Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Monday, 27 April 2026

Data Breaches Digest - Week 18 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 27th April and 3rd May 2026.


27th April

500,000 UK volunteers’ medical data listed for sale on Alibaba

Abu Dhabi Department of Finance Super Admin Access Sale

ADT Breach Confirmed: Names, Phone Numbers, and Addresses Exposed

ADT Confirms Data Breach After Extortion Attempt by ShinyHunters

ADT confirms new data breach after hacking group threatens record leak

Americans lost over $2.1 billion to social media scams in 2025

Attackers Chain Flaws to Backdoor CODESYS Applications and Deploy Malicious Code

Attackers use Microsoft Teams, fake mailbox repair utility to breach organizations

BlackFile Group Targets Retail and Hospitality with Vishing Attacks

Carnival Corp. probes alleged data breach

Carnival Corporation Targeted in Ransomware Attack

Carnival Investigates Potential Data Breach Affecting Millions Of Cruisers

Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23rd Attack

China-Backed Groups are Using Massive Botnets in Espionage, Intrusion Campaigns

Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software

Client information data breach costs Fidelity $1.25 million in Massachusetts fine

Critical Gemini CLI Vulnerability Enables Remote Code Execution Attacks

Critical infrastructure giant Itron says it was hacked

Crypto thieves ramping up attacks on Apple users

CTM360 Exposes Global GovTrap Campaign With 11,000+ Fake Government Portals Targeting Citizens Worldwide

Cyber crooks got Robinhood to send phishing emails to its own users

Device codes are the new frontier for phishing as Barracuda detects 7 million attacks in four weeks

Ellipal Cryptocurrency Wallet Suffers Alleged Data Breach

Extradition Drama: Italian Government Approves Chinese Hacker's Transfer to U.S.

Fake Android Apps Distributing Spyware, Linked to Italian Surveillance Vendor IPS

Fake CAPTCHA International Revenue Share Fraud (IRSF) Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

Family Federation for World Peace and Unification (FFWPU) and Tongil Group Face Extensive Data Breach

FBI, Indonesian Authorities Team to Take Down Site Ripping Off Users for Millions

Fidelity Fined $1.25 Million Over Client Data Breach

Fidelity to Pay $1.25 Million Over 2024 Data Breach

Fidelity to Pay $1.25 Million to Settle Massachusetts Claims From 2024 Data Breach

Former FBI Deputy Cyber Chief Calls for Terrorism Classification for Healthcare Ransomware Actors

Former Ransomware Negotiator Pleads Guilty to Aiding Attackers

Garmin cyberattack disrupts online services, no evidence of customer data breach

Germany accuses Russia of targeting top politicians in Signal phishing attack

Germany blames Russia for Signal phishing attacks on MPs

Germany suspects Russia is behind Signal phishing that targeted top officials

Google users receive $30 bills after fake CAPTCHA scammed them into sending premium text messages

Hacker who allegedly carried out cyberattacks for China is extradited to U.S.

Hackers claim millions of records stolen in ADT breach

Hackers impersonate Microsoft Teams help desk to breach corporate networks

Home security giant ADT data breach affects 5.5 million people

How account takeover is reshaping higher-education cyber risk

How to Prepare for GenAI-Driven Threats and Ransomware Attacks

India: CERT-In warns of AI-driven cyber attack risks

International Tensions: Extradition of Chinese Hacker Xu to U.S. Sparks Controversy

Italy: Extradition decree signed for Chinese hacker arrested at Malpensa Airport

Italy extradites alleged Chinese hacker to US accused of spying for Beijing during COVID-19 pandemic

Italy extradites alleged Chinese state hacker to US

Italy extradites Chinese hacker to US

Italy extradites Chinese national wanted by US for alleged hacking

Italy plans to send ‘wanted’ Chinese hacker to US authorities

Itron discloses cyberattack after unauthorized access to internal systems

Itron, Inc. Discloses Data Breach After Hackers Accessed Internal Systems

Itron IT Breach: Unauthorized Access Detected on Internal Network

Jeff Honeycutt Insurance Agency Data Breach Exposes Client Info

Korea's Fair Trade Commission (FTC) Orders Coupang, Naver to Revise Unfair Data Breach Clauses

LAPSUS$ Claims Vodafone UK Breach in New Alleged Cyberattack

Lee & Lee Country Club Personal Data Breach...Possible Involvement of North Korean Hackers

Linux ELF Malware Generator Evades Machine Learning (ML) Detection Using Semantic-Preserving Changes

Litecoin Hit by Zero-Day Vulnerability, Triggers 13-Block Reorganization

Medical device giant Medtronic confirms data breach incident

Medtronic confirms breach after hackers claim 9 million records theft

Microsoft Store App Vibing.exe Accused of Harvesting Screens, Audio, and Clipboard Data

Money launderer linked to $230 Million crypto heist gets 70 months in prison

Morocco’s road safety agency warns of fake website used for phishing scam

Most Cybersecurity Professionals Feel Undervalued and Underpaid

Multiple OpenClaw Vulnerabilities Enable Policy Bypass and Host Override Attacks

Narteks Tekstil A.S. Suffers Krybit Ransomware Attack

Nessus Agent Vulnerability on Windows Allows Arbitrary Code Execution as SYSTEM

Netflix Phishing Scams: They’re More Dangerous Than You Think

Now a ransomware turns quantum computing safe in encryption

One ransomware crew now drives half of all cyber claims

Operation TrustTrap Reveals 16,800 Fake Domains Exploiting User Trust

PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks

Proof-of-Concept (PoC) Exploit Released for Critical Metabase Enterprise RCE Vulnerability

PyPI package with 1.1 Million monthly downloads hacked to push infostealer

Qilin Ransomware claims to have breached Inspira, Muller, A&A, Longwood, Exclusive, Istarpal

Ransomware attacks affect 2 senior care providers

Ransomware hackers are now targeting victims with an Infrastructure driven Approach

Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet

Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware

Robinhood suffers phishing attempt ahead of quarterly earnings

Russia suspected of targeting senior officials in major cyberattacks

ShinyHunters group claims massive data theft from home security provider ADT

ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach

South Texas Oncology and Hematology Pays $1.1 Million to Settle Data Breach Lawsuit

Sri Lanka: Banks alert customers to phishing attacks

Synmosa Biopharma Hit by Dragonforce Ransomware Attack

Texas Tech University Health Sciences Center says 2024 breach impacted 813,892 patients

The $700 million question: How cyber risk became a market cap problem

The AI criminal mastermind is already hiring on gig platforms

‘This was not an isolated incident’: Chinese national exposed by NASA investigation in serial defense software theft phishing campaign that lasted years

Two researchers stumble on pre-Stuxnet malware that may have targeted Iran's nuclear program

U.S. utility giant Itron discloses a security breach

Udemy Data Breach Results in 1.4 Million Accounts Leaked by ShinyHunters

Uganda Ministry of Agriculture (MAAIF) Suffers Data Breach

UK Biobank data breach exposes medical records of 500,000 people

UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware

US Sanctions Target Cambodian Scam Network Leaders

Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected

Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files

What the Medtronic Breach Means for Security Experts

Why Energy Infrastructure Is Cybersecurity’s Next Frontier

Widely Used Browser Extensions Selling User Data

Your adblocker might be tracking you: researchers flag dozens of browser extensions openly selling data

Your Identity and Access Management (IAM) was built for humans, AI agents don’t care

Posted by at
Labels:

Tuesday, 21 April 2026

Ransomware Operator Claims - Week 16 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 13th April and 19th April 2026, kindly assisted by our partners.

DBD discovered and researched 178 Ransomware Victims over 42 Countries and Islands claimed by 36 Data-Leaking Ransomware Operators, including 2 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels: ,

Monday, 20 April 2026

Data Breaches Digest - Week 17 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 20th April and 26th April 2026.


26th April

ADT confirms data breach: Customer personal information accessed

ADT Confirms Data Breach After ShinyHunters Leak Threat

American utility firm Itron discloses breach of internal IT network

Claude, code, cash: Hostile rise of global ransomware industry

Duo Data Breach Exposes Sensitive Details of 430,000 Members

From Data Breach to Diplomatic Crisis: Coupang Scandal Strains South Korea–US Relations

Gapyeong Golf Club Data Breach Exposes 100,000 Customers' Personal Information

German government suspects Russia of Signal attack targeting politicians

Germany probes suspected Russian phishing campaign targeting Signal users

Germany suspects Russia of Signal phishing attacks targeting politicians

Italy Agrees to Extradition of Chinese Hacker Linked to COVID-19 Research Theft

Italy extradites Chinese hacker wanted by US authorities

Italy extradites suspected Chinese hacker wanted by US authorities

Italy to Extradite Suspected Chinese Hacker Wanted by US Authorities

Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation

NASA Employees Duped in Chinese Phishing Scheme Targeting Defense Software

Nearly half of cybersecurity pros want to quit - here's why

Ransomware Negotiator Pleads Guilty to Deploying Ransomware Himself

Revealing Real Estate and Account Balances for Marriage...Duo Faces Fallout After Member Data Breach

Russia suspected of sweeping Signal hack attack on German officials

South Korea: Lee & Lee Country Club Data Breach - Police Suspect North Korean Hackers

Thailand: Hacker steals personal data of 350,000 engineers

Travel Security Shock As Signal Phishing Threat Targets European Leadership And Raises Alarm For Global Travelers And Digital Communication Safety

Trigona ransomware adopts custom tool to steal data and evade detection

25th April

ADT Confirms Data Breach Following ShinyHunters Data Leak Claim

AI tools widen cyber attack threat

America's largest home security brand ADT confirms data breach linked to ShinyHunters group

Breached cybercrime forum hit by massive data breach

CISA Adds 4 Exploited Flaws to Known Exploited Vulnerabilities (KEV), Sets May 2026 Federal Deadline

Cyber-attack forces shutdown of France’s passport-and-ID portal ANTS

Fake CAPTCHA Scam Abuses Verification Clicks to Send Costly International Texts

German authorities probe phishing attacks targeting politicians amid growing risks

German cabinet ministers hit by alleged Russian Signal phishing attack, sources say

German Government Suspects Russian Involvement in Cyber Attacks

German Government Suspects Russia of Signal Attack Targeting Politicians

Germany blames Russia for Signal phishing attacks on lawmakers

Germany blames Russia for Signal phishing attacks on MPs

Guatemala blames Venezuela-based hackers for arms control data breach

Handala Publishes Alleged Data of Israeli Brigade 89 Personnel

Interrail customer data offered for sale on dark web in major security breach

Mobile malware: Why Android remains a target

More than 300,000 travellers caught up in Interrail data breach

Personal and Medical Records of 160,312 Americans Potentially Exposed After Major Data Breach Hits Healthcare Firm

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Scam alert: Quishing joins phishing and smishing surge in South Africa

ShinyHunters Claims Udemy Data Breach, 1.4 Million Records Allegedly Compromised

Threat actor uses Microsoft Teams to deploy new “Snow” malware

Udemy Data Breach Alert: Hackers Claim Theft of 1.4 Million Records as ShinyHunters Issues ‘Pay or Leak’ Threat

24th April

26 FakeWallet Apps Found on Apple App Store Targeting Crypto Seed Phrases

A study of 1,000 Android apps finds a privacy policy logging gap

ADT confirms data breach after hacker claims 10 million records stolen

ADT confirms data breach after ShinyHunters leak threat

ADT says customer data stolen in cyber intrusion

ADT Suffers Data Breach, 'ShinyHunters' Hackers Say They Stole 10 Million Records

AI Is Getting Smarter. Is Your Supply Chain Keeping Up?

AI Phishing Is No. 1 With a Bullet for Cyberattackers

AI Rush is Reviving Old Cybersecurity Mistakes

Alabama Ophthalmology Associates Data Breach Settlement Gets First Nod

Alaska Air Group Credit Union Hit With Class Action Over Member Data Breach

Another spyware maker caught distributing fake Android snooping apps

Attackers Breach US Agency via Cisco Firepower and Secure Firewall Devices, Distribute Firestarter Malware

Barracuda Detects 7 Million Device Code Phishing Attacks In Four Weeks

Barracuda spots 7 million device code phishing attacks

Beware of phishing scheme via electronic invitations, cybersecurity experts warn

Bitwarden CLI compromised in supply chain attack: hundreds of developers have installed malware

Bitwarden CLI Hit by Supply Chain Attack Through GitHub Actions

Booking.com confirmed a data breach and Canadian travellers are now targets - here's what to watch for

Canada Life cybersecurity data breach under investigation as thousands may be impacted

Carnival Probes Alleged Data Breach Involving 8.7 Million Records

China-Linked Cyber Actors Turn to Massive Covert Botnets to Evade Detection

Compromised everyday devices power Chinese cyber espionage operations

Cybercriminals Track React2Shell Successes Using Telegram

Did ShinyHunters Hack Carnival Corporation? What Cruise Passengers Need to Know

Digital Espionage: Phishing Campaign Targets German Elite

Duo Data Breach Exposes 430,000 Members' Personal Details, Seoul Cyber Unit Probes

FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches

Firestarter malware survives Cisco firewall updates, security patches

Foodini Data Leak: Dietary Intelligence Platform Breached

FOSPIBAY Data Breach Exposes User Accounts and DNI Records

French Police Arrest HexDex Hacker Over Mass Data Theft and Leaks

German Parliament Speaker targeted in phishing attack

Germany launches spying probe into Signal attacks targeting MPs

Hackers Deploy New Exfiltration Tool In Ransomware Attacks

Hackers Exploit SS7 and Diameter Protocols to Track Mobile Users Worldwide

Hackers Leverage Microsoft Teams to Breach Organizations Posing as IT Helpdesk Staff

Health Records of 500,000 UK Biobank Volunteers Listed Online in China

Hong Kong: Beware of Phishing Websites Impersonating Local Restaurant Reservation Platforms to Steal Personal and Payment Information

How a simple consumer data breach spiralled into a national security crisis in US-South Korea relations

Indirect prompt injection is taking hold in the wild

Iran’s cyber threat may be less ‘shock and awe’ than ‘low and slow,’ officials say

Kyber ransomware first confirmed to use post-quantum cryptography in apparent psychological tactic

Laurel Eye Clinic Data Breach Impacts 43k Patients: PHI and PII Compromised

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

Massive health data breach in the UK: 500,000 volunteers’ data for sale online in China

Mercor faces class-action lawsuits after data breach exposes contractor information

Meta’s scam ad economy is out of control and fueled by AI deepfakes

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

Nepal: Ransomware attacks on government information systems increase

Netherlands Faces Greatest National Security Threat Since World War Two

New BlackFile extortion group linked to surge of vishing attacks

New China-aligned APT Deploys GopherWhisper Malware Against Mongolian Government

New Cisco firewall malware can only be killed by pulling the plug

New ClickFix attack Hides in Native Windows Tools to Reduce Detection Risk

New ‘Pack2TheRoot’ flaw gives hackers root Linux access

Novato officials warn of phishing scam targeting permit applicants

Npm Supply Chain Malware Attack Targets Developers With Worm-Like Propagation

Office for Civil Rights (OCR) Fines Four Regulated Entities for HIPAA Violations That Led to Ransomware Attacks

Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Padanama Publication Suffers Data Breach Involving Client Database

Ransomware Gang Unveils Custom Data-Theft Tool

Ransomware groups are using "post-quantum" hype to intimidate victims

Ransomware supply chain untangled by RAMP forum leak

Rich Products Data Breach: SSNs and Government IDs Exposed

Sagent Pharmaceuticals Data Breach Exposes Sensitive User Data Including SSNs

Scattered Spider co-conspirator pleads guilty

Second key suspect in LuxTrust phishing scam arrested in Spain

ShinyHunters Claims Udemy Data Breach of 1.4 Million Users

ShinyHunters threaten to leak 1.4 million Udemy records containing private data

Signal phishing campaign targets Germany’s Bundestag President Julia Klöckner

South Africa: New bank takes swift action after GroundUp alerts it to data breach

South Korea: Police Investigating Alleged Data Breach Affecting 430,000 Clients at Matchmaking Firm Duo Info

South Korea: Victims of matchmaking company's data breach criticize fine as too lenient

Sri Lanka Finance Ministry Hacked: $2.5 Million Stolen in Record Cyber Attack

Stryker Hack Shows Cyber Intelligence Is More Important Than Ever

Suffolk investigates attempted ransomware attack after possible data theft

TeamPCP Hijacks Bitwarden CLI, Uses Dependabot to Deploy Shai-Hulud Malware

Telegram Sessions Targeted Through Malicious PowerShell Script

Terra West Management Services Suffers Major Data Breach

The calm before the ransom: What you see is not all there is

The turncoat: how a ransomware negotiator joined the enemy

Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitation

Toronto police arrest three in Canada’s first mobile SMS blaster case

Trigona ransomware attackers use novel tool for data exfiltration

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

TWU Local 100 Data Breach: Personal and Health Info of Workers Potentially Exposed

Udemy Data Breach - ShinyHunters Allegedly Claims Compromise of 1.4 Million User Records

UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China

UK Biobank data breach dubbed ‘deeply concerning’

UK Biobank data breach exposes health records of 500,000 volunteers online

UK Biobank Data Breach Sparks Calls to Halt Sharing with China

UK Biobank Leak Prompts Urgent Review of Data Protection in Biomedical Research

UNC6692 Deploys Custom SNOW Malware via Impersonating IT Helpdesks on Microsoft Teams

UNC6692 impersonates help desk employees to drop SNOW malware via Teams

Universal Pure Data Breach Exposes Sensitive Personal Information

University of Cambridge: Students and staff targeted in phishing attack sent from compromised accounts

US Sanctions Target Cambodian Senator Kok An and 28 Affiliates Over Global Scam Network

Users advised to drop passwords and make room for passkeys

Vercel Investigation Discovers More Compromised Accounts in Context.ai Breach and a Separate, Prior Breach

What Claude and OpenClaw Vulnerabilities Reveal About AI Agents

Winona County, Minnesota, Restores Systems After Cyber Attack

’Worrying’ scale of Signal phishing attacks on German MPs

23rd April

A dozen allied agencies say China is building covert hacker networks out of everyday routers

Absolute Dental Settles Class Action Data Breach Lawsuit for $3.3 Million

After someone accessed Mythos, cyber pros doubt Anthropic can walk the walk

AI-assisted phishing attacks on the rise

AI-Driven Hacking Attacks Surge in Sophistication and Scale

Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages

Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950)

Apple Fixes Notification Privacy Issue That Allowed FBI Access to Signal Messages

Apple just fixed an iOS flaw exploited by the FBI - here's what happened

Apple Patches Bug Exposing Deleted Chat Messages via Logged Notifications

Apple patches bug that allowed FBI to recover deleted Signal messages, receives kudos

Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case

Attackers adapt phishing tactics to avoid detection

Australia: New South Wales (NSW) Government declares significant cyber incident after alleged Treasury data breach

Biobank Data Breach: 500,000 Volunteer Records Listed for Sale in China Raises 3 Urgent Questions

Bitwarden CLI Compromise Linked to Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI npm package compromised to steal developer credentials

CertiK Flags Deepfakes and Phishing as Top 2026 Crypto Threats

Checkmarx hit again, popular tools spreading credential-stealing malware

Checkmarx KICS Official Docker Repo Compromised to Inject Malicious Code

China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors

China-linked hackers targeted Mongolian government using Slack, Discord for covert communications

Chinese hackers using everyday devices to target UK firms, warns cybersecurity agency

CISA: US agency breached through Cisco vulnerability, FIRESTARTER backdoor allowed access through March

CISA orders feds to patch BlueHammer flaw exploited as zero-day

Citizens Bank Addresses Data Breach and Federal Class Action Lawsuits

Citizens Bank Customers Targeted in Third-Party Data Breach

Citizens Bank Faces Federal Lawsuits Following Everest Ransomware Attack

Citizens Bank Faces Federal Lawsuits Following Ransomware Attack

Claude Mythos AI Model Uncovers 271 Zero-Day Vulnerabilities in Firefox

Compliance breach sees London law firm hit with financial penalty

Cosmetics giant Rituals discloses data breach affecting customers

Cyber attacks on universities rise 63% around the world

Cyber-Attacks Surge 63% Annually in Education Sector

Data breach at France's National ID Agency: 19 Million records stolen

Details of 500,000 people on Biobank health database exposed

Device code phishing targets Microsoft 365 and Entra ID

Dutch horse forum secure for 25 years, then hackers broke in and passwords started spreading in other attacks

Eurail Data Breach Exposes Passport Details of 300,000 Travelers

European Union (EU) Rolls Out National Capabilities Assessment Framework (NCAF) 2.0 Framework to Boost National Cybersecurity Readiness

Feds seize 500 fake investment sites, Telegram channel in $700M scam crackdown

French government data breach exposes personal records of citizens

General Data Protection Regulation (GDPR) works, but only where someone enforces it

German Chancellor's Signal Chat Compromised in Major Phishing Attack on Parliament

German Parliament speaker targeted in Signal app phishing attack

GitLab Security Update Patches Multiple Vulnerabilities Allowing Session Hijacks

GopherWhisper APT group hides command and control traffic in Slack and Discord

Governments top cyber attack targets for second year running

Hacked healthcare software firm ChipSoft in negotiations with cybercriminals

Hacker Active Well Beyond Context.ai Compromise, Says Vercel CEO

Hacker with a special interest in breaching sports institutions ends behind bars

Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers Hijack YouTube and Fake Wallpaper App To Unleash notnullOSX Malware Onslaught

Hackers Use Hidden Website Instructions in New Attacks on AI Assistants

Harvester APT Expands Spying Operations with New GoGra Linux Malware

Health data of 500,000 UK Biobank members offered for sale in data breach

High Court Backs UK Police Use of Live Facial Recognition Technology

Hong Kong: Over 9,000 affected in ransomware attack on club

Hong Kong: Privacy watchdog rebukes Yau Yat Chuen Club after major ransomware attack exposing over 9,000 members personal info

House Republicans unveil data privacy law that would override state protections

In a first, a ransomware family is confirmed to be quantum-safe

Kyber ransomware targets Windows and ESXi with post-quantum encryption claims

Lazarus Hackers Weaponize AI In Sneaky Coding Challenge Attacks On Devs

Likes, leads and lures: Why TikTok for business is the new frontier for phishing

Luxtrust phishing scam: 34-year-old French national extradited to Luxembourg authorities

Luxury Cosmetics Giant Rituals Discloses Data Breach

Luxury cosmetics giant Rituals discloses data breach impacting member personal details

Major privacy flaw in Tor, Firefox, exposes users across sessions, even in “Private Window”

Matchmaking firm Duo slapped with heavy fines for massive data breach

Medical data of 500,000 Britons put up for sale on Chinese website

National Cyber Security Centre (NCSC) Backs Passkeys, Hailing a New Era of Sign-in

Needle Stealer Spreads via Bogus TradingClaw On Fraudulent TradingView Clone

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

New LMDeploy Vulnerability Exploited in the Wild Just 12 Hours After Public Advisory

Northern Ireland: Pair facing terrorism charges linked to Police Service of Northern Ireland (PSNI) data breach to challenge evidence

Novato: City Officials Warn Residents Of Phishing Scam Targeting Permit Applicants

Office for Civil Rights settles four HIPAA investigations, prioritizes risk analysis

Personal info of 9,045 people compromised in Hong Kong private club data breach

RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace

Ransomware Negotiator Pleads Guilty to Aiding Hackers Targeting His Own Clients

Ransomware, fraud, and lawsuits drive cyber insurance claims to new peaks

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

Rituals Confirms Data Breach Affecting Millions of Customers

Rituals confirms data breach of customer membership database

Rituals Cosmetics Data Breach Targets Global Membership Records

ShinyHunters dumps Mytheresa, Zara, Carnival, 7-Eleven data in fresh leak wave

Smartproxy: Third of these proxy IPs trace back to a botnet network Google just dismantled

South African credentials sold on dark web amid data breach wave

South Korea fines matchmaking firm Duo $815,000 over data breach affecting 420,000 users

South Korean Matchmaking Service Fined for Massive Data Breach

Sri Lanka's Finance Ministry computer system hacked; $2.5 million stolen

Surveillance companies exploiting telecom system to spy on targets’ locations, research shows

Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

The Insider Threat at the Heart of Global Ransomware Networks

The Netherlands: Nearly all Epe residents affected by major data breach involving personal details

The Phishing Paradox - The World’s Most Trusted Brands Are Cybercriminals’ Entry Point Of Choice

The Rising Risk Landscape for Critical National Infrastructure

Third BlackCat Insider Pleads Guilty as DOJ Signals Crackdown on Ransomware Response Firms

Trigona ransomware attacks use custom exfiltration tool to steal data

Tropic Trooper Deploys AdaptixC2 and Custom Beacon Listener

Tropic Trooper Deploys Custom Beacon and VS Code Tunnels in Fresh APT Assault

UK Biobank Data Breach: 500,000 People’s Health Records on Alibaba - What Is UK Biobank, What Was Exposed, Who Did It & What Happens Now

UK Biobank Data Breach Confirmed as 500,000 Records Appear on Chinese Marketplace

UK Biobank health data listed for sale in China, government confirms

UK Biobank Investigates Data Breach Amid Concerns Over Volunteer Information

UK Biobank suspends access after massive data breach

UK Investigates After Big Health Dataset Listed for Sale on China's Alibaba

UK ransomware attacks shift to targeted methods, small businesses most affected

UK Under Increasing Cyber Attack Threat with Officials Linking Incidents to Russia, China, and Iran

UK warns of Chinese hackers using proxy networks to evade detection

UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware

United States and Indonesia Dismantle Global Phishing Network

University of Warsaw Data Breach Exposes 200,000+ Sensitive Files on Darknet

US sanctions Cambodian senator for millions earned through scam compounds

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

VIPRE report says attackers shift to trusted services

VPN hacks surge on Russian marketplace where malware coders offered up to $25K a month

Why it’s time to stop blaming staff for breaches

With AI’s help, North Korean hackers stumbled into a near-undetectable attack

22nd April

$10 Million in Assets Seized as Florida Ransomware Negotiator Pleads Guilty in Cyber Extortion Scheme

1,370+ Microsoft SharePoint Servers Exposed Online and Vulnerable to Spoofing Attacks

750,000 DNN websites in danger: a simple SVG upload can lead to complete compromise

Adaptavist Group investigates security breach amidst ransomware claims

Agoda refutes claims of massive data breach

Agoda responds as 82 Million records allegedly hit hacker forum after Booking.com breach

Anthropic investigates unauthorized Mythos access by Discord group

Anthropic’s Mythos finds 271 vulnerabilities in Firefox 150 ahead of release

Apple fixes bug that cops used to extract deleted chat messages from iPhones

Apple fixes bug that let the FBI recover deleted Signal messages

Apple Intelligence flaw kept stolen tokens reusable on another device

Attackers Use Microsoft-Signed Binary To Deploy LOTUSLITE In India-Focused Cyber Campaign

Australia: New South Wales (NSW) Treasury Official Charged in Major Data Breach Involving Sensitive Government Documents

Australia: New South Wales (NSW) Treasury worker arrested over data breach

Australia: Public servant charged for data breach

Australia: Public servant charged over mammoth alleged data breach

Australian passports compromised in alleged Favelle Favco data breach

Banco Rendimento says service has been normalized after hacker attack

‘Big Game Hunters’: UK ransomware volume drops significantly 'but the reality is more alarming' – big organizations are being hit harder and with greater success

Bluesky Back Online After DDoS Attack, as Iran-Linked 313 Team Takes Credit

Booking.com data breach exposes traveler data to scams

Central Bank of Nigeria (CBN) warns of surge in phishing scams, fake messages targeting bank accounts

China’s cyber capabilities now equal to the US, warns Dutch intelligence

Claude Mythos finds 271 Firefox flaws, Mozilla believes it shifts security toward defenders

ClickFix Cyber Attack Triggers Global Alert: Browsers, Wallets and Passwords at Risk

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

Cosmetics chain Rituals hit in latest Dutch cyber attack

Cosmetics giant Rituals confirms data breach of customer membership records

Critical Bamboo Data Center and Server Vulnerability Enables Command Injection Attacks

Critical Spring Authorization Server Flaw Enables XSS, Privilege Escalation, and Server-Side Request Forgery (SSRF)

Cyberattack on French government agency triggers phishing alert

Cybersecurity Experts Warn of New Wave of North Korean Hacker Attacks

Data Breach at France’s ID Agency Triggers Urgent Probe

Data Breach Settlements Are Multiplying - and the Per-Person Payouts Are Getting Smaller Every Year

Discord-Linked Group Accessed Anthropic’s Claude Mythos AI in Vendor Breach

Ex-ransomware negotiator admits involvement in multi-million dollar extortion scheme

Extensive Citizens Financial Group, Frost Bank breaches claimed by Everest ransomware

Facial recognition is catching twice as many London shoplifters, but privacy activists are worried

Fake Google Ads Used To Steal Seed Phrases and Drain Crypto Wallets

Fake Google Antigravity Installer Can Steal Accounts in Minutes

'Felony murder law does not require that a defendant pull the trigger': Ex-FBI chief calls for ransomware attackers to face homicide charges if attacks lead to deaths

Firefox 150 Released With Fixes for Multiple Code Execution Vulnerabilities

Florida: Pasco County Ransomware Negotiator Switched Sides, Now Faces 20 Years For Cyber Extortion

Former FBI cyber leader urges felony homicide charges for ransomware attacks on hospitals

Former FBI official calls for terrorism designations for ransomware groups that target hospitals and critical infrastructure

Former ransomware negotiator pleads guilty to BlackCat conspiracy

Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang

France Confirms Data Breach After Hackers Claim Massive Data Leak

France confirms data breach at government agency that manages citizens’ IDs

France Titres data breach: 19 million records allegedly stolen

France's national agency for managing IDs and passports suffered a data breach last week

French Authorities Confirm Data Breach Amid Hackers’ Data Leak Allegations

French Government Agency Confirms Data Breach Affecting Citizens’ Personal Information

French government agency admits data breach as hacker alleges up to 19 million sensitive records stolen - breach may have exposed 'data from individual and professional accounts'

French Government Data Breach: ANTS Confirms Cyber Incident, Hacker Claims Selling 19 Million Records

French police arrest suspected hacker behind dozens of data breaches

German parliament speaker targeted in phishing attack

Hackers Claim 19 Million Records Stolen From French Government Agency

Hackers deployed wiper malware in destructive attacks on Venezuela’s energy sector

Hackers Impersonate IT Help Desk on Microsoft Teams to Gain Access, Steal Data

Hackers Use Lotus Wiper To Destroy Drives In Energy Sector Cyberattack

'Hacktivist attacks at scale’: UK could face hacktivist threats akin to some of the biggest ransomware incidents but with 'no option to pay a ransom to help recover'

Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API

Is Google sending fake Sign-In messages with Phishing links

Italian postal companies fined over €12.5 Million for scanning users' phones without proper consent

Jasper Sleet Posed As Fake IT Workers To Infiltrate Cloud Systems, Microsoft Says

K2 Electric Inc Targeted in Genesis Ransomware Attack

Korea's Parliament Panel Passes Bill to Seize Voice Phishing Proceeds Without Prosecution

Kyber ransomware gang toys with post-quantum encryption on Windows

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

M&T Bank Data Breach: Sensitive Personal Information Exposed

MacOS Native Tools Enable Stealthy Enterprise Attacks

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious Namastex npm Packages Spread TeamPCP-Like CanisterWorm Malware

Malicious TikTok Downloader Extensions Quietly Compromised 130K Users

March 2026 Cyber Threat Landscape Fueled by Ransomware, Breaches, and Access Markets

Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft Releases Emergency .NET 10.0.7 Update to Fix Critical Privilege Escalation Flaw

Microsoft releases emergency patches for critical ASP.NET flaw

Millions of crypto users may be the targets, as hackers claim CoinMarketCap

Mozilla Fixes 271 Firefox Bugs Using Anthropic’s Mythos AI

Mustang Panda Hits India and South Korea with Updated LOTUSLITE Backdoor

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

New Apple Phishing Scam Uses Fake $899 iPhone Purchase Alert

New Firefox update patches a whopping 271 bugs with help from Claude Mythos

New GoGra malware for Linux uses Microsoft Graph API for comms

New iPhone phishing scam involves email sent from Apple servers

New law prohibits smart TVs from spying on users without consent

New Mirai campaign exploits RCE flaw in End-of-Life (EoL) D-Link routers

New Mirai variants target routers and DVRs in parallel campaigns

New NGate Malware Variant Discovered in Trojanized NFC App Stealing Payment Card PINs

New npm supply-chain attack self-spreads to steal auth tokens

New report reveals Hollywood studios still dangerously exposed to cyber risks

Nigeria: Fresh phishing wave targets bank customers, threatens personal accounts nationwide

North Korea: Hacker group suspected of stealing $300 million in cryptocurrency

North Korean hacker group Lazarus suspected behind US$300m crypto heist

North Korean hackers build “shiny new” macOS malware, but get hacked themselves

North Korean hackers siphon more than $12 million from crypto users in sprawling campaign

Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks

Phishing - sometimes with AI’s help - topped initial-access methods in Q1

Phishing has cost Luxembourg around €10 million since 2023

Phishing reclaims the top initial access spot, attackers experiment with AI tools

Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)

Qilin Breach: Sea Air, Kolin, INDCAR, PTS, Huonker, Ferguson, SEL, Sterimed, Avitrans, Rusk

Ransomware Attack on Hospital Caribbean Medical Center Affects 92,000 Individuals

Ransomware evolving into Big Game Hunting

Ransomware falls but victims rise as targeting intensifies

Ransomware is shifting towards infrastructure-led exploitation

Ransomware ‘Negotiator’ Faces 20 Years in Prison for Allegedly Betraying His Employers

Ransomware negotiator pleads guilty after leaking victims' insurance details to 'BlackCat' hackers - perp gave attackers a precise picture of exactly how much each target could afford to pay

Ransomware negotiator recruited by BlackCat ransomware gang pleads guilty to 2023 attacks, faces 20 years in prison

Researchers Uncover ProxySmart Software Powering 90+ SIM Farms

Rituals data breach - customer data affected

Rutan & Tucker Law Firm Suffers Data Breach by Silentransomgroup

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Shadow AI, deepfakes, and supply chain compromise are rewriting the financial sector threat playbook

Spain: New 'phishing' scam using emails impersonating the State Tax Administration Agency

Stolen Money Routed Through French Fintech Accounts In New Cybercriminal Scheme

Surge in Silent Subject Phishing Attacks Targets VIP Users

The Gentlemen ransomware: Using the SystemBC proxy malware

The Gentlemen Ransomware-as-a-Service (RaaS) Adds C-Based ESXi Locker To Cross-Platform Attacks

'The Gentlemen' Rapidly Rises to Ransomware Prominence

The Security Metric That’s Failing You

Thousands eligible for payments under data breach settlement. Long Beach still won’t say how it happened

"Try Claude on Your Desktop"...Warning Issued for Claude-Impersonating Phishing Sites

Two major US banks targeted - Citizens Bank confirms breach, Frost Bank allegedly hit

UK: Leading universities paid to "spy" on student protestors and guest lecturers

UK could face ‘hacktivist attacks at scale’, says head of security agency

UK court determines police use of live facial recognition legal

UK cyber agency handling four major incidents a week as nation-state attacks surge

UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, National Cyber Security Centre (NCSC) Warns

UK government says 100 countries have spyware that can hack people’s phones

UK networks hit by 67 million attacks targeting Hikvision cameras

UK ransomware attacks fall sharply as hackers move to targeted 'big game' breaches

UK ransomware volumes fall as ‘Big Game Hunters’ focus on high-damage targets

Unauthorized Group Gains Access to Anthropic’s Exclusive Cyber Tool Mythos

Wales: Dyfed-Powys Police advises public of new phishing scam

Warren County, New York, $3.3 Million Phishing Scam Probe Continues

'We will reveal their identity photos, names, location, and other': Experts reveal extraordinary battle between rival ransomware gangs - and how victims can get their data back

ZeroFox data shows ransomware stabilizing at scale, with manufacturing absorbing nearly one in five attacks

21st April

22 BRIDGE:BREAK Flaws Expose Thousands of Lantronix and Silex Serial-to-IP Converters

6,000+ Apache ActiveMQ Instances Vulnerable to CVE-2026-34197 Exposed Online

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Adaptavist Group breach spawns imposter emails as ransomware crew claims mega-haul

After Booking.com hack, 82 Million Agoda records surface on hacker forum

AI tool Vendor compromise leads to Vercel Data Breach

Alleged Adelaide hacker charged over 'cybercrime spree'

Ameriprise Discloses Second Data Breach in Less Than Six Months

Analog Gold Data Breach by Fulcrumsec Exposes Guyana Records

ANTS Hack: 19 million records exposed in French ID agency breach

Anubis Ransomware Attack Hits ViaQuest and Samuel I White PC

Arbitrum Freezes $71.1 Million in ETH: Decisive Blow Against Kelp DAO Hacker

Arbitrum Freezes KelpDAO Hacker’s $71 Million But Sparks Debate on Centralization

Arbitrum Pretends to Be a Hacker and “Steals Back” KelpDAO’s Lost Funds

Arbitrum takes back $71m from Kelp DAO hacker: ‘We did not make this decision lightly’

Australia: New South Wales (NSW)-based Strata company allegedly breached by ransomware group

Australia: Treasury staffer charged for New South Wales (NSW) government data breach

Bayside Dental Data Breach Exposes Personal and Health Information

Bluesky, Fast-Growing X Alternative, Hit by Sophisticated DDoS Attack

British Scattered Spider hacker pleads guilty to cryptocurrency theft

Chartered Institute of Bankers of Nigeria (CIBN) Allegedly Hit by 250GB Data Breach

CISA Adds 8 Exploited Flaws to Known Exploited Vulnerabilities (KEV), Sets April-May 2026 Federal Deadlines

CISA Adds 8 Exploited Vulnerabilities Affecting Cisco, Zimbra, TeamCity

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)

CISA flags new SD-WAN flaw as actively exploited in attacks

CISA Warns Axios npm Package Was Compromised in Major Supply Chain Attack

Claude Code, Gemini CLI, and GitHub Copilot Vulnerable to Prompt Injection via GitHub Comments

Cloud platform Vercel says company breached through third-party AI tool

Columbia Bank Data Breach Exposes Sensitive PII

Credit Unions in Georgia, Alaska Hit by Ransomware and Data Breach Incidents

Crypto firms trade blame after biggest heist of 2026, $71 Million frozen

Cybercrime: Who are the initial access brokers, and why do they sell us so cheap?

Cybersecurity expert turns cybercriminal, pleading guilty to 'conspiracy to deploy ransomware'

Data breach: Citizens flags limited customer impact after vendor data incident amid ransomware claims

Developers Targeted in GitHub OAuth Phishing Campaign

DraftKings Hacker Who Helped Steal 600K Sentenced to 30 Months

Dutch consumers launch mass lawsuit against Odido over data breach affecting 6.2 million customers

Dutch E-Commerce Site Bol.com Investigates Claims of a Data Breach

Dutch warship compromised with $5 tracker and a postcard

Everything we know about the Vercel data breach so far

Fake TikTok Downloader Extensions Infect 130,000 Browser Users

Finland: Espionage probe added to state data breach

Finnish police suspect espionage in major state data breach

Florida man pleads guilty in ransomware conspiracy targeting U.S. companies

Florida ransomware negotiator pleads guilty to betraying clients to hackers

Formbook infostealer deployed in clandestine phishing campaigns

Former DigitalMint ransomware negotiator pleads guilty to extortion scheme

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Former ransomware negotiator pleads guilty to BlackCat attacks

France ANTS cyberattack: Millions at risk as data breach exposes personal details and sparks phishing fears - here's what you need to know

French government agency confirms breach as hacker offers to sell data

From floppy discs to Claude Mythos, how ransomware grew into a multibillion-dollar industry

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Grinex crypto exchange shuts down, blames Western agencies for $13.7 Million breach

Guilt admitted by British hacker in $8 Million crypto theft scheme

Hackers Abuse GitHub Issue Notifications to Phish Developers Through Malicious OAuth Apps

Hacker defaces Seiko USA website and claims theft of 'entire customer database' - here's what we know

Hackers Could Weaponize GGUF Models to Achieve RCE on SGLang Inference Servers

Healthcare organizations in Illinois and Texas potentially leak data of 600,000 individuals

Iran Alleges US Networking Gear Was Deliberately Disabled

Jordan Customs warns of phishing scams targeting postal shipments

KelpDAO Crypto Theft: Lazarus Hackers Linked to $290 Million Heist

Lawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks

Lovable AI App Builder Reportedly Exposes Thousands of Project Data via API Flaw

Lovable data breach? AI app builder responds to claims

Lovable goes on ego trip denying vulnerability, then blames others for said vulnerability

Lovable under fire over data breach

Madison Area YMCA Data Breach Exposes Social Security Numbers

Malicious OAuth Apps Turn GitHub Issue Notifications Into Phishing Lures

Manufacturing Absorbed More Ransomware Claims in March Than the Next Three Verticals Combined

Massive police data breach raises national security alarm in South Africa

Mastodon DDoS Attack Disrupts Flagship Server Temporarily

Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns

Millions at risk as hackers target Frost Bank and Citizens Bank

Most Firms Overestimate Cyber Recovery Readiness, Survey Finds

Most Organizations Fail to Fully Recover After Ransomware Attacks

Murder, she wrote: Ex-FBI chief wants some ransomware criminals charged with homicide

National Insurance Producers Registry (NIPR) Warns Agents of Email Phishing Attempts

Nepal: National Cyber Security Centre warns public against rising ransomware attacks

Nepal Government Issues Ransomware Alert Amid Rising Cyberattacks

New Lotus data wiper used against Venezuelan energy, utility firms

New NGate Malware Uses AI To Masquerade As NFC Payment Apps

New PureRAT Campaign Uses PNG Files To Conceal Fileless Payloads

New ransomware group The Gentlemen hits 300+ victims

New Top-Level Domains (TLDs) and phishing risk: What security teams should know

NGate Android malware uses HandyPay NFC app to steal card data

NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs

NGate NFC malware targets Android users through trojanized payment app

North Korea-Linked UNC1069 Hacks Crypto Pros via Fake Meetings

North Korean Blamed for $290m KelpDAO Crypto Heist

North Texas Behavioral Health Authority Data Breach Affects 285K Individuals

Oman: E-commerce scams account for 85% of financial phishing

OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns

Personal Data Exposed on ANTS Portal, French Authorities Investigate

Phishing and MFA exploitation: Targeting the keys to the kingdom

Poste Italiane and Postepay Fined €12.5 Million for Illegally Processing Personal Data of Millions ⁠of Users

Poste Italiane, Postepay Fined €12.5 Million for Unlawful User Data Processing

QR Code Phishing Evolves: How to Keep Up

Ransomware and Crypto: Why Paying Isn’t Always the Answer

Ransomware negotiator admits role in attacks he was hired to resolve

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

Ransomware Negotiator Pleads Guilty to BlackCat Scheme

Ransomware negotiator pleads guilty to helping ransomware gang

Reliance Jio Infocomm Hit By Alleged Trading Data Breach

Restaurant Management Company Data Breach Affects 120,426

Roca Asociados Data Leak Exposes Client Information

Sapphire Sleet Targets macOS Users In New Social Engineering Campaign, Microsoft Warns

Scammers plant 26 fake crypto apps in Apple’s Chinese App Store

Scattered Spider hacker pleads guilty to stealing $8 million in cryptocurrency

‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

Scottish Hacker Pleads Guilty to US Cyber Heists

Seiko USA Data Breach: Hackers Steal Customer Database, Issue 72-Hour Ransom Ultimatum

Seiko USA website defaced, customer data breach claimed

SideWinder Targets Government Webmail With Bogus Chrome PDF Viewer and Zimbra Phishing Clone

SideWinder Uses Fake Chrome PDF Viewer and Zimbra Clone to Steal Government Webmail Credentials

South Korea: 46 Voice Phishing Ring Members Repatriated from Cambodia Sentenced to Prison in First Trial

Spotting the spyware: How modern spies are weaponizing phishing

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

SystemBC botnet linked to Gentlemen ransomware attacks

The Gentlemen: A New Ransomware Threat Climbing the Charts - Fast

The Gentlemen: The Rapid Rise of a Sophisticated New Ransomware Threat

The Gentlemen Ransomware: 300+ Victims and a Hidden Threat You Need to Understand

The Gentlemen Ransomware Expands With Rapid Affiliate Growth

The Gentlemen ransomware is scaling fast - and rewriting the rules of cybercrime growth

The United States to press Felony charges against ransomware hackers

Third US Security Expert Admits Helping Ransomware Gang

TikTok video downloader extensions infect over 130K users with covert spyware

Treat Ransomware Criminals Like Terrorists, House Subcommittees Advised

Trojanized Android App Fuels New Wave of NFC Fraud

Türkiye arrests 11 cybercriminals in major data breach operation

Tycoon 2FA takedown: Phishing ecosystem shifts, competitors rise

Unauthorized group has gained access to Anthropic’s exclusive cyber tool Mythos, report claims

Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms

US: Tampa Ransomware Fixer Flips, Admits He Was Working for the Hackers

Vect formalizes BreachForums and TeamPCP alliance to push model for industrialized ransomware, scale RaaS operations

Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool

Vercel Customer Data Breach Highlights CX Risks of “Shadow AI” Tools

Vercel data breach: How hackers targeted the cloud company and offered its data for sale for $2 million

Vercel data breach exposes South Africa developer community

Vercel reaches out to users following data breach confirmation

Warren County identifies stolen $3.3 Million from phishing scam

Watch Out for Unexpected Apple Account Change Emails. It's a Phishing Scam

With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance

Yet another ex-ransomware negotiator admits turning rogue after payoff from crimelords

20th April

10 Biggest Data Breaches in Germany

52 Million-Download protobuf.js Library Hit by RCE in Schema Handling

58% of Organizations Spend Over 10 Hours a Month Securing AI-generated Code

₹165 Crore Phishing Empire Crushed: FBI Busts Global Cyber Fraud Network

$221K Lost In Ethereum Phishing Attack What Went Wrong

2024 NHS Ransomware Attack Still Causes Healthcare Disruption, 122 Patient Safety Incidents Recorded

2026’s Breach List So Far: FBI Hacked, 1 Billion Androids at Risk, 270 Million iPhones Vulnerable

Add Hasbro to the growing list of defendants facing a class-action lawsuit over a data breach

After Tycoon 2FA Takedown, MFA‑Bypass Phishing Techniques Spread Across New Platforms

AI cloud company Vercel breached after employee grants AI tool unrestricted access to Google Workspace - hacker seeking $2 million for stolen data

AI platform ATHR makes voice phishing a one-person job

Ameriprise Data Breach Affected Nearly 48,000

Ameriprise Data Breach Impacts More Than 47,000 People

Amtrak Data Breach Exposes 2.1 Million Records, Reports Suggest Larger Leak

Anthropic Model Context Protocol (MCP) Design Vulnerability Enables RCE, Threatening AI Supply Chain

App host Vercel says it was hacked and customer data stolen

Apple Account Change Alert Emails Exploited in New Phishing Campaign

Apple account notifications abused for iPhone purchase phishing scams

Apple's account change notifications send phishing emails

Arizona & Texas Clinics Notify Patients About Ransomware Incidents

Arnold Clark Faces Data Breach Class Action In Scotland

ATHR Fuels Large-Scale AI Vishing and Phone Phishing Attacks

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

Attackers Turn QEMU Into a Stealth Backdoor for Credential Theft and Ransomware

Attackers Exploit Windows Zero-Days to Bypass Microsoft Defender

Australia: Don’t be tricked by phishing scams

Australia: New South Wales (NSW)-based Strata Republic allegedly breached by Kairos ransomware group

Bluesky blames app outage on ‘sophisticated’ DDoS attack

Bluesky Disrupted by Sophisticated DDoS Attack

Booking.com data breach customers fall prey to Reservation Hijacks

Brit pleads guilty amid Scattered Spider hacking spree claims

British Hacker Admits Stealing Millions in Virtual Currency From Targeted Companies

British hacker tied to Scattered Spider campaign pleads guilty in $8 Million scheme

British Hacker Tyler Buchanan Pleads Guilty to $8 Million Hacking Scheme in US

British Scattered Spider Hacker Pleads Guilty in the US

British Scattered Spider hacker pleads guilty to crypto theft charges

Brute-Force Authentication Attacks Targeting Network Devices On The Rise

Caribbean Medical Center Data Breach Affects 92,000

Champhunt Data Breach Exposes Over 224,000 User Records

China's Apple App Store infiltrated by crypto-stealing wallet apps

Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks

Cisco Patches Critical Identity Services Engine (ISE) Vulnerabilities Allowing Remote Code Execution Attacks

Critical Anthropic Model Context Protocol (MCP) Vulnerability Enables Remote Code Execution Attacks

Critical Gardyn Smart Gardens Vulnerabilities Let Attackers Control Devices Remotely

Crunchyroll slammed with lawsuit as millions of users left exposed in data breach

Crypto Exchange Grinex Blames Western Spies for $13m Theft

Crypto industry rocked by $290 Million Kelp DAO exploit, North Korea's Lazarus Group suspected

Crypto infrastructure company blames $290 million theft on North Korean hackers

Cyberattack at French identity document agency may have exposed personal data

Data breach at French National Agency for Secured Documents (ANTS) portal exposes personal user information

Drivers eligible for Arnold Clark cyber attack compensation claim

Dutch ecommerce site Bol.com investigates claims of a data breach

Dutch healthcare tech giant ChipSoft confirms patient records stolen

“Essentially invisible:” How hackers 'trojan-horsed' QEMU virtual machines to bypass security and drop ransomware

Everest Group Breaches Frost Bank, Citizens Bank, Tokoparts, Complete Aircraft Group, Umiles, Nutrabio

Fake TikTok Downloaders on Chrome and Edge Spying on 130,000 Users

Formbook Malware Campaign Uses Multiple Obfuscation Techniques to Avoid Detection

France’s ANTS ID System website hit by cyberattack, possible data breach

Fraudulent Phishing Scams Continue to Target Wisconsin Division of Motor Vehicles (DMV) Customers

Gravesend Panic Room owners put in 'difficult position' following cyber attack

Hacker “Jeffrey Epstein” leaks 400K records from Netherlands' largest webshop

Hackers Abuse Apple Alerts to Bypass Spam Filters

Hackers Are Using Apple Account Notifications for a Phishing Campaign and Malware Attack

Hackers Exploit AppDomain Hijacking To Weaponize Intel Utility

Hackers Exploit CVE-2024-3721 To Deploy Nexcorium Malware On TBK DVRs

Hackers exploit Vercel’s trust in AI integration

Hackers Use FUD Crypt To Deliver Microsoft-Signed Malware With C2 Capabilities

Holidaymakers issued suspicious message alert after major data breach

Ice Open Network hit by an insider data breach, emails, and 2FA exposed

Indian Agency Arrests Key SIM Card Supplier of a Broader Cyber Fraud Network

Inside the Booking.com Data Breach - Should You Be Worried?

Instituto Maria Schmitt Investigates Email Inbox Data Breach

Investigation into Blue Cross Blue Shield of Montana data breach moves forward

Iran’s Ministry of Intelligence and Security (MOIS) Tied to Coordinated Cyber Campaign Using Multiple Hacker Personas

Italian regulator fines national postal service orgs $15 million for data privacy violations

iTerm2 Flaw Abuses SSH Integration Escape Sequences to Turn Text Into Code Execution

JanaWare Ransomware Targets Turkish Users via Adwind RAT

JanaWare Ransomware Hits Turkish Users via Tailored Adwind RAT

Justice Department seizes $10 million from ransomware conspirator

KelpDAO suffers $290 million heist tied to Lazarus hackers

Los Angeles County Office of Education (LACOE) Investigating Potential Data Breach

Lovable denies data breach, says public settings are ‘intentional’

Lovable denies mass data breach

Massive police data breach raises national security alarm in South Africa

Mastodon says its flagship server was hit by a DDoS attack

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Microsoft, Meta, Google shamelessly track you even if you opt out

MiningDropper Campaign Targets Android Users with RATs and Data-Stealing Apps

Morocco’s Al Barid Bank Denies Data Breach, Says Customer Accounts Remain Secure

National Cyber Security Centre (NCSC) Outlines Coordinated Plan to Boost National Health Service (NHS) Cyber Resilience

Nepal: Cyber security advisory issued against ransomware attacks

New JanaWare Ransomware Targets Turkish Users Through Customized Adwind RAT

New Malware Campaign Delivers Gh0st RAT With CloverPlus Adware

Next.js Creator Vercel Hacked

Nigeria: Confusion as Corporate Affairs Commission (CAC) suspends portal operations over cyber attack

Nigeria cyberattacks surge as hackers target Corporate Affairs Commission (CAC), banks, election data at risk

NIST Shifts to Risk-Based National Vulnerability Database (NVD) Model as Common Vulnerabilities and Exposures (CVE) Submissions Surge 263% Since 2020

North Korea hackers blamed for $290 Million crypto theft

Over 200 Japanese firms paid ransomware attackers, 60% fail to recover data

Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign

Pakistan: E-challan phishing scam targets citizens

Payouts King ransomware abuses QEMU for hidden VMs and backdoors

Phishing attack warning issued following Booking.com data breach

Phishing scams: Wisconsin Division of Motor Vehicles (DMV) customers targeted, officials say

Popular travel booking site confirms data breach: Here’s what to know

Public Notion Pages Expose Profile Photos and Email Addresses of Editors

QEMU Hijacked as Stealth Backdoor for Credential Theft, Ransomware

Ransomware Attack on Healthcare IT Solutions Provider Impacts Dutch Hospitals

Ransomware’s Next Phase: From Data Encryption to Business Extortion

Read notice on the website that FBI has taken down for stealing millions from internet users across the world

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination Operational Technology (OT) Systems

Researchers Link Iran’s Ministry of Intelligence and Security (MOIS) To Coordinated Hacker Persona Operation

Researchers Say Iranian Ministry of Intelligence and Security (MOIS) Uses Multiple Hacker Personas for One Coordinated Cyber Campaign

Revolution Dancewear Discloses Data Breach Compromising Personal Info for 5,841 Individuals

Scammers are weaponizing Apple’s own notifications in a dangerous new phishing attack - don’t fall for this

Secretaría de Seguridad del Estado de México Data Breach

Seiko USA website defaced as hacker claims customer data theft

Seiko USA Website Defaced as Hackers Claim Data Breach

SEO Poisoning Attack Abuses Microsoft Binary To Deploy RMM Tools

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

Standard Bank data breach fallout deepens

Study finds ransomware payments largely ineffective for Japanese firms

The Chartered Institute of Bankers of Nigeria Data Breach

The Gentlemen ransomware now uses SystemBC for bot-powered attacks

The Model Context Protocol (MCP) Disclosure Is the AI Era’s ‘Open Redirect’ Moment

Third-party AI hack triggers Vercel breach, internal environments accessed

Today's Ransomware evolution neutralizes current incident response strategies

Top 3 Cyber Insurance Incident Claims

Tycoon 2FA Loses Dominance as Phishing Attacks Surge Across Emerging Platforms

Tycoon 2FA relinquishes crown to similar PhaaS platforms

UAE Cyber Security Council Warns 1 in 4 Public Files Contain Sensitive Personal Data

Vercel: Data breach exposes customer credentials

Vercel Breach Linked to Context.ai, ShinyHunters Says It’s Not Involved

Vercel Breach Originated from an Employee’s AI Tool

Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials

Vercel breached via compromised third-party AI tool

Vercel CEO blames highly sophisticated AI for speeding up the massive internal data breach

Vercel Confirms Breach as Hacker Demands $2 Million Ransom

Vercel Confirms Data Breach - Hackers Claim Access to Internal Systems

Vercel Confirms Data Breach Linked to AI Tool, Hackers Demand $2 Million Ransom

Vercel confirms data breach linked to third-party AI tool: All you need to know

Vercel Confirms Major Security Incident as Hacker Claims $2 Million Ransom Demand

Vercel Confirms Security Breach as Hacker Demands $2 Million and Claims to Sell Internal Access

Vercel Data Breach Exposes Customer Credentials After AI Tool Compromise

Vercel Data Breach Linked to Context AI Hack Reportedly Exposes Information

Vercel Data Breach Linked to Earlier Context.ai Compromise

Vercel Employee's AI Tool Access Led to Data Breach

Vercel hacked after fatal OAuth misstep: granting “Allow All” permissions

Vercel hacked, hacker using ShinyHunters name to sell data for $2 million

Vercel Incident Linked to AI Tool Hack, Internal Access Gained

Vercel Reports Data Breach Amid Claims of Compromised Internal Infrastructure

Vercel Security Breach: Hacker Demands $2 Million as Crypto Projects Scramble to Secure Keys

Watch out, hackers are abusing Apple account notifications to distribute malware, steal money and data

'We've identified a security incident': Vercel breach confirmed after hackers claim stolen data for sale online

What the ransom note won't say

What to do if you clicked a phishing link in a business email

Why proactive cybersecurity beats ransomware threats

Why security experts believe we should manage software flaws like a critical illness

ZionSiphon Launches Sabotage Attacks On Israel’s Water Infrastructure

ZionSiphon Malware Targets Water Infrastructure Systems

Posted by at
Labels:
Subscribe to: Comments (Atom)