Cyber Express Weekly Roundup: December 2025 – January 2026

The global cybersecurity landscape has seen significant developments in the transition from 2025 to 2026, with regulatory changes, insider threats, and continued ransomware campaigns shaping the digital security environment. These events highlight an evolving focus on corporate accountability, AI risks, and the growing importance of trust as a core cybersecurity asset.

China has implemented the most substantial update to its Cybersecurity Law since 2017, introducing stricter reporting requirements and increased executive liability. Critical infrastructure operators now face demanding incident reporting timelines ranging from 60 minutes for severe breaches to four hours for major incidents. This regulatory shift signals China’s growing emphasis on cybersecurity governance and could influence global compliance standards.

Meanwhile, in Europe, Poland has formally requested an investigation into TikTok by the European Commission. Polish officials allege the platform failed to meet obligations under the Digital Services Act by allowing AI-generated content promoting “Polexit” – the concept of Poland leaving the European Union. This case highlights mounting concerns about AI-driven disinformation campaigns and their potential impact on democratic processes, particularly among younger demographics heavily engaged with social media platforms.

The effectiveness of data protection regulations continues to be tested, with France’s data protection authority, CNIL, imposing a €1.7 million fine on Nexpublica France. The company was penalized for inadequate security measures that led to a 2022 breach exposing sensitive personal information, including details about disabilities. CNIL emphasized that awareness of vulnerabilities without implementing timely remediation constitutes a serious violation of GDPR principles.

Insider threats remain a significant concern for organizations. In the United States, two cybersecurity professionals have pleaded guilty to deploying ALPHV BlackCat ransomware against five companies across healthcare, pharmaceutical, and technology sectors. The attackers leveraged their privileged access to extort more than $1.2 million from victims, demonstrating that internal security risks can be as damaging as external threats.

Organized cybercrime groups continue to exploit software vulnerabilities at scale. The CL0P ransomware group has expanded its campaign targeting Oracle E-Business Suite systems globally, affecting major institutions including the University of Phoenix and Korean Air. These attacks compromised millions of employee and personal records, primarily through third-party software vulnerabilities, underscoring the cybersecurity risks associated with vendor dependencies.

Technical vulnerabilities also remain a critical concern. The recently discovered “MongoBleed” vulnerability (CVE-2025-14847) in MongoDB allows attackers unauthenticated access to server memory, potentially exposing credentials and confidential data. This finding demonstrates that even well-established database platforms can harbor serious security flaws.

In Southeast Asia, a review of ASEAN cybersecurity in 2025 revealed that brand abuse, executive impersonation, and digital reputation attacks caused more significant damage than traditional data breaches. As noted by Salleh Kodri, Senior Presales consultant at Cyble, this trend indicates a shift in threat actors’ tactics toward targeting organizational trust and reputation.

Governance issues and corruption also intersect with security concerns, as illustrated by the arrest of former Georgian security chief Grigol Liluashvili on bribery and corruption charges related to energy contracts and public procurement. Prosecutors are investigating millions of dollars in alleged illicit payments, highlighting how corruption in security institutions can undermine national resilience.

As organizations move into 2026, the cybersecurity landscape continues to evolve beyond purely technical considerations. The protection of trust, brand integrity, and personal data has become as crucial as traditional security measures like firewalls and encryption. This more holistic approach to security will likely define cybersecurity strategies in the coming year as threats continue to diversify and regulations tighten globally.