Featured image of post Cybersecurity Week in Review: January 6–January 12, 2026
News

Cybersecurity Week in Review: January 6–January 12, 2026

Cyberattacks, data breaches, zero-days, and global responses—discover the biggest cybersecurity headlines of this week.

By Senthorus SOC

Major Data Breaches

Manage My Health Breach Impacts 125,000 Users in New Zealand

Summary:
Manage My Health, a widely used online patient portal in New Zealand, began notifying affected medical practices after a significant cyber incident. The breach impacted approximately 125,000 of its 1.8 million users. The company is working with authorities and affected practices to mitigate the impact and secure its systems.

Key Details:

  • Organization: Manage My Health (New Zealand)
  • Data Exposed: Patient information (specifics not yet fully disclosed)
  • Discovery Date: Early January 2026
  • Response: Notifications sent to affected practices; investigation ongoing

Cross-reference notes:
This incident has been widely reported in New Zealand media and covered by international cybersecurity outlets, with ongoing updates as the investigation progresses1.

Significant Cyberattacks

Jaguar Land Rover Faces Disruption After Cyberattack

Summary:
Jaguar Land Rover reported a fiscal Q3 sales slump, attributing part of the downturn to a recent cyberattack. The attack caused operational disruptions, highlighting the ongoing threat to the manufacturing sector, which remains a top target for cybercriminals.

Key Details:

  • Organization: Jaguar Land Rover
  • Impact: Sales and operations disrupted
  • Attack Vector: Not publicly disclosed
  • Discovery Date: Early January 2026
  • Response: Incident response measures implemented; recovery ongoing

Cross-reference notes:
The manufacturing sector has been the most-attacked industry for four consecutive years, according to recent IBM reports2.

Ongoing Nation-State Espionage: Fancy Bear and Salt Typhoon

Summary:
Russian state-sponsored group Fancy Bear (APT28) and China-linked Salt Typhoon continued their global espionage campaigns. Fancy Bear has been doubling down on secrets theft using basic but effective techniques, while Salt Typhoon’s attacks on U.S. telecommunications providers have prompted new regulatory action.

Key Details:

  • Groups: Fancy Bear (Russia), Salt Typhoon (China)
  • Targets: Global government and telecom sectors
  • Attack Vectors: Credential theft, exploitation of unmanaged devices
  • Response: U.S. FCC ordered immediate cybersecurity upgrades for telcos

Cross-reference notes:
Multiple sources confirm the intensification of nation-state attacks, with regulatory bodies responding to the evolving threat landscape34.

Critical Vulnerabilities

Summary:
Attackers exploited zero-day vulnerabilities in end-of-life D-Link routers and SonicWall edge access devices. These flaws allowed remote code execution and unauthorized access, with active campaigns observed targeting unpatched systems.

Key Details:

  • Products Affected: D-Link routers (end-of-life), SonicWall edge devices
  • CVE Numbers: Not specified in summary; details available in vendor advisories
  • Attack Vector: Remote exploitation of unpatched vulnerabilities
  • Response: Vendors issued advisories urging immediate patching or device replacement

Cross-reference notes:
These incidents underscore the risks of running unsupported hardware and the importance of timely patch management3.

Fortinet Firebox Devices Face Renewed Threats

Summary:
Thousands of Fortinet Firebox firewalls remain at risk due to renewed exploitation of a legacy vulnerability first disclosed in 2020. Recent attacks have targeted internet-exposed devices, prompting urgent warnings from the vendor.

Key Details:

  • Product: Fortinet Firebox
  • Vulnerability: Legacy flaw (originally disclosed 2020)
  • Attack Vector: Internet-exposed management interfaces
  • Response: Fortinet urges immediate reconfiguration and patching

Cross-reference notes:
The resurgence of attacks on legacy vulnerabilities highlights the persistent threat to edge devices2.

Government Responses

CISA’s 2026 Priorities and Challenges

Summary:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) outlined its top challenges for 2026, including infrastructure protection, improving agency morale, and addressing leadership gaps. CISA also continues to warn about persistent threats from malware such as Brickstorm and the need for robust AI governance.

Key Details:

  • Agency: CISA (U.S.)
  • Focus Areas: Infrastructure protection, AI security, persistent malware threats
  • Recent Actions: Issued advisories, called for public input on AI agent security

Cross-reference notes:
CISA’s evolving priorities reflect the growing complexity of the threat landscape and the need for coordinated national responses2.

UK Allocates £210M to Public Sector Cybersecurity

Summary:
The UK government announced a £210 million investment to bolster cybersecurity across public services. The funding aims to address rising threats and modernize digital defenses in critical sectors.

Key Details:

  • Country: United Kingdom
  • Investment: £210 million
  • Purpose: Improve cybersecurity in public services
  • Announcement Date: Early January 2026

Cross-reference notes:
This move is part of a broader trend of increased government spending on cybersecurity in response to escalating threats1.

Miscellaneous

Summary:
Reports this week emphasized the growing risks associated with shadow AI use and the need for enterprises to prioritize AI governance. Cloud infrastructure remains a fundamental security concern, with identity security and integrated monitoring highlighted as best practices.

Key Details:

  • Trends: Shadow AI, cloud security, identity management
  • Recommendations: Implement AI governance policies, enhance cloud monitoring

Cross-reference notes:
Industry experts warn that 2026 may see a surge in AI-powered impersonation attacks, making proactive governance essential2.

Conclusion

The week of January 6–12, 2026, saw significant developments across the cybersecurity landscape, from major data breaches and disruptive cyberattacks to the discovery of critical vulnerabilities and robust government responses. The persistent threat from nation-state actors, the exploitation of legacy vulnerabilities, and the rapid evolution of AI and cloud risks underscore the need for vigilance, timely patching, and strategic investment in cybersecurity defenses.

Sources:

© 2026 Senthorus Blog