Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Monday, 6 April 2026

Data Breaches Digest - Week 15 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 6th April and 12th April 2026.


7th April

1 Billion Microsoft Users Warned As Angry Hacker Drops 0-Day Exploit

$20 Billion Lost to Cybercrime as AI and Investment Scams Surge

AI Agents and Non-Human Identities Creating Critical Security Gaps

AI-Driven Phishing: The "Hyper-Personalized" Threat Reaches Record Highs in Q1 2026

AI-enabled device code phishing campaign exploits OAuth flow for account takeover

AlumnForce Data Breach Exposes 2.7 Million User Records

Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

BlueHammer Zero-Day Exploit Leverages Windows Privilege Escalation, Prompts Security Concerns

Boston Mountain Data Breach Impacts 4,800 Patients

Brit Facebook worker ‘downloaded 30,000 private images from social media giant in massive data breach’

Cabinet d’Etude en Securite Pyrotechnique Hit By Ransomware Attack

CareCloud Confirms Data Breach as Cybersecurity Investigation Continues

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

China-Linked Storm-1175 Uses Zero Days To Deploy Medusa Ransomware

Civil Service Pension Scheme: Capita confirms data breach

Cost of a Data Breach vs Cost of a Pentest

Critical Android Zero-Interaction Flaw Triggers Remote DoS Attacks

Critical Common Unix Printing System (CUPS) Vulnerability Chain Allows Remote Code Execution as Root

Critical Flaw in Windmill Developer Platform Allows Remote Code Execution - Proof-of-Concept (PoC) Published

Cyber Attack Targets Brockton Hospital

Cyberattack hits Northern Ireland’s centralized school network, disrupting access for thousands

Cyberattack on German Democratic Socialist Party Die Linke, Claimed by Qilin Ransomware

Cyberattack on telecom giant Rostelecom disrupts internet services across Russia

Data Breach at Standard Bank Exposes Client Account Details

Data Breach Hits CareCloud’s Health Records System

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

EchoVPS Data Breach Exposes Source Code and User Database

Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa

FBI claims Cyber Attack victims incurred $17.7 billion loss in 2025

Figure Technology confirms data breach affecting nearly 1 million users

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Former Meta Engineer Investigated for Downloading 30,000 Private Images

FortiClientEMS Vulnerabilities Under Active Exploitation, Expose Systems to RCE

Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited

German authorities identify key figure behind REvil ransomware gang

German authorities want your help finding the hackers behind GandCrab and REvil

German Police Unmask REvil Ransomware Leader

German political party Die Linke targeted in ransomware attack

Germany Names Suspected Leader of REvil and GandCrab Ransomware Gangs

GitHub Abused as C2 In North Korea-Related LNK Phishing Campaign

Google study finds LLMs are embedded at every stage of abuse detection

GrafanaGhost Exploit Bypasses AI Guardrails for Silent Data Exfiltration

GrafanaGhost Exploit Exfiltrates Sensitive Grafana Business Data via Indirect Prompt Injection

GrafanaGhost Vulnerability Allows Data Theft via AI Injection

GPU Rowhammer Attack Enables Privilege Escalation and Full System Compromise

Hacker group “Handala” leaks data on Israel’s “Drone Queen”

Hackers Leverage LogMeIn Resolve and ScreenConnect In Phishing Attacks

Hackers Pose as Non-Profit Developers to Deploy Monero Mining Malware

Healthcare data breach hits system storing patient records

Heart South Data Breach Affects 46k Patients

How did Hasbro Handle a Cyber Attack on its Systems?

How phishing changed in 2025 and what to expect in 2026 and beyond

Illy Caffè Data Breach Exposes Employee Info

Immigration Software Firm Hit With Data Breach Impacting 116,666 People - Names, Social Security Numbers and More Exposed

Iran launches cyber attack against US hours before Donald Trump's deadline

Iranian Hacker Group Handala Targets Israel’s UAV Backbone with First-Ever Leaked Photo of Elbit Design Team

Is AI-powered phishing outsmarting your employees?

Jones Day confirms cyber attack after hackers access client files

Jones Day confirms data breach after hackers leak client files online

Jones Day data breach exposed files tied to 10 client matters

Jones Day hit by cyber attack linked to group targeting law firms

KyunCall Data Breach Exposes User Passwords and Profiles

Letters sent to possible victims in Syracuse police data breach that cost city $250K

Long-Running Malware Campaign Uses Fake Installers To Deploy RATs, Monero Miners

Malaysia’s digital growth and geopolitics widen cyber attack surface, raising critical infrastructure risks

Malicious web content can be used to deceive and exploit AI agents, Google DeepMind says

Massachusetts hospital turning ambulances away after cyberattack

Massive DDoS attack hits Russian state-run telecom, disrupting internet and banking

Max severity Flowise RCE vulnerability now exploited in attacks

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

Medusa Ransomware Group Exploits Zero-Day Vulnerabilities Within 24 Hours of the Breach

Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks

Microsoft Warns Storm-1175 Exploiting Web-Facing Vulnerabilities to Deploy Medusa Ransomware

Microsoft Warns Storm-1175 Exploits Web-Facing Assets 0-Day Flaws in Medusa Ransomware Attacks

MyLovely.AI Data Breach Exposes Private Content of Over 106,000 Users

New FBI Warning: Chinese Apps Could Expose User Data

New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips

New “GPUBreach” Attack Grants Full System Compromise and Root Shell Access

New Orleans Saints Data Breach Exposes Sensitive Information

New Trump Administration Budget Cuts $707 Million from CISA Funding

Nigeria Data Protection Commission (NDPC) Investigates Remita and Sterling Bank Over Alleged Data Breach

‘No evidence’ of data theft in Northern Ireland schools cyber attack as Easter break disruption continues

Node.js-Based Windows RAT Delivered via ClickFix Phishing Luse

North Korean hackers smiled and shook hands before $280 Million crypto heist

Northern Ireland: Education Authority (EA) 'making good progress' to restore access following cyber attack

Northern Ireland: Education Authority says no evidence so far of data taken or corrupted after cyber attack

Northern Ireland: Education Authority (EA) update following C2K cyber attack data concerns

Northern Ireland: Education cyber-attack - 'Intensive work' to get hundreds of schools back on system before pupils return, say officials

Northern Ireland: Pupils back to school in holidays to deal with fallout from cyber attack

Northern Ireland education network hit by cyberattack ahead of exams

Northern Ireland Students Return to School During Easter Break After Cyber Attack

Over $17 billion Lost to Cyber Fraud in the Last Year, Warns FBI

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Phishing scams double in Belgium with thousands of cases reported daily

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ Security Tools

Russian APT28 Hackers Hijack Routers to Steal Credentials, UK Security Agency Warns

Russian government hackers broke into thousands of home routers to steal passwords

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

Snowflake customers hit in data theft attacks after SaaS integrator breach

Space Bears Ransomware Attack Hits Brooklands of Mornington

Standard Bank notifies clients of data breach

Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks

Storm-1175 exploits web-facing systems to drive ransomware attacks across healthcare and services in US, UK, Australia

Storm-1175 Targets Web-Facing Vulnerabilities In Medusa Ransomware Campaigns

Tackling data breach risks requires perpetual planning

Telehealth company Hims & Hers discloses data breach

The dangers of telehealth: data breaches, phishing, and spam

The flowise AI crisis: why 12,000+ exposed servers are a hacker's playground

Threat Actors Abuse LogMeIn Resolve and ScreenConnect in Multi-Stage Phishing Attacks

Threat Actors Exploit LogMeIn Resolve, ScreenConnect in Phishing Campaigns

UK exposes Russian cyber unit hacking home routers to hijack internet traffic

US warns of Iranian hackers targeting critical infrastructure

When the Goal Is Destruction: What the Stryker Cyber Attack Means

Windows zero-day appears on GitHub: hackers run FunnyApp.exe and gain SYSTEM privileges

World Health Day: Kaspersky Warns of Data Breach Risks in Telemedicine

Wynn Resorts data breach impacts over 21,000 employees following HR system attack

Wynn Resorts Says 21,000 Employees Affected by ShinyHunters Hack

Wynn Resorts says hackers “deleted stolen data”, yet notice reveals 21,000 affected

Zero Trust: it’s not about eliminating all trust

Zmuth.com Data Breach Exposes WhatsApp and CRM Data

6th April

1.2 million Crunchyroll users confirmed impacted by data breach

64% of Dallas Workers Say AI Is Raising the Stakes for Workplace Phishing

75% of Cyberattacks Start with Phishing Emails, UAE Cyber Council Says

A Compromised Tool Opened the Door to a 91GB European Commission Data Leak

AI-Enabled Ransomware Demands AI-Enabled Defense - Not Just Better Recovery

Airdeals, Airtips, and Payair Data Breach and Extortion Attack

Arizona cardiology practice paying $3.85 Million to resolve lawsuit after data breach

Backups won’t save you from this version of ransomware

Bahrain: Hacker attacks jump as regional tensions explode

Banning Routers Won’t Secure the Internet

Breach of FBI Surveillance System Considered a “Major Incident,” Security Experts Weigh In

Brockton Hospital impacted by system-wide cyber attack, services cancelled, patients diverted

Chilean IT Firm FreeSAP Suffers Data Breach and Extortion Attack

CISA orders feds to patch exploited Fortinet EMS flaw by Friday

Convicted spyware maker Bryan Fleming avoids jail at sentencing

Cyber Attack Forces Hasbro to Take Systems Offline

Cyber fraud surges to $17.6 billion in losses as scams, crypto theft soar

Cyberattack Disrupts Massachusetts Emergency Dispatch, 911 Services Remain Active

Data Breach makes AI Startup loose business contract with Meta

Data breach notice clarified by T-Mobile

Deminima Gynecology Clinic Suffers Patient Data Breach

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Drift $280 Million crypto theft linked to 6-month in-person operation

Drift Hack Exposes $28.5 Million Democratic People's Republic of Korea (DPRK) Social Engineering Campaign Initiated Six Months Ago

EmergiaCC Colsubsidio Alleged Internal Data Breach

Evolve Your English Investigates Major 700K User Data Breach

Federal Communications Commission (FCC) Moves to Fine Voxbeam $4.5M in Robocall Case Linked to Foreign Traffic

First stalkerware maker prosecuted since 2014 receives no jail time

German authorities identify alleged leader of GandCrab and REvil ransomware gangs

German authorities identify REvil and GandCrab ransomware bosses

German Police Identify Key Figures Behind REvil Ransomware Group

German police unmask two suspects linked to REvil ransomware gang

Germany Reveals the Name of Alleged REvil Ransomware, GandCrab Leader Daniil Maksimovich Shchukin (UNKN)

Germany Unmasks Alleged REvil Mastermind ‘UNKN’ in Cybercrime Crackdown

Germany's Federal Criminal Police Office (BKA) Identifies REvil Leaders Behind 130 German Ransomware Attacks

Germany’s Federal Criminal Police (BKA) unmasks two REvil Ransomware operators behind 130+ German attacks

Hackers threaten to leak data after cyberattack on German party Die Linke

Harvard faces ‘active and specific cybersecurity threat’

Healthcare data breach hits system storing patient records

How Security Leaders Can Safeguard Against Vibe Coding Security Risks

Identity of REvil and GandCrab ransomware leader revealed

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

IT talent looks the other way as wireless security incidents pile up

Jones Day confirms limited breach after phishing attack by Silent Ransom Group

Medusa ransomware group using zero-days to launch attacks within 24 hours of breach

Meta Pauses Work With Mercor After LiteLLM-Linked Data Breach

Meta Reportedly Halts Work With AI Partner Mercor After Data Breach Incident

Meta Suspends Work With $10 Billion AI Startup Mercor After Cyberattack

Microsoft links Medusa ransomware affiliate to zero-day attacks

Microsoft Teams Users Being Targeted in State-Linked Phishing Campaign

Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins

New Fortinet Flaw Allows Unauthorized Access to Enterprise Systems

New GPUBreach attack enables system takeover via GPU rowhammer

Nigeria Data Protection Commission (NDPC) investigates Remita, Sterling Bank for alleged data breach

Nigeria Data Protection Commission (NDPC) investigates Remita, Sterling Bank over alleged data breach

Nigeria Data Protection Commission (NDPC) probes Remita, Sterling Bank over alleged data breach

Nigeria Data Protection Commission (NDPC) Probes Sterling Bank, Remita For Alleged Data Breach

Nike sued after data breach allegedly put customer PII at risk of identity theft

North Korea Spent 6 Months Infiltrating Drift Protocol Only to Drain $285 Million in 12 Minutes

North Korea’s hijack of one of the web’s most used open source projects was likely weeks in the making

North Korea-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

North Korean Hackers Pose as Trading Firm to Steal $285 Million from Drift

Northern Ireland Education Authority says 'good progress' on restoring system after cyber attack

Northern Ireland pupils have to return to school over Easter break because of cyber attack

OMI360 Data Breach: Spanish Health Tech Firm Hacked

One of the largest corporate espionage and data breach scandals in digital history': New "BrowserGate" report claims LinkedIn secretly scans user browsers for installed extensions and collects device data

Phishing emails drive 75% of cyberattacks in the UAE

Qilin and Warlock ransomware: Using vulnerable drivers to disable EDR

Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools

Qilin ransomware group targets German political party Die Linke, threatens data leak

Qilin Ransomware targets Die Linke of Germany

QR Code Scams: New phishing scams baiting breaches

Ransomware attacks spread, spotlight falls on world of ransom negotiators

Residential proxies make a mockery of IP-based defenses

Russia sentences veteran hacker to 15 years in prison

Scammers use fake traffic violation texts with QR codes for phishing

Simple.biz Web Agency Data Breach Exposes US Clients

Singapore, US warn of latest Fortinet bug being exploited in wild

Southern Illinois Dermatology Data Breach Exposes SSNs

Tax Season Phishing Campaigns Spread Malware and Drain Victim Funds

Telehealth Giant Him & Hers Announces Data Breach

The Olympics Is a Hacker’s Favorite Sporting Event

This devious VENOM phishing campaign targets business executives by name - so watch what you click on

Traffic Violation Scams Targeting US Residents Adopt QR Code Phishing Tactics

UAE Cyber Security Council warns that 3.4 billion daily phishing emails cause 75 percent of breaches

YMED Soon-Care Suffers Massive Healthcare Data Breach and Extortion

Posted by at
Labels:

Sunday, 5 April 2026

Data-Leaking Ransomware Report - Q1 2026

Welcome to the first quarter of this year's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st January and 31st March 2026.


DBD discovered and researched 2440 Global Ransomware Victims over 101 Countries and Islands, including 1198 US Ransomware Victims over 50 States and Districts, claimed by 87 Data-Leaking Ransomware Operators in Q1 2026.

DBD also discovered and researched 22 New Active Ransomware Operators in Q1 2026, further details of which can be found in our PRiSM application.

Download PDF



Data Source: Data Breaches Digest.

Posted by at
Labels: , ,

Thursday, 2 April 2026

Data-Leaking Ransomware Report - March 2026

Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st March and 31st March 2026.


DBD discovered and researched 914 Global Ransomware Victims over 80 Countries and Islands, including 450 US Ransomware Victims over 49 States and Districts, claimed by 66 Data-Leaking Ransomware Operators in March 2026.

DBD also discovered and researched 10 New Active Ransomware Operators called AiLock, ALP-001, ATTACKER, Audit Team, Exitium, Krybit, Loki, MNT6, NetRunner and XP95 in March 2026.

Download PDF



Data Source: Data Breaches Digest.

Posted by at
Labels: , ,

Wednesday, 1 April 2026

Ransomware Operator Claims - Week 13 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 23rd March and 29th March 2026, kindly assisted by our partners.

DBD discovered and researched 168 Ransomware Victims over 43 Countries and Islands claimed by 31 Data-Leaking Ransomware Operators, including 3 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels: ,

Monday, 30 March 2026

Data Breaches Digest - Week 14 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th March and 5th April 2026.


5th April

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

$285 Million Drift Hack Traced to Six-Month North Korea Social Engineering Operation

AI phishing scams now behind 90% of cyber breaches

BrowserGate: LinkedIn Tracks 6,000+ Browser Extensions on Users’ PCs

Cambodia passes first law targeting scam centers amid crackdown

Conduent Says Data Breach Bigger Than Previously Reported

Florence’s Uffizi Galleries hit by cyberattack, museum denies breach claims

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Germany Doxes “UNKN,” Head of Russian Ransomware Gangs REvil, GandCrab

‘Good progress’ being made after cyber attack wiped out Northern Ireland’s school systems

Google Drive adds AI shield to crush ransomware threats

Hackers exploit React2Shell in automated credential theft campaign

New FortiClient EMS flaw exploited in attacks, emergency patch released

Nigeria opens data breach probe into digital payments ecosystem

Northern Ireland: Education Authority (EA) making 'good progress' to restore school IT systems after cyber attack

Traffic violation scams switch to QR codes in new phishing texts

4th April

Axios npm hack used fake Teams error fix to hijack maintainer account

Billion-Dollar Bank Handing $1,500,000 To Current and Former Customers To Settle Class Action Lawsuit Over Data Breach

City of Madison and FBI warn about criminals impersonating city officials

Crunchyroll's Big Data Breach Just Got Worse

Device code phishing attacks surge 37x as new kits spread online

DocketWise Data Breach Affects 116k People, Exposing SSNs

Education Authority making ‘positive progress’ following cyber attack on Northern Ireland schools

Education Authority update after Northern Ireland school systems hit by cyber attack

EU Data Breach Exposes Emails, User Data in Major Hack

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

FBI releases statement on ransomware attack of Minot’s water treatment plant

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

'Growing 3x faster than police staffing': Surge in cybercrime and new laws on ransomware payment could put UK businesses (and their directors) in a "compliance trap"

Hacking group stole 92 GB data of EU in recent cyberattack

Hims & Hers Warns of Data Breach After Third-Party Customer Service Platform Incident

Hong Kong: Digital Policy Office (DPO) provides technical support following Hospital Authority data breach

Hong Kong: Probe launched after Hospital Authority data breach involving 56,000 patients

Hong Kong Hospital Authority apologises for data breach involving 56,000 patients

Italy's famed Uffizi admits cyber-attack but denies security breach

Meta paused its work with AI training startup Mercor after a data breach

Meta pauses Mercor work after major data breach

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta suspends work with Mercor after security breach

Northern Ireland: Fermanagh pupils among those affected by cyber attack on schools

Northern Ireland schools cyber attack: what we know

Northern Ireland's Education Authority making ‘positive progress’ after cyber attack

Qilin ransomware group claims the hack of German political party Die Linke

Ransomware attack on Vivaticket disrupts Louvre and major European museums

UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles

3rd April - World Cloud Security Day

$10 Billion AI Hiring Startup Mercor Confirms Data Breach Affecting Tech Talent

14,000+ F5 BIG-IP APM Instances Exposed as RCE Exploits Surge

Accused North Royalton Spyware Hacker Walks Free After 9 Years Behind Bars

Adobe Breach: Threat Actor Claims Leak of 13 Million Support Tickets

Adobe Breach - Threat Actor Allegedly Claims Leak of 13 Million Support Tickets and Employee Records

AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data

AI recruiting firm Mercor hit by data breach

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

AiLock Attack Hits Piet Vijverberg and Berning & Söhne

Akira Hackers Shrink Encryption Timeline to Under One Hour

An AI Just Hacked a Hardened Operating System That Was Meant to Be Hacker‑Proof

Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3 Million Downloads

Apology issued to staff and pupils as schools in Northern Ireland hit by cyber attack

Axios Maintainer Says npm Compromise Stemmed From Targeted Social Engineering

Axios npm Package Compromised by North Korea-Linked Threat Actors

Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting

Brokk purportedly hacked by Play ransomware, data leaked

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

Check City sends breach notices a year after Clop attack hit 320,000 customers

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Chinese spy group TA416 is back after years of silence, now targeting EU and NATO

CISA Adds TrueConf Flaw to Known Exploited Vulnerabilities (KEV) Catalog Amid Active Exploitation

CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers

Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)

Claude Code source leak exploited to spread malware

Closing the Ransomware Gap: Mexico’s Rising Cybersecurity Risk

Cyber attack hits IT system for Northern Ireland schools

Die Linke German political party confirms data stolen by Qilin ransomware

DragonForce Breaches Asmar, SUTEX, Bunch, Klean, Northstar, Acme, J Brand, CES, Singita, ATPkg, Congoleum, Greenway, FHW

Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to North Korea

Duales’ Duc App Data Left Unprotected Due to Unencrypted Server, Over 360,000 Files Exposed

Education Authority: cyber attack on IT system used in Northern Ireland schools

Education Authority confirms cyber attack on C2k school system as access suspended across Northern Ireland

Education Authority statement as Northern Ireland school systems targeted by cyber attack

EU Commission says TeamPCP data breach impacted 29 Union entities

EU cyber agency attributes major data breach to TeamPCP hacking group

Europe’s cyber agency blames hacking gangs for massive data breach and leak

European Commission cloud breach traced to Trivy supply-chain attack

European Commission hack exposes data of 30 EU entities

Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users

FBI Declares Surveillance System Breach a ‘Major Incident’

FBI labels data breach ‘major incident,’ notifies Congress

Federal Communications Commission (FCC) proposes $4.5 million fine for voice service provider hosting ‘suspicious’ foreign call traffic

Forex data leak claims spark fears of fraud and market manipulation

Former Employee Pleads Guilty to Insider Hacking and Extortion of US Industrial Company

GitHub Abused As C2 Server In New North Korea-Related LNK Phishing Campaign

Google Drive cloud storage gets AI-powered ransomware detection feature

Groupe SERAP Suffers Akira Ransomware Attack and Data Breach

Hacker attack on the Uffizi Galleries: "No theft, no damage"

Hackers Abuse Trusted Platforms to Steal Bank Credentials From Philippine Users

Hackers Exploit React2Shell Flaw to Compromise 700+ Next.js Hosts

Hackers Use Phorpiex Botnet to Spread Ransomware, Sextortion, and Crypto-Clipping Malware

Highly evasive spear-phishing campaign targeting senior execs ‘neutralizes’ Multi-Factor Authentication (MFA)

Hims & Hers Data Breach Exposes Customer Data via Compromise at Third-Party Customer Support Provider

Hims & Hers data breach exposes customer support data

Hims & Hers warns of data breach after Zendesk support ticket breach

Industrias Guerra S.A. Hit by Crypto24 Ransomware Attack

Infrastructure Engineer Pleads Guilty to Locking 254 Company Windows Servers

Inside Healthcare’s Ongoing Ransomware Challenge

Internet-connected coffee machine reportedly led to data breach

Iranian Hacker Group Handala Claims Breach of Israeli Defense Contractor

Italy's famed Uffizi admits cyber-attack but denies security breach

Jamalpur Upazila Administration Suffers Data Breach

Liberia Institute of Statistics (LISGIS) Suffers Data Breach

LinkedIn caught spying on users’ browsers: sensitive data harvested

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

Luxembourg: Chamber of Deputies website back online following attempted cyber-attack

Malicious WhatsApp version used to distribute spyware, activate cameras, listen to calls

Man admits to locking thousands of Windows devices in extortion plot

Massachusetts emergency communications system impacted by cyberattack

Mercor Data Breach: 4TB Stolen in LiteLLM Supply Chain Attack

Meta Halts Mercor Partnership After AI Training Data Breach

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Microsoft and National Cyber Security Centre (NCSC) issue alerts over hacker campaigns targeting WhatsApp, Signal messaging apps

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Mihnati Data Breach Exposes Saudi Candidate Profiles

National Aerospace Fasteners Targeted in WorldLeaks Ransomware Attack

New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs

New Ransomware Strain Mimicking Akira Targets Windows Systems In South America

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Nigerian hacker claims 3TB data breach at Remita payment platform, others

North Korea Uses GitHub as C2 in New LNK Phishing Campaign

North Korea-Related Campaign Abuses GitHub as C2 in New LNK Phishing Attacks

North Korean Hackers Abuse GitHub to Spy on South Korean Firms

Northern Ireland: Education Authority gives update following cyber attack on important IT system

Northern Ireland: School computer systems targeted in cyber attack

Northern Ireland: School IT system targeted in cyber attack ahead of exam season

Northern Ireland: Thousands of students unable to prep for exams as IT system targeted in cyber attack & ‘critical measures’ deployed

Northern Ireland school network targeted by cyber attack - full investigation launched

Oklahoma’s New Consumer Privacy Law and Data Breach Updates: What Businesses Need to Know

OpenSSH 10.3 Fixes Critical Shell Injection and Security Flaws

Outdated laws treat whitehats and criminals the same: security researchers at risk

Payload Breach Hits Tscherne Consulting & United Finance Egypt

Phorpiex Botnet Fuels Ransomware, Sextortion, and Crypto-Theft Attacks

Pro-Iran Handala group breached Israeli defence contractor PSK Wind Technologies

Qilin Ransomware Deploys Malicious DLL to Disable Most EDR Defenses

Qilin Ransomware Uses Malicious DLL to Disable Nearly All EDR Solutions

Some of the largest Massachusetts organizations are vulnerable to phishing, survey says

Speculation mounts over alleged Adobe breach as threat actor claims theft of 13 Million support tickets

Sri Lanka Provincial Department of Education Data Breach

St. Joseph County officials address cyber attack by Iranian-backed hacker group

Stryker fully operational after crippling data-wiping cyberattack

Stryker Fully Operational After March Cyberattack

T-Mobile Sets the Record Straight on Latest Data Breach Filing

Texas hospital cyberattack exposes SSNs, medical data of 257,000 patients

The Center for Hearing & Speech Hit by Interlock Ransomware Attack

The Future of Cyber Warfare and its Impact on Global Business Stability

The UK Cyber Security and Resilience Bill: What Operational Technology (OT) Asset Owners Need to Know Now

Threat Actor Selling Root Access to Mexican Manufacturing Firm

Trivy supply chain attack enabled European Commission cloud breach

Trusted Online Platforms Exploited In Credential Theft Attacks Targeting Filipinos

Uffizi Gallery: No theft or damage after hacker attack

Ukraine warns Russian hackers are revisiting past breaches to prepare new attacks

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 Targets Node.js Maintainers via Fake LinkedIn, Slack Profiles

Wolf Technology Group Suffers Nova Ransomware Data Breach

World Cloud Security Day: Breaking Down the State of the Cloud Cybersecurity and Physical Security

Yurei ransomware campaign leverages Stranger Things themes

2nd April

22 million users at risk? Paidwork data allegedly up for sale on hacker forum

72% of Workers Say AI Is Giving Phishing a Dangerous New Edge

250,000 Affected by Data Breach at Nacogdoches Memorial Hospital

Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime

Akira ransomware group can achieve initial access to data encryption in less than an hour

Alleged Cisco Breach Linked to Trivy Supply Chain Compromise, ShinyHunters Claims 3 Million Salesforce Records

An overview of ransomware threats in Japan in 2025 and early detection insights from Qilin cases

Apple Expands iOS 18 Security Updates Amid DarkSword Threat

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

Apple Issues Rare Patch: Up to 270 Million iPhones Could Be Vulnerable to ‘DarkSword’ Exploit

Apple Security Fix Defends Devices From DarkSword iOS Exploit

BLACKNET-00: The Ransomware-as-a-Service Platform That Weaponizes Mediocrity

Cardiovascular Consultants Pays $3.85 Million to Settle Data Breach Litigation

Cetera, Ameriprise face class action lawsuits over alleged data breaches as FINRA launches cyber threat portal

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

City water treatment plant targeted by ransomware

Clark County will pay for data breach

Claude Code leak used to push infostealer malware on GitHub

ComTec Systems Data Breach Result of Ransomware Attack

Controversial, hidden, or upcoming features discovered in leaked Claude Code

Critical Cisco Integrated Management Controller (IMC) authentication bypass gives attackers Admin access

DarkSword exploit forces Apple to loosen its patching policy

Democratic People's Republic of Korea (DPRK) Phishing Campaigns Exploit GitHub C2 to Target Users in South Korea

Drift crypto platform confirms $280 million stolen in hack as researchers point finger at North Korea

Drift loses $280 million North Korean hackers seize Security Council powers

EvilTokens abuses Microsoft device code flow for account takeovers

Fake CERT-UA Site Spreads Go-Based RAT in Phishing Campaign

FBI Warns of Data Security Risks in Foreign-Developed Mobile Apps

FBI, CISA warn of Russian intelligence phishing campaign

Fondazione IRPEA Suffers Ransomware Attack by INC Ransom

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

GlassWorm Supply Chain Cyber Attack Threatens Connected Cars

Global Microsoft device code phishing facilitated by novel EvilTokens kit

Google now requires Android developers to verify their identity or lose sideloading

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Hackers weaponize website sign-up forms to bury fraud in victims’ inboxes

Handala Deletes 22TB of Data from 14 Israeli Companies During Passover

Hasbro cyberattack disrupts operations as investigation into data breach continues

Hasbro Cyberattack Knocks Systems Offline, Recovery Could Take Weeks

Hasbro Discloses Cyberattack After Unauthorized Network Access Detected

Hasbro Hacked, Recovery Could Take “Several Weeks”

Hasbro hit by cyberattack, investigates possible data breach

Hasbro says cyberattack knocked systems offline, recovery could take weeks

Hasbro Systems Nerfed by Data Breach; IT Recovery Underway

Hasbro that owns Peppa Pig hit by ransomware attack

Hims & Hers Data Breach Exposes Customer Service Records

How a Solana feature designed for convenience let attackers drain more than $270 million from Drift

Immigration and Customs Enforcement (ICE) deploys spyware to track fentanyl, sparking privacy fears

Immigration and Customs Enforcement (ICE) says it bought Paragon’s spyware to use in drug trafficking cases

Innovative Pharmacy Packaging Corporation (IPPC) Data Breach Exposes Wide Range of Sensitive Personal and Health Info

Intesa Sanpaolo Missed Unauthorized Access for 2 Years, Regulator Reveals

Iowa State Attorney General Sues Change Healthcare in 2024 Ransomware Attack

Iranian Hacker Group Handala Claims Breach of Israeli Defense Firm

Lloyds group advises MPs that half a million were impacted by data breach

Massachusetts Towns Impacted by Emergency Comms Cyber Attack

Medtech giant Stryker fully operational after data-wiping attack

Mercer Advisors Data Breach: Sensitive Records Exposed

Mercor, a $10 billion AI startup that works with companies including OpenAI and Anthropic, confirms major data breach

Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs

Money transfer app Duc exposed thousands of driver’s licenses and passports to the open web

Most Critical National Infrastructure (CNI) Firms Face Up to £5m in Downtime from Operational Technology (OT) Attacks

National Cyber Security Centre (NCSC) Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts

New Akira Lookalike Ransomware Campaign Targeting Windows Users in South America

New Progress ShareFile flaws can be chained in pre-auth RCE attacks

New 'Storm' Infostealer Remotely Decrypts Stolen Credentials

North Korea-linked hack hits largely invisible software that powers online services

Nurture Life Data Breach Exposes Customer and Children PII

Oklahoma Tax Commission data breach raises concerns

Oklahoma Tax Commission reports data breach impacting taxpayers

OkTAP Data Shock: Oklahoma Taxman Warns Locals After Security Breach

Onyx Equities Data Breach Exposes SSNs

Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks

PaidWork Data Breach Exposes 22 Million User Records

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Phishing campaign delivers Casbaneiro and Horabot banking trojans

Poisoned pixels, phishing, prompt injection: Cybersecurity threats in AI-driven radiology

Qilin Hits Die Linke, Jursaconsulting, CHEK News, Neurologic

Qilin Ransomware Uses Malicious DLL to Kill Almost Every Vendor’s EDR Solutions

Ransomware attackers increasingly exploit legitimate IT tools, bypassing antivirus

Ransomware gangs are now focusing more on speedy attacks

Ransomware intrusion compromises North Dakota water treatment facility

Ransomware surge puts cyber protection at centre of Thailand’s digital push

Researchers Observe Sub-One-Hour Ransomware Attacks

Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

Residential proxies evaded IP reputation checks in 78% of 4 Billion sessions

Russian hackers are after your WhatsApp and Signal account, UK warns

Russian hackers target firm behind robot that cleaned up Chornobyl

Scammers are targeting Canadians with a milk settlement that doesn't exist

Schools and trusts urged to ignore fake Department for Education (DfE) letter about data breach

ShinyHunters Hackers Claim Theft of 3 Million+ Cisco Records, Threaten Public Leak

SnowSoul Attack Hits Multiple Chinese Organizations

Software supply chain hacks trigger wave of intrusions, data theft

South Africa: Data Breach Hits Stats SA as Official Confirms Incident

South African data breach highlights need for effective incident response

Sportradar, Bet365, and FIBA Data Exposed in Vect Ransomware Breach

St. Joseph County says data breach tied to third-party fax system, not internal network

Storm Infostealer Sold as Service, Targets Browsers, Wallets and Accounts

Suspected Head of Cyberfraud Syndicate Li Xiong Extradited from Cambodia to China

Synopsys Data Breach Exposes SSNs, Medical Info, and More

Telehealth giant Hims & Hers says its customer support system was hacked

Third-party hack affirmed by Nissan after Everest ransomware assertions

Threat actor UAC-0255 impersonates CERT-UA to spread AGEWHEEZE malware via phishing

Trilateral Cooperation Secretariat Japan Data Breach

TriMed reports September 2025 data breach involving limited patient information

TrueConf zero-day vulnerability exploited to target government networks

Universidad del Cauca Suffers Data Breach Exposing PII

Vietnam-Linked PXA Stealer Campaign Exploits LinkedIn to Target Professionals Globally

What Is a Data Breach?

What to Do After a Data Breach

WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action

WhatsApp says Italian surveillance company tricked around 200 users into downloading spyware

WhatsApp Spyware Alert: Fake App Targets Users in Italy

WhatsApp warns users of fake app used to distribute spyware

Why Cybercriminals Are Using Large Language Models to Automate Global Ransomware

Why GitHub Developers Are Targeted by Token Giveaway Scams

Xiamen Tungsten Co. Data Breach by Beast Ransomware

Xtium Managed Service Provider Data Breach and Extortion

Yurei Ransomware Uses Common Tools, Adds Stranger Things References

1st April

8 in 10 UK Manufacturers Hit by Cyber Incident in a Year

8 in 10 UK Manufacturers Report Cyber-attacks

10 Data Security Stories to Know About

Advantage Media Services Data Breach: PII Exposed

AI scams don't need deepfakes. They need your grandparents’ loneliness

AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM

Ajax hands out new mobile tickets for next matches following data breach

Amid the DarkSword threat, Apple releases a rare iOS 18 security patch

Anthropic Leaks 512,000 Lines of Claude AI Code in Major Blunder

Anthropic took down thousands of GitHub repos trying to yank its leaked source code - a move the company says was an accident

Apple expands iOS 18 updates to more iPhones to block DarkSword attacks

Apple Pushes Rare iOS 18 Patch for Devices at Risk from DarkSword Exploit

Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks

April fool or omen? Iran threatens to blitz US big tech across the Middle East

Attack on the Dubai airport may have resulted in American passport leak

Axios Supply Chain Attack Linked to North Korea-Affiliated Hackers UNC1069 by Google

Banking tech data breach exposes 672K in ransomware attack

Bogus LinkedIn message alerts enable credential siphoning

Britain is under constant cyber attack and we are still treating it like an IT problem

Businesses are rapidly seeking to acquire data sourced from ransomware breaches

Businesses warned to overhaul backups amid ransomware

Cambodia extradites alleged cyber scam linchpin to China as crackdown intensifies

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

Chinese Hackers Target European Governments in Espionage Campaigns

Cisco Systems Inc Investigating Major Data Breach by ShinyHunters

Cisco’s Salesforce CRM Breach Puts Three Million Customer Records at Risk

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Clawing Back on Security: Challenges with Agentic AI Systems

Computer Emergency Response Team of Ukraine (CERT-UA) Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

Co-op reveals £285 million revenue hit from 2025 cyber attack

Crypto platform Drift suspends services after millions stolen in security incident

Cybercriminals take aim at Hasbro, weeks of recovery ahead

De-fi platform Drift suspends deposits and withdrawals after millions in crypto stolen in hack

Defending Encryption in the Post Quantum Era

Everest increases pressure on Nissan, but desperation creeps in

FBI warns against using Chinese mobile apps due to privacy risks

Financial groups lay out a plan to fight AI identity attacks

Firms warned on ransomware amid backup and AI sprawl

FulcrumSec Breach Hits Unique Computing, Gennet.AI, ReFocus AI, Patriotic, Alliance, Ohio Mutual

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google Chrome Update Fixes 21 Flaws, Warns of Actively Exploited Vulnerability

Google Drive can now detect ransomware and roll back your files

Google Drive ransomware detection now on by default for paying users

Google Drive will now protect everyone against ransomware

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)

Google fixes fourth Chrome zero-day exploited in attacks in 2026

Google Introduces Android Developer Verification Amid Openness Debate

Google Warns Quantum Computers Could Crack Crypto Sooner Than Expected

Grand Theft Auto (GTA) V role-play servers neglected security, exposing millions of players’ records

Hacker charged for stealing $53 million in crypto, faces up to 30 years in prison - Uranium Finance thief spent $2 million of illicit funds on Magic: The Gathering, $1 million on Pokémon cards

Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

Hackers exploit TrueConf zero-day to push malicious software updates

Hackers Hijack Axios npm Package to Spread RATs

Hackers hit Cisco: 3 Million Salesforce records, GitHub repos allegedly stolen

Hasbro says it was hacked, and may take ‘several weeks’ to recover

Hasbro takes some systems offline after cybersecurity incident

Healthcare data breach raises concerns over cloud security

ImageMagick Zero-Day Enables RCE on Linux and WordPress Servers

Iran Calls U.S. Tech Companies ‘Legitimate Targets,’ Threatens to Attack

Iran Threatens to Attack Apple, Google, and Other US Tech Firms in Middle East

Iranian-backed hacker group claims St. Joseph County data breach

Kaspersky Warns of a New Phishing Technique

Kaspersky Warns of a New Phishing Technique Leveraging Bubble, a no-code AI Platform

LeakNet Changes Tactics, But Consistency Gives Defenders an Advantage

LinkedIn Phishing Scam Uses Fake Notifications to Hijack Accounts

Major Italian bank fined €31.8M after employee snooped on 3,500 customers

Malware detectors trained on one dataset often stumble on another

Manufacturing Is the Most Targeted Sector in Ransomware. By a Wide Margin

Mercor AI Confirms Data Breach Following Lapsus$ Claims of 4TB Data Theft

Mercor AI Cyberattack Tied to LiteLLM Project Compromise, Lapsus$ Claims Breach

Mercor confirms cyberattack as hackers claim 4TB of critical data in possession

Mercor confirms security incident tied to LiteLLM supply chain attack

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

Monetization of ransomware-stolen data touted by new cybercrime service

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation - Patch Released

New Criminal Service “Leak Bazaar” Plans to Monetize Data Stolen by Ransomware Gangs

New CrystalRAT malware adds RAT, stealer and prankware features

New EvilTokens service fuels Microsoft device code phishing attacks

New Venom Stealer Malware-as-a-Service (MaaS) Platform Automates Continuous Data Theft

NightSpire Hits GMP Group, Ghazi Brothers, Notre-Dame du Grandchamp

Nissan Investigates 910GB Data Breach and Extortion Attack

Nissan says stolen data came from third-party vendor after hacking group claims breach

North Carolina town recovers data of 22,000 individuals stolen during a ransomware attack

North Dakota water treatment plant reports March ransomware attack

North Korea’s Lazarus Group Behind the Axios npm Supply Chain Attack

North Korean hackers behind Axios critical supply chain attack, Google says

North Korean hackers linked to Axios npm supply chain compromise

'NoVoice' Android malware on Google Play infected 2.3 million devices

Orthopedic implant manufacturer TriMed suffers data breach

Peppa Pig and Transformers owner Hasbro hit by cyber-attack

Pepperell, Massachusetts, Probes Cyber Attack on Staff Systems

Ransomware Attack Hits Minot Water Treatment Plant

Ransomware Groups Exploit Legit IT Tools to Bypass Antivirus

Roan and Eurocamp data breach exposes tourists to WhatsApp scams

Romania under daily barrage of cyberattacks, defense minister says

Routine Access Is Powering Modern Intrusions

Russian court sentences card fraud ring members to multiple years in prison

Security awareness is not a control: Rethinking human risk in enterprise security

South Korea: No-Fault Voice Phishing Liability Could Cost Financial Firms Up to 281.1 Billion Won Annually

Sri Lanka: Postal Department warns of a phishing scam using fake website resembling official website

St. Joseph County data breach confirmed by I.T. department, no risk to residents

Suspected Iran-Nexus Password Spray Attack Targets Microsoft 365 Users in the UAE and Israel

The Arms Race is Already Over. You Just Don’t Know Which Side Won

Time is ticking for Hallmark: hackers threaten to expose 8 Million records

US Charges Uranium Crypto Exchange Hacker

Vantage Media AI Investigates 381GB Data Breach

Water treatment plant in North Dakota suffered ransomware attack

Western Australian local government entity lost $350,000 in phishing attack

WhatsApp notifies hundreds of users who installed a fake app made by government spyware maker

31st March - World Backup Day

A new WhatsApp phishing site goes live every 2 hours

AI Agents Are Democratizing Finance but Also Redefining Risk

Almost 22,000 residents of Apex were victims of data theft in a cybersecurity breach in 2024

Android Developer Verification Rollout Begins Ahead of September Enforcement

Android developers just got a new verification layer

Anthropic accidentally leaks Claude Code

Anthropic inadvertently leaks source code for Claude Code CLI tool

Apple counters ClickFix attacks with macOS Terminal warning

Apple’s macOS Tahoe Introduces Protection Against ClickFix Attacks

APT groups and ransomware gangs are turning Singapore into a prime cyber target

AVC-Livestock Data Breach Exposes Afghan Supply Chain Users

Axios npm Package Compromised in Supply Chain Attack

Axios npm packages backdoored in supply chain attack

Axios Supply Chain Attack Deploys Cross-Platform RAT

Axios Supply Chain Attack Exposes Developers to Hidden Malware

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Banking tech data breach exposes 672K in ransomware attack

CareCloud Data Breach: Hackers Access IT Systems, Steal Patient Data

CareCloud Data Breach - Hackers Accessed IT Infrastructure and Stole Patient Data

CareCloud Data Breach Confirmed, Patient Records Potentially Exposed

CareCloud Data Breach Exposes Patient Data After Hackers Access IT Systems

CareCloud hit by breach, patient health records at risk

CareCloud Hit by Cyberattack, Probe Into Possible Data Exposure

CareCloud reports data breach after cyberattack disrupts EHR system

ChatGPT retrieved internal company files in 42 milliseconds when asked a single question

ChatGPT Security Issue Enabled Data Theft via Single Prompt

ChatGPT Vulnerability Allows Silent Exfiltration of User Prompts and Sensitive Data

CISA orders feds to patch actively exploited Citrix flaw by Thursday

CISA tells federal agencies to patch Citrix NetScaler bug by Thursday

Cisco source code stolen in Trivy-linked development environment breach

Claude AI finds Vim, Emacs RCE bugs that trigger on file open

Claude Code source code accidentally leaked in NPM package

Code trust crisis: Is it safe to update your system during an active supply chain attack?

Critical compromise: Axios NPM library with 100 Million weekly downloads is delivering malware

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

Crypto industry may be running out of time to prepare for quantum attacks

Cyber attack forces Dutch Finance Ministry to suspend Treasury banking services

Cybersecurity in Singapore’s schools: Threats, GenAI risks and the path to resilience

Data Breach Reported by Orthopedic Implant Manufacturer TriMed

Department of Justice (DOJ) Indicts Seven in Global Ransomware Network That Extorted $200 Million From U.S. Hospitals

Dubai International Airport Suffers Alleged Data Breach

Dutch Finance Ministry takes treasury banking portal offline after breach

Dutch Ministry of Finance Takes Systems Offline Following Cyberattack

Employee Data Breaches Surge to Seven-Year High

European Commission Confirms Data Breach

European Commission confirms data breach following cyberattack on Europa platform

EvilTokens Emerges as New Phishing-as-a-Service Platform for Microsoft Account Takeover

EvilTokens Launches New Phishing Service Targeting Microsoft Accounts

EvilTokens ramps up device code phishing targeting Microsoft 365 users

GIGABYTE Control Center vulnerable to arbitrary file write flaw

Google Drive Adds AI Ransomware Detection and Recovery

Google Drive becomes immune to Ransomware Attacks

Google Drive Expands AI Ransomware Detection, File Recovery to More Users

Google Drive just rolled out new tools to protect you from ransomware - here's how they work

Google Drive now detects ransomware and auto-restores your files

Google Drive now detects ransomware and helps restore affected files

Google Drive's AI Ransomware Detection Is Now Available for All Workspace Users

Google Drive's AI Security Upgrade Detects Ransomware And Prevents File Corruption

Google Drive’s AI Shield Takes on Ransomware in Real Time

Google Drive's Ransomware Detection and File Restoration Feature is Now Generally Available

Google Introduces Advanced Ransomware Defense and Recovery Features in Drive

Google links Axios supply chain attack to North Korean group

Google Unveils Ransomware Detection and File Recovery for Google Drive

Google Unveils Ransomware Detection and File Restoration for Google Drive

Hacker charged with stealing $53 million from Uranium crypto exchange

Hacker stripped more than $50 million from Uranium crypto exchange, spent it on trading cards

Hacker Tries to Spread Malware to Millions by Hitting 'Axios NPM' Software

Hackers compromise Axios npm package to drop cross-platform malware

Hackers exploit LinkedIn message alerts to hijack your login credentials

Hackers hit Minot water treatment plant server in ransomware case, FBI investigating

Hackers Poison Axios npm Package with 100 Million Weekly Downloads

Hackers Weaponize Legitimate Windows Tools to Disable Antivirus Before Ransomware Attacks

Health data giant CareCloud says hackers accessed patients’ medical records

Healthcare tech firm CareCloud admits data breach, says hackers accessed patient info - here's what we know

Illicit LNK files deploy Russian CTRL toolkit

Intesa Sanpaolo Data Breach Exposes 3,500+ Customers, Draws €31.8 Million Penalty

Intesa Sanpaolo Faces Multi-Million Euro Penalty Over Data Breach

Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations

Iran-linked hackers breach FBI director's personal email, publish photos and documents

Iranian hackers target US critical infrastructure through ransomware proxies

Italian bank Intesa Sanpaolo SpA fined €31.8m over data protection failures

Italy data protection agency fines Intesa Sanpaolo $36 million over data breach

KaleaMarket Data Breach Exposes Information of 20,000 Users

Kaspersky uncovers phishing campaign exploiting legitimate no-code platform

Kaspersky Warns of a New Phishing Technique Leveraging Bubble, a No-Code AI Platform

Korea Internet & Security Agency (KISA) Launches Dedicated Ransomware Task Force for End-to-End Response

Korea Internet & Security Agency Launches Ransomware Full-Cycle Response Task Force

Korea Internet & Security Agency (KISA) launches ransomware lifecycle response task force

Maryland Man Charged Over $53m Uranium Finance Crypto Hack

Mercor says it was hit by cyberattack tied to compromise of open-source LiteLLM project

Minot Water Treatment Plant hit by ransomware; water remained safe

National Cyber Security Centre (NCSC) Urges Immediate Patching of F5 BIG-IP Bug

Nearly half a million customers hit by Lloyds IT glitch that exposed transaction data

Nearly half a Million mobile customers of Lloyds Banking Group affected by security incident

New criminal service plans to monetize data stolen by ransomware gangs

New North Korean AI Hiring Scheme Targets US Companies

New Ukrainian CERT-spoofing phishing campaign delivers RAT

North Korean hackers blamed for hijacking popular Axios open source project to spread malware

Novel DeepLoad Malware Campaign: ClickFix and Possible AI-Backed Evasion

Only one in five people back up their data: Germany warns most risk losing everything

Pakistan Telecommunication Authority (PTA) Warns Citizens Against Rising Phishing Scams

Pakistan Telecommunication Authority (PTA) Warns Over Surge in Phishing Scams Across Pakistan

Palacios Marine & Industrial Coatings Data Breach Exposes SSNs

Phantom Project Bundles Infostealer, Crypter and RAT For Sale

Pro-Russian hackers pose as Ukraine's cyber agency to target government, businesses

ProxyCare Inc Data Breach Exposes Social Security numbers

Qilin Ransomware allegedly breached chemical manufacturer giant Dow Inc

Ransomware in 2025: Blending in is the strategy

Ransomware now taking aim at personal backups

Russian Hacker Sentenced in Federal Cybercrime Case

Silver Fox Expands Asia Cyber Campaign with AtlasCross RAT and Fake Domains

South Korea: 13 Billion Won Voice Phishing Gang Arrested for Impersonating Officials

Sri Lanka: Postal department warns of surge in online phishing scams

State Tax Commission Fails To Notice Data Breach for 18 Months - Taxpayers’ Names and Social Security Numbers at Risk

Statistics South Africa (Stats SA) Data Breach: What Happened and Who Is at Risk

Statistics South Africa (Stats SA) Data Breach Puts Job Seekers at Risk as Agency Refuses R1.7 Million Ransom

Statistics South Africa (Stats SA) downplaying a data breach on its system

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Tax Season Means Phishing Season: How Individuals and Businesses Can Protect Themselves

TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets

The 10 Cybersecurity Trends and Terrors of 2026

The Death of the SIEM: Why Modern Security Demands a New Data Strategy

The Quantum Clock is Ticking and Your Encryption is Running Out of Time

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

U.S. Authorities Charge Hacker Behind $54 Million Uranium Finance Hack

Uranium Finance Hacker Charged in $54 Million DeFi Exploit, Faces 30-Year Prison Sentence

US indicts Maryland man for 2021 theft of $54 million from Uranium Finance

Venom Stealer touts fully automated malware pipeline for $250 a month, bypasses browser encryption

Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts

What Makes Browser Hijacking a Silent Threat To Organizations?

Why I’m done calling humans the weakest link

Windows Tools Abused to Kill AV Ahead of Ransomware Attacks

World Backup Day warnings over ransomware resilience gaps

Zero-Day Alert: Claude AI Finds Critical RCE Bugs in Vim and Emacs

30th March

3 red flags that job posting is a scam - and how to verify safely

15-Year-Old strongSwan Flaw Lets Attackers Crash VPNs via Integer Underflow

22,000 people identified in Apex, North Carolina ransomware case

Abacel SA Data Breach Exposes Over 500,000 User Records

Acme Truck Line Data Breach Exposes Sensitive Info Including SSNs and Financial Accounts

Advantage Gold Data Breach Exposes PII of 7,960 Clients

AI-driven phishing can adapt, learn, and strike without human input

AI-Powered Phishing Campaign Compromises Hundreds of Organizations

Ajax silenced hacker who found 2017 data breach

Alleged FenĂ­e EnergĂ­a Data Breach May Have Exposed 1.7 Million Customer Records

Alp-001 Ransomware Hits KOB, Knewin, Kyocera, Lacor & Polsat

Apple adds macOS Terminal warning to block ClickFix attacks

Apple will hide your email address from apps and websites, but not cops

Aroostook Mental Health Services (AMHC) Ransomware Attack Affects Operations: Compromised Data Currently Unknown

Builders FirstSource Data Breach Exposes Health Information for Individuals

California woman files class action lawsuit against Nike after data breach

City of Arab recovers $431K after recreation center payment scam

Clickrent.es Suffers Alleged 2.5 Million Record Data Breach

Co-Op Chief Steps Down As Hack Leads To £125 million Loss

Critical Citrix NetScaler memory flaw actively exploited in attacks

Critical Citrix NetScaler Vulnerability Exploited in the Wild

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

Critical Fortinet FortiClient EMS flaw now exploited in attacks

Cybercriminals Exploit Tax Season With New Phishing Tactics

Dark Web Market Lists Alleged 375TB Lockheed Martin Data for $600 Million

Data breach affirmed by European Commission after ShinyHunters claims

DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

Doctor.com Ransomware Attack: Qilin Claims 205GB Data Breach

Don’t count on government guidance after a smart home breach

Email authentication in 2026: What every organization still gets wrong

Email burnout is increasing phishing and fraud risks for small businesses. What you need to know

Enterprises and SMEs Data Recovery Problem: Make Data Resilience Your Superpower

EU investigates cyber attack targeting Commission websites

European Commission Confirms Cloud Data Breach

European Commission confirms data breach after attack on cloud infrastructure

European Commission confirms data breach after Europa.eu hack

European Commission confirms data breach as ShinyHunters group claims responsibility

European Commission Confirms Data Breach, ShinyHunters Claim Credit

European Commission confirms platform data breach - admits 'data has been taken' from official websites

European Commission data breach via ShinyHunters Cyber Attack

European Commission downplays ShinyHunters cyberattack impact

European Commission responds to cyber-attack on its Europa web platform

Exitium Ransomware Attack Hits IKRON and Ming Hwei Energy

Exposed Server Leaks TheGentlemen Ransomware Toolkit, Credentials, and Ngrok Tokens

Exposed Server Reveals TheGentlemen Ransomware Toolkit, Victim Credentials, and Ngrok Tokens

FIFA World Cup 2026: A Match Between Fans and Scammers

Glass Manufacturer Reaches Preliminary Settlement Over 2023 Data Breach

Google Drive has some new tricks to help if you get hit by a ransomware attack

Hacker Claim Huge Breach of China’s Most Secure Supercomputer

Hackers Circle Citrix NetScaler Flaw Within Hours of Disclosure

Hackers demand ransom in Stats SA data breach

Hackers Impersonate Ukrainian CERT to Plant a RAT on Government, Hospital Networks

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

Healthcare IT Platform CareCloud Probing Potential Data Breach

Healthcare software firm CareCloud informs Securities and Exchange Commission (SEC) of potential patient data leak

Healthcare tech firm CareCloud says hackers stole patient data

How businesses can defend themselves against the rise of ‘phishing as a service’

How Does The EU Data Breach Impact The UK?

Illicit SVG images harnessed by BianLian ransomware gang

Inc Ransomware Breaches Conveyors, Inc. and Greenology Products

Income Property Management (IPM) Data Breach Exposes Social Security Numbers and Other Personal Info

Information Commissioner’s Office (ICO) Fines UK Nuisance Call Scammers £100,000

Intesa Sanpaolo Fined $36.4 million Over Data Breach, Exposing Gaps in Banking Cybersecurity Controls

Iran-Linked Hackers Breach FBI Director Kash Patel’s Email, Leak Messages Online

It looks bad: inside ShinyHunters’ European Commission data breach

Italian regulator fines financial giant $36 million for data protection failures

Italy: Data Protection Authority fines Intesa Sanpaolo €31.8 million for data breach

Italy Data Protection Agency Fines Intesa Sanpaolo $36 Million Over Data Breach

Jackson County Sheriff’s Office rebuilding from "Ground Zero" after ransomware attack

LakeMonster Data Breach Exposes Over 60,000 User Records

LanguageLine Solutions Data Breach Exposes Sensitive Info

Liberty data breach underscores urgent need for corporate cybersecurity overhaul

Lloyds IT Glitch Exposed Data of Nearly 500,000 Banking Customers

Lockheed Martin Hit by Data Breach Claims Amid Engineer Job Rejections

Louis Vuitton hit with another class action in Salesforce-related data breach

Major phishing campaign on GitHub using fake security alerts

Match’s OkCupid hit with 20-year privacy crackdown after sharing users’ private photos with AI firm

Millions of UK iPhone users locked into “child by default” mode in age verification debacle

Mobilelink Data Breach Affects 12k: SSNs Exposed

Nearly 22,000 Apex residents had information stolen in 2024 cybersecurity attack

New RoadK1ll WebSocket implant used to pivot on breached networks

New Russian spear-phishing campaign weaponizes DarkSword iOS exploit kit

Nike sued over data breach, allegedly exposed credit card information

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

OpenAI Codex Vulnerability Exposes GitHub Credentials via Command Injection

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

Permitting Scammers Target Residents in Plainfield, Connecticut

Phishing ZIP Files Deliver PXA Stealer To Financial Sector Targets

Portal Agenda Data Breach Impacts 350,000 Records

Pro-Iranian Hacker Challenges US Security, FBI Boss's Personal Email Hacked

Quantum vs classical AI: Traditional models still lead in phishing detection

Researchers warn that macOS users face browser credential-stealing attack

Rogers, Fido customer info accessed in data breach

Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave

Russian court sentences notorious card fraud ringleader ‘Flint’ and 25 associates

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Second data breach at European Commission this year leaves open questions over resilience

Smart Homes Are Getting Smarter - But Post-Breach Guidance Is Falling Behind

South Africa: Stats SA confirms data breach as hackers demand R1.7 million ransom

South Africa: Stats SA confirms data breach, hackers demand R1.7 million ransom

South Africa: Stats SA confirms data breach, hackers demand ransom

South Africa: Stats SA Hit by Cyberattack: Hackers Demand R1.7 Million Ransom for 154GB of Stolen Data

South Africa: Stats SA hit by ransomware attack

South Korea: Baemin Apologizes for Data Breach by Undercover Criminal at Outsourced Call Center

South Korea: Lawmaker Proposes Bill to Combat SNS Phishing From Abroad

Southampton School Closed For Days Following Hack

State Department reissues $10 million reward for info on Iranian hackers

Statistics South Africa (Stats SA) confirms HR database hacked

Statistics South Africa (Stats SA) Data Breach Raises Security Concerns

Statistics South Africa hit by ransomware attack

Statistics South Africa (Stats SA) Hit by Ransomware Attack, Hackers Claim Theft of 450,000 Files

Statistics South Africa (Stats SA) suffers ransomware attack exposing jobseekers’ personal data

Steakhouse Financial Alerts Users of Active Phishing Attack

Steakhouse Financial front-end breach exposes users to phishing scam

Steakhouse Financial suffers attack, customers asked not to engage

Sterling Seacrest Pritchard: 7,420 Affected by Breach

TeamPCP Uses Fake Ringtone File in Tainted Telnyx SDK to Steal Credentials

TeamPCP’s attack spree slows, but threat escalates with ransomware pivot

The Phone Call is the New Phishing Email

Think Your Backups Will Save You? Ransomware Gangs Are Coming For Them Now

This ChatGPT flaw could send confidential info to attackers with just one prompt

Three China-Linked Clusters Target Southeast Asian Government in 2025 Cyber Campaign

TriMed Data Breach Exposes Sensitive Personal and Medical Info

Ukraine Inclusive Resource Center Suffers Data Breach

Voice Phishing Statistics 2026: Startling Data

Why risk alone doesn’t get you to yes

Woodfords Data Breach Exposes PII and PHI of 8,073 Individuals

Woodfords Family Services Notifies Patients Affected by April 2024 Ransomware Attack

Zero-click vulnerability afflicts Telegram, allows full device takeover through animated stickers

Posted by at
Labels:
Subscribe to: Comments (Atom)