France’s national postal service, La Poste, experienced a significant disruption to its digital infrastructure this week after a large-scale cyberattack temporarily disabled key systems during the peak holiday delivery period. A pro-Russian hacking collective later claimed responsibility for the incident, according to French authorities.

The attack, identified as a distributed denial-of-service (DDoS) operation, forced central IT systems offline on Monday, preventing postal employees from tracking parcels and causing interruptions to online payment services linked to La Poste’s banking division. As of Wednesday morning, parts of the system had not yet been fully restored.

Responsibility for the attack was claimed by the hacker group Noname057, which has previously been linked to a series of cyber operations targeting European institutions. Following the claim, France’s domestic intelligence service, DGSI, assumed control of the investigation, the Paris prosecutor’s office confirmed.

The disruption comes at a critical time for La Poste, which handles billions of mail items and parcels annually and employs more than 200,000 people nationwide. The outage coincided with one of the busiest logistics periods of the year, amplifying its operational impact.

French authorities view the incident within a broader pattern of hostile cyber activity attributed to Russia-aligned actors. France and its European partners argue that such attacks form part of a wider “hybrid warfare” strategy aimed at destabilizing public services, exhausting security resources, and weakening political support for Ukraine. In recent years, European investigators have documented hundreds of similar incidents involving cyberattacks, disinformation campaigns, and acts of sabotage across the region.

A large portion of the global internet experienced significant slowdowns today after Cloudflare, one of the key infrastructure providers behind thousands of popular websites, suffered a major technical outage. The disruption affected numerous online services — including X (formerly Twitter), Substack, Canva and others — with users encountering a “500 internal server error” message instead of the expected content.

Interestingly, some platforms that were impacted by a similar worldwide outage earlier this month remained stable this time, likely because they have since reduced their reliance on Cloudflare’s infrastructure. Among those unaffected was ChatGPT.

This is the second major incident in less than three weeks, once again highlighting the complexity and vulnerability of the global internet ecosystem. Cloudflare provides essential services that act as a “bridge” between websites and their users, accelerating page loading and protecting sites from overload. As a result, any disruption within Cloudflare’s systems can quickly trigger a chain reaction that brings down numerous unrelated services across the internet.

Although the interruption was relatively brief, it underscored how dependent the global digital landscape has become on a handful of key technology providers — and how their technical issues can instantly become a worldwide problem.

At the end of November 2025, Germany initiated the most far-reaching cybersecurity reform of the past decade, following the Bundesrat’s adoption of the NIS2 implementation law. As a result, regulatory obligations effectively entered into force immediately, without any transitional periods — a development legal experts are calling a “compliance shock” for the business sector. At the same time, European supervisory authorities activated a key mechanism of the DORA regulation and published the first list of critical IT third-party providers, who now fall under direct EU oversight.

The Federal Network Agency (BNetzA) has already presented a draft of a new security catalogue, introducing stricter requirements for safeguarding the telecommunications supply chain. The law firm Dentons reminds that all obligations apply the moment the law takes effect, including mandatory registration with the BSI and the implementation of comprehensive cyber risk-management measures. The scope of regulated entities is expanding dramatically — from around 4,500 to almost 30,000 companies — now including logistics, food supply, and digital service providers.

DORA further tightens supervision over cloud providers, analytics companies, and software vendors serving the financial sector, introducing mandatory on-site inspections and new channels for reporting IT incidents. The common priority of both regulations is strengthened third-party risk management, meaning that suppliers can no longer rely on simple declarations of conformity but must provide evidence of their security reliability.

Regulators stress that the era of postponements is over, and companies that were counting on extended deadlines now face severe penalties and increased personal liability for management. All indicators suggest that the period leading into early 2026 will be a race to close compliance gaps across all sectors.

Amazon has released details on two cases in which Iranian threat actors combined digital espionage with physical attacks, a practice the company refers to as “cyber-enabled kinetic targeting.” The first case involves the group Imperial Kitten (also known as Tortoiseshell), linked to Iran’s IRGC, which over a two-year period progressed from cyber reconnaissance to a physical strike. According to Amazon, the group compromised a ship’s AIS system in December 2021 and, by August 2022, had gained access to additional maritime platforms and onboard CCTV cameras to collect real-time visual intelligence. In January 2024, they searched AIS location data for a specific vessel, which just days later, on February 1, became the target of a Houthi missile attack. Amazon says the link between the cyber reconnaissance and the subsequent strike is “unmistakable,” even though the attack itself was unsuccessful.

The second case concerns MuddyWater, a group tied to Iran’s MOIS, which in May 2025 prepared a server for cyber operations and, by June 17, used the same infrastructure to access a compromised CCTV server streaming live footage from Jerusalem. Researchers believe the footage was used to support the planning of a June 23 missile attack, after which Israeli authorities warned citizens to immediately disconnect internet-exposed cameras. Amazon stresses that existing terms such as “cyber-kinetic operations” or “hybrid warfare” lack precision, and proposes a new definition for campaigns where cyber activities directly support physical strikes. The company warns that this type of operation will become increasingly common as nation-states recognize the strategic advantage of combining digital reconnaissance with kinetic attacks.

Amazon urges companies to adjust their security strategies and expand threat models, noting that even entities that previously considered themselves uninteresting to attackers may now be targeted for tactical intelligence collection.

The Dubai Electronic Security Center (DESC) launched the “Scan Smart” campaign, which took place from 24 to 30 October as part of Cybersecurity Awareness Month, with the goal of raising public awareness about QR code–related risks. As QR codes become increasingly common in restaurants, hotels, shops, events, and other public spaces, the risk of tampering or malicious replacement continues to grow. In the first half of 2025 alone, more than 4.2 million global attempts to forge QR codes were recorded, underscoring the urgent need for public education. Through the initiative, DESC aimed to empower citizens and businesses to recognize legitimate codes, avoid compromised ones, and report suspicious activity.

DESC Chief Executive H.E. Yousuf AlShaibani stated that the campaign reflects the center’s commitment to building a safer digital environment for Dubai’s residents and visitors. As part of the campaign, DESC introduced interactive kiosks and an educational microsite, along with RZAM — a free browser extension that detects risky websites triggered after scanning QR codes.

Dozens of F&B venues across the city participated as “Scan Smart Partners,” displaying branded materials and offering visitors free coffee and exclusive discounts. These partners helped create everyday “micro hubs” of digital awareness, where the public could learn about safe QR scanning in a relaxed environment. DESC encouraged users to always verify QR codes before scanning and to report any suspicious attempts, strengthening community cyber resilience and supporting the wider vision of a safer digital ecosystem in the UAE.

According to the cybersecuritynews.com portal, Google has filed a lawsuit against a criminal operation known as “Lighthouse,” a sophisticated phishing-as-a-service platform that has reportedly affected more than one million people across over 120 countries. Google’s security researchers determined that this is one of the most damaging scam networks in recent years, structured to exploit well-known brand identities in order to deceive victims.

The platform enables attackers to launch large-scale “smishing” campaigns — phishing attacks delivered via SMS messages instead of email. Fraudsters impersonate companies such as E-Z Pass, USPS, and other toll service providers, sending links that direct victims to fraudulent websites. These websites are designed to look legitimate, tricking users into revealing passwords, financial information, and other sensitive data.

Google analysts uncovered at least 107 malicious website templates featuring Google’s branding on fake login screens, further increasing the risk of credential theft. In the United States, the operation has, according to the same source, facilitated the theft of data from tens of millions of credit cards, resulting in a massive financial impact.

Google’s lawsuit cites multiple laws, including RICO, the Lanham Act, and the Computer Fraud and Abuse Act. At the same time, the company is implementing additional security measures — from AI-powered systems that detect suspicious messages to enhanced account recovery options — to help users regain control of compromised accounts more quickly and safely.