Policy
-
NIST enters 2026 with staff cuts, tighter budget and cryptography validation backlog
NIST begins 2026 with over 700 positions shed, a smaller labs budget and a cryptographic module validation backlog that averaged 348 days per recent projects, even as the agency tests post-quantum modules and seeks automation.
-
British Army to base 13 Signal Regiment at Gloucestershire site with £279 million spending
The British Army will base 13 Signal Regiment at Duke of Gloucester Barracks in Gloucestershire with £279 million funding. Plans cover new cyber facilities, accommodation for service families, and construction from 2027 to 2030.
-
LOTUSLITE backdoor used in campaign targeting U.S. policy entities
Researchers disclosed a campaign on January 16, 2026 that used Venezuela-themed lures to deliver the LOTUSLITE backdoor to U.S. government and policy organizations via ZIP archive and DLL side-loading. Attribution is to Mustang Panda with moderate confidence.
-
CISA retires 10 Emergency Directives issued 2019 to 2024
CISA is retiring 10 Emergency Directives issued from 2019 through 2024 after required actions were implemented or enforcement moved to Binding Operational Directive 22-01. The closed directives include SolarWinds and Exchange mitigation orders.
-
U.S. to Withdraw From Several International Cybersecurity Organizations
The White House announced the U.S. will withdraw from 66 international organizations, including several that work on cybersecurity, prompting critics to warn of weakened multinational coordination on cyber defenses and online rights.
-
UK launches Government Cyber Action Plan with £210 million pledge
The UK launched a Government Cyber Action Plan with a £210 million pledge to create a Government Cyber Unit and new cyber profession while aligning departments with critical infrastructure security requirements to strengthen public sector defences.
-
Internet outage in Caracas coincided with U.S. cyber effects as forces entered Venezuela
NetBlocks reported a loss of internet connectivity in Caracas during early Saturday power cuts as U.S. Cyber Command and Space Command layered cyber effects to create a pathway for U.S. forces entering Venezuela. PDVSA said no facilities were damaged.
-
SEC Charges Multiple Firms Over $14 Million Artificial Intelligence Crypto Scam
The U.S. Securities and Exchange Commission has charged several firms and investment clubs in an alleged AI-themed cryptocurrency scam that defrauded retail investors of more than $14 million, accusing operators of using WhatsApp groups and fake trading platforms to solicit funds.
-
Italy fines Apple €98.6 million over App Tracking Transparency practices
Italy’s competition authority fined Apple €98.6 million, saying App Tracking Transparency exempted Apple apps and forced developers into a burdensome double-consent process; Apple plans to appeal.
-
Around 1,000 systems hit in ransomware attack on Romania’s water agency
Romanian Waters said a ransomware attack that began on December 20 has affected around 1,000 systems across its IT network and spread to most river basin organisations; hydrotechnical operations continued to run locally while authorities investigate and work to restore services.
