Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Tuesday, 23 June 2026

Ransomware Operator Claims - Week 25 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 15th June and 21st June 2026, kindly assisted by our partners.

DBD discovered and researched 188 Ransomware Victims over 47 Countries and Islands claimed by 34 Data-Leaking Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels: ,

Monday, 22 June 2026

Data Breaches Digest - Week 26 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 22nd June and 28th June 2026.


26th June

Adblock for YouTube Chrome Extension Hides Dormant JavaScript Injection

American Tower Data Breach: 215,000+ Accounts Exposed in ShinyHunters Attack

Anthropic accuses Alibaba of stealing Claude AI model using 25,000 fake accounts in massive cyber attack

Apple supplier Tata tightens internal controls after data breach, sources say

Australian journalists, human rights organisations coming under increasing cyber attack

Bajaj Auto confirms normal operations after ransomware attack

Bajaj Auto Says Operations Normal After Ransomware Attack

Belgium: Police in East Flanders break up international phishing ring

Bluekit Phishing Kit Gets Deadlier With Browser-in-the-Middle Upgrade

Cambridge University Hospitals Probes Mass Data Breach Involving Crocodile Attack Victim's Records

Cambridgeshire Police Investigate Crocodile Pit Attack and Hospital Data Breach

Canada’s TD Bank Deploys WorkiQ Surveillance Software Amid Privacy Gaps

Cyber Monitoring Centre (CMC) Releases Analysis and Guidance for Education Sector After Canvas Data Breach

Cyberattack Exposes Data Breach at France's Insee

Fake Amazon Web Services (AWS) pages bypass MFA and put cloud credentials in cybercriminals’ hands

France statistics agency Insee confirms cyberattack on staff data

France's statistics department reports cyberattack on staff data

Gamaredon 2025: New Tools, Turla Alliance, Cloud Exfiltration

Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks

Healthcare leaders see a fatal cyber incident as inevitable

Hong Kong: 15 arrested in HK$16.8 million Water Supplies Department phishing scam

Hong Kong, mainland police smash HK$16.8 million cross-border phishing syndicate

How the Latest Ransomware Attacks Are Disrupting Global Financial Systems

Iranian Hacker Who Caused $3.4 Billion Damage to US Arrested

Iranian Hacker Wanted by US Arrested in Montenegro Over $3.4 Billion Cyberattack Case

Italy: Trenitalia hacker attack on some customer data

Massive Data Breach at Tata Electronics Reveals Apple Confidential Files

Massive Hack: Iranian National Arrested for $3.4 Billion Cyber Attack

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Microsoft gives Windows 10 users an unexpected extra year of free security updates

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant

Mirage2FA phishing kit uses HTML smuggling to steal Microsoft 365 credentials

Montenegro arrests Iran-linked hacker wanted by US

Montenegro Arrests Iranian Hacker Tied to Massive Cyber Heist

Montenegro Police arrests Iran-linked hacker wanted in US

Montenegro police, FBI arrest Iran-linked hacker wanted by US

Montenegro police, FBI arrest US-wanted Iranian hacker

Myanmar AYA Bank Acknowledges Customer Data Breach Amid Conflicting Claims Over Scope of Leak

Myanmar’s AYA Bank acknowledges cyberattack after hacking group claims data breach

Mystery hackers use novel SharkLoader dropper against governments, software developers

National Association of Insurance Commissioners (NAIC) confirms breach as ShinyHunters dumps 3.1TB tied to national insurance systems

Okanogan Behavioral Healthcare Settles Class Action Data Breach Lawsuit

Polymarket Confirms Crypto Hack, Refunds User Stolen Funds After Third-Party Vendor Breach

Polymarket Covers $3 Million in Losses After Phishing Attack Hits 4,500 Users

Polymarket hit by $3 Million cyberattack via third-party dependency, promises full refunds

Polymarket Phishing Attack Drains Nearly $3 Million From User Wallets

Polymarket to refund users after $2.94 Million frontend phishing attack

Ransomware gangs find Europe’s weakest link in third-party suppliers

Ransomware victims spot attacks only after data theft

Resecurity Warns Maritime Sector Faces Rising Cyber Threats

Russia Used Cellebrite on Jailed Activist's iPhone Months After Sales Cutoff

Russian hacker has bad news for South Africans who stay at hotels

SIM-swapping gang busted in international police operation

Someone hacked Johnson & Johnson's internal systems to teach it a lesson

Tata Electronics tightens security after Apple, Tesla data breach

Tata Electronics Tightens Systems After Major Data Breach

TD Bank begins monitoring staff activity as experts warn Canada lacks workplace surveillance safeguards

Teens behind Transport for London (TfL) cyber-attack were known to police years before the breach

Teens who hacked Transport for London (TfL) were known to police years before cyber-attack

The Security Coverage Gap is a Maths Problem

25th June

26K+ people impacted by data breach at Alamo Heights ISD, Texas attorney general says

27 million passwords seized as Microsoft and EU authorities knock down malware infrastructure

61% of Healthcare Organizations Predict a 'Fatal' Cyberattack Within 5 Years

Adversary-in-the-Middle (AiTM) Phishing Kit Steals Console Credentials and MFA Codes from Amazon Web Services (AWS) Environments

AgelessRx Data Breach Exposes Patient Health Information

Agentic Red-Team Tools Expose API Keys, Sandbox Escape, and Host Compromise Risks

Almost half of ransomware victims have data stolen before they can even detect an intrusion

Amazon Web Services (AWS) Adversary-in-the-Middle (AiTM) Phishing Kit Steals Console Credentials and MFA Codes in Real Time

Anatomic and Clinical Laboratory Associates (ACLA) Data Breach Exposes Social Security Numbers & Medical Information

Another Russian dairy company reportedly disrupted by cyberattack

Anthropic Accuses Alibaba of Largest Claude AI Distillation Attack

Anthropic AI restrictions spark lawsuit against Trump administration

Australian Security Intelligence Organisation (ASIO) Reveals Nation-State Hack of Australian Critical Infrastructure

Bajaj Auto Confirms Systems Affected by Ransomware Attack

Banking trojans are still with us, and they’re more dangerous

Bluekit phishing kit adopts browser-in-the-middle for login theft

Bradford Health Services; Bradford Health Partners Settle Data Breach Lawsuit

Cal Water Confirms User Credentials Exploited in Hacking

Cellebrite UFED Used by Russia Against Activist Andrey Pivovarov Despite 2021 Cutoff

Chrome Ad Blocker with 10 Million+ Installs Found with Dormant Script Injection Capability

Cisco Catalyst SD-WAN Manager Zero-Day Exploited to Gain Root Access

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access

Cisco Vulnerability Exploited Months Before Disclosure, Google Warns

ClawHub Malicious Skills Deliver macOS Infostealers Through Base64 curl-pipe-bash Droppers

Columbia Pacific Advisors Data Breach Exposes Personal, Health and System Access Information

Corporate cybercrime: Why businesses are becoming prime targets of hackers

Croatia: Plitvice Lakes System Falls Victim to Cyber Attack

curl Patches 18 Vulnerabilities Including Password Leak and WebSocket Memory Bugs

Cyber Attack on Alamo Heights ISD Exposes Personal Data

Cyber attacks enter AI automation era as subscription crime platforms spread

Cyprus: Police warn public over phishing emails impersonating tax department

Data breach may affect former Mayo Clinic patients, says Xsolis

Data breach on healthcare AI vendor exposes records from 1.4 Million patients

Dean Cosmetic Dentistry Center Data Breach: Sensitive Files Compromised

Edge users beware - this malicious extension can break out of the sandbox and install ransomware

Eisen Data Breach Exposes Sensitive Personal Info Including Social Security Numbers

Elite network says it was hacked after members’ personal data was left exposed

ESET research investigates Gentlemen ransomware gang and its defence-evasion tools

Europe Becomes a Growing Ransomware Hotspot as Attacks Surge

Europe Evolves Into Ransomware's Favorite Region

Europol Disrupts Cybercrime-as-a-Service Networks Used for Ransomware and Financial Fraud

Europol Disrupts SocGholish, Amadey, and StealC Malware Networks in Global Cyber Strike

Europol, Microsoft Hit Malware Network Behind 27 Million Stolen Logins, 140,000 Infected Computers

Ex-Huntress analyst claims company insider fed info to a ransomware criminal. Social media drama ensues

Fake Grand Theft Auto 6 (GTA 6) Early Access Websites Target Gamers with Malware and Crypto Scams

Fileless Ransomware Backdoor Mistic Erases Itself: Symantec Warns File Scans Will Miss It

From Bajaj to Tata: Ransomware Exploits India’s Industrial Supply Chain

Hacked Klue says criminals are deleting stolen customer data, but now other hackers are making threats

Hacker gets 18 months for attack that compromised 60,000 betting accounts

Hackers Abuse Chrome Policy Keys to Force-Install Malicious Browser Extension

Hackers Abuse Cloudflare-Hosted Amazon Web Services (AWS) Phishing Domains to Steal Console Logins

Hackers behind cyber attack on Transport for London plead guilty ahead of trial

Hackers Exposed Knicks, Madison Square Garden Data

Hackers Use Cloned AWS Console Login Pages to Capture MFA Codes and Replay Credentials

How Universities Can Manage Vendor Risk After the Canvas Breach

India: Cyber Crime Cracks APK Fraud; Mastermind Arrested: Hails From Phishing Capital Jamtara

Inside Mistic, the New Stealth Backdoor in Ransomware Intrusions

Inside the 2026 SMB threat landscape: From phishing and scams to fake AI tools

Interpol: Cybercrime Hits 30% of Recorded Crime in Surveyed APAC Countries

Kaspersky 2026 SMB Threat Report: Fake AI Tools Used in 33,000+ Attacks

Klue Hit by Double Extortion as Second Hacker Group Emerges

Langflow AI Pipeline RCE Exploited Within 20 Hours to Steal Keys and Credentials

Lapsus$ claims cyber attack on Virta Health, nearly 15,000 affected

LastPass hit with another data breach

LLM security advice looks solid until you check the hard cases

LokiBot Infostealer Uses Obfuscated JScript and PowerShell Loader in Recent Campaign

macOS Flaw Lets Standard Users Disable Endpoint Detection and Response (EDR) and Mobile Device Management (MDM)

macOS.Gaslight Rust Backdoor Uses Prompt Injection to Mislead AI Malware Analysts

Major Increase in Ransomware Attacks Targeting Europe, Warns New Report

ManageEngine AD360 Flaw Lets Unauthenticated Attackers Take Over User Accounts

Microsoft: 2 ransomware groups hit SharePoint in parallel attacks

Millions of Texans may be affected by this state agency’s data breach

Milton says city data stayed secure after suspected ransomware attack in 2025

Most teams will ship AI-written infrastructure code with little review

National Association of Insurance Commissioners (NAIC) confirms June data breach

New ‘Blacksite’ phishing kit bundles Adversary-in-the-Middle (AiTM) with scanner evasion

New CISA Guide Helps Agencies Adopt Secure Access Service Edge (SASE) For Zero Trust

New 'Edgecution' malware silently hijacks Microsoft Edge to deploy ransomware

New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

New macOS malware embeds fake errors to confuse AI analysis tools

New Mistic Backdoor Linked to KongTuke in ClickFix and ModeloRAT Campaigns

New SharkLoader Malware Targets Diplomatic and Government Entities Across Multiple Countries

Nigeria: Independent National Electoral Commission (INEC) suspends electoral officer over voter data breach

Operation Endgame Disrupts SocGholish, Amadey, and StealC Malware, Recovers 27 Million Stolen Login Credentials

Optimum First Mortgage Data Breach: 9.3TB Compromised

Order-tracking app Shop abused to push callback phishing attacks

Poland busts SIM-swapping gang tied to millions in crypto theft

Prince George County, Virginia, Discloses Recent Cyber Attack

Researchers hijack 26,000 AI agents using fake skill marketed on Instagram

Rokarolla Android Banking Trojan Turns Smartphones Into Weapons Against Users

Russia used Cellebrite phone-hacking tool to crack down on dissident after firm cut off country

Scattered Spider teens plead guilty to Transport for London cyberattack

Self-destructing Mistic backdoor linked to access broker selling corporate footholds to ransomware gangs

Shai-Hulud Campaign Abuses node-gyp Rebuild to Execute Credential-Stealing npm Payloads

South Korean Regulator Fines Bithumb for Data Breach

State-Backed Cyber Actors Increasingly Hiding Behind Ransomware Operations

Stealthy new backdoor surfaces in attacks on multiple sectors

Stryker Cyberattack Lawsuit Faces Challenge as Company Seeks Dismissal

Suspected Cyberattack Sends Fake Emergency Alert to Phones Across Brazil

Tata Electronics Confirms Data Breach After 630GB Leak Claim Targets Apple and Tesla

Texas data breach hits 3 Million license customers

Texas Parks Data Breach Exposes Information of 3 Million+ Customers

Third-Party Data Breach May Affect Some Former Mayo Clinic Patients

Top medical aid in South Africa with 200,000 clients hit by data breach

Trust in Automated AI Vulnerability Scanning Collapses to 9%, New Study Finds

Twenty Million US IP Connections Used by Proxy Services

Two Indian Manufacturers Hit in Ransomware Attack Cluster This Week

Ubiquiti UniFi OS devices targeted: CISA orders the patching of critical bugs

UK Museums left vulnerable to cyber-attack as government overly reactive in face of threats

Ukraine's state postal operator reports app disruption after cyberattack

What happens when hackers steal AI? US lawmakers push new reporting rules

WhatsApp will warn users before they message a potential scammer

Why patch directives only go so far

24th June

AI in Cybersecurity Has a Value Problem, Not a Technology Problem

AI Is Making Attacks Cheaper, Faster and More Covert

AI-Powered Phishing Attacks Surge 1,380% as Criminal Platforms Render MFA Obsolete

Airbnb scams surge 30x as criminals hijack legitimate host accounts

Algerian national accused of running cybercrime marketplaces extradited to US

Amadey and StealC Malware Network Disrupted, 27 Million Stolen Credentials Recovered

Amadey, StealC malware operations disrupted in Operation Endgame action

Anthropic's Mythos model found flaws in classified US systems within hours

Apple and Tesla Supplier Tata Electronics Confirms 630 GB Data Theft: iPhone Specs on Dark Web

Asia-Pacific cyber threat environment intensifies as INTERPOL records surge in ransomware, phishing, DDoS attacks

Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker

Bajaj Auto Confirms Ransomware Attack on Key Systems

Bajaj Auto Confirms Ransomware Incident on Internal Systems and BATL Unit

Bajaj Auto Hit by Ransomware Attack

Bajaj Auto hit by ransomware attack after Tata Electronics breach, putting focus on manufacturing cyber resilience

Bajaj Auto hit by ransomware attack, operations unaffected

Bajaj Auto reports ransomware attack on systems, says impact contained

Bajaj Auto says ransomware attack affected its systems and tech subsidiary

Bajaj Auto shares fall over 2% after disclosing ransomware attack on company, subsidiary systems

Bally's Interactive Data Breach Exposes Social Security Numbers

Be on the lookout for Mistic, a new backdoor used by ransomware broker

British Scattered Spider Hacker Pleads Guilty to Cyberattacks on Transport for London (TfL); SSM Health Care; Sutter Health

CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited

CISA warns of max severity Ubiquiti flaws exploited in attacks

Cisco Unified CM flaw actively exploited to drop webshells (CVE-2026-20230)

Cisco Unified CM Flaw Exploited After Proof-of-Concept (PoC) Reveals File-Write Path to Root

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Credentials Lost the Top Spot. They Didn’t Lose Their Teeth

Data breach affects Texas fishing and hunting license holders

Data Breach Impacts Madison Square Garden Sports and the New York Knicks

Data Breach Response Plan for MSPs: A Complete Guide for 2026

Department of Justice (DoJ) Seizes Huione Cloud Account Tied to Cyber Scam Money Laundering

DraftKings hacker 'Snoopy' sentenced to 18 months in prison

Europol Disrupts StealC and Amadey Malware Infrastructure in Operation Endgame

Europol-Led Operation Endgame Takes Down StealC and Amadey Infostealers

Equinix Inc. Data Breach Exposes Personal and Health Information

EvilTokens Hides Its Attack Flow in the Browser, Exposing Static Analysis Gaps

EvilTokens phishing service scales attacks 1,380% with AI integration

Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords

Fantasy Sports and Betting Website Hacker Sentenced for Credential Stuffing Attack Compromising 60,000 Accounts

German businesses face growing Bankruptcy risks from Ransomware Attacks

Google releases new privacy controls for activity history, personalization

Hacker behind Reynella East College hack dumps hundreds of gigabytes of alleged teacher and student data on darkweb

Hackers Exploit Unpatched SharePoint Servers to Deploy Ransomware and Custom Backdoors

Healthcare AI Platform Xsolis Confirms Data Breach Affecting 1.4 Million People

Healthcare AI platform Xsolis suffers data breach impacting 1.4 Million individuals

Healthcare Vendor Xsolis Reports Breach Affecting 1.4 Million People

How 100 Romanian hospitals switched to pen and paper after a devastating ransomware cyber-attack

Humana, Mayo Clinic vendor breach exposes records of 1.4 Million patients

Hillcrest Convalescent Center Settles Class Action Data Breach Litigation

Income Tax Department Phishing Campaign Uses Malicious Tax_Assessment.img to Drop Malware

Indian auto giant Bajaj Auto hit by ransomware incident

Iranian banks targeted in cyber attacks amid peace talks

Iranian-linked hacker group did not breach California water systems, investigation finds

Japan: Information for 14 million email accounts possibly leaked in cyberattack on KDDI

KDDI Breach Affects Six Japanese ISPs, Exposes 14.2 Million Email Credentials

KDDI Data Breach Exposes 14.2 Million Managed Email Credentials

KDDI Data Breach May Have Exposed Up to 14.22 Million Email Accounts

Kenya records over 3 billion cyber-attack attempts in three months

Klue hack leads to customer data breach

KongTuke team uses new Mistic backdoor

LastPass confirms 2026 customer data breach: Klue hack exposed Salesforce data

LastPass confirms data breach after hacker compromises supply chain - here's what we know

LastPass Confirms Vendor Breach Exposed Customer Contact, Support Data

LastPass customer data exposed through Klue supply chain attack

LastPass customer info leaked again after third-party data breach

LastPass data breach confirmed: Everything we know so far

LastPass discloses data breach via Klue integration with Salesforce environment

LastPass hit by new data breach - 4 steps you should take now

LastPass suffers another data breach, but this time your password vault is safe

LastPass Suffers Fresh Data Breach via Third-Party Supplier

Law enforcement hits StealC and Amadey malware networks

macOS Backdoor Uses Prompt Injection to Evade AI Triage

Madison Square Garden Hack Exposes 26 Million Visitor Records

Major Global Cyber Operation Disrupts SocGholish, Amadey, And StealC Malware Networks

Malicious Edge extension abuses Native Messaging as bridge to malware

Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access

Microsoft DART Uncovers Multiple Attackers Operating Inside Same Compromised Network

Microsoft Teams Phishing Lures Push Victims Toward Remote Access Tool Installation

ModeloRAT and Mistic Backdoor Activity Linked to Ransomware Initial Access Broker

Multiple Vulnerabilities in QNAP NAS Devices Resolved Through Security Updates

Nearly Half of Ransomware Victims Suffer Data Theft Before Detection

New GhostShell Hacking Group Targets Ukraine’s Drone Defense Sector

New ‘Mistic’ RAT Opens Door to Several Ransomware Families

Nintendo of America's employee data stolen by Shadowbyt3$ extortion group

Operation Endgame Disrupts StealC, Amadey and SocGholish Malware Networks

Phishing attack on healthcare firm Xsolis impacts 1.4 million people

Phishing Reconnaissance: How Attackers Identify and Target Vulnerable Domains

Ransomware attacks grew in 2025 as traditional data breaches fell

Ransomware's New Maths: Inside the £1.9 Billion Season That Redefined Critical-Infrastructure Risk

Ransomware’s next move: Why disabling security tools changes the rules of cyber defence

Researchers Trick AI Browsers Into Leaking Credentials

Security testing was built for a slower world

Sensitive data of over 40,000 people impacted in Blue Fish Pediatrics cyber attack

SMEs must constantly revisit cyber security measures

Stealthy Mistic backdoor linked to ransomware access broker KongTuke

Suspected Cyberattack Triggers False Emergency Alerts Across Brazil

Tata Breach Leaks Apple and Tesla Trade Secrets

Tata Confirms Apple, Tesla Data Breach Claim

The Massive Madison Square Garden Hack Exposed Celebrities and Customers - and Started With 1 Old-School Trick

The Personal Information of 800,000 Texas Residents Is Hacked In A Carnival Cruiseline Data Breach

Third DraftKings Hacker Sentenced to 18 Months in Prison

Thousands in Brazil received a fake ‘ALIEN ATTACK’ emergency alert at 1:30 a.m. Hacker group later claims responsibility for the hack

Three ‘cybercrime as a service’ operations undercut by Microsoft, law enforcement

"To see a play, you must now pay with your privacy”: backlash over facial recognition expansion in London’s West End

Transport for London (TfL) Hackers Plead Guilty After Breach Exposed Customer Data and Cost £29 Million

UK: Museums left vulnerable to cyber-attack as government overly reactive in face of threats

UK Museums Face Cybersecurity Risks, MPs Warn

UK’s museums and galleries left vulnerable to cyber-attack and theft, MPs warn

What Bajaj Auto ransomware attack says about cyber security risks for Indian automakers

With jobs on the line, CEOs now demand cyber attack recovery in hours, not days or weeks

You Won't Spot These World Cup Scams the Way You Used To

23rd June

2 Scattered Spider-Linked Hackers Plead Guilty Over £39 Million Transport for London (TfL) Cyberattack

4 ways to protect the company against vishing attacks

29-Year-Old Squidbleed Flaw Discovered With Help From Claude Mythos Preview

After Files Surface On Dark Web, Tata Electronics Confirms Data Breach

Algerian man extradited from Spain, charged with running cybercrime operation

Amazon One Medical Seniors discloses health data breach

An Income Tax Assessment Notice Phishing Campaign Delivering Malware

Apple and Tesla trade secrets exposed as Tata hit by data breach

Apple investigating cyber incident at Tata Electronics after ransomware group’s leak claims

Apple, Tesla trade secrets allegedly exposed in Tata Electronics hack

April 2026 Healthcare Data Breach Report

Auburn, New York, Warns of Phishing Scam Impersonating Government

Bajaj Auto hit by ransomware attack

Bajaj Auto reports ransomware attack on systems, says impact contained

Belgian State Security hit by data breach, employee data potentially exposed

Canadian Electricity Provider London Hydro Discloses Data Breach

Cherry Health Data Breach Compromises Health Records

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks

CodeStorm Phishing Kit Uses Tenant-Aware M365 Replay to Hijack Microsoft 365 Accounts

CodeStorm Phishing Campaign Targets Microsoft 365 (M365) Tenants With Token Reuse and Replay Attacks

‘Cordyceps’ CI/CD Flaw Exposes Microsoft, Google, Apache Repos to Pipeline Hijacking

Coupang’s $409 Million Fine Shows the Real Cost of Weak AI Governance

Critical FFmpeg flaw discovered: just watching a video can fully compromise your system

Cruise Line Data Breach Could Effect 800,000 Texans

Cyber Risk Assumptions Are Becoming Obsolete Due to AI

Cybercriminals Abuse Traffic Distribution System (TDS) Infrastructure to Bypass Firewalls and Hide Malicious Destinations

Data Breach at Tata Electronics Tied to Apple and Tesla

Duo accused of role in Transport for London (TfL) cyber attack plead guilty after ‘lengthy, highly complex, and painstaking investigation’

ESET Research investigates Gentlemen ransomware gang and its defense-evasion tools

Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents

Feds seize alleged cyber-scam infrastructure connected to Southeast Asian company

Finch CPA Firm Data Breach Exposes Sensitive Personal and Financial Data

Five Eyes agencies sound alarm about AI’s threat to cybersecurity

Five Eyes Alliance: Threats from Frontier AI Models Only Months Away

Five Eyes Group Issues Urgent Call to Tackle Frontier AI Threats

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation

Free, no-signup World Cup streams serve scams instead of football

Gentlemen ransomware gang supplies EDR killers to affiliates

GitHub Updates actions/checkout to Block Common Pwn Request Attack Patterns

Google sues Chinese phishing network over fake texts

Grand Theft Auto VI (GTA 6) early access offers are taking gamers’ crypto

Grand Theft Auto VI (GTA 6) Scams Emerge as Pre-Orders Open

Hacker employs Claude to breach booking firms, leaves millions of records publicly accessible

Hacker hijacks Brazil's national alert system, sending "misanthropy" to millions of phones

Hackers Abuse Compromised Microsoft 365 Accounts to Scale CodeStorm Phishing Operations

Hackers Abuse Outlook Groups and Microsoft 365 Collaboration Features for Phishing Attacks

Hackers Deploy FortigateSniffer Tool to Harvest Credentials From Compromised Firewalls

Hackers Obtain The Personal Data of Texas Hunting and Fishing License Holders

Healthtech firm Xsolis suffers data breach impacting 1.4 million people

How 100 hospitals switched to pen and paper to defeat a national cyber-attack

Hundreds of Belgian organisations hit by cyber attack

Hunter Associates Data Breach Exposes Social Security Numbers and Financial Information

India's Bajaj Auto says ransomware attack hits systems

Inside ‘GentleKiller’: How The Gentlemen Ransomware Disables Enterprise EDR

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

Iranian Hacker Groups Using AI to Target Space Infrastructure

KH Credit Union Data Breach Exposes Social Security Numbers

Klue investigating supply chain attack that targeted Salesforce integrations

Klue says hackers stole credential from 2022 that led to customer data breaches

Land Transport Authority impersonation phishing scams on the rise again in Singapore

LastPass Confirms Customer Data Breach After Klue OAuth Token Theft

LastPass confirms data breach in Klue supply chain attack

LastPass notifies users of yet another data breach

Lookalike npm Package Hides a Multi-Stage Windows RAT

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

Mayo Clinic Confirms Data Breach Involving Third-Party Vendor X-Solis

Men admit £39m cyber attack on Transport for London

Meta employee surveillance controversy sparks Data Breach concerns

Meta hits pause on tracking employees’ keystrokes after internal leak

Meta is pausing its employee keystroke-tracking program after sensitive data was exposed internally

Meta pauses employee monitoring program after data protections fail

Meta Pauses Model Capability Initiative (MCI) Over Data Security Concerns

Meta Puts Employee Input Tracking Programme On Indefinite Hold After Sensitive Data Breach

Microsoft 365’s Most Trusted Features Are Being Weaponized Against Corporate Users

More Than 3 Million Texas Hunting, Fishing License Holders Impacted by Data Breach

Mount Royal University (MRU) still resolving impacts of cyber attack, but some problems eased

National Portrait Gallery of Australia investigating data breach claims

New CryptoBandits Malware Uses USB Drives and Tor to Steal Crypto

New Go ransomware Prinz Eugen hits newest files first

New macOS ClickFix attack silently mounts DMGs to push infostealer

New Phishing Attack Abuses Outlook and Microsoft 365 Groups Features to Attack Users

New WhatsApp phishing campaign allows for remote access from a single business document

North Korean hackers infiltrated software used to build AI apps, Microsoft says

Only 7% of companies are ready for the AI agents they deployed

Password manager maker LastPass says hackers stole customer support case data during Klue breach

Payouts King Ransomware Initial Access Broker Deploys New Edgecution Malware

Phishing hides in routine Microsoft 365 workflows

Ransomware Attack Targets Bajaj Auto Systems; National Cyber Agency Informed

Ransomware bans won’t stop ransomware. Resilience might

Ransomware losses hit $5.3 million as insurance payouts fall short

Residential proxy SDKs are hiding in LG and Samsung smart TV apps

Scammers Ripped Off Consumers for $16 Billion Last Year, Mostly Running Imposter Schemes

Scattered Spider Hackers Plead Guilty to £39 Million Cyber-Attack on Transport for London

Scattered Spider members plead guilty to 2024 Transport for London (TfL) cyber attack

Scattered Spider members plead guilty to hacking Transport for London

Scattered Spider Teens Convicted of Transport for London (TfL) Cyber-Attack

South Korea: Police Launch Probe Into 'Startup for All' Data Breach

South Korea: Police Probe 'Startup for All' Data Breach

South Korea is investigating a data breach affecting participants in a government program and has launched a broad cybersecurity investigation

Tata Electronics admits data breach after 630GB of files posted on hacker forum

Tata Electronics confirm data breach, with hackers claiming 200,000 Apple, Tesla files stolen

Tata Electronics confirms cyberattack as hackers leak data

Tata Electronics confirms cyberattack after alleged Apple, Tesla documents appear online

Tata Electronics Confirms Data Breach Affecting Apple, Tesla Supplier

Tata Electronics confirms data breach after sensitive files appear online

Tata Electronics confirms data breach involving sensitive files

Tata Electronics confirms data breach, Apple and Tesla-linked files emerge online

Tata Electronics Confirms Ransomware Attack as Leaked Data Purportedly Links to Apple, Tesla

Tata Electronics Data Breach Exposes Confidential Apple and Tesla Documents

Tata Electronics data leaked on dark web:Hackers stole Apple & Tesla's secret designs

Tata Electronics faces cybersecurity breach; says no impact on business

Tata Electronics hack claims to leak Apple, Tesla data

Tata Electronics hit by data breach, Apple and Tesla files found in leak: Here is what happened

Tata Electronics Hit by Data Breach; Apple, Tesla Files Allegedly Exposed

Tata Electronics hit by ransomware attack claiming to expose Apple, Tesla trade secrets

Tata Electronics Leak Exposes 200,000 Files, Including Apple and Tesla Documents

Tenant Phishing Scams and the UK Letting Industry’s Email Problem

The Evolution of iGaming Fraud: What Security Teams Should Expect in 2027

The world's top intelligence alliance: AI could supercharge cyberattacks within months

Trump directs federal agencies to protect US data from quantum threats

Two Scattered Spider Hackers Convicted Over Transport for London Cyber Attack

Two Scattered Spider hackers plead guilty over Transport for London cyberattack

Two Scattered Spider members plead guilty over cyberattack that crippled London transit

US healthcare AI platform Xsolis confirms data breach that affects 1.4 million individuals

Usbliter8 Exploit Targets Apple SecureROM in Older iPhones, iPhone XS–11

What is known about the Transport for London (TfL) cyber attack after two men admitted the £39 million hack

What the Fortibleed campaign means for organizations running FortiGate firewalls

WhatsApp Phishing Attack Uses Fake Business Documents to Hack PCs

WhatsApp VBScript Campaign Installs ManageEngine RMM, Kaspersky Warns

WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool

Why Tata Electronics' cyber breach could be a concern for Apple and Tesla

World Cup scams surge as AI fuels fake betting sites, phishing links and QR traps

World Leaks Ransomware Group targets Apple and Tesla Trade Secrets

Xsolis Data Breach Affects 1.4 Million Individuals

Xsolis Data Breach Affects Near 1.4 Million Healthcare Patients

Xsolis Data Breach Exposes Personal Information of 1.4 Million People

Xsolis Data Breach Exposes Records of 1.4 Million Patients

Xsolis Data Breach Hits 1.4 Million People As Healthcare Vendor Reports Patient Data Exposure

Xsolis Data Breach Impacts 1.4 Million People

Xsolis Discloses 1,396,519-Person Data Breach - What Is A Data Breach?

22nd June

3 million Texans affected in hunting, fishing license data breach

23andMe settlement shows what privacy is really worth

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

A new unpatchable flaw in Apple chips opens the door to an iPhone jailbreak

A newbie hacker used "vague, low-skill prompts" in Claude and Codex to breach 14 companies, and the AI Agents did all the legwork

AI and Ransomware Fuel an Explosion in Transnational Crime, Interpol Warns

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Amazon Prime Day fuels surge in malicious domains, researchers warn

Anubis Ransomware Attack Cripples European Port Operations, ₹94 Crores Ransom Reportedly Demanded

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

AssuranceAmerica Data Breach Exposes Sensitive Info for At Least 611k Individuals

ATM Fraud Alert: How to Protect Yourself from Card Skimming, Phishing, and Other Banking Scams in 2026

Australia: Victorian RV dealer suffers alleged cyber attack

Beats Studio Buds Flaw Could Let Nearby Attackers Eavesdrop on Users

Belgian State Security hit by Ivanti data breach

Beyond encryption: Ransomware now threatens to leak stolen data

Boyd Bros. Transportation Data Breach: SSNs and Personal Contact Information Exposed

Brazil Suspects Hack Behind Unauthorized ‘Misanthropy’ National Phone Alert

Britain's cyber agency warns AI-written code could create security disasters if left unchecked

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canadian lender TD tells some employees it will use software to monitor their work

Canadian utility fesses up to data breach, but key details remain off-grid

Carnival Faces Investigation Following Massive Data Breach Affecting 800,000 Texans

Chinese Cyber Contractors Use Malware, Botnets, and Stolen Data to Enable State Operations

Colorado Health Network Data Breach Exposes PII and PHI Information of Patients

Cyber Attack Believed to Have Exposed Data of 3 Million Texans

Cyber Attack On Tata Electronics Threatens To Expose Apple Data, Tesla's 'Trade Secret'

Cyber criminals target World Cup 2026

Cybercriminals exploit World Cup hype with phishing schemes

Data breach exposes personal information of over 3 million Texas hunters, fishers

Data Breach Impacts More Than 3 Million Texas Hunters

Data leak fears after ransomware attack hits Hong Kong’s famous Kee Wah Bakery

Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials

Dutch privacy regulator warns municipalities are struggling to control public camera surveillance

Encrypted DNS still tells an eavesdropper where to look

Fake Grand Theft Auto 6 (GTA 6) beta testing programme targets gamers with phishing emails and malware downloads

FFmpeg fixes PixelSmash flaw in widely used video decoder

FortiBleed campaign used custom FortiGate sniffer to steal credentials

From Emerging Threat to Leading Ransomware-as-a-Service: The Evolution of INC Ransomware

FulcrumSec hacker group leaked over 250 GB of data stolen from pharma giant Novo Nordisk

FulcrumSec Spent Two Months in Novo Nordisk Networks Before 1.3TB Theft

GentleKiller Framework Disables Victims' Security Software

Ghana Among Africa’s Main Business Email Compromise (BEC) Hubs as Cyber Losses Rise

Global cybersecurity agencies warn of credential exposure in FortiBleed campaign targeting Fortinet firewalls, VPN gateways

Hackers Deploy Prinz Eugen Ransomware With RMM Abuse and Hands-On-Keyboard Tactics

Hackers dump 200,000 alleged secret Apple, Tesla files after Tata Electronics breach

Hackers Use RemotePC RMM and PowerShell Stagers to Deploy Prinz Eugen Ransomware

Hackers Use Steganographic Loader to Deliver Remcos RAT via Phishing Attachments

High-Severity Apple Beats Studio Buds Flaw Enables Eavesdropping Attacks

How Cybercriminals Are Exploiting India’s Travel Season Through Phishing, Fraud and Fake Websites

How to recover rapidly and safely from a cyber attack

Hundreds of AI-powered iOS apps found exposing credentials

India’s Tata Electronics hit by cyber breach claiming to expose Apple, Tesla trade secrets

Information of Texas hunting, fishing license holders exposed in data breach, Texas Parks and Wildlife Department (TPWD) says

INTERPOL: Phishing, Ransomware and AI Scams Sweep Asia-Pacific

Interpol flags sharp rise in cybercrime across Asia

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

JaredFromSubway Maximal Extractable Value (MEV) bot hacked in $15 million crypto theft

Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens

Klue breach exposed Salesforce CRM data through stolen OAuth tokens

Klue Hack and Data Breach Hits Several Top Cybersecurity Firms

Klue Hack Leads to Data Breach Across Multiple Cybersecurity Companies

Klue hack results in data breach at several cybersecurity firms

Kodak confirms a major data breach following ShinyHunters hacking claim

Kodak Confirms Data Breach Linked to ShinyHunters Hacking Group

KPMG Confirms Optus Data Breach Amid Scrutiny

Madison Square Garden (MSG) Entertainment Faces Lawsuit Over Alleged Data Breach

Major GNU software repository Savannah fixes 2-year flaw that left the platform exposed

Massive security flaw discovered in popular SSH library libssh2

Microsoft Attributes Mastra AI Supply Chain Attack to North Korea

Microsoft fixes AutoGen Studio flaw that enabled code execution

National Association of Insurance Commissioners (NAIC) Data Breach: 3.1TB of Data Compromised

National Cyber Security Centre (NCSC) Urges Fortinet Customers to Tackle FortiBleed Fallout

New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

New Prinz Eugen ransomware targets recent files, avoids ransom notes

New York Knicks owner sued following biometric data breach

OXLOADER: New Windows Loader Drops CASTLESTEALER via Google Ads

Pair Admit Role in Cyber Attack That Cost Transport for London (TfL) £39 Million and Disrupted Millions of Journeys

Phishing Attacks Targeting Government Up 50% Amid Overall Decline

Phishing the agent: Why AI guardrails aren’t enough

Prinz Eugen Ransomware: A Deep Dive into a New Go-Based Encryptor

Prinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes

Prinz Eugen ransomware encrypts the most recent files

Prinz Eugen Ransomware targets recently Modified Files

Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants

Salesforce Disables Klue Integration After OAuth Token Theft Hits Customer Data

Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper

Security shops among the 'hundreds' of Klue hack victims

ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack

ShinyHunters Again? Council of Europe Probing Theft of Payroll, HR and Other Sensitive Data

Singapore: Land Transport Authority (LTA) impersonation phishing scams on the rise again, with at least $74,000 lost in 3 weeks

Solventum Data Breach Affects Exposes PHI and PII of Patients

South Korea: Government's Information Security Lapses Highlighted by Data Breach

South Korea: TVING Fails to Announce Data Breach Scale

Suspected cyberattack triggers false emergency alerts across parts of Brazil

Tata Electronics Data Breach Linked to Apple and Tesla

Tata Electronics hit by cyber-attack; Hackers claim leak of Apple, Tesla secrets

Tata Electronics suffers massive data breach, leaked files allegedly include Apple and Tesla documents

Tata Electronics, a major tech supplier to Apple and Tesla, confirms data breach

Teens convicted of multi-million pound Transport for London (TfL) cyber attack

Texas Cyber Command detects data breach affecting more than 3 million hunting, fishing license customers

Texas Hunting and Fishing License Holders Hit by Data Breach

Texas Parks & Wildlife Data Breach Affects 3 Million Individuals

Texas Parks and Wildlife Data Breach Affects Over 3 Million License Customers

Texas Parks & Wildlife (TPWD) Data Breach impacts 3 Million People

Texas Parks and Wildlife vendor breach exposed data of 3 million hunters and anglers

Texas Parks and Wildlife warns 3 million hunting, fishing license customers about data breach

Texas vendor breach exposes personal data of more than 3 million people

There are 3 obvious signs someone is stealing your Wi-Fi - and several ways to stop them

Third-party data breach may affect some former Mayo Clinic patients

TVING Data Breach Affects 19.53 Million...Up 6.5 Million from Initial Estimate

TVING data breach estimated at around 19 million users...Concerns grow over impact on CJ ENM earnings

Two Britons plead guilty to £39 million 2024 cyber-attack on Transport for London

Two men including one from Walsall admit carrying out cyber attack on Transport for London

Two men plead guilty over £39 million Transport for London (TfL) cyber attack

Two young men admit carrying out cyber attack on Transport for London

Two young men carried out £39 million cyber attack on Transport for London (TfL)

UK: Black Country teenager to stand trial for London transport cyber attack

Understand ‘phishing’? Think again: why cybersecurity language is failing us

Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips

WhatsApp phishing attack uses fake business docs to hack PCs

Will your small business be fined for reporting a data breach?

Wills Point Chevrolet Data Breach Exposes Social Security Numbers and Health Information

Wright-Ryan Data Breach: Social Security Numbers and Driver's Licenses Compromised

Posted by at
Labels:
Subscribe to: Posts (Atom)