In partnership with

THIS WEEK IN CYBER MONDAY 🔒

Dec 29, 2025 - Jan 5, 2026 | Top 5 Weekly Highlights

1. 🎮 Ubisoft's Rainbow Six Siege Gets Hacked Twice in One Week

Rainbow Six Siege players had a rough start to 2026. The first attack hit on December 29. The second wave came on January 4. By the time Ubisoft shut everything down, attackers had injected $13.3 million worth of in-game currency (2 billion R6 Credits) into the system.

The problem was a critical vulnerability called "MongoBleed" in MongoDB databases. But the hackers didn't just steal things. They started issuing "meme bans" to players and flooding random accounts with billions in fake currency. They were basically trolling the entire player base while showing they had complete control.

Ubisoft had to take the game offline worldwide and roll back the entire database. Imagine losing days or weeks of game progress because someone decided to break the economy for fun.

Why it matters: MongoDB powers many applications beyond gaming—banking apps, e-commerce sites, and more. This exploit shows that database vulnerabilities can break entire platforms, not just games.

Fix: If you're a developer using MongoDB, patch immediately. For players, check your account when the game comes back online—Ubisoft is still figuring out which transactions were real and which were fake.

READ MORE → BleepingComputer

“AI Won't Replace You. Someone Using AI Will.“
Don't let that happen. Click here 👉

Learn AI in 5 minutes a day

This is the easiest way for a busy person wanting to learn AI in as little time as possible:

1. Sign up for The Rundown AI newsletter

2. They send you 5-minute email updates on the latest AI news and how to use it

3. You learn how to become 2x more productive by leveraging AI

Sign up to start learning.

2. 🏥 New Zealand's Patient Portal Gets Hit with $60K Ransom

New Zealand's biggest patient portal, ManageMyHealth, got breached on New Year's Eve. About 1.8 million users were affected, with 126,000 sensitive medical records directly compromised.

The "Kazu" ransomware group demanded $60,000 for 108 GB of stolen medical data. The breach happened because the platform's encryption software failed and stopped working properly.

This isn't just email addresses and passwords. This is medical histories, prescriptions, diagnoses—the kind of information that can seriously damage someone's life if it gets leaked or sold online.

Why it matters: Healthcare data is extremely valuable to attackers. It's worth 10-50x more than credit card data on dark web markets because it contains everything needed for identity theft and insurance fraud. You can cancel a credit card, but you can't cancel your medical history.

The takeaway: If you used ManageMyHealth, watch your accounts closely. Medical identity theft often goes unnoticed for months until fraudulent medical claims start appearing under your name.

READ MORE → RNZ

3. 📍 Social App Leaks Exact GPS Locations on New Year's Day

Neighbourly, New Zealand's community-focused social network, went offline on January 1st after a breach exposed usernames, emails, and most importantly—the exact GPS locations of its users.

This wasn't general location data like "somewhere in Auckland." This was pinpoint accuracy that could tell someone exactly which house you live in.

The app was designed to connect neighbors and build local communities. Instead, it accidentally created a map showing exactly where users live.

Why it matters: Location data is uniquely dangerous because it's permanent. You can change your password or cancel your credit card. But you can't change where you physically live without actually moving. Once that GPS data is out there, it stays a security risk.

The reality check: If an app asks for your location, think about whether it actually needs pinpoint accuracy or if "approximate location" would work. Most apps ask for more data than they actually need.

READ MORE → RNZ

4. 📰 Condé Nast Gets Breached: 2.3M WIRED Records Leaked, 40M More Threatened

A hacker using the alias "Lovely" leaked data from 2.3 million WIRED magazine subscribers on December 20th. But that was just the start. The hacker claims to have access to 40 million more records from other Condé Nast brands like Vogue, The New Yorker, Vanity Fair, and GQ.

The leaked WIRED data includes email addresses, names, phone numbers, and over 100,000 physical home addresses. The hacker says Condé Nast ignored security warnings for an entire month before the breach.

Security researchers found the hacker exploited broken access controls—basically, they could access user data by just changing ID numbers in the URL without any authentication. Because Condé Nast uses a shared account system across all their publications, one vulnerability gave access to everything.

Why it matters: This shows how dangerous shared systems can be. One security flaw doesn't just affect one website—it can expose data across dozens of brands. The hacker is now threatening to release 40 million more records from other Condé Nast publications.

What to do: If you have an account with any Condé Nast publication (WIRED, Vogue, GQ, The New Yorker, etc.), change your password now. The breach has been added to Have I Been Pwned, so you can check if your email was affected.

READ MORE → BleepingComputer

5. 🚀 European Space Agency Confirms Breach: 200GB of Data Stolen

The European Space Agency confirmed on December 30th that hackers breached their external servers and stole over 200GB of sensitive data.

A hacker known as "888" claims they had access to ESA's systems for about a week starting December 18th. They grabbed source code from private Bitbucket repositories, API tokens, access credentials, configuration files, and confidential documents. The hacker is now selling all of this data online.

ESA says only "external servers" used for unclassified scientific collaboration were affected, not their core corporate network. But the stolen data includes infrastructure code, hardcoded passwords, and internal documentation that could be used to attack ESA's main systems later.

Why it matters: Space agencies are critical infrastructure. They manage satellites that provide GPS, weather forecasting, communications, and more. If hackers can access their development systems and source code, they could potentially find ways to disrupt these essential services.

The bigger picture: This is ESA's third major breach in recent years. Their online store was hacked in 2024, systems were breached in 2015, and credentials were leaked in 2011. The pattern shows that even organizations managing space missions struggle with basic cybersecurity on their external systems.

READ MORE → BleepingComputer

🎯 The Big Picture

This week showed a clear pattern: external systems and shared infrastructure are the weakest links.

Ubisoft got hit through a MongoDB vulnerability. ManageMyHealth's encryption failed. Neighbourly exposed GPS data. Condé Nast's shared account system meant one flaw exposed 40+ million users. And ESA's "external" servers contained keys to their entire infrastructure.

The pattern is clear:

• Database vulnerabilities spread fast—MongoDB's MongoBleed affected gaming, but the same databases run banking and e-commerce

• Healthcare and education remain top targets because they hold valuable data but often lack strong security budgets

• Shared systems are dangerous—Condé Nast's unified login meant one breach exposed dozens of brands

• "External" doesn't mean safe—ESA's external servers still contained source code and credentials that could compromise main systems

• Location data is forever—once GPS coordinates leak, there's no taking them back

What to actually do:

✅ For gamers: Enable 2FA on all gaming accounts and check balances when servers come back

✅ For healthcare users: If you used ManageMyHealth, monitor for unusual medical claims under your name

✅ For developers: Patch MongoDB immediately if you're using it—this vulnerability affects more than just games

✅ For media subscribers: Change passwords for WIRED, Vogue, GQ, The New Yorker, and all Condé Nast brands

✅ For everyone: Stop giving apps precise GPS access unless absolutely necessary. "Approximate location" works for most things

✅ For organizations: "External" systems need the same security as your main network—they often hold keys to everything

The New Year started with a reminder: attackers target the easiest entry point, not the most obvious one. External servers, shared systems, and third-party databases are all paths into your main systems.

Stay careful out there.

Got questions? Found something we missed? Drop feedback in the comments.