Discord teen-by-default settings are now rolling out globally, marking a major shift in how the popular communication platform handles safety for users aged 13 to 17. The move signals a clear message from Discord: protecting teens online is no longer optional, it is expected. The Discord update applies to all new and existing users worldwide and introduces age-appropriate defaults, restricted access to sensitive content, and stronger safeguards around messaging and interactions. While Discord positions this as a safety-first upgrade, the announcement also arrives at a time when gaming and social platforms are under intense regulatory and public scrutiny.

What Discord Teen-by-Default Settings Actually Change

Discord, headquartered in San Francisco and used by more than 200 million monthly active users, says the new Discord teen-by-default settings are designed to create safer experiences without breaking the sense of community that defines the platform. Under the new system, teen users automatically receive stricter communication settings. Sensitive content remains blurred, access to age-restricted servers is blocked, and direct messages from unknown users are routed to a separate inbox. Only age-verified adults can change these defaults. The company says these measures are meant to protect teens while still allowing them to connect around shared interests like gaming, music, and online communities.

Age Verification, But With Privacy Guardrails

Age assurance sits at the core of the Discord teen-by-default settings rollout. Starting in early March, users may be asked to verify their age if they want to access certain content or change safety settings. Discord is offering multiple options: facial age estimation processed directly on a user’s device, or submission of government-issued ID through approved vendors. The company has also introduced an age inference model that runs quietly in the background to help classify accounts without always forcing verification. Discord stresses that privacy remains central. Video selfies never leave the device, identity documents are deleted quickly, and a user’s age status is never visible to others. In most cases, verification is a one-time process.

Why it Matters Now Than Ever Before

The timing of the Discord teen-by-default settings rollout is no coincidence. In October 2025, Discord disclosed a data breach involving a third-party vendor that handled customer support and age verification. While Discord’s own systems were not breached, attackers accessed government ID photos submitted for age verification, limited billing data, and private support conversations. The incident reignited concerns about whether platforms can safely handle sensitive identity data—especially when minors are involved. For many users, that trust has not fully recovered. At the same time, regulators are tightening the screws. The U.S. Federal Trade Commission has publicly urged companies to adopt age verification tools faster. Platforms like Roblox are rolling out facial AI and ID-based age estimation, while Australia has gone further by banning social media use for children under 16. Similar discussions are underway across Europe.

Teen Safety Meets Public Skepticism

Not everyone is convinced. Online reaction, particularly on Reddit, has been harsh. Some users accuse Discord of hypocrisy, pointing to past breaches and questioning the wisdom of asking users to upload IDs to third-party vendors. Others see the changes as the beginning of the end for Discord’s open community model. There is also concern among game studios and online communities that rely heavily on Discord. If access becomes more restricted, some fear engagement could drop—or migrate elsewhere.

Giving Teens a Voice, Not Just Rules

To balance control with understanding, Discord is launching its first Teen Council, a group of 10–12 teens aged 13 to 17 who will advise the company on safety, product design, and policy decisions. The goal is to avoid guessing what teens need and instead hear it directly from them. This approach acknowledges a hard truth: safety tools only work if teens understand them and trust the platform using them.

A Necessary Shift, Even If It’s Uncomfortable

The Discord teen-by-default settings rollout reflects a broader industry reality. Platforms built for connection can no longer rely on self-reported ages and loose moderation. Governments, parents, and regulators are demanding stronger protections—and they are willing to step in if companies do not act. Discord’s approach won’t please everyone. But in today’s climate, doing nothing would be far riskier. Whether this move strengthens trust or fuels backlash will depend on how well Discord protects user data—and how honestly it continues to engage with its community.

The third week of 2026 highlights a series of cybersecurity events affecting businesses, critical infrastructure, and regulatory compliance. This week, network administrators are grappling with the exploitation of a previously patched FortiOS vulnerability, while ransomware attacks continue to expose sensitive data across major corporations.   Meanwhile, hacktivist groups are targeting industrial systems and government networks, and the European Union has introduced new rules to phase out high-risk telecom and ICT products from non-EU suppliers.  These incidents demonstrate that cybersecurity risks are no longer confined to IT systems. They now intersect with national security, operational continuity, and regulatory oversight, requiring organizations to adopt both technical defenses and strategic risk management measures.  

The Cyber Express Weekly Roundup 

Active Exploits Hit “Patched” FortiOS 7.4.9 

Administrators report active exploitation of CVE-2025-59718 on FortiGate devices running FortiOS 7.4.9. Attackers bypass authentication through forged FortiCloud SSO logins, creating local admin accounts to maintain access. Evidence suggests that the patch may be incomplete or bypassed. Experts advise manually disabling FortiCloud SSO via CLI and auditing logs for unusual SSO activity, new admin accounts, and configuration exports. Read more… 

Ingram Micro Data Breach Exposes 42,521 Individuals 

A ransomware attack in July 2025 compromised sensitive employee and job applicant data at Ingram Micro, affecting 42,521 individuals. Exposed information includes names, contact details, dates of birth, Social Security numbers, and employment records. The attack disrupted logistics operations for about a week and was discovered in December 2025. Affected individuals have been notified and offered two years of credit monitoring and identity protection. Read more… 

One in Ten UK Businesses Could Fail After Major Cyberattack 

A Vodafone Business survey found over 10% of UK business leaders fear their organizations could fail after a major cyberattack. While 63% acknowledge rising cyber risks and 89% say high-profile breaches increased alertness, only 45% provide basic cyber-awareness training to all staff. Weak passwords, phishing, and emerging AI/deepfake scams heighten vulnerabilities. Read more… 

EU Proposes Rules on “High-Risk” Telecom Products 

The European Commission proposed updates to the Cybersecurity Act to phase out “high-risk” ICT products from mobile, fixed, and satellite networks supplied by risky countries, including China and Russia. Mobile networks have 36 months to comply; timelines for other networks will follow. Read more… 

Hacktivist Activity Surges, Targeting Critical Infrastructure 

The Cyble 2025 Threat Landscape report shows hacktivists targeting ICS, OT, and HMI/SCADA systems. Groups like Z-Pentest, Dark Engine, and NoName057(16) focused on industrial sectors in Europe and Asia. Hacktivist activity rose 51% in 2025, driven largely by pro-Russian and pro-Palestinian collectives. Many groups aligned with state interests, including GRU-backed Russian operations and Iranian-linked teams. Read more… 

NCSC Warns UK Organizations of Russian-Aligned Hacktivists 

The UK National Cyber Security Centre (NCSC) warned that Russian-aligned hacktivists, including NoName057(16), increasingly target UK organizations with denial-of-service attacks on local government and critical infrastructure. While technically simple, these attacks can severely disrupt services. Read more… 

Weekly Roundup Takeaway 

This week’s events highlight that cybersecurity in 2026 continues to influence business continuity, infrastructure integrity, and regulatory compliance. From FortiOS exploits and large-scale ransomware breaches to rising hacktivist activity and evolving EU telecom rules, organizations must integrate operational, technical, and strategic measures to mitigate risk and protect assets across sectors. 

The National Security Agency (NSA) has announced the appointment of Timothy Kosiba as its 21st Deputy Director, marking a significant leadership development at one of the United States’ most critical national security institutions. The designation was made by Secretary of War Pete Hegseth and Director of National Intelligence Tulsi Gabbard, and formally approved by President Donald J. Trump, according to an official statement released on January 9. As NSA Deputy Director, Kosiba becomes the agency’s senior civilian leader, responsible for overseeing strategy execution, establishing agency-wide policy, guiding operational priorities, and managing senior civilian leadership. In this role, he will also support the broader U.S. defense and intelligence enterprise, contributing to the formulation of national security policy and strengthening NSA’s position as an integrated mission partner against evolving foreign threats.

NSA Appoints Timothy Kosiba as Deputy Director

The NSA leadership appointment places Kosiba at the center of U.S. efforts to maintain a decisive national security advantage, particularly in the areas of foreign signals intelligence and cybersecurity operations. His return to the agency comes at a time when cybersecurity, cyber defense, and intelligence integration remain top priorities for U.S. national security planners. Lieutenant General William J. Hartman, Acting Commander of U.S. Cyber Command and Performing Duties of Director of the National Security Agency, welcomed Kosiba’s return, emphasizing his leadership credentials and institutional knowledge. “Tim is a people-focused leader with a wealth of experience that makes him ideal for the deputy director role,” Hartman said, citing Kosiba’s 33-year federal career and extensive experience across intelligence and cybersecurity missions. Hartman added that Kosiba’s leadership will be critical as the NSA advances its mission to protect U.S. national security interests in an increasingly complex threat environment.

Deep Experience Across Intelligence and Cybersecurity

With more than 30 years in the U.S. Intelligence Community, Timothy Kosiba brings deep familiarity with the NSA mission, particularly in public sector cybersecurity, cyber policy, and operational execution. Over the course of his career, he has played a key role in implementing the NSA’s Cyber Security Policy and has frequently represented both the NSA and U.S. Cyber Command in cyber-related discussions at the White House and other interagency forums. Kosiba’s experience spans both technical leadership and strategic engagement, positioning him to bridge operational realities with national-level policy objectives. His appointment reinforces the NSA’s focus on aligning intelligence capabilities with broader government cybersecurity and defense strategies.

Career Path Spanning Global and Operational Leadership

Kosiba began his NSA career as technical director for the Joint Functional Component Command for Network Warfare, where he worked on mission-critical cyber operations. He later served as technical director for the Requirements and Targeting Office within the Tailored Access Operations organization, a role focused on advanced cyber capabilities. Selected for the Defense Intelligence Senior Level (DISL) Service, Kosiba was posted overseas as chief of the Special U.S. Liaison Office in Canberra, Australia, strengthening intelligence cooperation with key allies. After returning to the United States, he became deputy director of the NSA/CSS Commercial Solutions Center and was later appointed Chief of Computer Network Operations (CNO). Following three years as CNO, Kosiba was assigned as Deputy Commander of NSA Georgia, the largest NSA field location, where he oversaw large-scale operational and workforce initiatives.

Commitment to the NSA Mission

Commenting on his appointment, Kosiba described the role as a return to familiar ground. “It is an honor to come back home and serve as the National Security Agency’s next deputy director,” he said, emphasizing his long-standing commitment to the agency’s mission and workforce. As NSA Deputy Director, Timothy Kosiba is expected to play a central role in shaping the agency’s approach to cybersecurity, intelligence operations, and national security policy, reinforcing NSA’s position within the U.S. intelligence and defense ecosystem amid persistent and emerging global threats.

Mumbai, India – December 19, 2026 — ET Edge has recognized Beenu Arora, CEO & Co-Founder of Cyble, as one of India’s Impactful CEOs 2025, honoring visionary leaders who demonstrate exceptional leadership, innovation, and measurable impact in shaping the future of business and technology. The ET Edge Impactful CEO recognition honors leaders who drive transformation through strategic, purpose-driven leadership. Beenu Arora’s inclusion highlights his continued focus on advancing cybersecurity innovation and strengthening digital trust globally. 

Purpose-Driven Leadership Behind Cyble’s Global Growth

Under Beenu Arora’s leadership, Cyble has grown into a globally recognized cybersecurity intelligence provider, delivering AI-powered threat intelligence and digital risk protection to help enterprises and governments proactively combat threats across surface, serious, and dark web ecosystems. Beenu’s leadership philosophy centers on purposeful innovation, customer focus, and empowering teams to address real-world security challenges at scale. He has led Cyble through rapid global expansion while fostering a culture of integrity, collaboration, and continuous learning. His focus on AI-driven, actionable intelligence has positioned Cyble as a trusted partner in an increasingly complex cyber threat landscape.  “This recognition by ET Edge is deeply humbling and reinforces our belief that cybersecurity is no longer just a technology challenge; it is a business and societal imperative,” said Beenu Arora, CEO & Co-Founder of Cyble. This honor belongs to the entire Cyble team, whose passion, innovation, and commitment to protecting the digital ecosystem inspire everything we do.  He further added, “Our focus remains on building intelligence-led, AI-driven solutions that help organizations anticipate risks, make informed decisions, and enhance their long-term digital resilience. We are committed to creating a safer and more trusted digital future for businesses and governments around the world.” The ET Edge Impactful CEO 2025 recognition underscores Cyble’s growing global influence and highlights Beenu Arora’s role as a forward-thinking leader driving innovation and resilience in cybersecurity.

About Cyble 

Founded as an AI-first cybersecurity company, Cyble delivers real-time threat intelligence, digital risk protection, and predictive cyber defense solutions to enterprises and governments worldwide. Trusted by Fortune 500 organizations and public sector agencies, Cyble is committed to making the digital world safer through intelligent, autonomous cybersecurity.  For more information on Cyble’s Agentic AI-powered cybersecurity solutions, visit www.cyble.com.  Media Contact: 📧 enquiries@cyble.com 📞 +1 888 673 2067 

The Information Commissioner’s Office (ICO) has fined password manager provider LastPass UK Ltd £1.2 million following a 2022 data breach that compromised the personal information of up to 1.6 million people in the UK. The data breach occurred in August 2022 and was the result of two isolated incidents that, when combined, enabled a hacker to gain unauthorized access to LastPass’ backup database. The stolen information included customer names, email addresses, phone numbers, and stored website URLs. While the data breach exposed sensitive personal information, the ICO confirmed there is no evidence that hackers were able to decrypt customer passwords. This is due to LastPass’ use of a ‘zero knowledge’ encryption system, which ensures that master passwords and vaults are stored locally on customer devices and never shared with the company.

Incident One: Corporate Laptop Compromised

The first incident involved a LastPass employee’s corporate laptop based in Europe. A hacker gained access to the company’s development environment and obtained encrypted company credentials. Although no personal information was taken at this stage, the credentials could have provided access to the backup database if decrypted. LastPass attempted to mitigate the hacker’s activity and believed the encryption keys remained safe, as they were stored outside the compromised environment in the vaults of four senior employees.

Incident Two: Personal Device Targeted

The second incident proved more damaging. The hacker targeted one of the senior employees who had access to the decryption keys. Exploiting a known vulnerability in a third‑party streaming service, the attacker gained access to the employee’s personal device. A keylogger was installed, capturing the employee’s master password. Multi‑factor authentication was bypassed using a trusted device cookie. This allowed the hacker to access both the employee’s personal and business LastPass vaults, which were linked by a single master password. From there, the hacker obtained the Amazon Web Service (AWS) access key and decryption key stored in the business vault. Combined with information taken the previous day, this enabled the extraction of the backup database containing customer personal information.

ICO’s Findings and Fine on LastPass UK

The ICO investigation concluded that LastPass failed to implement sufficiently strong technical and security measures, leaving customers exposed. Although the company’s zero knowledge encryption protected passwords, the exposure of personal data was deemed a serious failure. John Edwards, UK Information Commissioner, stated: “Password managers are a safe and effective tool for businesses and the public to manage their numerous login details, and we continue to encourage their use. However, as is clear from this incident, businesses offering these services should ensure that system access and use is restricted to reduce risks of attack. LastPass customers had a right to expect their personal information would be kept safe and secure. The company fell short of this expectation, resulting in the proportionate fine announced today.”

Lessons for Businesses

The ICO has urged all UK businesses to review their systems and procedures to prevent similar risks. This case underscores the importance of restricting system access, strengthening cybersecurity measures, and ensuring that employees’ personal devices do not become weak points in corporate networks. While password managers remain a recommended tool for managing login details, the incident shows that even trusted providers can fall short if internal safeguards are not sufficiently strong. The £1.2 million fine against LastPass UK Ltd serves as a clear reminder that companies handling sensitive data must uphold the highest standards of security. Although customer passwords were protected by the company’s zero knowledge encryption system, the exposure of personal information has left millions vulnerable. The ICO’s ruling reinforces the need for constant vigilance in the face of growing cyber threats. For both businesses and individuals, the message is straightforward: adopt strong security practices, conduct regular system reviews, and implement robust employee safeguards to reduce the risk of future data breaches.

Coupang CEO Resigns, a headline many in South Korea expected, but still signals a major moment for the country’s tech and e-commerce landscape. Coupang Corp. confirmed on Wednesday that its CEO, Park Dae-jun, has stepped down following a massive Coupang data breach that exposed the personal information of 33.7 million people, almost two-thirds of the country. Park said he was “deeply sorry” for the incident and accepted responsibility both for the breach and for the company’s response. His exit, while formally described as a resignation, is widely seen as a forced departure given the scale of the fallout and growing anger among customers and regulators. To stabilize the company, Coupang’s U.S. parent, Coupang Inc., has appointed Harold Rogers, its chief administrative officer and general counsel, as interim CEO. The parent company said the leadership change aims to strengthen crisis management and ease customer concerns.

What Happened in the Coupang Data Breach

The company clarified that the latest notice relates to the previously disclosed incident on November 29 and that no new leak has occurred. According to Coupang’s ongoing investigation, the leaked information includes:

• Customer names and email addresses
• Full shipping address book details, such as names, phone numbers, addresses, and apartment entrance access codes
• Portions of the order information

Coupang emphasized that payment details, passwords, banking information, and customs clearance codes were not compromised. As soon as it identified the leak, the company blocked abnormal access routes and tightened internal monitoring. It is now working closely with the Ministry of Science and ICT, the National Police Agency, the Personal Information Protection Commission (PIPC), the Korea Internet & Security Agency (KISA), and the Financial Supervisory Service.

Phishing, Smishing, and Impersonation Alerts

Coupang warned customers to be extra cautious as leaked data can fuel impersonation scams. The company reminded users that:

• Coupang never asks customers to install apps via phone or text.
• Unknown links in messages should not be opened.
• Suspicious communications should be reported to 112 or the Financial Supervisory Service.
• Customers must verify messages using Coupang’s official customer service numbers.

Users who stored apartment entrance codes in their delivery address book were also urged to change them immediately. The company also clarified that delivery drivers rarely call customers unless necessary to access a building or resolve a pickup issue, a small detail meant to help people recognize potential scam attempts.

Coupang CEO Resigns as South Korea Toughens Cyber Rules

The departure of CEO Park comes at a time when South Korea is rethinking how corporations respond to data breaches. The government’s 2025 Comprehensive National Cybersecurity Strategy puts direct responsibility on CEOs for major security incidents. It also expands CISOs' authority, strengthens IT asset management requirements, and gives chief privacy officers greater influence over security budgets. This shift follows other serious breaches, including SK Telecom’s leak of 23 million user records, which led to a record 134.8 billion won fine. Regulators are now considering fines of up to 1.2 trillion won for Coupang, roughly 3% of its annual sales, under the Personal Information Protection Act. The company also risks losing its ISMS-P certification, a possibility unprecedented for a business of its size.

Industry Scramble After a Coupang Data Breach of This Scale

A Coupang Data breach affecting tens of millions of people has sent shockwaves across South Korea’s corporate sector. Authorities have launched emergency inspections of 1,600 ISMS-certified companies and begun unannounced penetration tests. Security vendors say Korean companies are urgently adding multi-factor authentication, AI-based anomaly detection, insider threat monitoring, and stronger access controls. Police naming a former Chinese Coupang employee as a suspect has intensified focus on insider risk. Government agencies, including the National Intelligence Service, are also working with private partners to shorten cyber-incident analysis times from 14 days to 5 days using advanced AI forensic labs.

Looking Ahead

With the Coupang CEO's resignation development now shaping the company’s crisis trajectory, Coupang faces a long road to rebuilding trust among users and regulators. The company says its teams are working to resolve customer concerns quickly, but the broader lesson is clear: cybersecurity failures now carry real consequences, including at the highest levels of leadership.

Black Friday has evolved into one of the most attractive periods of the year, not just for retailers, but for cybercriminals too. As shoppers rush to grab limited-time deals, attackers exploit the surge in online activity through malware campaigns, phishing scams, payment fraud, and impersonation attacks. With threat actors using increasingly advanced methods, understanding the risks is essential for both shoppers and businesses preparing for peak traffic. This cybersecurity survival guide breaks down the most common Black Friday threats and offers practical steps to stay secure in 2025’s high-risk threat landscape.

Why Black Friday Is a Goldmine for Cybercriminals

Black Friday and Cyber Monday trigger massive spikes in online transactions, email promotions, digital ads, and account logins. This high-volume environment creates the perfect disguise for malicious activity. Attackers know users are expecting deal notifications, promo codes, and delivery updates, making them more likely to click without verifying legitimacy. Retailers also face increased pressure to scale infrastructure quickly, often introducing misconfigurations or security gaps that cybercriminals actively look for.

Common Black Friday Cyber Threats

1. Phishing & Fake Deal Emails: Cybercriminals frequently impersonate major retailers to push “exclusive” deals or false order alerts. These emails often contain malicious links aimed at stealing login credentials or credit card data.

2. Malware Hidden in Apps and Ads: Fake shopping apps and malicious ads spread rapidly during Black Friday.

3. Fake Retail Websites: Dozens of cloned websites appear each year, mimicking popular brands with nearly identical designs. These sites exist solely to steal payment information or personal data.

4. Payment Card Fraud & Credential Stuffing: With billions of login attempts occurring during Black Friday, attackers exploit weak or reused passwords to take over retail accounts, redeem loyalty points, or make fraudulent purchases.

5. Marketplace Scams: Fraudulent sellers on marketplaces offer unrealistic discounts, harvest information, and often never deliver the product. Some also use sophisticated social engineering tactics to manipulate buyers.

Cybersecurity Tips for Shoppers

• Verify Before You Click: Check URLs, sender domains, and website certificates. Avoid clicking on deal links from emails or messages.
• Enable Multi-Factor Authentication (MFA): MFA prevents unauthorized access even if an attacker steals your password.
• Avoid Public Wi-Fi: Unsecured networks can expose your transactions. Use mobile data or a VPN.
• Use Secure Payment Options: Virtual cards and digital wallets limit your exposure during a breach.
• Download Apps Only from Official Stores: Stay away from third-party downloads or promo apps not approved by Google or Apple.

Best Practices for Retailers

• Strengthen Threat Detection & Monitoring: Retailers must monitor unusual login behavior, bot traffic, and transaction spikes. Cyble’s Attack Surface and Threat Intelligence solutions help businesses identify fake domains, phishing lures, and malware campaigns targeting their brand.
• Secure Payment Infrastructure: Ensure payment systems are PCI-compliant, updated, and protected from card-skimming malware.
• Educate Customers: Proactively notify customers about known scams and impersonation risks, especially during high-traffic sales periods.

With malware, phishing, and fraud attempts rising sharply during the shopping season, awareness and proactive defense are essential. By staying vigilant and leveraging trusted cybersecurity tools, both shoppers and businesses can navigate Black Friday securely. See how Cyble protects retailers during high-risk shopping seasons. Book your free 20-minute demo now.