Verizon wireless network extender 4g lte | As a new day dawns, Verizon’s cell services seem to be back to normal. But we’re still waiting for answers on what happened the day before.
Verizon’s wireless network service abruptly went down around 12:30 pm Eastern/9:30 am Pacific on January 14th, forcing phones into SOS mode for customers up and down the eastern seaboard of the United States.
Several major data breaches are linked to a threat actor who relies on stolen credentials to compromise enterprise networks, Hudson Rock reports.
Operating under the moniker ‘Zestix’ but also linked to the online persona ‘Sentap’, the threat actor is an initial access broker (IAB) who was also seen exfiltrating victim data and selling it on hacker forums.
According to Hudson Rock, Zestix emerged as a distinct entity in late 2024-early 2025, but its activities can be linked to Sentap operations that have been ongoing since 2021.
Both personas can be linked to information-stealer infections resulting in the compromise of global enterprises operating in the aerospace, government infrastructure, legal, and robotics sectors.
The credentials, Hudson Rock says, were harvested from the personal or work devices of employees at the victim organizations using information stealers such as RedLine, Lumma, and Vidar.
“While some credentials were harvested from recently infected machines, others had been sitting in logs for years, waiting for an actor like Zestix to exploit them,” Hudson Rock notes.
The lack of multi-factor authentication (MFA) protections on accounts with access to file-transfer instances such as ShareFile, OwnCloud, and Nextcloud has allowed Zestix/Sentap to use the compromised credentials successfully on roughly 50 occasions.
The exfiltrated data is then offered for sale on closed Russian-language forums, but Zestix was also seen selling access to the compromised systems.
According to Hudson Rock, Zestix has established a reputation for reliability. This explains why they were asking $150,000 for the 77 GB of data allegedly stolen from Iberia, the Spanish flag carrier.
Other victims include Pickett & Associates (an engineering firm serving energy organizations), Intecro Robotics (aerospace and defense equipment maker), Maida Health (serves the Brazilian military police), CRRC MA (rolling stock maker subsidiary), K3G (Brazilian ISP), NMCV Business LLC (manages data for US healthcare facilities), and over a dozen others.
Under the Sentap moniker, the threat actor built a wider list of victims, but Hudson Rock says it could not link these breaches to file-sharing services or infostealer infections.
“It is possible that they still stem from similar Infostealer credentials based on the high number of victims we did identify to have infostealer credentials to those services, but we do not rule out access via another initial access,” Hudson Rock says.
The threat actor has claimed massive breaches at Pan-Pacific Mechanical (1.04 TB), Bradley R. Tyer & Associates (1.02 TB), The Providence Group (1 TB), Australian NBN (306 GB), UrbanX.io (275 GB), and dozens of others.
According to Hudson Rock, credentials pertaining to thousands of organizations that use ShareFile, OwnCloud, and Nextcloud are circulating in infostealer logs, including those of prominent names such as Deloitte, Honeywell, KPMG, Samsung, and Walmart.
“These organizations have employees or partners who have been infected, leaving valid sessions or credentials to sensitive file repositories exposed to actors like Zestix,” the cybersecurity firm notes.
The issue, however, has been around for a long time and is unlikely to be easily resolved. The information stealer industry is fueling modern cybercrime, acting as the starting point for data breaches, identity theft, and fraud.
“Stealers are an example of the commodification of cybercrime delivered through malware-as-a-service (MaaS),” SpyCloud Labs SVP of security research Trevor Hilligoss said in a discussion with SecurityWeek.
“You no longer need to be a skilled developer or hacker to gain access to tools that are incredibly effective when deployed at scale. Anyone can just buy or hire readymade malware from the MaaS marketplace,” Hilligoss added.
The success of information stealers builds on speed and stealth. They exfiltrate sensitive information in minutes and are often removed from the infected devices immediately after, leaving minimal traces of wrongdoing.
And for over a decade, stolen credentials have fueled massive attack campaigns, including credential stuffing attacks, which continue to be a problem.
Android has come a long way in the past decade. When I first started professionally reviewing smartphones in 2016, I fell in love with the variety of design and specs you can choose from depending on your budget, but one thing I couldn’t forgive was the general lack of software updates.
Even major Android players such as Samsung only offered two or maybe three years of software updates on even their priciest handsets, and it wasn’t unusual to see cheaper Android phones get barely a year of support, leaving them vulnerable to software bugs and online hacks when their owners should have been encouraged to hold onto the devices for as long as they were functional.
Thankfully it’s a different story in 2026. Google and Samsung now offer seven years of software updates for many of their smartphones, while firms such as Honor and OnePlus have improved their software promises too.
It means if you have a modern Android phone, you will enjoy monthly security fixes in the form of free software updates. These updates land in the settings apps of Android phones, starting with Google’s own Pixel devices. Because Google owns and maintains Android, it patches security and privacy bugs and is able to push out updates fastest to its own phones.
Google publishes a monthly Android Security Bulletin that publicly lays out what it has fixed in the latest Android update. Once this is out, all Android manufacturers are able to implement the fixes and push them out to their customers’ devices. It’s all on these Android brands to make sure these software updates reach your phone.
If you have an Android phone, it’s a good idea to head to your Settings app and see if you have any software updates waiting to be installed. This month’s update could be there for you, and one expert says you should not delay downloading it.
“Although the security bulletin released by Google is short, it addresses a serious and long-running flaw that Android users should not ignore,” said Adam Boynton, Senior Security Strategy Manager EMEIA at Jamf, a security firm. “The vulnerability was discovered in 2025; however, this fix means it has now been patched at the Android platform level.”
“The vulnerability, CVE-2025-54957, is a flaw in Dolby’s DD+ (Dolby Digital Plus) Unified Decoder that allows an attacker to run malicious code. Most notably, on Android OS, audio attachments and voice messages are decoded locally; therefore, the flaw can be exploited without any user interaction.”
This sounds ominous, though in reality you are very unlikely to be personally targeted with any kind of hack, even if you havent updated your phone this month. However, if you were still using a phone from 2016 with no modern updates like I mentioned previously, you would be wide open to a plethora of security flaws that had built up over the years.
Smartphone updates are much more frequent than they once were, and that is a good thing.
“This month’s bulletin is a reminder that regular patching is one of the most effective ways to reduce mobile risk,” Boynton added. “Whether using Android or iOS, keeping devices updated remains the single best defence against modern mobile threats.” Contact Us
A long-standing critical vulnerability in Fortinet’s FortiOS platform — originally disclosed in July 2020 — is once again being actively exploited in real-world attacks. Despite patches being available for more than five years, threat actors are targeting unpatched systems to bypass multi-factor authentication (MFA) and gain unauthorized access to enterprise assets. (SC Media)
The flaw, tracked as CVE-2020-12182, carries a CVSS score of 9.8, indicating its extremely high severity. It allows threat actors to bypass MFA by manipulating the case-sensitivity of usernames, effectively forcing FortiOS to skip secondary authentication checks under specific configurations. (SC Media)
Security researchers and industry analysts stress that this vulnerability is being actively exploited in the wild, with attackers focusing on exposed Fortinet firewalls and VPN gateways that remain unpatched — often despite years of availability of security updates. (BleepingComputer)
Fortinet is widely deployed in enterprise and service provider environments to secure perimeter networks, remote access and internal firewalls. When a FortiOS device is compromised:
Unpatched systems — particularly those with remote access services such as SSL VPN enabled — remain at elevated risk. (BleepingComputer)
This vulnerability has drawn attention beyond vendor advisories; it is consistently discussed in cybersecurity news and vulnerability tracking services due to its high exploitability and ongoing abuse by attackers. For example, SC Media has highlighted its active exploitation status, noting that authentic OAuth logins may be misused to grant access under false pretenses. (SC Media)
To mitigate risk from this and similar legacy vulnerabilities, security teams should take the following actions:
The majority of U.S. mobile users look to one of three major national network operators for wireless connectivity. New York-based Verizon currently commands the largest share of wireless subscriptions, followed closely by Texas-based AT&T. However, T-Mobile US, which is majority-owned by German firm Deutsche Telekom, has sought to challenge its rivals on the quality of its 5G network. Its efforts have included a 2024 agreement to purchase US Cellular’s wireless operations, a deal intended to strengthen the operator’s presence in rural areas, building on its landmark 2020 merger with Sprint. As of 2025, T-Mobile offered by far the best typical 5G download speed in the U.S., as well as the best 5G coverage.
Fixed broadband penetration continues to increase in the U.S., reaching over 38 subscriptions per 100 inhabitants. Cable companies such as Comcast and Charter are the leading players in the sector, offering attractive combined fiber internet and television deals, though major wireless firms are making multiple inroads. Through fixed wireless access (FWA), wireless operators use 5G networks to deliver home broadband rivaling traditional fixed offerings, with T-Mobile and Verizon’s FWA services topping a 2025 ranking of non-fiber services. Meanwhile, T-Mobile has also moved into fiber broadband through a joint venture with investment firm KKR, acquiring fiber provider Metronet.
Traditional U.S. telecoms firms hope to meet the demands of the AI revolution via investment and innovation. However, customers seeking resilience, particularly in the nation’s more remote regions, are exploring alternative solutions. Satellite internet services such as Starlink have emerged as viable solutions, with the SpaceX subsidiary offering complete coverage across the country. While Starlink services remain relatively expensive when compared to fixed packages, competition from the likes of Amazon could drive greater affordability over the coming decade. Contact us Today
Below is a fully original, high-traffic–oriented blog post written in a professional news-analysis style. The content is non-duplicative, SEO-optimized, and suitable for publishing on technology, cybersecurity, or business news websites.
A major cybersecurity incident has sent shockwaves across the digital economy, with credit card information belonging to more than 5.6 million individuals reportedly leaked online. The breach is being described as one of the most significant financial data exposures of the year, raising serious concerns around payment security, consumer privacy, and corporate data protection practices.
As investigations continue, here is a comprehensive breakdown of what is currently known, what information was compromised, and what affected individuals should do next.
According to early reports, cybercriminals gained unauthorized access to a large database containing sensitive payment card information, including:
The exposed data was allegedly discovered on dark web marketplaces and underground hacking forums, where it was being advertised for sale or freely shared among threat actors.
While the breached organization has not yet publicly confirmed the full technical details, cybersecurity analysts suggest the attack may have stemmed from poor database security, misconfigured cloud storage, or compromised administrative credentials.
Current estimates indicate that over 5.6 million unique individuals may have had their credit card details exposed. Security experts warn that the real number could increase as forensic audits continue and additional datasets are analyzed.
Victims may span multiple regions, suggesting that the breach involved an international user base, rather than being limited to a single country or financial institution.
At this stage, no official attribution has been made. However:
Law enforcement agencies and cybersecurity teams are reportedly collaborating to trace the origin of the attack.
Unlike breaches involving usernames or email addresses, credit card data enables immediate financial fraud. Criminals can use the exposed information to:
Additionally, leaked payment data often resurfaces months or even years later, meaning victims could face long-term financial risk.
If you believe your data may be involved, experts strongly recommend the following steps:
Proactive action can significantly reduce the impact of potential fraud.
This breach highlights a growing trend: cybercriminals increasingly target payment systems and customer databases, especially those with weak security controls.
Organizations handling financial data must prioritize:
Failure to do so not only risks financial loss but also severe reputational damage and legal consequences.
Cybersecurity analysts note that large-scale data breaches are becoming more frequent and more damaging. As digital payments grow and cloud infrastructure expands, attackers are exploiting complex systems faster than organizations can secure them.
This latest incident serves as a stark reminder that data security is no longer optional—it is a core business responsibility.
The exposure of credit card details belonging to more than 5.6 million people underscores the urgent need for stronger cybersecurity practices across industries. While investigations are ongoing, the incident reinforces a critical lesson for both consumers and businesses: vigilance, preparedness, and rapid response are essential in today’s threat landscape.
More updates are expected as authorities and security researchers uncover additional details surrounding the breach.