North America
Notepad++
The popular open-source code editor Notepad++ was targeted by state-sponsored attackers in a supply-chain attack, putting the integrity of software updates at risk.
Notepad++ is a free, open-source text and source code editor for Microsoft Windows. The project confirmed that attackers quietly hijacked its software update infrastructure in a targeted campaign, intercepting and redirecting update traffic intended for notepad-plus-plus.org. This allowed malicious binaries to be delivered to select users over an extended period.
The attack unfolded over a six-month period, from June to December 2025, primarily affecting users running older versions of the WinGUp updater.
SourceHow it could affect your business
This incident highlights how trusted software distribution mechanisms can become high-risk attack surfaces when infrastructure or validation controls fail. Reducing exposure requires a layered defensive approach that extends beyond patch management to include visibility, control and preparedness across the software update lifecycle.
Australia & New Zealand
Langley Twigg Law
A Napier-based law firm, Langley Twigg Law, confirmed a cyberattack that exposed its internal systems and client information.
On January 25, the ransomware group Anubis claimed responsibility for an attack on the New Zealand law firm. A day later, the firm confirmed a malicious third-party attack on its IT network. Langley Twigg said the incident occurred on January 11 and compromised internal operational information along with some client documents.
The firm said it is still investigating the incident and will contact affected clients directly once the investigation is complete.
SourceHow it could affect your business
Law firms are increasingly targeted because they hold large volumes of confidential information, including intellectual property, merger and acquisition data and sensitive client financial records. Reducing risk requires tighter third-party access controls, stronger monitoring of vendor connections and clear incident response plans to limit exposure in the event of a breach. Regular user awareness training and visibility into unusual network activity can also help detect attacks earlier.
Australia
Prosura
Australian insurance provider Prosura is investigating a cyber incident after fraudulent emails were sent to some of its customers.
Identified in early January, the incident led the insurer to temporarily shut down key online services. The company said it is investigating unauthorized access to parts of its internal systems, which led to fraudulent emails being sent to customers regarding their existing or completed insurance policies. The information potentially affected includes names, email addresses, phone numbers, country of residence, travel destinations, invoicing and pricing details, and policy start and end dates.
The company has also warned customers about related phishing attempts delivered via email, phone or text, which may use personal information to appear legitimate and trick recipients into further engagement.
SourceHow it could affect your business
Information exposed in incidents like this can be quickly repurposed for targeted phishing, giving attackers the details they need to craft convincing messages. Strong user awareness is critical so customers and staff know how to spot suspicious emails, calls or texts — and report them before further damage occurs.
North America
Microsoft Office & Microsoft 365
Last week, Microsoft issued an out-of-band update to address a high-severity vulnerability (CVSS score 7.8) affecting multiple Microsoft Office products.
The vulnerability, tracked as CVE-2026-21509, is being actively exploited in the wild and has been added to CISA’s Known Exploited Vulnerabilities Catalog. The flaw stems from how the applications rely on untrusted inputs when making security decisions, allowing attackers to bypass Object Linking and Embedding security protections in Microsoft Office and Microsoft 365. Exploitation requires convincing a user to open a specially crafted malicious Office file.
Affected software includes Microsoft Office 2016, Microsoft Office 2019, Microsoft Office LTSC 2021, Microsoft Office LTSC 2024 and Microsoft 365 Apps for Enterprise.
SourceHow it could affect your business
Organizations should identify vulnerable Microsoft Office instances across their environments and apply updates or appropriate mitigations immediately. With active exploitation underway, unpatched systems remain at immediate risk.
Europe
Dresden State Art Collections
Dresden State Art Collections, a network of 15 museums in Germany, confirmed a cyberattack that affected a significant portion of its digital infrastructure.
The attack in late January disrupted a significant portion of the museum’s network, including its online shop and visitor services. Meanwhile, a statement issued by the museum said that its physical and technical security systems were not affected and that the museum remains open to the public.
SourceHow it could affect your business
Even organizations centered on physical locations like museums, can face major disruption when digital services are targeted, cutting off services that visitors and staff rely on. Any organization offering digital services needs to strengthen its cyber defenses, focusing on resilience, visibility and preparedness to keep operations running when systems are targeted.
