Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and 
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 4th May and 10th May 2026.7th May
AI and Dark Web Make Passwords Obsolete in 2026
Australia: Cyber attack exposes student and staff private details
Australia: Major cyber attack exposes private details of students and school staff
Australia: New South Wales, other states, investigating Instructure/Canvas data breach
Australia: Noosa students impacted in state-wide education data breach
Australian schools, universities left scrambling after personal data of students compromised in massive breach
Belarus: Online Library Kamunikat.org Down After Hacker Attack
Belarus: Online library website Kamunikat suffered a powerful hacker attack
Canadian government to pay $8.7 Million to settle data breach class-action involving Canada Revenue Agency (CRA) accounts
Cybercriminals Exploit Microsoft Teams to Phish Login Credentials and Bypass MFA
Duo Data Breach Victims File Lawsuit Seeking 1 Million Won Each
Experts warn passwords no longer sufficient in AI era
Fortinet warns ransomware cases jumped 389% as AI accelerates cyberattacks
Google Ads Campaign Targets GoDaddy ManageWP Login Credentials
Hackers Exploit Microsoft Teams to Steal Credentials and Bypass MFA
Iranian hackers masqueraded as different hackers to mask spying effort
Law Society criticises Legal Aid Agency (LAA) for lack of compensation after cyber attack
Major Canvas Data Breach Impacts Universities Worldwide: Have You Been Affected?
Major data breach as private information of Australian students and teachers leaked
Malicious NuGet Packages Target Chinese .NET Ecosystem Developers
New Phishing Attack Weaponizing Event Invitations to Steal Login Credentials
Queensland Department of Education confirms students, staff impacted by ShinyHunters data breach
Queensland education sector caught up in major security breach affecting more than 200 million people globally
Ransomware Is Evolving Even When the Numbers Look Better
Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
Salesforce Marketing Cloud Vulnerabilities Expose Cross-Tenant Subscriber Data Risks
South Africa: FlySafair under fire after alleged data breach during R12 birthday ticket sale
The rise of staged attacks: phishing now accounts for 30% of malicious traffic
Vimeo data breach exposes personal information of 119,000 users after Anodot incident
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
VoIP Providers, Preferred by Attackers for High-Volume, Cheaper Email Scams that Reuse Phone Numbers
Wake schools notify parents of Canvas data breach
6th May
35,000 users hacked? Microsoft reveals massive global phishing attack
AI accelerates ransomware surge as global attacks jump 389%
AI Tools Expose PostgreSQL and MariaDB Flaws Hidden for Decades
AI-Powered Phishing Demands a Shift From Awareness Training to Immersive Simulations, Experts Argue
Aroostook Mental Health Center reports data breach
Attackers compromised Daemon Tools software to deliver backdoors
Australia Forms Cyber Incident Review Board to Strengthen Defences After Major Breaches
Azure AD Security Bypass Exploits Phantom Device Registration and PRT Abuse
Bank phishing declines but still drives 26% of attacks
Bots outnumber humans online. Can we at least outsmart them?
Boutique phishing kit Saiga 2FA reappears with new campaigns and ‘lorem ipsum’ metadata
China-linked APT group attacking government entities in South America and Europe
Chrome on Android can now hide your exact location from websites
CISA Urges Critical Infrastructure Providers to Make Plans to Remain Operational if hit by Cyber-Attack
CISA Warning: High-Severity Linux Flaw Puts Unpatched Systems at Risk
CISA Warns of Severe CopyFail Linux Vulnerability Under Active Exploitation (CVE-2026-31431)
CloudZ Malware Abuses Phone Link to Steal SMS OTPs
CloudZ RAT Exploits Microsoft Phone Link to Steal SMS OTPs
Conti, Akira Affiliate Sentenced to 102 Months in Prison for Ransomware and Extortion Operations Targeting over 50 Organizations
Coupang back in the red after data breach fallout
Coupang Posts $242 Million Q1 Loss Amid Data Breach Fallout
Coupang posts biggest quarterly loss in 4 years following last year’s major data breach
Coupang Posts Largest Quarterly Loss in 4 Years on Data Breach Fallout
Coupang swings to net loss in Q1 amid fallout from data breach
Critical Palo Alto Firewall Flaw Exploited to Gain Root Access
Critical vm2 sandbox bug lets attackers execute code on hosts
Critical vulnerability affects Ollama: 300,000 servers exposed to attackers
Cushman & Wakefield confirms Vishing-linked cyberattack amid claims by ShinyHunters and Qilin
D'Ambrosio Dodge Data Breach Exposes Sensitive Personal Information
DAEMON Tools developers confirm breach, release malware-free version
Data Breach Fallout Pushes Coupang Into Red as Demand Wavers
Data Extortion Groups Intensify Pressure On Global Aerospace Supply Chains
Dental data breach leads to proposed US$3.3 Million class action settlement
Department of Justice (DOJ) says ransomware gang tapped into Russian government databases
Dutch citizens are suing to stop the US from taking over their national ID system
Five Years Later: Lessons Learned From Colonial Pipeline Ransomware Attack
Fortinet flags surge in AI-driven cybercrime, 389% spike in ransomware victims
Fortinet reports 389% rise in ransomware victims
Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE
Google urges Android users to update their phones to combat phone takeover flaw
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
Hacker Exploits $1.4 Million Vulnerability in Ekubo Contract
Hackers abuse Google ads for GoDaddy ManageWP login phishing
Hackers compromise Daemon Tools in global supply-chain attack
Harvard, Oxford, and MIT named as hackers drop full Canvas breach victim list
Horizon Media Data Breach Exposes Social Security Numbers
IBM Italy Subsidiary 2026 Network Breach Reportedly Linked to Salt Typhoon
Investor Sues Coinbase to Return Frozen Assets Tied to 2024 Phishing Attack
Iran cybersnoops still LARPing as ransomware crooks in espionage ops
Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
Iranian APT caught hiding behind Chaos ransomware activity
Iranian cyber espionage disguised as a Chaos Ransomware attack
Iranian state-backed spies pose as ransomware slingers in false flag attacks
Is Nvidia GeForce Now hacked? Alleged data breach situation explained
LaBonne's Markets Data Breach: Social Security Numbers Exposed
Law Society demands compensation for legal aid firms facing cashflow pressures from Legal Aid Agency (LAA) cyber-attack disruption
LinkedIn job scams push most professionals to verify roles before applying
Man sentenced for role in global ransomware group, targeted areas of southwest Ohio
Massive “Low and Slow” DDoS Attack Hits Platform With 2.45 Billion Malicious Requests in 5 Hours
Member of Prolific Russian Ransomware Group Sentenced to 102 Months in Prison
Microsoft reports large-scale phishing campaign targeting organisations across sectors
Microsoft the main target of AI phishing attacks, report uncovers
Microsoft tops phishing brand rankings in first quarter
Microsoft Uncovers Cyber Attack Across 26 Countries as Phishing Increasingly Mimics Real Customer Journeys
Microsoft warns of large-scale phishing attack hitting 13,000 companies
Millions of students’ personal data stolen in major education breach
Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks
Mt. Spokane Pediatrics Data Breach Affects 29k: SSNs Exposed
MuddyWater hackers use Chaos ransomware as a decoy in attacks
MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack
Multi-Stage AiTM Attack Uses Code Of Conduct Phishing Emails
Nepal: Cyber Bureau warns ConnectIPS users against phishing links
New CISA initiative aims for critical infrastructure to operate offline during cyberattacks
New Cisco DoS flaw requires manual reboot to revive devices
New phishing trick exploits Apple notifications to bypass spam filters
North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
One in Eight UK Workers Has Sold Their Corporate Logins
Only 1 in 9 ransomware attacks are made public says research
Only 1 in 9 Ransomware Attacks Made Public as Data Exfiltration Hits 96%
Open Source is the Tip of the Iceberg: Why Proprietary Software, Hardware and Protocols Face Greater AI-Driven Security Risk
Over 35k users, 13k organisations hit in global phishing attack
Palo Alto Networks to Patch Exploited PAN-OS Zero-Day (CVE-2026-0300) Starting May 13th
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto PAN-OS Flaw Under Active Exploitation Enables Remote Code Execution
Palo Alto warns of critical software bug used in firewall attacks
PAN-OS Flaw CVE-2026-0300 Exposes Firewalls to Remote Code Execution
Phishing can masquerade as emergency alerts for disasters, researchers warn
Pro-Iran hacker group taunts US over bounty, urges focus on Epstein case
Ransomware and Data Extortion Groups Intensify Targeting of Aviation and Aerospace Sector
Ransomware attacks surge in auto industry, raising stakes for dealers
Ransomware Damage Surges 389% as AI Accelerates Cyber Threats
Ransomware Gang Member Linked to Russian Cybercrime Group Sentenced to Prison
Ransomware Gangs Escalate Attacks on Aviation and Aerospace Sector
Ransomware negotiator jailed for 8.5 years after exploiting stolen children’s health records and making millions
Ransomware-Wielding Attackers Target cPanel and WHM Software
Remus Malware Bypasses Browser Application-Bound Encryption Protections
Report Confirms Processor Overconfidence in Stopping a Cyber Attack
Romanian Man Extradited to US for Role in Hacking Scheme 17 Years Ago
Root-level RCE vulnerability in Palo Alto firewalls exploited (CVE-2026-0300)
Russian Hacker in the U.S. Charged with Damaging Critical Infrastructure in Several Countries, Including Latvia
Russian hacker pleads guilty to cyberattacks on US and Ukrainian energy infrastructure
RXNT Notifies Customers About Cybersecurity Incident and Data Breach
ShinyHunters’ Instructure Canvas LMS and Vimeo Breaches Impact Millions of Users
South Africa: FlySafair leaked people’s private information during R12 ticket birthday sale
Starr Insurance Discloses Ransomware Attack
Student, faculty data ransomed by hacker group in Canvas breach
Suspected ‘courier’ in €10 million LuxTrust phishing scam arrested in France
Switzerland: Increase in ransomware and "phishing" cyberattacks
Sysco food distributor allegedly hit in Qilin ransomware claim
Taiwan High Speed Rail Hit by Spoofing Attack That Stops Three Trains
The Vimeo data breach exposed personal information of 119,000 people
US Army contractor leaks military base photos, personnel information for over a year
Vimeo Data Breach Exposes 119,000 Users Unique Email Addresses
Vimeo Data Breach Exposes Email Addresses of 119,000 Users
When Ransomware Hits, Governors Are Calling the National Guard
Why "strong passwords" can't save you from AI
Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs
Zero-Auth Flaw Exposes Department of Defense (DoD) Contractor to Cross-Tenant Data Breach
5th May
15-year-old hacker arrested over massive French government data leak
35,000 Users Targeted in Phishing Campaign in Just Two Days
A critical bug in corporate file transfer software lets hackers bypass login entirely
AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk
Amazon Simple Email Service (SES) abused for sophisticated phishing attacks
Amazon Simple Email Service (SES) Turned Weapon: Sophisticated Phishing Attacks Surge Worldwide
Amazon Simple Email Service (SES) Phishing and BEC Attacks Leverage Leaked AWS IAM (Identity and Access Management) Keys
Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists
Ardmore police database hit by ransomware attack
Aroostook Mental Health Center reports data breach
Attackers Abuse Amazon Simple Email Service (SES) To Send Authenticated Phishing Emails
Attackers Abuse Amazon Simple Email Service (SES) to Send Authenticated Phishing Emails That Bypass Security
Attackers Exploit Amazon Simple Email Service (SES) to Send Authenticated Phishing Emails
Australia: New South Wales government downgrades impact of alleged Treasury data breach
Australia launches cyber review board modeled on version disbanded in US
Canvas maker Instructure reveals data breach - confirms user personal information leaked
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
Clipboard to Encryption: The Critical Role of ClickFix in Ransomware Campaigns
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
Code of Conduct Phishing Emails Target 35,000 Users in Multi-Stage AiTM Attack
Connecticut Judicial Branch warns of targeted phishing scams
Conti ransomware gang member sentenced to 102 months in prison
Conti, Akira ransomware affiliate given 8-year sentence
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Cyber attack hit UAE's Fujairah Port 'minutes before' Islamic Revolutionary Guard Corps (IRGC) missile strike
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Dubai Police-led global operation takes down sophisticated investment fraud ring
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks
Education Sector Under Attack From State Espionage, Spear-Phishing, and Supply Chain Attacks
Educational tech firm Instructure data breach may have impacted 9,000 schools
Europol built “shadow IT database” under terror pressure, then lost control
Experts warn Amazon's Simple Email Service is being abused to launch 'massive volume' of phishing attacks
Facebook Phishing Campaign Hijacks 30,000 Accounts Using Google AppSheet
Facebook Phishing Scam Devastates 30,000 Accounts Through Deceptive Blue Tick Verification Scheme
Fake SSA Emails Drive Venomous#Helper Phishing Campaign
Federal Trade Commission (FTC) bans data broker Kochava from selling sensitive location info
Federal Trade Commission (FTC) to ban data broker Kochava from selling Americans’ location data
FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware
Gateways Community Services Data Breach Exposes SSNs and More
German officials advance legislation that would expand law enforcement use of surveillance technology
German regulator sits on hands as facial recognition tool PimEyes amasses billions of faces
Goodwin University Data Breach Exposes Both PHI and PII
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Google Update: Android Flaw Could Put Billions of Devices at Risk
Hackers Mass-Exploit Critical cPanel Vulnerability May Impact 550,000+ Potentially Vulnerable Servers
Hackers steal students’ data during breach at education tech giant Instructure
Hackers Target Education Sector With Spear-Phishing Attacks
Healthcare Firm Suffers Major Data Breach - Personal, Medical and Health Records of 143,842 People at Risk
Helix Energy Solutions Data Breach Exposes PII: Thousands Affected
Instructure confirms breach; millions of Canvas users potentially impacted
Instructure Confirms Canvas Cybersecurity Incident, User Data Accessed
Instructure confirms cybersecurity incident
Instructure hacker claims data theft from 8,800 schools, universities
Instructure Inc. Data Breach: 3.65TB Data Stolen
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
Karakurt Ransomware Negotiator Sentenced to Prison
Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
Latvian Cybercriminal Jailed for Role in Multi-Million Dollar Ransomware Scheme
Latvian national sentenced for ransomware attacks run by former Conti leaders
Locked out at lunchtime: why ransomware is now a real risk for Scotland’s hospitality trade
Major cyber attack against San Diego Community College District
Major shift in Chinese cyber attack activity
Member Of Russian Ransomware Group Sentenced To Prison
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft Edge writes passwords to memory in cleartext: a gift for attackers
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
Microsoft reports 8.3 billion phishing threats as QR codes surge
Microsoft Reveals Phishing Attack Targeting 35,000 Users in 26 Countries
Microsoft warns of global campaign stealing auth tokens from 35K users
Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations
Most Financial Scams Don’t Hack Systems - They Hack People
Murata Electronics Data Breach: Social Security Numbers Exposed
Mythos AI hacking fears prompt UK health service crackdown on open-source code
National Cyber Security Centre (NCSC) Warns of an AI-Fuelled “Vulnerability Patch Wave”
New Infostealer Dubbed ‘Pheno’ Hijacks Windows’ Phone Link App to Steal MFA OTPs
New stealthy Quasar Linux malware targets software developers
New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch
North Korean APT Targets Yanbian Gamers via Trojanized Platform
North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China
One in four MCP servers opens AI agent security to code execution risk
Personal data of hundreds of Asian football players exposed online
Phishing Campaign Impersonating the U.S. Social Security Administration Targets 80+ Organizations
'Phishing campaigns continue to improve sophistication and refinement': Microsoft flags major 'sophisticated' phishing campaign targeting 35,000 users across 26 countries
Pro-Iran hacker group claims access to Fujairah Port classified data
Pro-Iran hacker group claims coordinated cyber, missile attack on Fujairah Port
Pro-Iran hacker group claims it has classified data on 400 US Navy marines
Ransomware negotiator sentenced for role in major cyber crime group
Real estate giant confirms vishing incident as ShinyHunters and Qilin both come knocking
Retail stakeholders 'underestimate cyber attack disruption'
Saiga phishing kit returns to bypass multifactor authentication
San Diego Community College District (SDCCD) struggles to recover from cyber attack
ScarCruft hackers push BirdCall Android malware via game platform
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
ShinyHunters claims Cushman & Wakefield breach, 500k Salesforce records at risk
ShinyHunters impersonator claims to have hacked Nvidia’s GeForce Now
Silver Fox expands Asia cyber campaign with new ABCDoor malware
Silver Fox Uses Fake Tax Notices to Deploy ValleyRAT and New ABCDoor Backdoor
Sophisticated “Microsoft Advertising” Phishing Campaign Targeting Microsoft Ad Users
Southcoast Health Data Breach Exposes Social Security Numbers
Student hacked Taiwan high-speed rail to trigger emergency brakes
Teen hacker arrested over French government data leak
The Art of Security: It Is Time to Rethink the CISO’s Role
Transport businesses underestimate impact of disruption from a cyber attack
Trellix confirms data breach after hack of 'a portion' of its source code
Trellix investigates data breach after unauthorized access to source code repository
Trellix reports data breach following unauthorized access to source code repository
Trellix Reveals Unauthorized Access to Source Code
Triad Radiology Associates reports employee email data breach
Trojan abuses Microsoft Phone Link app to steal your passwords
U.S. court sentences Karakurt ransomware negotiator to 8.5 years
Uganda: Mobile money agents sentenced over client personal data breach
Unpatched flaws turn Ollama’s auto-updater into a persistent RCE vector, researchers say
Vimeo confirms breach via third-party vendor impacts 119K users
Vimeo data breach exposes personal information of 119,000 people
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
Western Orthopaedics Data Breach Exposes Patients' Personal and Health Information
What the Celebrity Stalkerware Breach Means for Executive Protection
Your Employees Know What Phishing Looks Like. They’re Still Getting Fooled. Here’s Why
Your job search is getting riskier, says LinkedIn - 9 ways to tell real listings from scams
4th May
7 Ways to Modernize Employee Phishing Training for AI-Driven Threats
15-year-old detained over massive data breach at French government agency
2026: The Year of AI-Assisted Attacks
AI Accelerated Cyber-Attacks Aren’t New, But They Are Faster
Amazon Simple Email Service (SES) increasingly abused in phishing to evade detection
Attempted cyber attack affects San Diego Community College systems
Backdoored PyTorch Lightning package drops credential stealer
Bluekit Phishing Kit Automates Domain Setup and Session Hijacking
Bluekit Phishing Kit Automates Domains, 2FA Lures, and Session Hijacking in One Panel
Bluekit phishing kit enables automated phishing with 40+ templates and AI tools
Boutique phishing kit Saiga 2FA reappears with new campaigns and ‘lorem ipsum’ metadata
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Canvas Breach May Put 275 Million Users, 9,000 Schools at Risk
Canvas Confirms Data Breach Following ShinyHunters Claim
Canvas Parent Instructure Confirms Data Breach After ShinyHunters Claims Attack
CISA Alerts on cPanel & WHM Flaw Actively Exploited in Attacks
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
CISA Warns of Linux Kernel Zero-Day Vulnerability Exploited in Active Attacks
Critical Apache MINA Flaws Enable Remote Code Execution Attacks
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
Cybercriminals Abuse Tanstack Package To Target Developer Environments
Cybersecurity professionals jailed for ransom attacks
Cybersecurity Professionals Sentenced to Prison for Ransomware Attacks
Data breach hits Canvas learning platform serving millions
Department of Justice (DOJ) Sentences Two Americans for ALPHV BlackCat Ransomware Attacks
DigiCert breached via malicious screensaver file
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Educational company Infrastructure reports cyber incident
Email Bombing and Fake IT Support Calls Fuel New Microsoft Teams Phishing Attacks
Email Bombing, Fake IT Support Calls Drive Microsoft Teams Phishing Surge
FBI Warns of Surge in Cyber-Enabled Cargo Theft Targeting Logistics Firms
Four Years in Prison for Cybersecurity Pros Turned Ransomware Attackers
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701 Million
Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites
Hackers breach Canvas learning platform serving millions, steal student data
Hackers replace top Google result for Homebrew with sponsored MacOS malware
Hackers threaten to leak Canvas messages and emails: 275 Million students at risk
If You See This X Message - A Hacker Is Attacking Your Account
Indirect Prompt Injection Is Now a Real-World AI Security Threat
Instructure confirms data breach, ShinyHunters claims responsibility
Instructure data breach: ShinyHunters says it stole data and private messages from 275 million teachers and students
Instructure Data Breach by ShinyHunters puts Students and Teachers to Cyber Risks
Instructure Faces Cyberattack Resulting in Data Breach Affecting Millions in Education Sector
Instructure Investigating Cyber Attack, Exposure of User Data
Instructure Restores Services Following Major Edtech Data Breach
Instructure, Parent of Canvas, Confirms Data Breach
Kaspersky Reveals SilverFox Cyber Attack Disguised as Tax Audit in Indonesia
KnowBe4 finds 86% of phishing attacks now AI-driven
“Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security
Liberty Mutual listed on ransomware leak site as Everest group claims 108 GB data theft
Major car brands face 'unavoidable trade-off' as hackers target millions of vehicles, ex-FBI cyber chief warns
Man from Russian group sentenced in $56 million ransomware scheme
Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940)
National Cyber Security Centre (NCSC) Warns Organisations to Act Fast as Hidden Software Flaws Surface
New ‘Bluekit’ Phishing Kit Uses AI Assistant to Simplify and Scale Cyber Attacks
New Phishing Scam Uses Fake Party Invites To Steal Passwords And Personal Data
New Zealand electrical contractor confirms cyber attack
Over 40% of UK Firms Hit by Cyber Attacks Last Year, Government Survey Finds
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
Phishing Emails Now Look Legitimate, One Wrong Click Can Expose OTP And Bank Accounts
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Progress warns of critical MOVEit Automation auth bypass flaw
Ransomware accounts for 90% of cyber losses in manufacturing, claims data shows
Ransomware group claims breach of pro-Orbán Hungarian media firm
Ransomware In 2026: Newer Groups, Severe Impact
Ransomware Victims Jump To 7,831 As AI Crime Tools Scale Global Attacks
Rhode Island Settles With Deloitte for $12 Million Over 2024 Ransomware Attack on Benefits System
RMM Tools Fuel Stealthy Phishing Campaign
Sandhills Medical Foundation Notified Individuals of a May 2025 Data Breach
Sandhills Medical Foundation Ransomware Breach Draws Class Action Investigation Nearly a Year Later
ShinyHunters Claims Responsibility for Breach of EdTech Company Instructure
ShinyHunters Claims Responsibility for Instructure Data Breach
ShinyHunters impersonator claims to have hacked Nvidia’s GeForce Now
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
Small Defense Firms Lack Network Data to Stop Nation-State Hackers
South Korea: Phishing Sites Disguised as KakaoTalk, Claude Downloads Steal User Data
Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
'The inbox is no longer the only front line': Report claims vast majority of phishing attacks are now generated by AI - here's how to stay safe
‘The inbox is no longer the only frontline’: Phishing attacks are evolving as cyber criminals ramp up ‘multi-channel’ campaigns over email and Microsoft Teams
Thousands of Facebook accounts stolen by phishing emails sent through Google
Trellix Confirms Source Code Repository Breach
Trellix discloses data breach after source code repository hack
Two cybersecurity pros get prison time for helping ransomware gang
US government warns of severe CopyFail bug affecting major versions of Linux
US healthcare marketplaces shared citizenship and race data with ad tech giants
Weaver E-cology critical bug exploited in attacks since March
Who owns the decision to pay ransomware attackers?
Your work apps are quietly handing 19 data points to someone
Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st April and 30th April 2026.
Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 20th April and 26th April 2026, kindly assisted by our partners.