The Russian authorities continue their pious denials of hacking in the service of espionage and influence, but few other governments take such protestations of good citizenship seriously. France and Estonia in particular are working to shore up defenses—France is particularly concerned about its May 2017 elections. The US is mulling its response during this final week of Presidential transition. There's also been a reliable sighting of Fancy Bear sniffing and pawing through Norwegian military and foreign ministry targets.
Last month's takedown of portions of Ukraine's power grid remains spooky, prompting a number of "It could happen here" stories as observers fear that the hack was a dress rehearsal for an attack with widespread consequences. Contrarian observers make the sound point that squirrels have caused thousands of blackouts while hackers seem responsible for about two. There's surely some breathless fear, uncertainty, and dread around, but it's worth noting that botnet-driven DDoS with widespread effect was also seen by some as FUD until Mirai hit.
Palo Alto has identified and is following a second wave of Shamoon attacks. Intel Security notices that some apps available on Google Play are stealing Turkish users' Instagram credentials and collecting them in a remote server.
WhatsApp's usability feature, incorrectly but perhaps understandably thought by some to be a backdoor, receives security scrutiny.
The attackers who hit MongoDB last week have apparently turned their attention to ElasticSearch servers, more than 2500 of which have been infected with ransomware.
A sophisticated Gmail phishing campaign is in progress.