Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.



Wednesday, 8 July 2026

Ransomware Operator Claims - Week 27 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 29th June and 5th July 2026, kindly assisted by our partners.

DBD discovered and researched 168 Ransomware Victims over 41 Countries and Islands claimed by 35 Data-Leaking Ransomware Operators, including 2 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.


Monday, 6 July 2026

Data Breaches Digest - Week 28 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 6th July and 12th July 2026.


9th July

75% of CISOs Fear Executives Don’t Understand Cybersecurity Risks Employees Face

5,811 arrests, $293 million seized over social engineering scams

A single malware file can outweigh an entire AI dataset

Accenture faces massive data breach that could put clients at risk

Accenture Hit by Data Breach, Hacker Claims Theft of 35 GB Source Code

Accenture responds to data breach following hacker claims

Agentic Botnets Attack Uses HalluSquatting to Hijack AI Coding Assistants

AI agents are behaving more like hackers. Security teams say that's just the beginning

AI Ransomware That Adapted on the Fly, What JadePuffer Reveals About the Next Threat

All about JadePuffer and why world’s first AI-ransomware attack needed a human

AssuranceAmerica data breach exposes records of 6.9 million drivers

AssuranceAmerica Data Breach via Compromised Employee Account Exposes 7 Million Driver’s License Numbers

Australia & New Zealand phishing risk drops after training

CERT Warns of Unpatched Tenda Firmware Backdoor Allowing Admin Access

China Flags Alleged Backdoor in Anthropic’s Claude Code, Citing Data Transmission Risks

Chinese-Funded Interpol Cybercrime Crackdown Leads to 5,800 Arrests

Coupang Data Breach Pushes Korean Retailers to Prioritize Information Security

Critical bugs enable hackers to take control of Ubiquiti devices

Crypto User Loses $999,999 in USDT to One Phishing Signature: How to Stay Safe

Cybercriminals Plant Malicious AI Agents in Open Source Tool Repositories

Deutsche Bank probes supplier cyber incident after ransomware gang claims breach

Ethereum phishing scam drains nearly $1 million from crypto wallet

Ethereum User Loses Nearly $1 Million USDT in Phishing Scam

EU drags 4 nations to court over cybersecurity law they ignored for months

EU takes member states to court over unimplemented cybersecurity law

Europe launches AI test platform to find cybersecurity flaws in hospitals, banks, and power grids

European Parliament Rejects Motion to Block Chat Control Extension Proposal as Privacy Concerns Continue

Everest Ransomware Uses Wake-on-LAN to Wake Dormant Hosts Before Encryption

Fake 7-Zip Installers Turn Devices Into Residential Proxy Nodes

Fake Chinese VPN Drops GoodPersonRAT With Keylogging, Proxying, and Telegram Theft

Fake IT Helpdesk Attack Uses Microsoft Teams to Push SNOW Malware Patch

Fake Microsoft Passkey Flow Uses BIP-39 Seed Phrase Distraction During Account Takeover

Friendly Fire Exploit Shows AI Coding Agents Can Be Tricked Into Running Malicious Code During Security Reviews

Ghost Phishing Emerges: EvilTokens Campaign Hides Malicious Pages Until They Materialize in Victims' Browsers

GhostApproval Flaw Hits Six Major AI Coding Assistants

GhostApproval Flaws Let Top AI Coding Tools Write Outside Workspaces

GhostApproval Symlink Flaws Could Let Malicious Repos Run Code in AI Coding Agents

GitHub Copilot Backends Produce Unsafe Code Outputs Through Workflow Jailbreaks

GitLab Patch Release Fixes Affecting Community Edition (CE) and Enterprise Edition (EE) Installations

GodDamn Ransomware Uses PoisonX Driver to Disable Endpoint Defenses

Google Chrome Update Fixes 27 Security Flaws, Including Critical Use-After-Free (UAF) Bugs

Hackers Use Device Code Phishing to Replay Sessions and Register Multi-Factor Authentication (MFA) for Persistence

India: Cyber attack suspected as Kerala Police internal file system goes offline

Infoblox Uncovers Long-Running Fake Software and VPN Campaign That Turns Victims’ Devices Into Proxy Nodes

JadePuffer: the first case of a full-fledged autonomous cyber attack using agent AI

LocknLock Fined 500 Million Won Over 1.3 Million-User Data Breach

Malicious AI agent skills can slip past the scanners built to stop them

Malicious npm and PyPI Packages Target Payment Developers With Fake SDK Facades

Messaging fraud trends point to smarter attacks, stronger blocking

Meta's New AI Image Tool Lets Others Use Your Public Instagram Photos in AI Images

Microsoft 365 Users Targeted in Entra Passkey Voice Phishing Attack

Microsoft Patches RoguePlanet Defender Flaw That Can Grant SYSTEM Privileges

Microsoft patches RoguePlanet Defender zero-day vulnerability

Microsoft releases fix for RoguePlanet Defender flaw (CVE-2026-50656)

Millions Exposed: AssuranceAmerica Data Breach Spills 7 Million Driver's License and Insurance Records

New AI Security Charter Backed by Over 70 Cyber Firms

NHS Forth Valley admit personal details of 150 women shared in data breach

O-UNC-066 Vishing Campaign Abuses Microsoft Entra Passkey Enrollment

Palo Alto PAN-OS Buffer Overflow Flaws Could Let Attackers Execute Code

Police arrest 5,800 suspects in global anti-fraud crackdown

Teenager uses ChatGPT to breach Bandai’s streaming service

The fake report message that ends with a stolen Reddit account

The Good Hackers Security Leaders Can’t Afford to Ignore

Top AI Agents Built to Catch Malicious Code Can Be Tricked Into Running It

Universidad de Monterrey (UDEM) Database Allegedly for Sale on Underground Forum

US agency pays $1 Million ransom after month-long negotiations

Wireshark 4.6.7 Fixes 12 Security Issues Across SSH, IEEE 802.11, Catapult DCT2000 and Other Protocols

Wireshark 4.6.7 patches a dozen security flaws

8th July

6 Data Breaches to Know About in June 2026

6.9 million US driver's license records exposed in latest insurance breach

15-Year-Old GhostLock Flaw Enables Root and Container Escape on Most Linux Distros

17 npm, PyPI Packages Found Typosquatting Payment SDKs PaySafe, Skrill, and Neteller

23andMe breach victims land $47 million payout from firm’s new owner

23andMe data breach victims to receive $46.75 million payout

23andMe data breach victims win court approval for a $46.75 million settlement

35GB of Accenture secrets appear on hacker forum, company confirms incident

A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach

Accenture Acknowledges Security Breach Following Claims of Stolen Data Sale

Accenture acknowledges security incident following 35GB data theft claim

Accenture Confirms Breach After Hacker Lists Stolen Data

Accenture Confirms Breach After Hackers Claim Source Code Theft

Accenture Confirms Breach After Threat Actor Claims Source Code Theft

Accenture Confirms Data Breach After Hacker Claims Source Code Theft

Accenture Confirms Security Breach as Hacker Claims Theft of 35GB Source Code, Sensitive Credentials

Accenture Confirms Security Incident After Hacker Claims Data Haul

AdaptHealth Investigates Data Breach After Social Engineering Attack, Possible Link to ShinyHunters Emerges

Agentic ransomware removes hackers from the keyboard

AI agent carries out full ransomware attack for first time, researchers say

AI Coding Agents Are Triggering Security Alerts Designed to Catch Attackers, Sophos Reports

AI has changed phishing, not the importance of human judgment

AI increases the dangers of phishing and cyberattacks, says Dutch data authority

AI increases the risks of cyberattacks

An AI Agent Ran a Ransomware Attack by Itself. It Forgot to Save the Key

Another massive data breach exposed millions of driver’s license numbers

Armored Likho Hits Government, Energy Sectors With BusySnake Stealer

Arrest and extradition of Scattered Spider hacker shines light on how Windows telemetry GDIDs can identify and track users - Microsoft device identifier is just one digital fingerprint in a software world rife with them

Attackers Can Abuse Claude Desktop to Execute Commands on Victim Machines

Attackers using Langflow flaw for credential harvesting (CVE-2026-55255)

Australia: Teletrac Navman GPS data advertised on hacking forum

Behind JadePuffer: The First Agentic AI Ransomware

Belgium: Plan to combat phishing - lower transfer limits, a waiting period before limits are increased and faster complaint processing

Canada: Belleville rectifying data breach made through GIS mapping system

Canada: Hacker accessed ‘limited amount of data’ during cybersecurity breach, City of Thorold says

Canada: Proposed class action targets school board over Rosemere High School data breach

Canada’s Communications Security Establishment (CSE) report details rising cyber threats, ransomware investigations, critical infrastructure protection efforts

Cash App owner to pay $45 million to settle allegations of lax security

Centrelink phishing email leads to fake myGov login and identity‑verification pages

China Claims “Backdoor” Security Risk in Claude Code, Anthropic Responds

China issues 'backdoor' security alert over Anthropic's Claude Code

China-Linked APT Expands Proxy Network With New Malware

China-Linked UAT-7810 Expands Operational Relay Box (ORB) Network With New LONGLEASH Malware

Chinese solar inverters can be remotely hacked to shut down rooftop panels, research suggests

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to Known Exploited Vulnerabilities (KEV)

CISA orders federal agencies to patch max severity ColdFusion flaw by Friday

CISA orders federal agencies to prioritize patching Langflow authentication bypass flaw

Cloud AI Infrastructure Attack Framework (CAI) Cloud Worm Steals Credentials, Kills Rival TeamPCP and PCPJack Malware

Cybersecurity and the Gap Between Skill and Ability

Data Security Incidents Announced by Park Dental Research Corp; Wabi Sabi Behavioral Health Center

DeepSeek accidentally built a working ransomware strain, experts note, 'What we are witnessing is a fundamental shift in how novel cyber attacks are born'

Deutsche Bank faces new breach claims after ransomware group posts employee data samples

Digital Asset Exchange Alliance (DAXA) Alerts Public to Phishing Sites Targeting South Korean Crypto Exchange Users

Entra passkey enrollment vishing targets Microsoft 365 users

EU requires all new cars to have cameras facing the driver’s face to monitor their behavior

European cloud provider Nextcloud leaks 367K records, exposing staff and clients

Experts warn of the 'first documented case of agentic ransomware' - dangerous JADEPUFFER attack run entirely by an LLM

Fake Job Offers Impersonate Netflix, OpenAI, and FIFA to Steal Google Credentials

Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

Finding Flaws Got Easy. That Broke How We Measure Exposure

First AI-Agent Ransomware Destroyed Data Even Payment Could Not Recover

First AI-powered ransomware attack detected - self-corrected coding errors in 31 seconds

First Financial Security Paying $1,200,000 In Data Breach Settlement For October 2023 Incident

Forget GDID: your PC has a hardware-baked permanent identifier that you cannot erase

Ghost Phishing Campaign Exploits Browser Blind Spot to Target Microsoft 365 Accounts

GitHub Copilot Refuses Harmful Requests in Chat, Then Writes Them in Code

Greek victims file lawsuit against Intellexa over Predator spyware

Hacker Claims Accenture Breach Exposed Source Code, SSH Keys, and Azure Tokens

Hackers exploit Roundcube flaw to spy on academic researchers

Hackers Turn Facebook Messenger Chatbots Into Phishing Weapon to Steal Meta Business Accounts

How Faster Cyber-Attacks Are Reshaping Enterprise Cybersecurity Strategies

HR Firm in Wisconsin Settling Data Breach Lawsuit For $775,000 In Cash Payouts To Victims

Indian Income Tax Department Phishing Lure Deploys Gh0st RAT and AsyncRAT Implants

JadePuffer: Did ‘First AI-Driven Ransomware’ Still Needed Human Planning?

'JadePuffer' AI Executes World's First Fully Autonomous Ransomware Attack

Januscape Flaw in Linux KVM’s MMU Code Enables VM Escape on Intel and AMD

Job Recruitment Phishing Campaign Uses Major Brands to Steal Google Credentials

Judge approves $46.75 million payout for 23andMe data breach victims

Kaspersky uncovers new malware linked to Gentlemen ransomware

Lufkin accounting firm listed by Akira ransomware group

Lumexa data breach exposes medical records of Butte residents

Maritime cyber incidents rise 17% as phishing, AI and Operational Technology (OT) risks reshape the threat landscape

Mercado Libre hit by ransomware attack

Mercor ups cybersecurity after data breach investigation

Mid-South Pulmonary Data Breach Exposes PHI and PII

Millions of Driver’s License Numbers Exposed in Massive Data Breach

Mount Royal University confirms breach as hackers claim attack

Mount Royal University Data Breach Confirmed After June Cyberattack Exposes Student and Employee Files

National Cyber Security Centre (NCSC) Touts National Scale, AI-Powered “Cyber Shield” for Defense

Nearly 7 Million Driver’s License Numbers Were Exposed in Another Data Breach

New Ghost Phishing Wave Is Breaking Traditional Email Security

New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware

New Malicious Campaign Delivers Vidar Infostealer and Monero Crypto Miner

New phishing campaign impersonates to steal Google credentials

New Research Details How FBI Uncovered Alleged Scattered Spider Member

Oracle Health Data Breach Hits Over 2.6 Million Individuals

Philadelphia Law Giant Fooled By Fake IT Call, 57,000 Clients Left Exposed

Pro-Russian hacker caught: How he coordinated attacks on airports, banks and government sites

RedWing Android Spyware Sold as a Service on Telegram

Roland Machinery Data Breach Exposes Social Security Numbers and Fiancnial Account Info

Russia targets Elon Musk's Starlink with powerful jammers to stop Ukraine drones

Scammers Have Found a Vulnerability in Email: How the New Phishing Scheme Works

SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users

Screaming demon shrimp flowers fuel AI seed scams on eBay, Etsy and Amazon

Simple Human Error Leads to Major Blank Rome Data Breach

Spain arrests alleged supporter of pro-Russian hacktivist groups after FBI tip

Sysdig Discovers First Fully Autonomous AI Ransomware Attack

Taiwan charges two businessmen over alleged role in Chinese espionage campaign

Targeted phishing attacks on manufacturing companies

Telco giant KDDI says data breach affects over 12 million people

The first 5 cybersecurity measures every small business should take

‘The Gentlemen’ Ransomware Group Aggressively Expands Technical Arsenal

The state of New York bans smart glasses

The teenage millionaire hacker from Tower Hamlets who took down Transport for London (TfL)

The Verification Step Is the New Account Takeover (ATO) Battleground in 2026

This latest frightening ransomware attack was orchestrated entirely by an LLM

This Massive Data Breach Compromised Nearly 7 Million Driver's Licenses

Thousands of malicious AI skills found capable of stealing data, running malware

Threat Actors Uses Agentic AI to Rapidly Compromise Cloud Target

Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS

Ubiquiti warns of new max severity UniFi OS vulnerability

Ukraine: Phishing links are being spread on the Internet under the guise of payments for power outages

United HealthCare Data Breach Affects 34,574 Individuals

UNK_MassTraction Exploits Roundcube Flaws Against US, Canadian Universities

Unsafe Ransomware allegedly targets Deutsche Bank

US Army websites defaced in 404 hijacking attack to post messages about Trump

Victims of 23andMe data breach to get $47 million payout, judge rules

Why Bangladesh’s new data protection law may fail to protect your data

Windows Device ID in Hacking Case Raises Questions About Enterprise Telemetry

World’s first agentic AI ransomware attack, and an unchartered territory

7th July

"35 GB of Accenture for Sale": Hacker claims source code and credentials theft

A hacker’s arrest just revealed how Microsoft can track your Windows device

Accenture confirms breach after hacker offers stolen data for sale

Accenture Data Allegedly Listed for Sale on Hacking Forum, 35GB Source Code Claimed Stolen

Agentic ransomware attacks show LLM ‘narrating its own intent the entire way’

AI agent carries out 'first' ransomware attack

AI agent executes first known ransomware attack, but the humans haven’t left the building

AI Agent Used in Real-World Ransomware Attack, Sysdig Researchers Say

AI can now run ransomware attacks alone - as long as a human sets it up first

AI Security Incident - JadePuffer Ransomware Leverages AI Agent to Automate Attacks

An AI Agent Ran a Ransomware Attack Almost Entirely by Itself

AnyDesk Phishing Attack Uses Scheduled Task Persistence and Artifact Deletion to Evade Detection

Attackers Exfiltrate AnyDesk Configuration Data via Blat SMTP in Aerospace Phishing Campaign

Attackers exploit critical Adobe ColdFusion vulnerability (CVE-2026-48282)

Australia records highest data breach notifications since 2018

BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and Privileged Remote Access (PRA)

BeyondTrust Patches Critical Remote Support and Privileged Remote Access Flaws

BeyondTrust warns of critical flaws in remote access software

Big Brand Jobs Scam Targets Marketing Pros' Google Accounts

Blank Rome hit with twin class actions over data breach affecting more than 57,000 clients

Blank Rome Hit With Two Class Actions After Data Breach Exposes 57,000 Clients

Blank Rome sued over data breach that exposed more than 57K people's information

Britain plans to build autonomous AI 'Cyber Shield' to defend nation

Calibrated Healthcare Settles Class Action Data Breach Lawsuit

Can You Trust Your Staff To Spot A Sophisticated Phishing Email?

Canada's Spy Agency Reveals Secret Cyber Strikes on Drug Traffickers, Extremists and Ransomware Networks

CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware

Chinese hackers develop LONGLEASH malware to expand Operational Relay Box (ORB) network

Chittenden Solid Waste District to Recoup Much of the $3 Million Lost in Phishing Scheme

Court Approves $46 Million 23andMe Settlement For 2023 Data Breach Victims

Court Filing Reveals Windows Device ID Helped FBI Trace Alleged Scattered Spider Hacker

Critical Linux KVM bug lets hackers take over servers for 16 years

Cybercrime Statistics in UK for 2025 - How to Protect Your Business

DEBULL Tooling Abuses Microsoft Device-Code Flow to Target M365 Accounts

Delivery drivers losing tens of thousands to phishing scam across Australia

Department of Homeland Security Investigating a Data Breach

Deutsche Bank data breach fears rise after ransomware group posts “evidence”

Device Code Phishing Abuses Microsoft OAuth 2.0 to Steal Tokens

Dutch spy agencies are training AI with citizens’ data, watchdog warns

EtherRAT Campaign Uses Fake System Administrator Teams Call to Compromise Employees

Fake Interview Phishing Campaign Impersonates Top Brands to Steal Gmail Credentials

Fake recruiters from Adidas, Netflix, Adobe are stealing passwords

FBI and Spanish Police Arrest Alleged Cyber Army of Russia Reborn Member

FBI helps Chittenden Solid Waste District recover $2.3 million lost in phishing scam

First AI Ransomware Attack Still Needed Human Oversight

Five Eyes Intelligence warns of rising AI-Powered Cyber Attacks on Businesses and Governments

Gemini Live API Flaw Lets Attackers Inject Code Execution Through Unconstrained Tokens

GitLost: GitHub’s AI Agent Tricked Into Leaking Private Repository Data

GitLost Attack Uses GitHub Issues to Exfiltrate Private Repo Data Through AI Agent Comments

Gmail Credential Phishing Campaign Uses Nested Redirects Across Legitimate Platforms

Hacked, leaked, and held for ransom: The worst breaches of 2026 so far

Hackers Exploit Maximum Severity Adobe ColdFusion Flaw

Hackers Use Recruiter Phishing Emails and Fake Career Pages to Harvest Gmail Logins

Hackers Use uxtheme.dll Sideloading to Launch Cavern Agent on Compromised Systems

Hackers Use VNIIR-Themed Phishing Email to Install AnyDesk for Persistent Remote Access

Hacktivists call out Trump by hacking and defacing US Army websites

Heart of America Eye Care Data Breach Potentially Exposes PHI

Hidden backdoor in Tenda router firmware grants admin access

India probes Tata Electronics data breach linked to iPhone 18 Pro leak

Industry Alarmed as First Agentic AI Ransomware Attack Is Discovered, but There’s a Catch

Institute of Chartered Accountants of India (ICAI) denies data breach, calls hacking claims 'false and malicious'

Institute of Chartered Accountants of India (ICAI) Denies Student Records, Exam Data Breach; Warns Against Rumours

Iran-linked hacker group targets Israeli government agencies

Iran-linked hackers used Israeli IT providers to target government bodies

'It’s a marker of where extortion tradecraft is heading': Cyber experts say they've identified the first case of ‘agentic ransomware’ - but there’s a catch

JadePuffer: Sysdig Sniffs Out the First Agentic Ransomware

JADEPUFFER: The First Documented Agentic AI Ransomware Operation

JadePuffer Signals a New Era of AI-Driven Ransomware

Japanese Teen Arrested Over Bandai Channel ChatGPT-Assisted Cyberattack, Possibly Exposing up to 1.3 Million Users

Judge approves $46.75 million payout for 23andMe data breach victims

KDDI Corporation Breach Impacts 12.2 Million Customer Emails

Lake Region Healthcare reports data breach exposing patient information

Major Japanese telecommunications providers says cyberattack exposed 12 million emails

Markel Insurance Data Breach Exposes Both PHI and PII

Meta just launched a new AI generator, Muse Image, and users are already pushing back over use of their photos

Microsoft Edge Use-After-Free Flaw Lets Attackers Execute Code Remotely

Microsoft Windows telemetry identified hacker despite VPN use

Mount Royal University hit by ransomware attack on student and staff files

Mount Royal University ransomware attack compromised student, employee data

Mount Royal University (MRU) student, staff data stolen in ransomware cyberattack

New Iran-linked hacker group targets Israeli government agencies

New Iran-Linked Hacker Group Targets Israeli Government Networks

New Januscape Linux flaw allows VM escape on Intel, AMD devices

New TrojPix technique uses screen pixels to exfiltrate data from air-gapped computers

Nonprofits Are Quietly Becoming a Favorite Ransomware Target, and Most Can’t Afford to Notice

North Los Angeles County Regional Center Notifies Individuals About November 2024 Ransomware Attack

Notorious hacker's arrest sparks backlash over Microsoft’s excessive device tracking

Ohio Living Data Breach Compromises Medical Records and SSNs

Phishing campaign impersonates leading companies and steals Google accounts

Public GitHub Issue Could Trick GitHub Agentic Workflows Into Leaking Private Repo Data

Public Proof-of-Concept (PoC) Released for SharePoint Remote Code Execution Vulnerability

RedWing Malware-as-a-Service (MaaS) Packages Android Bank Fraud as a Telegram Rental Service

Researchers detect the world's first AI-driven ransomware attack: here’s what you need to know

Researchers Log the First Ransomware Attack Run Entirely by AI Agent

Researchers track down world's first AI agent ransomware attack, here's what you should know

Rogue Agent Flaw Could Have Let Attackers Hijack Google Dialogflow CX Chatbots

Scattered Spider’s Structure More Like a Cybercrime Collective Than a Unified Gang

SOCRadar links FortiBleed campaign targeting manufacturers to Lynx and INC ransomware attacks

Somerville company among victims of Russian phishing campaign headed by man arrested in Thailand and now facing charges in Boston, FBI says

Sophos Flags Vect-TeamPCP Cybercriminal Ransomware Alliance

South Korea: Unsolved Fraud Cases Surge 11-Fold Nationwide

Spain arrests suspected hacker linked to Russian hacktivist campaign

Spain arrests suspected member of pro-Russian hacktivist groups

Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities

Suspected Chinese Threat Group Targets Universities via Vulnerable Roundcube Servers

Sysdig Documents First Agentic Ransomware Attack

TeamPCP Supply Chain Attacks Feed VECT Ransomware With Stolen CI/CD Credentials

Teen allegedly used ChatGPT to wipe out 46,000 anime accounts

The 72 hours that decide a ransomware attack

The ‘first’ AI-run ransomware attack still needed a human: New details emerge

The First Ransomware Attack Run From Start To Finish By An AI Agent

The Gentlemen Ransomware Uses 21 Remote Execution Techniques to Spread Across Networks

The Gentlemen Ransomware With Custom EDR/AV Killers Scaling Faster to Attack Industries Worldwide

TriWest Data Breach Exposes Health Information

Two arrested over credit card phishing - as The Netherlands is named Europe's worst for payment fraud

Ubiquiti Disclosed 25 Security Vulnerabilities Including Injection and DoS Flaws

UK cyber pledge draws only a handful of top firms despite ministerial appeal

UK Government Launches Cyber Resilience Pledge, Claiming 60+ Signatories

US cyber agency uses Anthropic's Mythos to hunt for government code flaws

VECT and TeamPCP Reverse Ransomware Kill Chain With Supply Chain Credential Theft

What the First Autonomous AI Ransomware Attack Means for CISOs

Where Organizations Fall Short with Multi-Factor Authentication (MFA)

Why Bangladesh’s new data protection law may fail to protect your data

Why The Gentlemen ransomware is a test of identity and recovery controls

Why this fully agentic ransomware attack is giving researchers nightmares

Windows Device Identifier Helped FBI Trace and Arrest Alleged Scattered Spider Member

Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants

YKK AP America Data Breach Exposes Social Security Numbers and Financial Account Information

Your Windows PC has a secret ID number, and Microsoft just used one to unmask a hacker

6th July

16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

70,000 people affected in Singapore Land Authority (SLA) data breach

A Hacker's Arrest Reveals Microsoft Can Track Users Via a Windows Device ID

A new AI agent can hack systems and deploy ransomware without human intervention

AdaptHealth Data Breach Compromises Patient Personal and Health Info

AI agent carries out ransomware attack independently

AI agent completes full ransomware attack chain

AI Agent Conducts First Fully Autonomous Ransomware Attack

AI agent exploits Langflow in first fully autonomous ransomware attack

AI Agent Pulls Off Full Ransomware Attack Without Human Help, Researchers Say

AI Can Forge Documents in Minutes - “Looks Right” Is No Longer Enough

AI Independently Automated An Entire Ransomware Attack – Should We Be Concerned?

AI-Speed Attacks Are Forcing a Rethink of Incident Response

Attackers Use Password-Protected PDF Lures to Launch Microsoft Device Code Phishing

Australia: Data Breach Alerts Hit Record High in 2025

Australia: Film festival dumps address requirement after hack

Automated AI Phishing Networks Hijack Enterprise Systems Using Match Hype

Azure CLI Password Spray Attack Exposes Microsoft 365 MFA Gap

Bad Epoll Zero-Day Linux Kernel Flaw Lets Unprivileged Users Escalate to Root

Be careful entering one-time codes in Microsoft's login flow, you could be getting phished

Belgium: Police arrest 19-year-old suspected key player of international phishing network

Canada’s spy agency conducted state-authorized cyberattacks against drug traffickers and ransomware gangs

Canadian spy agency reports hacking three criminal groups in 2025

Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year

Centers for Dialysis Care Data Breach Impacts 8k People

ClickFix Scams Abuse Google, Cloudflare Checks to Deliver 7 Malware Families

ClickFix spear-phishing technique tops Q2 malware charts

Credit Acceptance Corp. Data Breach Exposes SSNs

Cyber Insurance Demand Jumps in 2026 as Ransomware Costs Keep Climbing

Cybersecurity Experts Warn: Your Biggest Risk May Be a Vendor, Not a Hacker

Cybersecurity firm says it found 'the first documented case' of AI agentic ransomware

Department of Homeland Security (DHS) Confirms Breach of Homeland Security Information Network

Fake Booking.com travel credit scam targets travelers

Fake IT support calls on Microsoft Teams push EtherRAT malware

FIFA World Cup Phishing Scam Uses Fake Reward Pages to Steal Credit Card Data

Finding focus: Strategic approach to cyber security for small and medium companies

First 'agentic ransomware' run entirely by a large language model discovered

First AI-run ransomware attack highlights emerging cyber threat landscape

First Autonomous AI Ransomware Attack Confirmed by Security Researchers

First Fully Autonomous AI Ransomware Campaign Raises the Stakes for Enterprise Cybersecurity

Gaslight Malware Abuses Prompt Injection to Trick Automated AI Cybersecurity Agents

Gibraltar: Attorney General denies Royal Gibraltar Police (RGP) request to prosecute former Police Commissioner for possible data breach

Go-Based Gentlemen Ransomware Uses PsExec, WMIC, and PowerShell Remoting for Network Propagation

Hackers Use Fake World Cup Reward Pages to Capture Names, Addresses, PAN, CVV, and Expiry Data

Hackers Use Trusted Microsoft Domain and One-Time Codes to Hijack Corporate Accounts

Henry Rossi Data Breach Exposes Social Security Numbers

Hong Kong: Two investors lost over $550k in fake Futu Securities phishing attack

How to prioritize AI agent security by business impact

INC Ransom Adds City of Acworth, Georgia, and City of Oak Park, Michigan, to Dark Web Leak Site

Indirect Prompt Injection Attacks Hide Malicious Instructions in Websites to Target AI Agents

Indirect Prompt Injection in Web Content Targets AI Agents

Institute of Chartered Accountants of India (ICAI) Dismisses Chartered Accountant (CA) Exam Data Breach Claims, Calls Viral Notice 'False and Malicious'

Institute of Chartered Accountants of India (ICAI) dismisses claims of data breach, says members' and students' records remain secure

Institute of Chartered Accountants of India (ICAI) dismisses viral 'data breach' notice as fake, says records of students and members remain secure

INTERPOL Report Warns of Sharp Rise in AI-Powered Cybercrime Across Asia-Pacific

Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

JadePuffer: The First Complete LLM-Driven Ransomware Attack

JADEPUFFER AI Can Break into Servers and Launch Ransomware All on its Own, Researchers Warn

JadePuffer Demonstrates How AI Agents Can Automate Ransomware Attack

JadePuffer seen in the wild: it may be the first fully autonomous ransomware

Japanese teen arrested over cyberattack that disrupted anime streaming service

Kaspersky Details Microsoft Device Code Phishing Attack Using OAuth Flow

KDDI Suffers Massive Data Breach: Up to 12.23 Million Email Addresses, 7.61 Million Passwords Leaked via ISP System Vulnerability

Lake Region Healthcare Data Breach Exposes Social Security Numbers and Health Information

Major medical device manufacturer notifies nearly 4 million of breach

Max severity Adobe ColdFusion flaw now exploited in attacks

Meet JadePuffer: The AI Ransomware That Can Hack Systems Without Human Help

Microsoft Device Code Phishing Attack Steals Tokens Through Legitimate Login Page

Microsoft device telemetry key to unmasking alleged Scattered Spider hacker

ModSecurity Flaws Let Attackers Bypass WAF Rules and Request-Body Inspection

Moody Bible Institute Data Breach Exposes 2.3 Million Email Addresses

Moody Bible Institute data breach exposes 2.3 million individuals

Moody Bible Institute Data Breach Exposes 2.3 Million Users’ Personal Data

National Crime Agency (NCA) Issues Warning to Parents As Shared Child Photos Exploited by AI Tools

New AI agent can hack systems and deploy ransomware without human help

New ClamAV security patch closes seven scanner bugs dating back two decades

New Iran-Nexus Hacking Group Targets Israel Government and IT Sectors

New Java-Based QuimaRAT Malware-as-a-Service (MaaS) Built to Run on Windows, Linux, and macOS

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

Nissan data breach in Oracle PeopleSoft attack offers cybersecurity lessons

'No hacker needed': New AI ransomware can automate database attacks from start to finish, warns cybersecurity firm

NTN Bearing Data Breach Compromises Information of Individuals in U.S.

OAuth, guest accounts, and weak MFA drive SaaS risk

One of Windows' most hated features just helped catch a 19-year-old hacker

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

Opera GX Flaw Let Sites Auto-Install Mods to Steal Data

Opera GX Universal CSS Injection Flaw Enabled Zero-Click XSLeak Attacks

Ousaban Banking Trojan Uses Daily-Changing DDNS Domains to Hide C2 Infrastructure

Pennington County, South Dakota, Closes Public Offices July 6 After Cybersecurity Incident Ahead of July 28 Runoff Election

Personal details of about 70,000 people exposed in Singapore Land Authority (SLA) cloud security incident, investigations ongoing

Phishing Campaigns Now Adapt to Victims’ Devices, Raising the Stakes for Enterprise Security

Phishing poses as big-brand job interview to steal Google accounts

Ransomware Campaign Uses Fake Interpol Notices to Target Small Businesses

Ransomware without borders: Why cyber resilience has become a global business imperative

RedLine C2 Pivot Reveals Seven Fraudulent Domains Used in Maritime Phishing Attacks

Renting The Exploits: How Fraud-As-A-Service Platforms Turned Digital Crime Into A Subscription Business

Researchers Claim First Fully Agentic Ransomware: JadePuffer

Researchers Discover First Documented Case of Agentic Ransomware

Researchers Uncover First Fully Agentic AI Ransomware Attack

Russian hackers expose UK government logins in FortiBleed credential breach

Securing the inbox: Where identity, brand and security meet

Seven FatFs Vulnerabilities Exposing Embedded Devices to Code Execution

SilverFox ValleyRAT Campaign Uses Eight-Stage Chain to Deploy Kernel Rootkit

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

Software Is Now Written at the Speed of Thought. Security Isn't

Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT

Sysdig clocks first documented case of agentic ransomware

T.A. Solberg Data Breach Exposes Social Security Numbers and Health Information

Teenage Hacker Arrested After Using ChatGPT To Crash Major Streaming Network

The Biggest Cybersecurity Mistake Many Small Businesses Don't Realise They're Making

The Canvas Breach: Lessons for SaaS Security Governance

The ‘first’ AI-run ransomware attack still needed a human

The first known ‘agentic ransomware’ has arrived

The future of payment fraud could be automated

The Gentlemen Ransomware Uses 21 Remote Execution Techniques to Encrypt Entire Networks

The Gentlemen Ransomware-as-a-Service (RaaS) Turns Infected Hosts Into SMB Distribution Points for Rapid Spread

The operational challenge: What the Mackay Sugar cyber attack reveals about Australia’s cyber readiness

The Two-Minute Exploit: How AI Closed the Skills Gap for App Attackers

This AI agent autonomously hacked a network, adapted on the fly, and demanded a ransom

Threat Actors Probe Gitea Docker Flaw CVE-2026-20896 13 Days After Disclosure

Types of Cyberattacks: The Complete 2026 Guide to Threats and Defenses

UK Foreign Office logins stolen in Fortibleed cyberattack, sold on dark web

UK Government Credentials Reportedly Stolen in FortiBleed Campaign Targeting Fortinet Devices

Ukrainian media outlets now among 'priority targets' for Russian hackers

US law firm Blank Rome faces class action over data breach

Vect and TeamPCP Cybercrime Groups Link for Ransomware Hits

Veeam Backup RCE Flaw Lets Low-Privileged Domain Users Gain SYSTEM Access

What Is BYOD? 9 Security Risks Businesses Are Racing to Fix in 2026

When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website

Why Ransomware, Identity Theft Top Nigeria’s Growing Digital Threats

Windows 11’s User Tracking Helped FBI Arrest Notorious Spider Hacker

Women's Wellness of Southern Delaware discloses data breach tied to former provider

World's First AI Agent Ransomware Attack Comes to Light: Automated Crime Chain Without Human Intervention