Data Breaches Digest - Week 24 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th June and 14th June 2026.

9th June

10 million Discord users named in data breach report nobody can explain

A giant Instagram phone number database just surfaced. Should you be worried?

AI being used to diversify attacks beyond phishing and email

AI strengthens phishing fraudsters by making ‘dodgy’ invoice emails word-perfect

Anubis group claims a ransomware attack on Singing River Health System

Australian farming group launches investigation following Qilin cyber attack claims

Budget Saudi detects limited customer data breach on app

Check Point says VPN attacks caused by Qilin ransomware group - who had a month's head start on them

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks

Check Point warns of ransomware-linked attacks exploiting outdated VPN protocol

Check Point warns of zero-day flaw targeted by ransomware affiliate

CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day

Cyber Governance: The Pressure Point in Ransomware Incidents

Decade-old login opens door to massive 10 Million student data breach

Email and text phishing scams have moved to calendar invites

Expired domains let hacker snoop through debt clients’ emails

Fake Grand Theft Auto 6 (GTA 6) Malware Campaigns Spread Globally Ahead of Launch

Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize

Google patches new Chrome zero-day flaw exploited in the wild

Hacker claims breach of Australian travel agency FirstClass, 53k customers potentially impacted

Hackers steal $1.7 Million worth of condoms after hijacking Walmart shipment - here’s how they did it

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

Healthcare data fuels underground cybercrime economy

Indonesian Media Outlet Tempo Targeted by 24.9 Million DDoS Requests

Japan: Massive data breach feared at Kyushu Power as SSD missing

Lansing Community College data breach impacts more than 170K people

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

Malware ships with bugs that defenders could use against it

Marin County, California, warns of phishing scam targeting building permit applicants

Meta AI data breach impacts over 20,000 Instagram users

Meta Moves to Hold NSO Group in Contempt Over New WhatsApp Phishing Campaign

MP staffer’s account sent almost 2,000 phishing emails after suspected hack

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

New PyPI Wave in Mini Shai-Hulud, Miasma, and Hades Campaign: 23 New Malicious PyPI Artifacts

New WhatsApp Phishing Attempts Rekindle High-Profile Spyware Fight

NHS Trust reveals thousands of records were stolen during cyber attack

OEConnection Data Breach: Social Security Numbers Compromised

Oxford University Discloses Data Breach

Oxford University discloses second data breach of 2025 after career services platform compromised

Privacy complaints spike in the Netherlands, driven by data breaches and camera surveillance

Qilin NHS breach tally grows as Essex trust confirms stolen records

ShinyHunters Secret to Success: Breaking the Trust Barrier

Signal, DuckDuckGo, NordVPN threaten to pull services if Canada passes “surveillance” bill

Spyware Alert: WhatsApp thwarts NSO Group-sponsored spear phishing attack

Stolen NHS Patient Data linked to Synnovis Data Breach reportedly appears on Dark Web

The security questions around Chinese AI coding models in U.S. software

Ultrahuman data breach compromised users' contact info and health data

Vulnerabilities Can Be Found in Minutes While Safe Remediation Requires More Than Speed

Wales: Conwy Council's website down as pro-Russia group makes cyber attack claim

Wales: Conwy high school investigates data breach

Wales: School investigating data breach after parent received files on pupils

Wells Fargo Phishing Scam Seeks Banking, Email, and Identity Details

WhatsApp Discovers NSO Group-Linked Spearphishing Attempts

Why Jaguar Land Rover’s CISO Enforced In-Person Password Resets Following Cyber-Attack

8th June

52% of direct-to-IP threats are missing from intelligence feeds

BGF Networks Reports Personal Data Breach in CU Convenience Store Delivery Service

Check Point links VPN zero-day attacks to Qilin ransomware gang

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

Cisco Warns of Active Exploitation of Catalyst SD-WAN Flaw With No Patch Available

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Critical UniFi OS bug lets hackers gain root without authentication

Cyber Attack Exposes Vulnerabilities as Hackers Target Kenyan Investment Platform

Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup

Cybercriminals Exploit 2026 FIFA World Cup With Phishing, Fake Stores, and Ticket Scams

Did Handala Disrupt Israeli Radar Systems?

Everything in One Place: Best Practices for Keeping Mobile Devices Secure

Fake Stores and Phishing Campaigns Exploit 2026 FIFA World Cup Hype

Fraud Operations Rebuild Faster Than Accounts Disappear While Their Behavior Remains Consistent

Gogs patches critical zero-day enabling remote code execution

Google Patches 429 Chrome Vulnerabilities in Major Browser Update

Hackers Clone Ghidra, dnSpy and Other Tool Sites to Spread Malware

Hackers Exploit 2026 FIFA World Cup With Phishing and Ticket Scams

Hackers Exploit Claude Code MCP to Steal OAuth Credentials

Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts

How Department of Science, Innovation and Technology (DSIT) Protects Thousands of UK Orgs from Cyber Vulnerabilities

Hull school in data breach over new pupils' details

India: Central Board of Secondary Education (CBSE) Re-Evaluation Portal Goes Live After Final Cybersecurity Clearance

India: IIT-Roorkee denies JEE Advanced data breach, calls report 'misleading'

Instagram Glitch Reportedly Exposed Contact Info of Zuckerberg and Other Users

Instagram Recovery Tool Bug Exposed 20,225 Accounts to Password Reset Abuse

Is OpenAI’s New Lockdown Mode an Admission That Default ChatGPT Was Never Safe Enough?

LinkedIn, Indeed and Upwork Leveraged for Chinese Spying Threat

Massachusetts votes to pass new privacy rights bill that bans sale of precise location data

eta: NSO Tried Targeting WhatsApp Users Despite Court Order

Meta AI Bug Exposes Over 20,000 Instagram Accounts

Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order

Meta claims NSO Group still targets WhatsApp users despite court order

Meta confirms critical vulnerability in account recovery tool exposed over 20K Instagram users

Meta escalates legal battle with Israeli spyware firm NSO over WhatsApp attacks

Microsoft’s open source tools were hacked to steal passwords of AI developers

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

NFCShare Android malware spreads via fake banking app updates on GitHub

No backdoor shenanigans: Grindr denies data breach claims

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

OpenAI Expands ChatGPT Lockdown Mode to Millions of Eligible Users

OpenAI is locking down parts of ChatGPT to reduce data theft risks

OpenAI Unveils ChatGPT Account Security Controls

Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor

Over 20,000 Instagram accounts stolen in Meta AI support hack

Over 20,000 Instagram Accounts Hijacked via the Meta AI Support Tool Exploit

Oxford University discloses data breach after careers platform hack

Password Reset Bug Leaked Instagram Emails and Phone Numbers

pfSense Firewall Compromised in VerdantBamboo Cyberattack Deploying BRICKSTORM

PhishByte warns spear phishing drives payment fraud losses

Prompt Injection Remains Unsolved, OWASP Researcher Warns

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Qilin ransomware claims hack of major New York/New Jersey Shipping Association

Research says Phishing overtakes Dark Web as primary source of stolen Personal Information

Russia upgrades rules for its digital spy system to better track citizens online

Second theft: How scammers use a lost iPhone to steal your identity

Securing the AI-Driven Public Sector: Why Data Governance and Trust Must Come First

ShinyHunters dump 400K BCD Travel customers data online

Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites

Smart TV Apps Found Converting Samsung and LG Devices Into AI Proxy Nodes

SoFi confirms third-party data breach at Hong Kong subsidiary

South Korea: Police Launch Probe Into CU Convenience Store Parcel Data Breach

South Korea police probe CU parcel data breach, pursue hacker

Strategic Education data breach exposes social security numbers of more than 176,000 people

Summer classes canceled at Evanston Township High School after ransomware attack

Texas Capital Bank data breach puts 91,000 customers' social security numbers at fraud risk

The hacking mastermind behind the 2026 FIFA World Cup

The Hidden Security Risks Behind Popular AI Tools

The New Face of Cybercrime: When the Criminal Isn’t the Hacker

Thousands of Essex NHS patient records taken in cyber attack

Thousands of NHS patient test results stolen in cyber attack

Two-Thirds of Open Source Community Unaware of Cyber Resilience Act

UNC3753 Targeted US Law Firms in Vishing Extortion Campaign, Possibly Used Physical Access

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

University of Oxford discloses data breach via third-party career platform

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

WhatsApp Says It Blocked Pegasus Spyware Campaign Linked to NSO

WhatsApp says it disrupted new NSO spyware phishing attacks

WhatsApp says NSO targeted users with spearfishing attacks in violation of court order

Whistleblower Accuses IBM, AT&T of Covering Up Breaches

Ransomware Operator Claims - Week 22 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 25th May and 31st May 2026, kindly assisted by our partners.

DBD discovered and researched 157 Ransomware Victims over 37 Countries and Islands claimed by 32 Data-Leaking Ransomware Operators, including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data-Leaking Ransomware Report - May 2026

Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st May and 31st May 2026.

DBD discovered and researched 722 Global Ransomware Victims over 82 Countries and Islands, including 312 US Ransomware Victims over 43 States and Districts, claimed by 60 Data-Leaking Ransomware Operators in May 2026.

DBD also discovered and researched 7 New Active Ransomware Operators called 0DAY, Bavacai, CMD Organization, Icarus, SPY CORPORATE, TITAN and Triple X in May 2026.

Download PDF



Data Source: Data Breaches Digest.

Data Breaches Digest - Week 23 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 1st June and 7th June 2026.

7th June

AI Is Making Cyberattacks Easier, Anyone Can Become A Hacker

AI scammers can now steal your fingerprints from peace-sign selfies - and unlike a password, you can't change them

Amazon impostors phishing for your info

Carnival cruise passport data breach puts six million at identity theft risk

C0XMO botnet spreads via DD-WRT router flaw, kills rival malware

Data Breach Leaves Vulnerable Afghan Allies Stranded in Afghanistan

DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6 Million People

DentaQuest data breach exposes info of 2.6 million members

Evanston Township High School (ETHS) closed through Tuesday due to ransomware attack

Evanston Township High School (ETHS) hit by cybersecurity incident; summer programs canceled through Tuesday

Ex-IBM Exec Accuses Big Blue and AT&T of Covering Up Foreign Data Breaches

Hacked, leaked, and held for ransom: the worst breaches of 2026 so far

Handala: Cyber Operation Launched Simultaneously with Missile Attacks on Israeli Targets

Man's anger as brother left in Afghanistan after data breach

May Nando’s joke be on itself after an alleged data breach?

Ransomware Recovery Takes 45 Days on Average as New HIPAA Guidance Reshapes Video Recording Rules for US Health Providers

ShinyHunters Group Leaks Data of 2.6 Million DentaQuest Members

Silent Ransom Group targets law firms with fake IT support calls

UK Ministry of Defence (MoD) Afghan Data Breach: 49 Deaths Confirmed, 24,000 Still Stranded as Resettlement Stalls

What Happened To Nando’s?

Women's News Agency (NÛJINHA) suffers cyber attack, received threatening messages

6th June

"Addresses, Mobile Numbers, and Names Stolen": CU Convenience Store Parcel Delivery Suffers Personal Data Breach

AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs

Anthropic AI coding assistant could be tricked into revealing secrets, Microsoft warns

Aura data breach: What happened, what was exposed, and how to protect yourself

Belgian banks must reimburse phishing victims as soon as they report a loss, judge says

BGF Networks Confirms Customer Data Breach in CU Parcel Service

Carnival breach exposes data of nearly 6 million travelers

CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to Known Exploited Vulnerabilities (KEV) Catalog

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Critical Everest Forms Pro flaw exploited to take over WordPress sites

Free Apps Are Quietly Turning Smart TVs Into Web-Scraping Proxies for AI

Hacker breaches CU parcel service, leaks customer data in South Korea

India: After initial denial, Central Board of Secondary Education (CBSE) invited ethical hacker to plug gaps in IT system

India: Central Board of Secondary Education (CBSE) Refutes Data Breach Claims Amidst Cyber Attack Series

India: Cockroach Janata Party Criticises Government Over Data Breach

India: Days after admitting glitch, IIT junks JEE data breach claims

India: First Information Report (FIR) filed over cyberattacks on Central Board of Secondary Education (CBSE) portal, no data breach reported

India: JEE Advanced data breach claims 'misleading', says IIT Roorkee, admits 'minor' glitch

Miasma Worm Hits 73 Microsoft GitHub Repositories in Major Supply Chain Attack

More Australians targeted by Booking.com scams, with travellers lucrative targets for criminals

New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams

OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks

Oxford University careers platform hit by third-party data breach

Oxford University Hit by Second Major Data Breach Exposing Student Career Credentials

Ransomware is getting quieter. The damage is getting louder

Ransomware Protection: What Businesses Actually Need to Get It Right

Seneca Falls Library Warns About Suspected Phishing Emails

South Korea: After Coupang, TVING, CU Parcel Service Suffers Data Breach

TA4922 Expands Its Phishing to Europe and South Africa

The Gaza ‘Data Breach’ and World Food Programme’s Bizarre Relationship with Palantir

“We’re Not Aware of Any Breaches”: South African Dating Site DatingBuzz Denies Massive User Data Breach Claims

When Supplier Risk Becomes Business Risk: Can Your Business Keep Running if a Critical Supplier Goes Offline?

5th June

2.6 Million Accounts Exposed in DentaQuest Data Breach

2.6 million DentaQuest accounts exposed by data breach - ShinyHunters claim 234GB of data stolen

93% of Organizations Use or Plan to Use AI Agents for Sensitive Security Tasks

After Cyber Attack, Chelan County, Washington, Recovers Server

AI Coding Tools Need Built-In Security for Agentic Development Era

AI is helping low-skill hackers pull off advanced cyberattacks

AI tools becoming hot commodities on ransomware marketplaces

Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps

Atlas Menu Data Breach Exposes 64,000 Grand Theft Auto V (GTA V) and CS2 Cheat Service Users

Attackers obtained encrypted password vaults from some Dashlane user accounts

Belgian judge orders bank to reimburse phishing victims after couple lose their life savings

Blue Teal Holdings Data Breach Exposes PHI and PII for Thousands of Individuals

Bronsky Orthodontics Data Breach: 3,183 Patients Impacted

C2N Diagnostics Data Breach Affects 2,027 Patients

Carnival breach may put your travel data at risk

Centrelink denies hacker claims of cyber attack

Chinese APT deploys new malware to keep access to hacked networks

CISA Warns of Exploited Linux Kernel Authentication Flaw

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)

Cisco SD-WAN Flaw Exploited to Execute Root-Level Commands

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

Claude outage sparks customer data leak claims as Anthropic investigates

Compliance chaos: New York regulators see a data breach - then focus on IT errors

Corient Services Data Breach Exposes Social Security Numbers

Dashlane Reveals How Hackers Downloaded Encrypted Vaults

Data breach at billing provider La Perouse impacted patients of 7 hospital groups

Data breach incident at Norfolk Constabulary

DBR & CO Data Breach Exposes Social Security Numbers

Delhi police file First Information Report (FIR) over coordinated cyberattacks on Central Board of Secondary Education (CBSE) post-result portal

DentaQuest Data Breach Exposes Information of 2.6 Million People

Dillon Family Medicine Data Breach: PHI and PII Compromised

ESET report finds 45% of SMBs hit by cyber incidents

Fake tickets, phishing and QR scams top FIFA World Cup cyber risks for South Africans

FIFA World Cup 2026 hype kicks off fraud, fake apps, and ransomware targeting fans and businesses

FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins

Financial ransomware and supplier risks rise

Former cyber executive turned whistleblower accuses IBM of covering up several data breaches

Gainwell Technologies Data Breach Exposes PHI and PII for 22,500 People

Global ransomware activity rises modestly in May as Qilin, The Gentlemen, and DragonForce lead attacks

Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person

Gravity Bridge Hacker Moves Another $2.1 Million in Stolen ETH to Tornado Cash

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Hackers getting an easy ride: misconfigured cloud settings behind growing number of data breaches

Hackers Leak DentaQuest Information Impacting 2.6 Million

Hackers now exploit SolarWinds Serv-U flaw to crash servers

Hackers publish hundreds of thousands of Salesforce records from Baker Distributing

Hacking Group Claims Responsibility for Multi-Million-Record DentaQuest Data Breach

Hanahan Police Warn Residents of Nationwide Phishing Scam Targeting Permit Applicants

How cybersecurity threats impact trucking operations

How Hotels Can Stay on Top of Security During Travel Season

How to Spot Phishing Scams in 2026: Red Flags

IMA Diligence Services Data Breach: 525,306 Impacted

India: Central Board of Secondary Education (CBSE) denies 'data breach' despite repeated cyber attacks for past 3 days

India: Central Board of Secondary Education (CBSE) files complaint over cyber attacks on portal, teen hacker offers simple fix

India: Central Board of Secondary Education (CBSE) files complaint with Delhi police over cyber attacks on Post-Result Services Portal

India: Central Board of Secondary Education (CBSE) files police complaint after coordinated cyber attacks target Class 12 post-result portal

India: Central Board of Secondary Education (CBSE) files police complaint after cyber attack targets Class 12 re-evaluation portal

India: Digital Personal Data Protection (DPDP) and Cybersecurity - Why the Safest Data May Be the Data You Delete

India: Education ministry denies reports of data breach of candidates for JEE (Advanced) exam

India: Education Ministry rejects JEE Advanced data breach claims, says candidate data remains secure

India: IIT Roorkee dismisses JEE Advanced data breach claims, says no sensitive information compromised

India: JEE Advanced 2026 data breach claims rejected; IIT Roorkee says results and candidate records remain secure

India: JEE-Advanced data breach claims misleading, factually incorrect

Indian Institute of Technology (IIT) denies JEE-Advanced data breach claim: 'Minimal, temporary misconfiguration’

Indian Institute of Technology (IIT) Roorkee denies data breach affecting JEE Advanced candidates

Indian Institute of Technology (IIT) Roorkee Denies Data Breach Allegations Amid Misinformation Claims

Indian Institute of Technology (IIT) Roorkee Rejects JEE Advanced 2026 Data Breach Claims, Says No Sensitive Information Was Compromised

IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks

Lansing Community College Data Breach Exposes Social Security Numbers and Other PII

Leaked aircraft maintenance files spark security fears after alleged Avcon hack

Legacy Risks in a Digital NHS: Lessons from Cyber Compromise

Malicious Hugging Face Models Could Trigger Remote Code Execution

Marks & Spencer CEO loses annual bonus after $175 Million cyberattack

Miasma Malware Hits 32 Red Hat Packages via Compromised GitHub Account

Microsoft Edge Vulnerability Enables Remote Code Execution

Millions of NYC Health + Hospital patients’ personal data exposed to cybercriminals in data breach, class action lawsuit claims

'Misleading and factually incorrect': IIT Roorkee denies data breach allegations in JEE (Advanced)

Mississippi healthcare provider reports data breach impacting over 50,000 people

Morning Star Tours Data Breach Exposes Social Security Numbers

Most professionals have seen AI hallucinations in IT operations

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Nigeria: Independent National Electoral Commission (INEC) probes alleged misuse of authorised access to Continuous Voter Registration (CVR) database

Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals

Norfolk Constabulary apologise after payroll data breach

OpenAI Codex Uncovers HTTP/2 Bomb DoS Exploit Affecting nginx, Apache, and Microsoft IIS

Over 60k Grand Theft Auto V (GTA V) players allegedly exposed in cyber attack on game cheat service

Over 900 US gas station tank gauge systems exposed to attacks

Over 23,000 patients affected in Clarinda Regional Health Center data breach

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for SMTP Relay Abuse

Phishing Has Become an Industry, And AI Is Driving Its Growth

Pink Extortion Group Linked to UNC6671 and The Com Uses Vishing and Fake Helpdesk Calls to Target Enterprise Data

Pink ransomware group steals Microsoft 365 data

Post-Quantum Security Standards Exist, Migration Remains the Challenge

Pro-Russian hacker group launches ‘Patriotic Online Games’ campaign targeting European organizations

Reactive Security Is Failing Healthcare Organizations, Experts Warn

Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords

Southeast Asia Scam Compounds Turn AI Into a Cybersecurity Threat

Stafford Oral Surgery Data Breach Exposes Personal and Medical Information

Station Casino’s Data Breach Followed the Caesars 2023 Playbook. The Class Action Is Following the MGM Playbook

Stolen Hotel Reservation Data Used in Targeted Phishing Scams

Strategic Education Data Breach Exposes Social Security Numbers

Strategic Education Data Breach Exposes SSNs of 111,706 Confirmed Victims

Suspicious Polyfill login prompts pop up on Toshiba, Muji websites

Takeda Data Breach: Social Security Numbers and Medical Information Exposed

The Oncology Institute Discloses Data Breach to Securities and Exchange Commission (SEC)

This Ransomware Gang Doesn’t Need Your Password - It Sends Someone To Steal Your Data In Person

Tulane University victimised in Oracle E-Business Suite hack

VECT 2.0 Ransomware Breaks Files Beyond Its Own Recovery

VECT 2.0 Ransomware Can Corrupt Encrypted Files Beyond Reliable Decryption

VECT 2.0 Ransomware Can Damage Files Its Own Decryptor Cannot Reliably Restore

VerdantBamboo APT Uses BRICKSTORM Malware in Attacks on Network Appliances

Wales: Cyber attack at Powys school exposes personal data of pupils and staff

World Food Programme (WFP) Gaza Data Breach Exposes 600,000 UN Food Agency Household Records

4th June

7 Data Security Stories to Know About in May 2026

A Simple Tool to Combat Phishing Schemes

Acadia Healthcare Data Breach Exposes Social Security Numbers

Acer Develops Fix for Critical Wave 7 Router Zero-Day Flaw

AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns

AI Phishing Raises Costs Despite Faster Response

AI Powered Ransomware Outpaces Enterprise Defenses

AI-Powered Bots Are Blurring the Line Between Users and Cyber Threats

AI-Powered Computer Worm Reveals New Cybersecurity Threat

Attackers already know the secrets are on your developers’ machines. Do you?

Attackers Stole Global Stock Exchange Executive’s Mailbox for Five Months in Covert Campaign

Bots Overtake Humans in Global Web Traffic for the First Time

Canadians impacted in cruise line data breach affecting six million

Central Board of Secondary Education (CBSE) Cyber Attack: Claude AI under spotlight as IIT experts review CBSE's tech ecosystem

Charter breach warning: What customers should know

China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

China’s spies offer freelancers lucrative side hustles via job networks in hunt for secrets, agencies warn

Chinese spies are using LinkedIn to lure Westerners into sharing sensitive information

Chinese-Speaking Actor TA4922 Widens Its Global Reach

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to Known Exploited Vulnerabilities (KEV) Catalog

CISA Warns of Exploited Android Framework Vulnerability

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Cisco warns of critical Unified CM flaw with Proof-of-Concept (PoC) exploit code

Clarinda Regional Health Center Reports Data Breach Affecting 24K Patients

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Conduent Business Services Data Breach Affected More Than 62.2 Million Individuals

Credit card theft campaign abuses Stripe to host stolen payment info

Cruising Into Danger? 6 Million At Risk In Huge Travel Breach

Cyber attack at Powys school results in 'unauthorised access to some personal data'

Cybercriminals Shift From Fake Login Pages to Infostealer Malware in Phishing Attacks

DentaQuest data breach exposed info of 2.6 million accounts

DentaQuest data breach exposed sensitive info of 2.6 million people

DentaQuest data breach exposes sensitive information of 2.6 million accounts

DentaQuest Exposes Over 2.5 Million Accounts in ShinyHunters Extortion Attack

Department of Justice (DoJ) Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets

Erasmus University reports data breach in staff survey

ETSI sets security requirements for AI data centers and cloud platforms

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

Fake ChatGPT Download Site Spreads Malware via Sponsored Results

Fake Chrome Web Store Copyright Alerts Used in Google Credential Theft

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via Traffic Distribution System (TDS)

Fake tickets, phishing and QR scams top FIFA World Cup cyber risks for South Africans

Federal Trade Commission (FTC) considers setting aside or modifying $150 million privacy penalty against X

First Advantage Data Breach Exposes Social Security Numbers

Five Eyes warn Chinese spies are using job sites to recruit insiders

Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Fragmentation, Extortion and the New Ransomware Reality

Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment

Gartner Signals a Cybersecurity Shift From Prevention to Resilience

Gastro Health Data Breach Exposes Protected Personal and Health Information

Global Phishing Surge As 260 Brands Target Mobile Users

Google Sites Hosted Claude Code Impersonation Campaign Targeting Developer Logins

Healthcare Data Breach Statistics

Hola Browser for Windows compromised to deliver cryptominer

How Businesses Can Prepare for a Cybersecurity Crisis with Effective Plans

iFood confirms data breach affecting 1.2 million users

iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil

IIT-led probe finds Claude and other AI tools behind Central Board of Secondary Education (CBSE) cyber attack

IKEA investigating alleged data breach

India: 56,000 students apply for Central Board of Secondary Education (CBSE) re-evaluation by June 3rd, major cyber attack blocked

India: Central Board of Secondary Education (CBSE) gets over 56,000 re-evaluation pleas as students flag OSM concerns, foils major cyber attack on portal

India: Central Board of Secondary Education (CBSE) Re-Evaluation Portal Remains Operational Despite Major Cyber Attack, Over 56,000 Applications Processed

India: Central Board of Secondary Education (CBSE) receives over 56,000 re-evaluation requests, thwarts major cyber attack

Indian Wearable Startup Ultrahuman Confirms Data Breach Exposing User Wellness Logs

Jamaica: Three more arrested and charged in multimillion-dollar National Commercial Bank (NCB) phishing scam, granted $450,000 bail

Japan: Clannad publisher Visual Arts suffers major data breach, including overseas leak of Key’s latest visual novel. Personal information potentially compromised too

Kali365 Phishing-as-a-Service Campaign Broadens Attacks to Okta and MAX Messenger Users

Kali365 Phishing-as-a-Service (PhaaS) Expands to Okta, MAX Messenger Attacks

Kali365 Phishing-as-a-Service (PhaaS) Operation Expands Beyond Microsoft 365 to Target Okta and MAX Messenger

KerberRose Data Breach Impacts 27,076 Individuals

KLM data breach compromises staff's personal information

Korea Privacy Watchdog Launches Probe into TVING Data Breach

Korea probes TVING data breach after unauthorized access hits user info

Korean Police Report Voice Phishing Cases Down 43% in First Year of Lee Government

Lazarus Group Uses npm Brandjacking Campaign to Target Developers

Major data breach hits hotel sector across Europe, guest data used in phishing attacks

Malicious Skill Detector Bypassed on ClawHub, Cisco, and Vercel

Malicious WhatsApp, Slack Alerts Could Have Exposed Millions of Android Users

Manager on Call Data Breach Exposes Social Security Numbers

Medenet Inc. Data Breach Exposes Social Security Numbers

Meta, Microsoft, Department of Justice (DOJ), and Others Disrupt Southeast Asia Scam Compounds

Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now

Nearly 21,000 affected by Middletown data breach

New GitHub Zero-Day Exposed Developer Tokens to Attackers

New IronWorm malware hits 36 packages in npm supply-chain attack

New malspam campaign uses Google DoubleClick to deliver DesckVB RAT

New Payouts King Ransomware Technique Helps Malware Avoid Detection

Onsite Women’s Health $2.5 Million Data Breach Settlement

Password Manager Dashlane Reveals How a Hacker Stole Encrypted Vaults

Payouts King Ransomware Bypasses EDR via Obfuscation and Direct Syscalls

Payouts King Ransomware Evades EDR With Obfuscation and Direct System Calls

Pentesters turn up the heat on Shelly as Bluetooth thermostat flaw leaves smart homes exposed

Personal data on mental health patients stolen in provider group hack

Phishing Attacks Pivot to Infostealer Malware Over Fake Login Pages

Pink Extortion Group Emerges Targeting Microsoft 365 Data

Proofpoint Warns TA4922 Deploys Atlas RAT and Multiple Malware Loaders

Ransomware and Geopolitical Tensions Drive Cyber Threats Across Middle East, Turkey, and Africa (META) in Q1 2026

Ransomware cartels are fragmenting into volatile splinter groups, warns Metropolitan Police cyber chief

Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process

Russia seeks to label two anti-Kremlin hacker groups as ‘extremist’

Russian Hackers allegedly offer Cryptocurrency Rewards through “Patriotic Online Games”

Southern Illinois Ob-Gyn Data Breach Affects 38,700 Patients

Spotless compliance evidence can still hide a broken control

Students and staff targeted in cyber attack on mid-Wales schools

Supreme Court rules Federal Communications Commission (FCC) fines punishing telecom giants for sharing location data were legal

Tax phishing scams surge in Australia

The modern-day business can learn a lot about risk from this year’s mega events

The NHS Was Lucky. The Next Victim Might Not Be

UK firms lag on AI cyber defences

Ukraine’s Experience Highlights the Need for Preparation and Resilience in Cybersecurity

Ultrahuman Data Breach: Hackers Accessed Wellness Data via Internal Analytics Tool

Ultrahuman data breach exposes user info via internal tool

Ultrahuman Data Breach Exposes User Wellness Data

Ultrahuman says hackers accessed user wellness data through stolen credentials: All you need to know about the breach

Ultrahuman smart ring maker reports data breach affecting customer wellness information

Ultrahuman suffers a major security breach, exposing users’ wellness data: How did it happen?

Ultrahuman suffers data breach, hackers access customer wellness information

Ultrahuman's data breach exposes customer details, but passwords stay safe

UN food agency data breach exposes 600,000 Gaza households

UN food agency discloses breach affecting 600,000 Gaza households

UN food agency investigates breach exposing data of Gaza aid recipients

University of Oxford hit by second major data breach of the term as CareerConnect hacked

US Sanctions Iranian Nobitex due to “connection” with ransomware

VECT: Ransomware That Can’t Decrypt

Virta Health Data Breach Exposes Patient Information

Wales: Powys schools cyber attack sees staff and pupil data accessed

Wales: Pupils, staff, and other data accessed in school cyber attack

Weil Gotshal reportedly pays up to $20 million after cyber extortion group steals client data

What the Ultrahuman Data Breach Reveals About the Hidden Risks of Smart Rings

WhatsApp, Slack, SMS Notifications Could Hijack Google Gemini on Android

Why Collaboration Friction is the Hidden Driver of Lost Control

Why eSIMs Are Replacing Traditional SIM Cards

Why Trusted Pipeline Identities Matter More Than Ever in Software Supply Chain Security

World Food Programme (WFP) cyber-attack: Is nearly all of Gaza’s population exposed?

World Food Programme reports data breach affecting Palestinian beneficiaries

3rd June

Acer working to patch max severity zero-days in Wave 7 routers

AI accelerates development of ransomware toolkit with EDR evasion capabilities

AI-Powered Cybercrime Tools Surge on Dark Web

Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft

Anxious Security Pros Watch as Anthropic, OpenAI Expand Access to Frontier AI Models

Argamal RAT Targets Hentai Gamers via Trojanized Games, Kaspersky Reports

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Autonomous AI-driven worm can reason its way through corporate networks

Belgium: Antwerp court rules banks must immediately reimburse phishing victims

Belgium: Court rules "banks must compensate phishing victims immediately"

Black Kite’s 2026 State of Financial Services Report Reveals Ransomware Surge and Vulnerability Deluge Driving Two-Front Cyber Threat

Carnival Corporation Data Breach Leads June Wave of Account-Compromise Incidents

Carnival Cruise Line Passengers Frustrated By Company's Response To Data Breach Victims Outside The U.S.

Carnival Data Breach Travel Alert: Nearly Six Million Cruise Travelers Impacted as Experts Urge Immediate Steps to Protect Personal Information

Carnival to Monitor Credit of 6 Million Customers in Massive Data Breach

China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware

Chinese hackers use new Atlas RAT malware in European cyberattacks

CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA warns of active attacks exploiting Android, Linux bugs

CISA warns of cyberattacks targeting fuel tank monitoring systems

City of York Council investigation - blue badge data breach

Critical Apache ActiveMQ Flaw Enables Security Header Injection

Critical Takeaways from the 2026 Verizon Data Breach Investigations Report (DBIR): Mobile is the Most Vulnerable Attack Surface

Cyberattacks Target U.S.-Based Automatic Tank Gauge Systems

Data breach at auto lender Industrial Acceptance Corporation affects nearly 80,000 people

Data Breach Hits Over One Hundred Dutch Hotels

Dozens of Dutch hotels affected by data breach

Educational Employees Credit Union Data Breach Exposes SSNs

Emmys data leak: update exposes access to award submissions

Error 524 Decoys Used in Brand Impersonation Phishing Campaign

Europol Dismantles First VPN Used by Ransomware Gangs

Eversource says data of 3,049 customers exposed in cyberattack

Fulcrum Real Estate data breach exposes Social Security numbers

Gentlemen Ransomware Exploits Fortinet Flaws, AI, and Custom C2 Tools

GitHub Actions Script Injection Flaws Hit 38% of Organizations

Google adds Android protection against AI deepfake scam calls

Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT

Google Patches Android Zero-Day CVE-2025-48595 Exploited in Targeted Attacks

'Groundbreaking' ruling: Banks in Belgium must immediately reimburse phishing victims

Groupe Crit announces data breach at Tunisian subsidiaries

Hacker claims breach of the Australian Centre for the Moving Image, PII allegedly compromised

Hackers Use AI-Generated Tools to Automate Active Directory (AD) Attacks, EDR Evasion

How Texas Businesses Can Protect Themselves from Ransomware Attacks

How to prevent ransomware

Ikron Corp. Data Breach Affects 11.8k Exposing Social Security Numbers

IMA Diligence Services Data Breach Impacts 525,000 People

Increase in ransomware attacks - Qilin and INC Ransom the main culprits

India: Has JEE Advanced 2026 Data Leaked? Hacker Flags Data Of 179,600 result records, 187,300 admit cards Online; IIT Roorkee Reacts Quick To Save Image

Infostealers are becoming the go-to phishing payload

Instagram is alerting users who were targeted by hackers during AI chatbot attacks

Ivanti ITSM Vulnerability Allows Attacker to Gain Admin Privileges

JEE Advanced 2026: Another Gen-Z ‘ethical hacker’ exposes holes in IIT Roorkee’s results portal

JEE Advanced 2026: Over 1.79 lakh candidates records exposed in IIT Roorkee data breach

Juventus reports third-party breach that compromised official club footage

Kali365 PhaaS Expands Targeting Microsoft, Okta, DocuShare, AWS, MAX Messenger

Kelp DAO Hacker Launders Nearly All Stolen $220 Million

Known vulnerabilities behind most application security incidents

Korea's big five banks freeze 150,000 scam-linked accounts as fraud shifts

Laravel CRLF Injection Flaw Enables Email Processing Interference

Malware campaign targeting Minecraft users infects over 116,000 systems

Mass data breach on over 100 Dutch hotels hits guests

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

Microsoft 365 users warned over Outlook, Teams and OneDrive FBI alert

Middletown data breach exposed Social Security numbers, personal information of residents

New Android feature promises to spot deepfake scam calls

New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

New Identity Battleground: Attackers Don’t Need to Break MFA, they Just Need a Help Desk

New Scam Targets Microsoft Users, FBI Warns. Here's How to Protect Yourself

Nigeria: Electoral Commission Probes Massive Data Breach Targeting Nigerian Actor

No more calls from fake mom: Google releases Android fake call detection feature

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

Only 9% of Organizations Patch Critical Vulnerabilities in 24 Hours

Only 11% of production agents pass the AI agent security bar

Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

Plaza Home Mortgage Data Breach Exposes Social Security Numbers

Pro-Iran hacker group claims access to US officers’ data, secret military bases

Radiology Associates of Richmond discloses data breach affecting more than 266K patients

RAlord Affiliate Banned for Breaking CIS Ransomware Rule, Infecting Eriell Group

Ransomware Attacks Surge 30% in 2026 as Qilin and INC Ransom Intensify Operations

Ransomware Gang Abuses Fortinet Flaws With Custom C2 Frameworks

Red Hat hit by npm supply‑chain attack - here's how to stay safe

South Korea: Data Breach at TVING Prompts Government Investigation

South Korea launches joint probe into TVING data breach and consumer risks

Spanish hacker Alcasec sentenced to prison for stealing banking details

Station Casinos faces class action lawsuit over data breach

Subpostmaster federation hit by ransomware attack

Texas Capital Bank Data Breach Affects 86,067 Texans

The Gentlemen Ransomware Group Uses Fortinet Exploits, AI, and Custom C2 Frameworks

The worst hacks and breaches of 2026 (so far)

TVING Apologizes After Personal Data Breach Exposes User Information

TVING confirms data breach in South Korea, apologizes and boosts security

TVING Data Breach Exposes Millions To Risk

TVING faces investigation by Ministry of Science, ICT following personal data breach

TVING Reports Data Breach Affecting User Information

TVING reports member personal data leak, suspected hacker theft

TVING Suffers Data Breach, Member Personal Information Leaked

TVING Suffers Member Data Breach: "Hacker Accessed Database"

U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors

Ultrahuman Data Breach: 68 Days to Tell Users

Ultrahuman says hackers accessed customers’ wellness data via internal tool

United Medical Doctors Discloses Data Breach Affecting Patients

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

US Enterprises Targeted With Fake Purchase Order Malware Campaign

VS Code zero-day lets hackers steal GitHub tokens in one click

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

WeedHack Malware Infects 116,000+ Minecraft Systems via Fake Mods

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

Why cyber criminals favour phishing and how to better predict, prioritise and prevent attacks

Winona County, Minnesota, Alerts Residents After Cyber Attack

WordPress Plugin Flaw Exposes 500,000+ Sites to Privilege Escalation

2nd June

5 Signs AI Phishing Has Compromised Your Web3 Social Media Account

64,000 accounts exposed in breach of Grand Theft Auto V (GTA V) cheat service Atlas Menu

Accounting firm Kennedy McLaughlin confirms ‘cyber incident’ following Qilin ransomware attack

AI-built ransomware toolkit automates EDR evasion, Active Directory (AD) discovery

Android 0-Day Vulnerability Exploited for Full Device Control

Another Gen Z hacker now claims data security flaw on National Testing Agency (NTA) re-exam portal

Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets

Australian jewellery retailer confirms cyber attack

Australian workplace catering firm Hampr suffers alleged 360k record data breach

Australias amongst millions affected in Carnival Cruise Line data breach by cyber criminals

AZUREVEIL Adaptix C2 Agent Delivered via Targeted Spearphishing Attacks

Booking.com data breach scare hits Japanese travellers as scammers target hotel bookings

Business Leaders Lack Understanding of Threat Intelligence, Study Warns

California Suing Former 23andMe Firm for 2023 Data Breach

Carnival Corporation data breach: What affected customers need to know

Carnival Corporation Data Breach Compromises Six Million Customer Records

Carnival Corporation Data Breach Exposed Just Under 6 Million Records

Carnival Cruise Data Breach Becomes Wake-Up Call for International Travelers Amid Rising Cybersecurity Threats in Tourism

Carnival Cruise Data Breach Exposes Nearly 6 Million People in Cyber Attack Linked to ShinyHunters

Carnival Cruises Line faces data breach exposing cruise passengers passport details

Carnival Data Breach Exposes Millions Of Customer Records

Carnival data breach exposes personal information of nearly 6 million cruise passengers

Carnival Data Breach Potentially Impacts 6 Million Cruisers

CISA Flags Palo Alto PAN-OS Flaw as Actively Exploited

CISA flags two-year-old Oracle flaw as actively exploited in attacks

Critical Kirki flaw exploited to hijack WordPress admin accounts

Critical KMW CCTV Flaw Enables Unauthorized Camera Access

Critical StrongDM Vulnerability Enables Authentication Theft

Cyber attack targeted nearly 33k patients at Bedfordshire Hospitals Trust

Dashlane Discloses Brute-Force Attack Bypassing 2FA Protocols

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Data Breach at Internet Service Provider Exposes Records

Data Breach Hits Grand Theft Auto V (GTA V) Cheat Tool Atlas Menu, Leaking 64,000 User Account Info

Data of 600,000 Gaza households exposed in World Food Programme (WFP) cyber-attack

'Dumbass' criminal breaks the 'first rule of ransomware club'

Dutch hotels hit by data breach exposing customer information

Dutch watchdog files complaint over Flo collecting and selling intimate data

Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Tickets, AI Phishing, Network Threats Target FIFA World Cup

Family Medicine Centers Pays $2.15 Million to Resolve Data Breach Lawsuit

FBI Warning: World Cup Scammers Are Spoofing FIFA Tickets, Job Sites

FBI Warns Microsoft 365 Users About Dangerous Phishing Tool

FBI-Flagged Phishing Kit Kali365 Expands Its Reach

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

German police may be using advertising data unlawfully obtained from brokers

Google fixes actively exploited Android vulnerability (CVE-2025-48595)

Google fixes one actively exploited Android zero-day, 124 flaws

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google Patches Android Zero-Day Vulnerability in June 2026 Security Update

Grand Theft Auto 5 (GTA 5) Cheat Service Atlas Menu Hit by Major Data Breach Affecting Thousands of Users

Grand Theft Auto (GTA) Online Cheat Provider Hit By Widespread Data Breach

Grand Theft Auto V (GTA V) cheat service Atlas Menu hacked, exposing 64,000 accounts

Grand Theft Auto V (GTA V) cheat service Atlas Menu hacked, exposing nearly 64,000 user accounts

Grand Theft Auto V (GTA V) Cheating Platform Atlas Menu Suffers Major Data Breach

Hackers Abuse Meta AI Bot to Hijack Instagram Accounts

Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts

Hackers trick Meta AI into handing over Instagram accounts - including Barack Obama’s

Hackers trick Meta AI into stealing Instagram accounts

Hackers Tricked Instagram’s AI Chatbot to Hijack Accounts

Healthcare consulting company Phia Group says 2024 data breach impacted over 120,000 people

How to Recover Financial Losses After a Corporate Data Breach in 2026

IKEA targeted by teenage hackers who hit Microsoft and Uber

India: Central Board of Secondary Education (CBSE) re-evaluation portal faces DoS cyber attack; records 1.5 million hits in two minutes

Instagram Patches Meta AI Support Assistant Hijacking Vulnerability

Instagram users locked out after Meta AI abused to steal accounts

Kaspersky Warns of Evolving QR Code Phishing Attacks

La Perouse reports data breach incident

Malicious Packages Target Cloud Keys, Wallets, and SSH Credentials

Mariner Reports Data Breach Affecting Nearly 9,000

Mariner Reports Data Breach After Hack

Mariner Wealth Advisors Data Breach Affects Nearly 9,000 Customers

Meta AI Support Flaw Lets Hacker Hijack Instagram Accounts

Miasma Malware Targets Red Hat npm Packages in New Supply Chain Attack

Microsoft backs down after zero-day dispute, says it won’t sue security researchers

Microsoft Entra pushes passkeys, tightens identity security

Mobile Phishing surpasses Email Cyber Threat

National Identity Management Commission (NIMC) Warns Nigerians Against Fake ‘Free NIN Correction Portal’ Phishing Scam

Nearly 33,000 Bedfordshire hospital patients affected by cyber attack in 2024

New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions

Oracle WebLogic CVE-2024-21182 Added to Known Exploited Vulnerabilities (KEV) Catalog After Active Exploitation

Orange Liberia Fined Over Unauthorized SIM Swap and Customer Data Breach

Over 30 Red Hat npm Packages Compromised by Shai-Hulud Malware Variant

Over 5,000 malicious domains targeting 2026 US Midterm elections spotted going live – and they could be used for fraud, phishing, or worse

Over 116,000 Minecraft systems infected in WeedHack malware campaign

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Passwords and locations at risk in alleged Grindr data leak

Password manager Dashlane says hackers stole some customers’ password vaults

Plaza Home Mortgage discloses data breach affecting customers and employees

Ransomware activity peaks on Weekdays and reaches its highest levels in October

Ransomware attack on City of Sandstone compromised residents' personal data

Ransomware group profits are rising faster than FTSE 350 firms

Ransomware groups grow revenue by almost 40% in Q1 2026

Red Hat npm packages compromised in new Mini Shai-Hulud malware wave

Red Hat removes tainted packages after software pipeline compromise

Russia claims foreign spy agencies hacked officials' phones

Russian military hacker who targeted Pittsburgh-area nuclear firm evades FBI for 8 years

Russian spy campaigns are increasingly targeting Western technological know-how, Europe warns

Sensitive government personnel data posted online, Spanish police arrest suspect

Signal Backup Phishing Attacks Hit Users in 2026

Singapore: Personal Data Protection Commission (PDPC) investigating potential data breach involving PCF Sparkletots pupil information

SolyxImmortal Python Malware Steals Browser Passwords and Cookies

Sophos uncovers AI-powered malware lab built for EDR evasion

Spain arrests suspected hacker for publishing personal data of police, prosecutors and cyber officials

Spain Police Arrests Suspect in Massive Doxing Campaign Against State Officials

Strategic Education Data Breach Exposes Student SSNs and More

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

This AI model backdoor attack stays hidden until you customize the model

Threat Actor Uses AI to Build EDR Evasion Tools

Threat Actors Target Critical Windows Netlogon Flaw CVE-2026-41089

TP-Link Router Vulnerability Enables Arbitrary Command Execution

UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

United States Carnival Corporation Data Breach Raises Alarms About Travel Data Security and Passenger Privacy Across North America and International Cruise Markets

ViaQuest Data Breach Compromises PII and PHI Belonging to Thousands

When Your Phone is Subscribed Without Consent, the Attack Has Already Worked

Your car is following you - how to reclaim your data privacy on the open road

1st June

32 Million Bumble users’ data leaked online, hackers claim

145 AI laws passed in 2025 and privacy teams aren’t catching a break

Afghan finance officials targeted by suspected Pakistani cyberespionage campaign

AI SOCs Will Still Need SOC Analysts, Security Vendors Say

Another South African organisation denies a major data breach

Atlas Menu Data Breach Exposes Approximately 64,000 User Accounts

Attackers Abuse Shared Content for ChatGPT Phishing Campaign

Brute-force attack triggers Dashlane account lockouts

California Attorney General files lawsuit against 23andMe for data breach

California Attorney General Sues Over 23andMe Data Breach

California sues 23andMe over 2023 data breach

Carnival Corporation's data breach exposed personal data of nearly 6 million customers

Carnival Cruise Data Breach Puts Millions Of Travellers’ Personal Information At Risk: What You Need To Know

Carnival customer information, including passport details, impacted by data breach, cruise line says

Carnival data breach affects nearly 6 million people

Carnival data breach exposes info of nearly 6 Million cruise travelers

Carnival data breach hits nearly 6 million customers

Carnival warns nearly 6 million people of potential data breach

ChatGPhish Technique Shows How Browser Prompt Injection Can Manipulate ChatGPT Summaries

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

Chrome now protects you from hackers who steal browser cookies - how it works

Critical Flowise Flaw Gives Attackers Full Server Control

Critical Magento Cache Plugin Flaw Enables Remote Code Execution

Critical Windows Netlogon RCE flaw now exploited in attacks

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Cruise giant says six million customers’ personal information was exposed in breach

Crypto Exploit Losses Reach $68 Million In May Despite Limited Phishing Damage

Cybercriminals Leverage GHOSTYNETWORKS and OMEGATECH for JS Malware Hosting

Dashlane password manager users locked out by brute force attacks

Dashlane suspends multiple accounts after ‘brute force’ cyber attack

Data Breach Affects Thousands of Melbourne Film Festival Customers

Data discovery gaps that catch enterprises off guard

Deepfake CEOs, fake suppliers, AI phishing: Scams United Arab Emirates (UAE) businesses need to watch out for

Dutch police arrests 35-year-old for hacking into Ajax' computer systems

Election interlopers register 5K+ domains, hope to catch some voting phish

EU organizations buckle under rising compliance pressure

Fake McAfee emails refuse to die as new round of phishing emails targets consumers

FBI Warns Microsoft Users as Kali365 Attack Spreads Across Outlook and Teams

Federal Trade Commission (FTC) Warns About Digital Invite Phishing Scam

Film festival hack leaves thousands fearing identity theft

FSB Group Gamaredon Hides Worm in Windows Data Streams

Gamaredon APT Hides Malware in Windows Features, Uses Cloud C2

German tax authority may train AI on citizens’ unaltered data

Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking

Grand Theft Auto 6 (GTA 6) Hype Fuels Surge in Phishing Scams and Malware Campaigns

Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers

Grand Theft Auto V cheaters caught in a massive data breach

Hacker arrested in Granada after leaking personal data of state officials

Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)

Hackers Attacking Signal Users to Steal Backups in New Wave of Attacks

Hackers breach Obama White House Instagram years after it went silent

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access

Hackers Target Signal Users in Phishing Campaign to Steal Backup Recovery Keys

Hackers Target Signal Users to Steal Backups in New Attack Wave

Hackers trick Meta AI support bot to infiltrate Obama White House Instagram account

How NIST fumbled management of the National Vulnerability Database

India: Bombay High Court Blocks Ransomware Group ‘Morpheus’ After Massive 680 GB HDFC Asset Management Company (AMC) Data Theft

India: Central Board of Secondary Education (CBSE) admits security flaws after teen hacker exposes class 12 data risk

India: Central Board of Secondary Education (CBSE) Admits Vulnerabilities in Evaluation System After Teen Hacker's Findings

India: Central Board of Secondary Education (CBSE) admits vulnerabilities in OnMark portal amid answer sheet mismatch allegations; Congress calls it a massive data breach

India: Central Board of Secondary Education (CBSE) data security under scanner after hacker claims access to answer sheets

India: Central Board of Secondary Education (CBSE) Engages IIT Experts After Admitting OSM Security Vulnerabilities

India: Delhi High Court Says Banks Not Automatically Liable When Customers Click Phishing Links

Inspector general finds NIST mistakes have made vulnerability database ineffective

Instagram Meta AI Flaw Allegedly Enables Account Password Resets

Iran-Linked Hackers Wipe IT Systems and Backups in Middle East Cyberattack

Lakeview Health Systems reaches proposed settlement in data breach class action

Logistics giant suffers massive 840-million-record data breach

Luxembourg holidaymakers falling victim to phishing scams

Massive 17-Million Device Botnet in the Netherlands Dismantled in a Police and NCSC Joint Operation

Medical Billing Company Data Breach Affects 7 Medical Groups

Melbourne International Film Festival customers' data leaked via Ferve platform

Meta tries to get ahead of scammers before the World Cup begins

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

Microsoft says it will not pursue security researchers after zero-day backlash

More than 800,000 Texans possibly affected by Carnival cruise data breach

Nearly 6 million individuals affected in Carnival Cruise Line data breach

Nearly 60 Lakh Passenger Records Exposed in Carnival’s Massive Data Breach

New ChatGPhish Technique Uses Prompt Injection to Manipulate ChatGPT Responses

New DriveSurge Campaign Delivers Malware Through ClickFix Lures

North Carolina man jailed for selling US senior citizens’ data to Jamaican scammers

North Korean hackers target macOS users with advanced malware campaign

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Palo Alto Warns High-Severity Bug Is Being Actively Exploited

Phishing Flub At Miami Cruise Giant Exposes Nearly 6 Million Customers

Phishing Scams: How to Spot and Avoid Them

Plaza Home Mortgage discloses data breach affecting customers, employees

Ransomware leak posts show weekday peak, October spikes

Ransomware Operators Keep Business Hours. The Data Proves It

Ransomware used to have rules. AI just blew them up

Red Hat npm packages compromised to steal developer credentials

Rich Products discloses data breach linked to cyberattack on vendor First Advantage

Russian hacker used AI to run fraud scheme on MAGA Telegram channel

Spain arrests doxer leaking sensitive data of government employees

Station Casinos confirms March data breach, notification of people impacted

Station Casinos Hacked, History Indicates Ransom Paid

Stealer Malware Surges as AsyncRAT, DCRat Lead Weekly Uploads

The biggest cybersecurity threats businesses are facing this year

The First World Cup in the Agentic Era

The Gentlemen ransomware combines advanced encryption with self-propagation, targeting critical sectors

Threat Actors Abuse ChatGPT Chats to Host Fake Outage Page, Deliver Malware

Threat Actors Linked to Iran Leverage AppDomainManager to Evade Detection

Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years

US Troops in Active War Zones Tracked with Commercial Location Data

VSP Solutions responding to Stormous ransomware attack

WhatsApp: How to protect your account from hackers

Why Encrypted File Sharing Is Essential for Modern Businesses

Windows Netlogon 0-Click RCE Flaw Exploited in the Wild

WordPress malware campaign hides payloads in Steam profiles

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts