Cyber Saturday Rundown: Data Leaks, Critical Patches, and Geopolitical Tensions

This past week saw a flurry of activity, from significant data breaches to critical vulnerability disclosures and ongoing geopolitical cyber maneuvers. According to עדכוני סייבר - אשר תמם, a massive data leak involving nearly 100,000 user records from Spain’s Grupo2000 training organization is up for grabs at a paltry $150. This trove includes names, phone numbers, emails, and tax IDs of students and instructors—a classic low-cost, high-impact dump. Meanwhile, Japan’s Ficha, a key player in AI and automotive tech, suffered a severe breach, exposing source code, ADAS algorithms, and neural network data. This isn’t just a minor blip; it impacts sensitive projects from industry giants like Toyota, Bosch, and NVIDIA, including hardware adaptations for edge chips. That’s a serious hit to competitive advantage and intellectual property.

On the geopolitical front, עדכוני סייבר - אשר תמם reported that British and allied forces detected suspicious activity from a Russian submarine and GUGI unit vessel near critical undersea communication cables in northern Britain. This kind of cat-and-mouse game near vital infrastructure elevates national security concerns over global connectivity. Vendor-side, Juniper Networks dropped patches for 36 vulnerabilities in Junos OS, with a critical flaw (CVE-2026-33784) exposing high-privilege default passwords in Support Insights systems—a rookie mistake with severe implications. Also, the Feds met with US banks to discuss security risks tied to Anthropic’s Mythos AI. In the murky world of crypto, “Operation Atlantic,” led by the British crime agency, identified over 20,000 crypto fraud victims and froze $12 million. Concurrently, the NotnullOSX malware is actively targeting over 10,000 macOS crypto wallets. Finally, MuddyWater’s “Olalampo” operation continues to hit the MENA region with new malware variants and Telegram bots for C2, with thousands of associated domains identified.