Introduction
Today’s cybersecurity landscape highlights a mix of strategic shifts in security tools and an escalation in cyber threats targeting organisations and users globally. From Google’s decision to discontinue its dark web monitoring tool to several high-profile data breaches and emerging malware threats, security teams and business leaders must stay vigilant and adapt their defensive strategies accordingly.
Changes in Dark Web Monitoring Services
Google Shuts Down Dark Web Report Tool
Google has announced it will discontinue its dark web monitoring tool by February 16, 2026, with scans for new breaches ending on January 15, 2026. This service, launched less than two years ago, helped users monitor if their personal information appeared on dark web platforms. Google’s decision stems from a strategic refocus on other security tools considered more effective.
Who is affected? Users relying on Google’s dark web monitoring service will need to seek alternatives to maintain visibility over their compromised data.
Why it matters: Dark web monitoring is a growing necessity for organisations and individuals to detect early signs of data exposure. The shutdown underscores the importance of having multiple monitoring strategies and tools, as reliance on a single provider can leave gaps.
Data Breaches and Extortion Incidents
SoundCloud Breach Disrupts Service and Exposes Member Data
SoundCloud confirmed a security breach that compromised a database containing users’ email addresses and profile information. This breach also caused outages and VPN connection disruptions, with affected users encountering 403 ‘forbidden’ errors when trying to access the platform via VPN.
Who is affected? Millions of SoundCloud users, particularly those utilising VPNs, face potential privacy risks and service access issues.
Why it matters: This incident highlights the growing challenge of securing streaming platforms against data theft and ensuring uninterrupted access for users leveraging privacy tools like VPNs.
Askul Corporation Suffers Ransomware Attack
Japanese e-commerce giant Askul Corporation confirmed the theft of approximately 740,000 customer records following a ransomware attack by the RansomHouse group in October.
Who is affected? Customers of Askul face risks of identity theft and fraud due to the exposure of their personal information.
Why it matters: Ransomware continues to be a dominant threat vector with significant impacts on customer trust and business continuity.
PornHub Extortion Following Data Theft
Adult content platform PornHub is under extortion pressure from the ShinyHunters gang after the theft of Premium members’ search and watch history in a third-party Mixpanel data breach.
Who is affected? PornHub’s Premium subscribers face privacy invasions with sensitive behavioural data at risk.
Why it matters: The incident stresses the importance of securing not only primary platforms but also third-party services that handle user data.
Emerging Malware and Vulnerabilities
SantaStealer Malware Targets Browsers and Crypto Wallets
A new malware-as-a-service called SantaStealer has emerged, advertised on Telegram and hacker forums. It operates in memory to evade traditional file-based detection and steals data from web browsers and cryptocurrency wallets.
Who is affected? Individuals and organisations using browsers and crypto wallets are vulnerable to this stealthy data theft.
Why it matters: The in-memory operation technique of SantaStealer exemplifies advanced evasion tactics, emphasising the need for behavioural detection mechanisms.
Apple Patches Multiple Zero-Day Vulnerabilities
Apple has addressed two recently discovered zero-day vulnerabilities linked to a sophisticated attack campaign, with overlaps to a zero-day Google patched last week.
Who is affected? Apple device users worldwide are at risk until patches are applied.
Why it matters: Zero-day exploits remain a critical risk, particularly when used in coordinated attacks across different platforms.
Cybersecurity Policy and Strategy Insights
The Role of Cyber Insurance MGAs in Evolving Risks
Managing General Agents (MGAs) are playing a pivotal role in tailoring cyber insurance policies that reflect the real-world challenges faced by CISOs, especially in sectors where insurers lack deep expertise.
Who is affected? Organisations seeking cyber insurance can benefit from policies better aligned with their risk landscape.
Why it matters: As cyber threats evolve, insurance policies must adapt to provide effective risk mitigation and support incident response.
Cybersecurity Tips from Industry Experts
Etay Mayor, CISO at Cato Networks, shares insights on thinking like an attacker to improve defensive strategies and navigate the ever-changing cybersecurity landscape.
Who is affected? Security professionals and business leaders aiming to strengthen their security posture.
Why it matters: Understanding attacker methodologies is crucial for proactive defence and resilience.
Conclusion
The cybersecurity environment at the close of 2025 is marked by significant shifts in monitoring capabilities, rising sophistication of attacks, and the continued need for adaptive strategies. Organisations must diversify their security tools, stay alert to emerging threats like SantaStealer malware, and ensure robust incident response and insurance coverage.
Key Takeaways
- Google will discontinue its dark web monitoring tool by February 2026, requiring users to find alternative breach detection services.
- SoundCloud’s breach and subsequent VPN access issues highlight risks for streaming platforms and VPN users.
- Large-scale ransomware attacks, such as against Askul, continue to expose millions of customer records.
- Emerging malware like SantaStealer uses advanced evasion techniques, targeting browsers and crypto wallets.
- Apple’s patching of multiple zero-day vulnerabilities underlines persistent threats against widely used devices.
- Cyber insurance policies are evolving to better reflect real-world cyber risks with help from MGAs.
- Security professionals benefit from adopting attacker mindsets to anticipate and mitigate threats effectively.