to the stolen data through a source in the hacking community. The incident represents a significant breach of personal data, highlighting concerns over cybersecurity in public transportation systems.
Modernising mining: Cybersecurity must be central, not optional
The mining industry is becoming increasingly vulnerable to cyberattacks as it modernizes and relies more on digital technologies. Cybersecurity is no longer optional, but a central concern, as attacks on critical infrastructure can have debilitating consequences for economic stability, national security, and public health. Recent incidents in the mining industry, such as leaks of internal documents and outages of IT systems, highlight the need for improved cybersecurity measures.
The unpredictable fall of YggTorrent, French fortress of illegal downloading
A hacker has claimed responsibility for a devastating attack on YggTorrent, a French-language platform used for illegal downloads of movies, music, and games. The hacker claims to have obtained tens of thousands of credit cards. The attack has resulted in the destruction of servers and the theft of sensitive data.
Dual CVE Chain Enables Persistent Access in Cisco SD-WAN Attacks, Agencies Say
CISA Alerts detail that threat actors are executing a two-stage exploitation chain against Cisco SD-WAN infrastructure, first leveraging the newly catalogued authentication bypass CVE-2026-20127 — described as a previously undisclosed zero-day — before pivoting to the privilege escalation flaw CVE-2022-20775 to entrench themselves within targeted environments. The joint advisory, co-signed by the Five Eyes intelligence alliance, characterizes the activity as a broad, global campaign with victims
CISA, Five Eyes Partners Warn of Active Global Cisco SD-WAN Exploitation
According to CISA Alerts, the U.S. Cybersecurity and Infrastructure Security Agency, the NSA, and international partners from Australia, Canada, New Zealand, and the United Kingdom have issued joint guidance warning of an ongoing global campaign targeting Cisco SD-WAN systems. CISA reports that malicious cyber actors are exploiting a previously undisclosed authentication bypass vulnerability tracked as CVE-2026-20127 to gain initial access, then chaining the attack with CVE-2022-20775 to escalat
CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems
CISA, NSA, and international partners including Australia, Canada, New Zealand, and the UK have issued joint guidance warning of ongoing global exploitation of Cisco SD-WAN systems. Malicious cyber actors are leveraging a previously undisclosed authentication bypass vulnerability (CVE-2026-20127) for initial access, then escalating privileges via CVE-2022-20775 to establish long-term persistence. CISA has added both CVEs to its Known Exploited Vulnerabilities catalog and issued Emergency Directi
A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals
A sophisticated iPhone-hacking toolkit, believed to have been originally developed for US government use, has reportedly fallen into the hands of foreign intelligence services and criminal actors. The toolset is thought to have compromised tens of thousands of devices or more. The incident raises serious concerns about the proliferation of state-grade surveillance and exploit capabilities beyond their intended operators. Clues embedded in the toolkit suggest a US government origin, amplifying th