Editor's Message

Welcome to DBD. Cybercrime is making headlines globally. Attacks on well-known brands and organizations are raising public awareness of the severity, frequency and impact of cyber attacks. Proving cybercrime is growing at an alarming rate, DBD has recorded more ransomware attacks this year than any other, and we continue to provide visibility of these in our PRiSM application. This Cybersecurity Awareness Month, please be extra vigilant and mindful that cybercriminals CAN and WILL strike where and when you least expect it. Thanks again for your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Wednesday, 26 November 2025

Ransomware Operator Claims - Week 47 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 17th November and 23rd November 2025, kindly assisted by our partners.

DBD discovered and researched 200 Ransomware Victims over 39 Countries and Islands claimed by 29 Data-Leaking Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels:

Monday, 24 November 2025

Data Breaches Digest - Week 48 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 24th November and 30th November 2025.


28th November

AI is reportedly 'democratising' cybercrime by making it easy for bad guys with limited tech skills to have a crack at ransomware and other malicious code

Akira Ransomware Attack Claims 10 Victims Including Hitech GP

Altnet brsk suffers data breach

Asahi CEO apologizes after Russia‑linked hackers expose 2 Million in Japan

Asahi Confirms Cyberattack Exposed Data of 1.5 Million Customers

Asahi Confirms Massive Data Breach Following September Ransomware Attack

Asahi Reports Cyber-Attack Compromises Data of Over 1.5 Million Customers

Asahi says 1.5 million customers’ data at risk following cyber-attack

Asahi's ransomware attack may have compromised 1.9 million personal records

Belgian data protection authority imposes fine on data broker Infobel for selling data without consent

Belgium officially outlaws the use of DeepSeek for government officials

British car production plunges to a 70-year low after crippling cyber attack on Jaguar Land Rover

Building proactive defences against ransomware and beyond

California law regulating web browsers could have national data privacy impact, experts say

ChatGPT is sending data breach ‘warning’ to users, here’s what it means

ChatGPT users’ personal details exposed in data breach, OpenAI reveals

City of Santa Paula Hit by Ransomware Attack Claimed by Qilin, Government Services Disrupted

CodeRED Emergency Alerts Disrupted Across US After Ransomware Breach

Comcast Faces $1.5 Million Penalty After Federal Communications Commission (FCC) Investigation Into Vendor Data Breach

Comcast Fined $1.5 Million to Settle Federal Communications Commission (FCC) Probe Tied to Vendor Data Breach

Comcast Hit With $1.5 Million Fine After Vendor Data Breach

Comcast to Pay $1.5 Million Fine to Settle Federal Communications Commission (FCC) Investigation Linked to Vendor Data Breach

Comcast to pay $1.5 million to resolve Federal Communications Commission (FCC) pinto vendor data breach

Comcast to Pay a $1.5 Million Fine to Settle an Federal Communications Commission (FCC) Investigation Linked to Vendor Data Breach

Crypto criminals increasingly go chain-hopping to launder money

Cyber attack hits London councils

Cyber blackmail hits one in ten families, new data reveals

Cyberattacks Against the US Intensify as Russian Groups Target Engineering Firm

Devereux Advanced Behavioral Health Targeted by The Gentlemen Ransomware

Family Farm and Home Allegedly Breached by World Leaks Ransomware

FBI Warns Bank Staff Impersonation Is on the Rise, Over 5,100 Account Takeover Cases in 2025

FR Express Data Breach: ISP Source Code, API, and Billing Data Leaked

Fragmented tooling slows vulnerability management

French Football Federation discloses data breach after cyberattack

French Football Federation Reports Data Breach - Hackers Access Club Software Admin Controls

French Football Federation Suffers Data Breach

Handala Hacker Group Attacking Israeli High-Tech and Aerospace Professionals

High Water Mark: CISA Shares Foundations for Effective Cybersecurity and Risk Management

Ingenieurbüro Laudi Breached by Brotherhood Ransomware Group

Jaguar Land Rover's cyber attack sees UK car production plummet by a third as shutdown cripples sector

Japan: Cyberattacks Against Companies on the Rise; Asahi, Askul among Firms Suffering System Problems Due to Ransomware

Japanese beer giant Asahi says ransomware attack may have exposed data of 1.5 million people

Kaspersky reports 6.4 million shopping phishing attempts and over 20 million gaming attacks detected in 2025

Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages

London councils activate emergency plans after serious cyber attack

London Councils’ IT Systems Impacted by CyberAttack, Including Phone Lines

Londoners told to be vigilant with messages after cyber-attack on council

Major football federation targeted in cyber attack

Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison

Microsoft Teams Guest Access Can Remove Defender Protection When Users Join External Tenants

Microsoft Teams Guest Access Leaves Users Exposed to Attacks

Mixpanel Breach Exposes Limited OpenAI API User Analytics Data

Mixpanel Data Breach Exposes OpenAI API User Information: What You Need to Know

Mobile devices face unseen war as banking trojans, ransomware, and adware surge in Q3 2025

Mobile phones face unprecedented rise in sophisticated cyber threats, ANSSI warns

New phishing kit targets Microsoft 365 users

North Korean hacker group allegedly behind $30 Million crypto theft from South Korea

North Korean Hackers Deploy 197 npm Packages to Spread Updated OtterCookie Malware

North Korean Lazarus Group suspected of major crypto heist

Number of cars built in the UK down nearly 25 per cent after Jaguar Land Rover (JLR) cyber attack

Number of cars built in the UK sharply down following Jaguar Land Rover (JLR) cyber attack

OpenAI API breached after old fashioned phishing campaign exposes user details

OpenAI data breach hits developers, ChatGPT safe

OpenAI Dumps API Analytics Provider Following Data Breach

OpenAI hailed for ‘swift move’ in terminating Mixpanel ties after data breach hits developers

OpenAI notifies API customers of data exposure linked to Mixpanel breach

OpenAI sends security warning for ChatGPT: Here is what it means for users

OpenAI Suspends Mixpanel Use After Analytics Data Breach

OpenAI terminates Mixpanel partnership after developer data breach

Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos

Players' data breached in French Football Federation cyberattack

Public GitLab repositories exposed more than 17,000 secrets

Ransomware Moves: Supply Chain Hits, Credential Harvesting

Scattered Lapsus$ Hunters Impersonate Zendesk in Phishing Campaign Stealing Credentials

Scottish council hit by major ransomware attack ‘had gaps in cybersecurity’

ShinyHunters Develop Sophisticated New Ransomware-as-a-Service Tool

Social data puts user passwords at risk in unexpected ways

Sorbonne Université Data Breach Exposes HR and Banking Information

South Korean Cryptocurrency Exchange Hacked, Suspected to Be North Korean Hacker Organization

Three Black Friday Scams to Watch Out For This Year

Three London councils hit by ransomware: 440,000 resident files accessed

Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery

Tomiris APT Targets Diplomatic Entities in New Campaign Using Multi-Language Reverse Shells, Havoc and AdaptixC2 Open-Source Frameworks

UK car output plunges 24% despite Jaguar Land Rover (JLR) restart after cyber-attack

UK car production DOWN 23.8% in October as Jaguar Land Rover recovers from Cyber attack

UK car production plummets 24% in wake of Jaguar Land Rover (JLR) cyber attack

Under Siege: The Mounting Pressures Driving CISOs Out Of UK Cybersecurity Leadership

Upbit crypto cyber attack: South Korea suspects North Korea's Lazarus Group in $30 million theft

West Donegal credit union members targeted in phishing scam

Why Organizations Are Turning to Remote Privileged Access Management (RPAM)

27th November

6.4 Million shopping phishing attempts & over 20 Million gaming attacks detected in 2025

ADC Aerospace Hit by Play Ransomware Attack and Data Breach

Akira Ransomware Attack Hits Multiple Global Companies Including Zoetis and Globatech

Asahi admits ransomware gang may have spilled almost 2 Million people's data

Asahi CEO says ransomware attack might have caused 1.9 million data leaks

Asahi Confirms 1.5 Million Customers Affected in Major Cyber-Attack

Asahi confirms cyberattack leaked data on 1.5 million customers

Asahi Cyberattack: Qilin Ransomware Gang Claims Massive Data Breach at Japanese Beer Giant

Asahi Cyber-attack Exposes Data of Over 1.5 Million Customers

Asahi cyber-attack puts over 1.5 million customer records at risk

Asahi Data Breach Impacts 2 Million Individuals

Asahi refuses to negotiate with ransomware hackers after two-month attack

Asahi says 1.5 million customers' data potentially leaked in cyber-attack

Asahi says crooks stole data of approximately 2 Million customers and employees

Asahi says Qilin ransomware attack exposed data of 1.5 million people

Beer giant Asahi not engaging with ransomware hackers

BestAdsOnTV Data Breach: 280,000 User Records For Sale

Beware the post-redundancy: Cyber attacks surge following layoffs

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

Bloody Wolf Threat Actor Expands Activity Across Central Asia

Bodhi Media Corp Data Breach: 248,000 Records Listed for Sale

Chances are high that you’ll run into a phishing scam

ChatGPT maker OpenAI confirms major data breach, exposing user's names, email addresses, and more - "Transparency is important to us."

ChatGPT of OpenAI Hacked and data leaked

‘ChatGPT users not impacted’: OpenAI responds to Mixpanel data breach

Chrome Extension Caught Skimming Solana Trades - Users Unknowingly Paying Hacker Fee

Code Blue in the Cloud: How a Russian Ransomware Gang Crippled London’s Critical Care Infrastructure

Concern as UK Broadband ISP Brsk Hit by Major Customer Data Breach

Councils warned they are not ‘immune’ to cyber attack and urged to prepare

Criminal networks industrialize payment fraud operations

Crypto Exchange Upbit Suffers Security Breach After $10B Deal

Crypto tools secretly skimming funds with every trade: malicious Chrome extension flagged

Cyberattack Disrupts Services Across London Councils

Cybercriminals Exploit IoT Weaknesses to Launch New ShadowV2 Malware Campaign

Data breach at OpenAI through analytics provider Mixpanel platform

Data linked to 2 million people feared leaked in cyber attack, says beverage giant Asahi

Experts divided over claim that Chinese hackers launched world-first AI-powered cyber attack - but that's not what they're really worried about

Federal Communications Commission (FCC) fines Comcast $1.5 million for data breach exposing client PII

Federal Communications Commission (FCC) Warns Hackers Exploit Insecure ‘Barix’ Radio Transmission Equipment to Broadcast Inappropriate Material

Federal Communications Commission (FCC) Warns of Hackers Hijacking Radio Equipment For False Alerts

France slaps €750,000 fine on Vanity Fair magazine for placing cookies without consent

Fraud Fears But No Breach Spike Expected This Festive Season

French Football Federation Hit by Cyber Attack

French soccer federation hit by cyber-attack, member data stolen

Gainsight Expands Impacted Customer List Following Salesforce Security Alert

GreyNoise launches free scanner to check if you're part of a botnet

Hacker attack on Upbit: $37 Million in Solana tokens stolen, exchange halts withdrawals

Handala Group Intensifies Attacks on Israeli High-Tech and Aerospace Personnel

Handala Hacker Group Targets Israeli High-Tech and Aerospace Professionals

How to Stay Safe Online This Black Friday, According to a Cyber Expert

Hundreds of Abandoned iCalendar Sync Domains Put Nearly 4 Million Devices at Risk

Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposed

Intellivix Data Breach: VIXpass Access Control Source Code Stolen

Israel: Nursing homes hit by cyberattacks, National Cyber Directorate confirms

Japan Asahi ransomware attack leaks data of over 1.52 million customers

JCB India Data Breach: 500k User Records Listed for Public Sale

Jordan: Al-Ettifag Academy Breach Exposes Sensitive Student Data

Juror Data Breach Exposes Sensitive Personal Information in Court Systems

KawaiiGPT - Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models

Kensington and Chelsea Council cyber attack forces council staff out of offices

Key Provisions of the UK Cyber Resilience Bill Revealed

London councils hit by cyber attack

Major data breach at OpenAI affects names, emails and more

Major international football federation hit by cyber attack

Major South Korean crypto exchange Upbit suffers $37M “abnormal withdrawal”

Malicious LLMs empower inexperienced hackers with advanced tools

Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attack

Microsoft Teams Guest Chat Vulnerability Exposes Users to Malware Attacks

Millions at risk after nationwide CodeRED alert system outage and data breach

Mixpanel data breach exposes OpenAI clients' details, including location

Multiple London Councils Hit by Coordinated Cyberattack, Services Disrupted

Netmarble Data Breach Exposes 6.11 Million Members' Info

New Malware-as-a-Service Olymp Loader Advertised on Hacker Forums with It’s Anti-analysis and Detection Features

New Mirai Variant ‘ShadowV2’ Targets Vulnerable IoT Devices to Create Botnet for DDoS attacks

Newsan Alleged Data Breach Exposes 1.4 Million Consumer Records

Norfolk hotel suffers data breach at hands of WhatsApp scammer

North Korean Threat Actors Abuse npm, GitHub, and Vercel to Distribute OtterCookie

Notification system used by local law enforcement part of cyber attack

NVIDIA DGX Spark Vulnerabilities Let Attackers Execute Malicious Code and Launch DoS Attacks

Online shoppers warned of QR code phishing scam

OpenAI admits data breach after analytics partner hit by phishing attack

OpenAI Confirms Mixpanel Breach Impacting API User Data

OpenAI API customer details, including user IDs, exposed in Mixpanel data breach

OpenAI API User Data Exposed in Mixpanel Breach, ChatGPT Unaffected

OpenAI API User Data Exposed in Mixpanel Security Breach

OpenAI API Users’ Names, Emails, & More Exposed in Massive Mixpanel Data Breach

OpenAI apologizes for big Mixpanel data breach that exposed emails and more - here's what we know

OpenAI confirms ChatGPT data breach. Here is everything we know

OpenAI confirms data breach via analytics provider Mixpanel

OpenAI Confirms Data Exposure After Mixpanel Breach; API Users Warned Of Phishing Risks

OpenAI Confirms Mixpanel Breach Impacting API User Data

OpenAI Confirms Security Incident Involving Mixpanel Data Breach

OpenAI data may have been exposed after a cyberattack on analytics firm Mixpanel

OpenAI discloses API customer data breach via Mixpanel vendor hack

OpenAI discloses API user data breach via third-party Mixpanel

OpenAI Discloses Mixpanel Data Breach - Name, Email Address and Operating System Details Exposed

OpenAI ends Mixpanel use after analytics data breach

OpenAI is notifying all users of a data breach, but you probably aren’t affected

OpenAI Mixpanel Data Breach: What Was Exposed, Who’s at Risk, and What Happens Next?

OpenAI reveals analytics data breach, notifies affected users

OpenAI Reveals Mixpanel Data Breach Exposing User Details

OpenAI says hackers stole data from its analytics partner - but no ChatGPT users were affected

OpenAI sees API data breach via Mixpanel hack

OpenAI suffers data breach linked to Mixpanel: What you need to know

OpenAI User Data Exposed in Mixpanel Hack

OpenAI Users Exposed in Third-Party Analytics Breach Raising Phishing Concerns

OpenAI Warns of Mixpanel Data Breach Impacting API Users

OpenAI’s Analytics Fumble: Unpacking the Mixpanel Breach and AI’s Growing Security Woes

Passwords, MFA and AD Accounts: Hardening Your Environment for NIS2 Compliance

Phishing attacks surge by 620% in the lead-up to Black Friday

Poland: Kraków police bust suspected Russian hacker targeting Polish firms’ data systems

Poland detains Russian citizen suspected of hacking local firms

Poland detains Russian hacker over online shop data breaches

Princeton University sued over data breach exposing alumni, donor information

Qilin Ransomware Group Attack Hits Multiple Global Companies

Qilin Ransomware-as-a-Service (RaaS) Breach at Korean MSP Exposes 1 Million Files and 2 TB of Data

Qilin Ransomware-as-a-Service (RaaS) Breach Exposes 1 Million Files, 2TB of Data in Korean MSP Attack

Rancho Family Medical Group Agrees to Pay $315K to Settle Data Breach Litigation

Ransomware Reshaping Cyber as National Security Priority

Report Names Teen in Scattered LAPSUS$ Hunters, Group Denies

Report warns councils after 2023 Western Isles cyber-attack

Russian and North Korean hackers steal 2TB of data from South Korean banks

Russian hacker arrested in Krakow for cyberattack on Polish companies

Russian Hacker Arrested in Poland Over IT Breach

Russian man arrested for cyberattacks in Poland

Scattered Lapsus$ Actors Register Over 40 Zendesk-Impersonating Domains

Scattered Lapsus$ Hunters Take Aim At Zendesk Users

Scottish Council had ‘gaps in cybersecurity’ before ransomware attack

Scottish council still rebuilding systems two years after ransomware attack

Scottish councils warned they are not 'immune' to cyber attack and urged to prepare

Secure Network Solutions Hit by Sinobi Ransomware Attack

Securities and Exchange Commission (SEC) drops lawsuit against SolarWinds after fallout from Russia’s supply-chain hack

Security expert warns London councils cyber attack 'could be far more serious than being let on'

Shai Hulud v2 Leverages GitHub Actions Workflow Vulnerabilities to Exfiltrate Secrets

South Korea banks hit by Russia–North Korea ransomware alliance

South Korea's financial sector hit by large-scale ransomware attack, data stolen from 28 institutions

The identity mess your customers feel before you do

The Ransomware Economy Is Thriving in the Mid-Market

Tyler Technologies Jury System Flaw Exposes Sensitive Personal Data in US States

Upbit Exchange Suffers $37 Million Hot Wallet Breach on Solana Network

US CodeRED Emergency Alert System Taken Down by Data Breach that INC Ransom Claimed

Vulnerable Legacy Python Packages Enable PyPI Attacks Through Domain Compromise

Was your London council among those hit by a cyber attack this week?

Western Isles council's services 'still recovering' two years after cyber attack

Westminster Council computer system hit by cyber attack

What we know so far about the OpenAI–Mixpanel data breach

Your critical infrastructure is running out of time

26th November

Account Takeover Scams Surge as FBI Reports Over $262 Million in Losses

Active Cyberattacks Hit Telecom and Media Sectors as Hackers Deploy Malicious Payloads

AI Cybercriminals Target Black Friday and Cyber Monday

Akira Ransomware Exploits SonicWall SSL VPN Vulnerability to Exfiltrate Data and Deploy Ransomware

Akira’s SonicWall SSL VPN attack spree jeopardizes Mergers and Acquisitions (M&A)

Alliances between ransomware groups tied to recent surge in cybercrime

Amazon Black Friday warning as 300 million shoppers at risk of cyber attack

Amazon warns of wave of phishing scams against Prime members on Black Friday 2025

Amazon Warns Prime Members About Spike in Black Friday Phishing Scams Targeting Accounts and Payment Info

Android fiction apps expose millions of readers and writers

Android users targeted in cyber attack and told to delete these apps immediately

Are shared systems to blame for latest wave of London council cyberattacks?

ASUS Fixes High-Severity MyASUS Vulnerability that Allows Privilege Escalation to SYSTEM-Level Access

ASUS High-Severity Vulnerability Allows Attackers to Gain SYSTEM Privileges via MyASUS Component

ASUS urges immediate updates: patches released for millions of computers, routers

ASUS warns of new critical auth bypass flaw in AiCloud routers

At least 35,000 impacted by Dartmouth College breach through Oracle EBS campaign

Australian businesses at high-risk with critical holiday cyber gap

Australian-founded company Amcor ‘aware’ of ransomware claims

Black Friday 2025: Why retailers face peak ransomware risk

Brits using online calendars urged to watch out for new hacker scam

Bug in jury systems used by several US states exposed sensitive personal data

Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps

Civil rights coalition raises concerns over “collapse in enforcement activity” by Information Commissioner’s Office (ICO)

CodeRED emergency alert system CodeDEAD after INC ransomware attack

Comcast to pay $1.5M fine for vendor breach affecting 270K customers

Compromised Credentials Responsible for 50% of Ransomware Attacks

Corporate predators get more than they bargain for when their prey runs SonicWall firewalls

CoVantage Credit Union Data Breach Exposes Social Security

Craven County's OnSolve CodeRED Emergency Alert System Taken Down by INC Ransomware Attack

Crisis24 shuts down emergency notification system in wake of ransomware attack

Cyber attack hits London councils triggering ‘emergency’ response plans

Cyber ‘issue’ hits three London councils with shared IT services

Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System

Cybercriminals Exploit Battlefield 6 Buzz to Deploy Info-Stealers and Command-and-Control Agents

Dartmouth College confirms data breach after Clop extortion attack

Dartmouth College Confirms Data Theft in Oracle Hack

Developers Leak Passwords and API Keys by Using Online Tools Like JSONFormatter and CodeBeautify

Digital transformation and legacy systems leave UK rail exposed to cyber attack

Edmunds.com Vendor Data Breach Exposes Social Security Numbers

Emergency alert systems across US disrupted following OnSolve CodeRED cyberattack

Emergency Notification System Hit by Cyber Attack

Everest claims Iberia, boasts ability to edit bookings, asks for $6 Million

Everest Ransomware Attack Hits Iberia Airlines and National Money Mart

Fake Battlefield 6 Downloads Are Spreading Malware, Stealing Player Data

Fake Browser Update Lures Used by Threat Actors to Deploy SocGholish Malware

FBI Reports $262M in Account Takeover (ATO) Fraud as Researchers Cite Growing AI Phishing and Holiday Scams

FBI Warns of $262M Losses from Account Takeover Fraud in 2025

FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks

Gainsight breach: Salesforce details attack window, issues investigation guidance

Gainsight Cyber-Attack Affect More Salesforce Customers

Gamayun APT Exploits MSC EvilTwin Flaw to Deploy Malicious Code

Hackers Advertise New Olymp Loader Malware-as-a-Service (MaaS) Offering With Strong Anti-Detection Features

Hackers are using underground AI models to launch malware and phishing attacks

Hackers Claim Iberia Data Breach Was Much Larger Than Previously Thought With Millions Of Passengers Affected

Hackers exploit 3D design software to target game developers, animators

Hackers Exploit macOS Users With Terminal Command Scam to Deliver FlexibleFerret Malware

Hackers Hijack Local ESPN & NPR Radio Stations’ Signals, Issue Emergency Alerts & Broadcast “Obscene” Material

Hackers Leverage NTLM Authentication Vulnerabilities to Attack Windows Systems

Hackers Offer Lifetime Access to WormGPT and KawaiiGPT for $220

Hackers Sell Lifetime Access to WormGPT and KawaiiGPT for Just $220

HashJack: A New Attack That Fools AI Browsers With a Simple ‘#’

HashJack Indirect Prompt Injection Weaponizes Websites

Hospital Sisters Health System (HSHS) to pay cyber attack settlement

How healthcare ransomware attacks shifted in 2025

Integra Energía Data Breach Exposes 200k Spanish Customer Records

Kids & Company Hit by Sinobi Ransomware Attack

Logitech Hit by Clop Ransomware Attack, Data Breach Exposed

London councils enact emergency plans after three hit by cyber-attack

London councils hit by 'cyber attack' with data potentially compromised

London Councils Hit by Cyber Incident, Services Temporarily Disrupted

London Councils Hit By Serious Cyber “Incidents”

Malicious AI tools can generate ransomware payloads on-the-fly

Malicious LLMs lower the threshold for cybercrime

Manufacturing industry worldwide: Kaspersky reveals $18 billon losses from ransomware attacks

Massive Data Breach Exposes Payrolls of 31 Venezuelan Government Agencies

Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks

Microsoft Users Threatened by The New “rnicrosoft” Phishing Scam

Money Mart breach: Everest ransomware claims 80K files customer, financial data

Multiple London councils report disruption amid ongoing cyberattack

Multiple London councils' IT systems disrupted by cyberattack

Municipal emergency warning service offline after hackers steal user data

Navigating Cybersecurity’s Tightrope: Balancing Skills, AI, and Human Resilience

Netmarble reports data breach after hack on PC gaming site

New “HashJack” attack can hijack AI browsers and assistants

New “JackFix” Attack Leverages Windows Updates into Executing Malicious Commands

New Malware-as-a-Service ‘Olymp Loader’ Emerges on Hacker Forums With Advanced Anti-Analysis Features

New scam sends fake Microsoft 365 login pages

New Semperis Study Finds Most Ransomware Attacks Still Strike On Holidays And Weekends

New ShadowV2 botnet malware used AWS outage as a test opportunity

Office of Inspector General (OIG) Audit Finds Commerce Department Failing to Fully Secure Public-Facing Systems

OnSolve CodeRED Cyberattack Disrupts Emergency Alert Systems Across United States

People who fall for this simple scam lose over $50K: beware of bank impersonators

Popular Forge library gets fix for signature verification bypass flaw

Qilin Ransomware Lists 14 New Victims: Education, Health, & Industry

Qilin Ransomware Turns South Korean MSP Breach Into 28-Victim 'Korean Leaks' Data Heist

Ransomware and Extortion Threat to Persist in 2026

Ransomware Attack Disrupts Local Emergency Alert System Across US

Ransomware hackers attack SMBs being acquired to try and gain access to multiple companies

Rare APT Collaboration Emerges Between Russia and North Korea

Riyadh Airports System Breach: Critical Control Panel and Data Accessed

RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware

Russian-Aligned RomCom Uses SocGholish to Deploy Mythic Agent on Ukraine Supporters in New Campaign Linked to GRU Unit 29155

Russian-Backed Threat Group Uses SocGholish to Target U.S. Company

Samourai Wallet Founders Jailed in $237M Crypto Laundering Case

Shai-Hulud v2 Campaign Spreads From npm to Maven, Exposing Thousands of Secrets

SitusAMC Data Breach Under Investigation After Sensitive Information Compromised

SitusAMC hack may have exposed data at major financial heavyweights

Small language models step into the fight against phishing sites

Smishing Triad continues global expansion

Solana Data Market: 218k Emails from Pump.fun, Axiom & Others for Sale

SonicWall ransomware attacks offer an M&A lesson for CSOs

South Africans Warned As Microsoft Phishing Scam Swaps ‘m’ For ‘rn’ In Convincing Attacks

Spying on your kids can backfire: hackers claim massive breach of parental apps

The Rise of Malicious AIs: WormGPT 4 Emerges as a Powerful AI Tool for Cybercrime with Subscriptions Starting at $50

Trinity Health; Precision Imaging Centers Settle Class Action Data Breach Lawsuits

U.S. CodeRED Emergency Alert System Down After Ransomware Attack

UK Report Proposes Liability For Software Provider Insecurity

US emergency alert systems hit by OnSolve CodeRED cyberattack

West London council cuts off internet access and urges staff to stay home after cyber attack

25th November

$6.5 Million settlement reached in Omni Health data breach suit

183 Million Credentials Misreported as a Gmail Breach

$262 million stolen in account takeover fraud schemes this year, FBI says ahead of holiday season

Adda Data Breach: Personal Data Of Over 18 Lakh Users Hacked And Posted Online

Advanced Security Isn't Stopping Ancient Phishing Tactics

AI and Deepfake-Powered Fraud Skyrockets Amid Identity Fraud Stagnation

Aircraft cabin IoT leaves vendor and passenger data exposed

An Integrated Approach To Cybersecurity Key To Reducing Critical Infrastructure Vulnerability

Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998

Apache Syncope Vulnerability Allows Attackers to Access Internal Database Content

Black Friday Frenzy Fuels Over 2 Million Cyberattacks by Threat Actors

Blender Foundation Files Abused by Threat Actors to Deploy StealC V2 Infostealer

Broadcom Targeted in Oracle E-Business Suite Breach, ‘Clop Ransomware’ Group Claims Responsibility

Buncombe County unable to send emergency alerts following cyber attack

Businesses warned of new ransomware cyberthreat

Can We Trust AI with Our Cybersecurity? The Growing Importance of AI Security

Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack

Canon Confirms Subsidiary Breach in the Cl0p Oracle EBS Hack Campaign

CISA Issues Warning on Commercial Spyware Targeting Signal and WhatsApp Users

CISA Warns of Active Spyware Campaigns Hijacking High-Value Signal and WhatsApp Users

Class action looms over Legal Aid Agency (LAA) cyber attack

ClickFix Attack Hides Malware in Fake Windows Security Update via Steganography

Code beautifiers expose credentials from banks, government, technology organizations

Code Formatting Tools Share Secrets by the Thousands

CodeRED, platform used by Craven County for alerts, hit by cyber-attack

Comcast Fined $1.5M by Federal Communications Commission (FCC) Following 2024 Data Breach at Debt Collector Financial Business and Consumer Solutions (FBCS) that Exposed Customer Information

Comcast Pays $1.5 Million to Settle Federal Communications Commission (FCC) Data Breach Probe

Comcast to pay $1.5 million US fine after vendor data breach

Copper Steel Fabricators allegedly subjected to data breach

Could You Spot the Fake Microsoft URL? Most People Can’t

Critical Firefox Bug Leaves 180 Million Users Exposed

Critical FluentBit Flaws Enable Remote Compromise of Cloud Environments

Cyber Attack Causes Data Exposure, Loss of Emergency Warnings in Jackson County

Cyber Attack Cripples Three London Councils, Services Down for Days

Cyber attack on Buncombe County emergency alerts system; info leaked

Cyber Attack Targets Carlisle, Pennsylvania, Emergency Platform

Cyberattack on CodeRED System Leads to Potential Data Breach, Weston City Urges Password Changes

Cybercriminals stole $262M by impersonating bank support teams

Cybersecurity in Cryptocurrency Statistics 2025: Smart Data to Stay Protected

Dallas area mental health provider reports data breach impacting 8,600 clients

Dartmouth College confirms data breach after Clop extortion attack

Data Breach at Government Contractor Conduent Sparks Nearly a Dozen Class Action Lawsuits

Delta Dental of Virginia Data Breach Exposes 146,000+ Customers Personal Details

Delta Dental of Virginia Data Breach Exposes Personal Details of 146,000+ Customers

Everest claims Travel Club, Spain’s largest coalition loyalty program

Everest ransomware claims breach at Spain’s national airline Iberia with 596 GB data theft

Everest Ransomware Group Breaches Air Miles España Data

Everyone using Amazon in the UK given urgent warning about phishing attacks

Everything You Need to Know About the Oracle Data Breach

Fake “Windows Update” screens fuels new wave of ClickFix attacks

Fianzas Avanza Data Breach Exposes 90,000 Financial Documents

Fine art printing users’ bank accounts exposed, attackers claim

Frisco City Alerts Public to Potential Data Breach of CodeRED Emergency Platform, Urges Password Updates

Georgia court filing organization warns of outages after ransomware allegations

Georgia Superior Court Clerks’ Authority experiencing cybersecurity threat

Germany encourages enabling of 2FA by default for webmail providers

Get ready for 2026, the year of AI-aided ransomware

Hacker Combines Porn and Fake Windows Update Screen for Malware Attack

Hackers target WhatsApp, Signal apps with spyware, compromising personal devices, CISA warns

Harvard Alumni Affairs Databases Breached

How Clickfix Pop-ups Are Fuelling Ransomware Attacks

How Does Metadata Help in Digital Forensic Investigations?

How MSSPs are strengthening healthcare defences against cyber threats

INC Ransomware Group Breaches Omega Tool Corp and Southern Lion

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

Hacker Combines Porn with Fake Windows Update Screen For Malware Attack

Hackers Hijack Blender 3D Assets to Deploy StealC V2 Data-Stealing Malware

Hackers pose as bank employees in new "account takeover" attack, FBI warns

Harvard University reveals data breach hitting alumni and donors

HashiCorp Vault Vulnerability Allows Attackers to Authenticate Without Valid Credentials

Iberia Shakes Up Digital Security After Data Breach Exposing Personal Information Of Customers Prompting Urgent Action And Heightened Monitoring Efforts

Is spyware hiding on your phone? The telltale signs to find out (and how to remove it fast)

JackFix Uses Fake Windows Update Pop-Ups on Adult Sites to Deliver Multiple Stealers

KawaiiGPT - New Black-Hat AI Tool Used by Hackers to Launch Cyberattacks

Locking Your Social Security Number After a Data Breach Can Protect Your Identity. Here's How

London: Residents issued warning after councils suffer ‘cyber attack’

Major Data Breach at Delta Dental of Virginia Hits Over 146,000 Customers’ Info

Major London councils initiate ‘emergency’ plans after being hit by cyber attack

Major London councils launch ‘emergency’ plans after cyber attack hits services

Man Pleads Guilty in Phishing Scam in Santa Ana

Medusa Ransomware Attack Hits Brazilian University USCS and Staffing Firm WR Comercial

Microsoft cracks down on malicious meeting invites

Microsoft Reveals Security Vulnerabilities Linked to New Agentic AI Capability

Microsoft’s Update Health Tools Configuration Vulnerability Lets Attackers Execute Arbitrary Code Remotely

Mounting Cyber-Threats Prompt Calls For Economic Security Bill

Multiple London councils hit by ‘cyber attack’ and initiate ‘emergency plans’

Multiple London councils 'hit by cyber-attacks'

National Cyber Security Centre monitoring London attack as council says 'too early to say who did it'

New FlexibleFerret Malware Chain Targets macOS With Go Backdoor

New NFC Relay Attack Campaign Identified by Cyble Researchers

New Shai-Hulud Worm Spells Trouble For npm Users

Nita Transfert Data Breach Exposes 83k Records Containing PII

No data breach detected after cyberattack forced Jackson County schools to close Tuesday

OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide

Pakistan: Karachi Police Arrest Hacker Targeting Women via Malicious Links

Pakistan: Karachi Police Arrests Hacker for Hacking Over 100 Women’s Social Media Accounts

Patient data breach at Florida hospice. Are you at risk?

Popular code formatting sites are exposing credentials and other secrets

Qilin ransomware targets 25 Korean finance firms in cyber surge

RansomHouse Group Breaches Swedish Arts Council (Kulturrådet)

Ransomware attack targets Korean financial sector

Ransomware Attacks Surge During Mergers, IPOs, and Holidays

Ransomware attacks surge in Australia & New Zealand on holidays

Ransomware could cost global manufacturers $18 billion in 2025

Ransomware hackers purchase a bank to forward crypto in Stablecoin to Russia

Retail Finance Giant SitusAMC Data Breach Exposes Accounting Records and Legal Agreements

Retail Finance Giant SitusAMC Suffered Data Breach - Exposes Accounting Records and Legal Agreements

Retail ransomware triples as Black Friday threats escalate

Russian Cyber Attack Targets US Firm Over Sister-City Ties to Ukraine

SecureTeen Data Breach Exposes 1.4 Million User Records

Several London councils targeted in cyber attack - is your data at risk?

Sha1-Hulud Supply Chain Attack Compromises 800+ npm Packages and Thousands of GitHub Repos

Shai-Hulud supply chain attacks back with a vengeance, impacting 28k GitHub repositories

SitusAMC confirms data breach affecting customer information

SitusAMC Data Breach Hits Big Banks Like JP Morgan, Citi, and Morgan Stanley

SitusAMC Data Breach Under Investigation After Sensitive Information Compromised

Smishing Triad Impersonation Campaigns Expand Globally

Streaming Devices and IoT Security Threats: Android TV Boxes Linked to Botnet Activity

Supply chain sprawl is rewriting security priorities

The breaches everyone gets hit by (and how to stop them)

The Emergence of GPT-4-Powered Ransomware and the Threat to Identity and Access Management (IAM) Systems

The Latest Shai-Hulud Malware is Faster and More Dangerous

Threat Actors Target Black Friday Shoppers Amid Surge of 2 Million+ Attacks

ToddyCat's New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens

UK Legal Aid Agency data breach spurs potential class action

Update Firefox to Patch CVE-2025-13016 Vulnerability Affecting 180 Million Users

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

Vishing attack compromises Harvard University data

Wall Street Banks' Customer Data Stolen as SitusAMC Suffers From Massive Hacking

Westminster among London councils targeted in cyber attack as staff warned of 'significant' threat

What DoorDash data breach victims should watch out for

Yarmouth Police warn users of CodeRED Alerts to change passwords after company reports cyber attack

Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys

24th November

A Phone Call Was All It Took: Harvard’s Latest Data Breach Explained

Aerodrome DEX Hit by DNS Hijack, Users Steered to Phishing Sites on Base

AI Language Models and Their Impact on the Evolution of Autonomous Malware

AI-Powered Obfuscated Malicious Apps That Bypass Antivirus Detection to Deploy Payloads

Akira Ransomware’s Renewed Assault on Construction and Engineering

Amazon, Lidl, Costco, and IKEA sit atop scammers’ Black Friday hit lists

Another major airline hacked, customer data exposed

APT35 Data Leak Uncovers the Iranian Hacker Group’s Operations and Tactics

APT35 Hacker Groups Internal Documents Leak Exposes their Targets and Attack Methods

Auto-ID Solutions Provider Sato Corp Hit by Data Breach Tied to Oracle E-Business Vulnerability

Avosina Data Breach Impacts SomnoSleep Patients

Cache Valley ENT Discloses Data Breach to Multiple State Attorneys General Offices

Carlisle emergency alert provider undergoes cyber attack

CISA Adds Oracle Identity Manager Vulnerability to Known Exploited Vulnerabilities (KEV) Database

CISA Urges Patch of Actively Exploited Flaw in Oracle Identity Manager

ClickFix attack uses fake Windows Update screen to push malware

ClickFix attacks get creative with fake Windows update

Cloudeka Allegedly Breached with Source Code and System Files Stolen

CodeRED cyber attack leaves emergency notification system down, exposes user data

Comcast to pay $1.5 million US fine after vendor data breach

Cooper Steel Fabricators Data Breach: 330 GB of Sensitive Project Data Up for Sale

Cox Enterprises Data Breach: Cl0p Exploits Oracle Zero-Day Flaw

Cox Enterprises hit by Oracle data breach - but it won't name who carried out the attack

Crooks breach major US contractor, Amazon data center plans for sale

CrowdStrike Confirms Insider Threat Incident Linked to Scattered Lapsus$ Hunters, Fires Employee Amid Data Leak Claims

CrowdStrike Terminates ‘Suspicious Insider’ Linked to Scattered Lapsus$ Hunters

CrowdStrike’s Insider Betrayal: How One Employee Fueled Hacker Boasts

Customer data from Wall Street banks breached, JPMorgan and Citi affected

Cybercriminals Deploy Infected PyPI Package to Attack Users and Capture Crypto Details

Cybercriminals Use EtherHiding to Spread Malware and Constantly Shift Payloads Online

Cybersecurity threats and data breaches

Delta Dental notifies customers of data breach

Delta Dental of Virginia Data Breach Affects 146,000 Individuals

Delta Dental of Virginia data breach impacts 145,918 customers

Disgruntled IT worker hacks former employer, resets 2,500 passwords

DoorDash breach exposes contact info for customers and workers

DoorDash is sued over recent data breach

Dropping Elephant Hacker Group Attacks Defense Sector Using Python Backdoor via MSBuild Dropper

Email blind spots are back to bite security teams

Ennoble Care Data Breach: Sensitive Information Exposed

Fake Prettier Extension on VSCode Marketplace Dropped Anivia Stealer

FBI Warns of Rising Akira Ransomware Threat

Federal Communications Commission (FCC) rolls back ISP cybersecurity rules despite looming threat from China-linked hackers

Federal Communications Commission (FCC) Terminates Telecom Cyber Rules Enacted After Salt Typhoon Exploit

Flaws Expose Risks in Fluent Bit Logging Agent

Fota Wildlife Park endured €176k loss after dealing with costly cyber attack

Geisinger Health and former IT vendor reach $5 million settlement over insider data breach

Google Sues Giant Chinese SMS Phishing Operation That Made Use of US Brand Names

Goshen Health & Hancock Health Settle Pixel Data Breach Lawsuits

Grafana Flags Maximum-Severity SCIM Vulnerability Enabling Privilege Escalation

Hackers knock out systems at Moscow-run postal operator in occupied Ukraine

Hackers Replace ‘m’ with ‘rn’ in Microsoft.com to Steal Login Credentials

Hackers Replace ‘m’ with ‘rn’ in Microsoft.com to Steal Users’ Login Credentials

Harvard Donor, Alumni Information Breached in Phishing Attack

Harvard University data breach hits core community records: How the fallout affects students

Harvard University discloses data breach affecting alumni, donors

Heritage Communities Data Breach Affects PII and PHI

How Cybercriminals are targeting trucking operations

Iberia Airlines Hit by Data Breach Exposing Customer Personal Details

Iberia Airlines Notifies Customers of Supply Chain Data Breach

Iberia breach exposed frequent flyer data, hacker leaks files

Iberia Data Breach Exposes Customer Details via Supplier Vulnerability

Iberia’s Supplier Breach: A Wake-Up Call for Aviation’s Fragile Supply Chain

Increased security and employee productivity: Why are more companies going with passwordless authentication?

India: Central Bureau of Investigation (CBI) Arrests Fugitive Cybercrime Kingpin, Busts Fifth Illegal Call Center Targeting US Nationals

Intrusion at real estate finance business sparks concern for big banks

Italy’s Rail Operator Impacted as Almaviva Suffers Significant Data Exposure

JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach

Kaspersky research confirms $18 billion loss from ransomware attacks

Korean police report 38% drop in voice phishing after integrated task force launch

Leak of APT35 Internal Documents Reveals Their Targets and Attack Methods

Logitech Discloses Zero-Day Exploit Data Breach to the Securities and Exchange Commission (SEC)

Logistics Giant WEL Companies Confirms Major Data Security Incident

Major Banks Hit by Vendor Cyber-attack

Majority of ransomware attacks occur over holidays and weekends

Malicious Blender model files deliver StealC infostealing malware

Mall Logistics Source Code Leaked Data Breach

Matrix Push C2 abuses browser notifications to deliver phishing and malware

More organizations allegedly compromised by Clop ransomware gang

Nasajon Data Breach Results in Alleged Source Code Leak

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

New RadzaRat Spyware Poses as File Manager to Hijack Android Devices

New Shai-Hulud Attack Hits Nearly 500 npm Packages with 100+ Million Downloads

NVIDIA’s Isaac-GROOT Robotics Platform Vulnerability Lets Attackers Inject Malicious Code

Over 18 lakh users of Adda.io platform exposed in alleged data breach

Pair Accused of Transport for London (TfL) Cyberattack Deny Computer Misuse Charges

Philadelphia care provider Intercommunity Action notifies 2,680 people after breach exposed sensitive data

Pixtura Data Breach Exposes 158k Records Including IBANs and IDs

ProAgro Seguros Data Breach Exposes Insurance Policy Documents

Proof-of-Concept (PoC) Released for W3 Total Cache RCE Vulnerability Exposing 1+ Million Websites

Python Backdoor Delivered via MSBuild Dropper Used by Elephant Hacker Group in Defense Sector Attacks

Ransomware attacks peak during holidays & major business events

Ransomware Attacks Spike on Holidays and During Corporate Upheaval

Ransomware attacks surge on holidays and during major corporate upheavals, global study finds

Ransomware attacks targeted at weekends and holidays

Ransomware Gangs Shift Focus to the Cloud

Ransomware Spikes During Holidays and Weekends

Real-estate finance services giant SitusAMC breach exposes client data

Risk & Insurance Education Alliance Data Breach: Names & SSNs Exposed

Russian-linked Malware Campaign Hides in Blender 3D Files

Salesforce Confirms Wider Impact in Ongoing Gainsight Security Incident

Salesforce Data Breach: ShinyHunters Hack Gainsight Integration

Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

Shai Hulud npm Worm Impacts 26,000+ Repos in Supply Chain Attack

Shai-Hulud malware infects 500 npm packages, leaks secrets on GitHub

Singapore sees surge in ransomware attacks during holidays

SitusAMC Cyber Breach Sparks Fallout for JPMorgan, Citi, and Morgan Stanley

SitusAMC Cyberattack Exposes Major Bank Client Data, Possibly from JPMorgan Chase, Citi, and Morgan Stanley

SitusAMC Data Breach Affects Client Corporate Data

SitusAMC Data Breach Exposes Major Banks and Mortgage Lenders

Software companies must be held liable for British economic security, say MPs

South Korea: National Police Agency's Integrated Unit Cuts Phishing Reports by 38%

Spanish Airline Iberia Notifies Customers of Data Breach

Summit Hotel Properties Data Breach: SSNs & Names Exposed

Targeted Holiday Phishing Scams Spike with Fake Dolce & Gabbana and Pandora Storefronts and Cryptocurrency Schemes

Tenda N300 Vulnerabilities Allow Attackers to Execute Arbitrary Commands as Root

The Gentlemen Ransomware Group Hits Multiple Companies in Vietnam and Singapore

The privacy tension driving the medical data shift nobody wants to talk about

The Rise of Autonomous Cyber Operations: GTG-1002, the AI Attack that Showed Traditional Detect-and-Respond Playbooks Are Obsolete

UK privacy regulator has seen ‘collapse in enforcement activity,’ rights coalition says

Unauthorized Access to Employee Communications by ToddyCat APT in Targeted Firms

US banks scramble to assess data theft after hackers breach financial tech firm

vLLM Vulnerability Enables Remote Code Execution Through Malicious Payloads

VPN credential theft emerges as top ransomware entry point

What happens when vulnerability scores fall apart?

Wireshark 4.6.1 Fixes Vulnerabilities Allowing Attackers to Crash Wireshark

X’s 2025 Data Breach Exposes Billions of User Records and Emails

Zapier’s NPM Account Compromised, Multiple Packages Infected with Malware

Posted by at
Labels:
Subscribe to: Comments (Atom)