Security and AI news from the week beginning 5 January 2026

2026 has started where 2025 left off. Breaches galore, new AI hardware and social media companies struggling to protect users. Data on 17.5 million Instagram users was posted to a breach forum, with Meta telling users to change passwords and verify 2FA. Brightspeed also suffered a breach with the Crimson Collective, claiming to have stolen data from over one million customers. Ledger also admitted that customer order data was exposed through Global-e, an e-commerce partner. The company says its systems were not directly affected.

CES provided a platform for NVIDIA to announce the availability of its Vera Rubin NVL72 system. It claims it is many times faster than previous generations of its AI hardware. Intel and AMD also announced new AI hardware.

Intel launched the Core Ultra Series 3 processors (codenamed Panther Lake). This is its first AI PC platform built on the 18A process node. Importantly, it is also the first to be manufactured solely in the US. AMD announced the Ryzen AI 400 series for laptops and new “Turin” data centre chips, as it aims to strengthen its position in both consumer and enterprise AI hardware markets.

Researchers at Stanford University unveiled SleepFM, a multimodal AI system trained on over 585,000 hours of sleep data that can predict the risk of more than 130 health conditions—including dementia, heart disease, and certain cancers—from a single night’s sleep recordings.

In case you missed it

Infosys has announced a strategic collaboration with Amazon Web Services (AWS) to accelerate enterprise adoption of generative artificial intelligence (AI). The initiative focuses on combining Infosys Topaz, an AI-first set of services, solutions, and platforms using generative AI (gen AI) technologies, and Amazon Q Developer, AWS’s generative AI-powered assistant.

Nebius plans to deploy NVIDIA Vera Rubin NVL72 through its AI Cloud and Nebius Token Factory. Customers will be able to access it from H2 2026. The company says that this will make it among the first NVIDIA partners to deploy the technology, and it will be available in its US and European datacentres. It is the latest buy-in to the NVIDIA AI technology from Nebius and continues its commitment to that relationship.

Apono and Check Point Software have announced a new integration to create an advanced SASE-based Zero Standing Privilege (ZSP) architecture. The goal is to eliminate long-lived permissions which occur due to the synchronisation delays in System for Cross-domain Identity Management (SCIM) solutions.

InsureVision says that US commercial auto insurers are haemorrhaging money. To reduce this, it released two AI tools at CES 2026. TeslaStick will provide additional insurance data on Tesla owners, while FleetVision is aimed at commercial vehicle fleets

Exabeam has launched what it calls the first connected AI security system. It is extending User and Entity Behavioural Analysis (UEBA) to monitor AI agent behaviour. Unifying behavioural analytics, investigation, and posture insights gives security teams a clearer picture of risks across the organisation.

Nadir Merchant, GM of Kaseya’s IT Operations Suite and former CTO of IT Glue, appeared on the Enterprise Times podcast. He discusses how SMBs and the MSPs that serve them should approach adopting AI. He argues that AI has the power to transform organisations if they utilise it correctly.

In other news

Dragos

Dragos CEO Robert M. Lee is to speak at the World Economic Forum (WEF) Annual Meeting in Davos, Switzerland. He will appear at the session, “On Guard, from Deep Sea to Orbit,” on Wednesday, January 21, 13:15-14:00 CEST.

Europol

Europol supported the Spanish National Police and the Bavarian State Criminal Police Office in an operation against the international criminal organisation ‘Black Axe’. The action resulted in 34 arrests and significant disruptions to the group’s activities. Black Axe is a highly structured, hierarchical group with its origins in Nigeria and a global presence in dozens of countries.

FBI

The Federal Bureau of Investigation released a flash alert for NGOs, think tanks, academia, and other foreign policy experts on the evolving tactics employed by the North Korean state-sponsored cyber threat group Kimsuky. It says that as of 2025, Kimsuky actors have targeted think tanks, academic institutions, and both U.S. and foreign government entities with embedded malicious Quick Response (QR) codes in spearphishing campaigns.

National Cyber Security Centre

The NCSC published a short blog covering the refresh by the UK Government of its Cyber Security Strategy (GCSS), the Government Cyber Action Plan (GCAP). The GCAP outlines roles and relationships between organisations working with the public sector (including the NCSC and DSIT), setting clear milestones, strengthening governance, and providing centralised support that allows departments to focus on securing what matters most.

Security and AI news from the week beginning 15 December 2025

The post Security and AI news from the week beginning 5 January 2026 appeared first on Enterprise Times.