Data Breaches Digest - Week 26 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 22nd June and 28th June 2026.

22nd June

23andMe settlement shows what privacy is really worth

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

AI and Ransomware Fuel an Explosion in Transnational Crime, Interpol Warns

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Anubis Ransomware Attack Cripples European Port Operations, ₹94 Crores Ransom Reportedly Demanded

AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network

AssuranceAmerica Data Breach Exposes Sensitive Info for At Least 611k Individuals

ATM Fraud Alert: How to Protect Yourself from Card Skimming, Phishing, and Other Banking Scams in 2026

Australia: Victorian RV dealer suffers alleged cyber attack

Belgian State Security hit by Ivanti data breach

Beyond encryption: Ransomware now threatens to leak stolen data

Brazil Suspects Hack Behind Unauthorized ‘Misanthropy’ National Phone Alert

Britain's cyber agency warns AI-written code could create security disasters if left unchecked

Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices

Canadian lender TD tells some employees it will use software to monitor their work

Chinese Cyber Contractors Use Malware, Botnets, and Stolen Data to Enable State Operations

Cyber criminals target World Cup 2026

Data Breach Impacts More Than 3 Million Texas Hunters

Data leak fears after ransomware attack hits Hong Kong’s famous Kee Wah Bakery

Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials

Dutch privacy regulator warns municipalities are struggling to control public camera surveillance

Encrypted DNS still tells an eavesdropper where to look

Fake Grand Theft Auto 6 (GTA 6) beta testing programme targets gamers with phishing emails and malware downloads

GentleKiller Framework Disables Victims' Security Software

Hackers Deploy Prinz Eugen Ransomware With RMM Abuse and Hands-On-Keyboard Tactics

High-Severity Apple Beats Studio Buds Flaw Enables Eavesdropping Attacks

How Cybercriminals Are Exploiting India’s Travel Season Through Phishing, Fraud and Fake Websites

How to recover rapidly and safely from a cyber attack

Hundreds of AI-powered iOS apps found exposing credentials

Interpol flags sharp rise in cybercrime across Asia

INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific

Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens

Klue hack results in data breach at several cybersecurity firms

Kodak Confirms Data Breach Linked to ShinyHunters Hacking Group

KPMG Confirms Optus Data Breach Amid Scrutiny

Major GNU software repository Savannah fixes 2-year flaw that left the platform exposed

Massive security flaw discovered in popular SSH library libssh2

Microsoft Attributes Mastra AI Supply Chain Attack to North Korea

National Cyber Security Centre (NCSC) Urges Fortinet Customers to Tackle FortiBleed Fallout

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

OXLOADER: New Windows Loader Drops CASTLESTEALER via Google Ads

Phishing the agent: Why AI guardrails aren’t enough

Prinz Eugen Ransomware Hits Recent Files First and Skips Ransom Notes

Prinz Eugen ransomware encrypts the most recent files

Salesforce Disables Klue Integration After OAuth Token Theft Hits Customer Data

Scammers Use Fake GitHub Stars, VirusTotal Reviews to Spread Crypto Clipper

ShinyHunters Again? Council of Europe Probing Theft of Payroll, HR and Other Sensitive Data

Singapore: Land Transport Authority (LTA) impersonation phishing scams on the rise again, with at least $74,000 lost in 3 weeks

South Korea: Government's Information Security Lapses Highlighted by Data Breach

South Korea: TVING Fails to Announce Data Breach Scale

Suspected cyberattack triggers false emergency alerts across parts of Brazil

Texas Hunting and Fishing License Holders Hit by Data Breach

Texas Parks & Wildlife Data Breach Affects 3 Million Individuals

Texas Parks and Wildlife Data Breach Affects Over 3 Million License Customers

Texas Parks and Wildlife warns 3 million hunting, fishing license customers about data breach

Texas vendor breach exposes personal data of more than 3 million people

There are 3 obvious signs someone is stealing your Wi-Fi - and several ways to stop them

Third-party data breach may affect some former Mayo Clinic patients

TVING data breach estimated at around 19 million users...Concerns grow over impact on CJ ENM earnings

Two men plead guilty over £39 million Transport for London (TfL) cyber attack

UK: Black Country teenager to stand trial for London transport cyber attack

Understand ‘phishing’? Think again: why cybersecurity language is failing us

Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips

Will your small business be fined for reporting a data breach?

Ransomware Operator Claims - Week 24 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 8th June and 14th June 2026, kindly assisted by our partners.

DBD discovered and researched 254 Ransomware Victims over 54 Countries and Islands claimed by 38 Data-Leaking Ransomware Operators, including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 25 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th June and 21st June 2026.

21st June

AryStinger botnet infected thousands of D-Link routers worldwide

Authorities Dismantle AudiA6, the Ransomware Crypto Laundering Service Behind $380 Million in Cybercrime Proceeds Processing

Council of Europe Data Breach: ShinyHunters Makes 10,000 Employees’ Records Permanent

Data breach impacts more than 3 million Texas hunting and fishing license holders

GentleKiller Ransomware Abuses Vulnerable Drivers to Disable 400+ EDR Security Processes

Gentlemen Ransomware Builds Modular EDR Killer Suite From Rival Gang Tools

Hacker Used Fake IBC Channel to Drain Secret Network’s Axelar Bridge

How Hackers Operate: The Tools Behind Real-World Cybersecurity Testing

London Hydro investigating data breach affecting some customer accounts

Microsoft Links Massive Mastra AI Supply Chain Attack to North Korean Hacker Group Sapphire Sleet

Millions of Brazilians Receive Fake Emergency Alert as Suspected Hack Disrupts National Warning System

Nigeria Data Protection Commission (NDPC) seeks clarification from Independent National Electoral Commission (INEC) over alleged data breach

Novo Nordisk Investigates Massive Terabyte Data Breach Claim by FulcrumSec

Panic in Brazil after hacker triggers nationwide mobile alert

South Korea: AI Provider behind 'Startup for All' Data Breach

South Korea: 'Modu's Startup' Data Leak Traced to Participating Firm, Not External Hacker

Texas Data Breach Hits 3 Million: Driver’s Licenses, Passport Numbers Stolen From Hunting Vendor

Texas Government Data Breach Exposes Over 3 Million Driver’s Licenses

United States Warns of Surging QR Code Phishing Threat Across Miami, Dallas, Seattle, and Philadelphia, Urging Travelers to Inspect Codes Before Scanning to Prevent Mobile Cyber Fraud

US Warns Travelers of Rising QR Code Scams in Major Cities

20th June

124 Million Ukrainian Passwords Leaked Online in Massive Data Breach

AutoJack Exploit Enables AI Agent Hijacking Through a Single Web Page

Credential Stuffing Risk Spikes: 24 Billion Stolen Passwords Linked to Live Exploit Data

Gentlemen EDR Killer Suite Combines HexKiller, ThrottleBlood, and HavocKiller

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys

Hackers suspected to be behind unauthorized alert sent to cell phones across Brazil

Healthcare Data Fuels Underground Cybercrime Economy

Inside GentleKiller: The EDR-Killer Powering The Gentlemen

KPMG admits Optus data breach in Telstra bid

London Hydro data breach compromises customer information

Massive data breach exposes personal information of 3 million Texans

Microsoft AutoJack exposes RCE via AI browsing agents

Microsoft links Mastra AI supply chain attack to North Korean hackers

New Prinz Eugen ransomware prioritizes recent files for encryption

New ransomware hijacks Microsoft Teams to evade detection

One Medical Seniors Data Breach Exposes Patient Information

Phishing now hits Americans 14 times a day, with AI making scams harder to spot

Scope Systems cyber attack: resilience and risk lessons for mining IT teams

Suspected hacker sends unauthorised alert across Brazil

Suspected hackers send cryptic "misantropi4" alert to phones across Brazil

System created to save lives in disasters turned ‘against’ Brazilians overnight: a hacker attack sent out a false alert from Civil Defense with the word “misantropia” that went off on the phones of half the country, even in silent mode, and took down the Cell Broadcast

Texas License Data Breach May Affect More Than 3 Million Holders

Texas Government Data Breach Exposes 3 Million Driver’s License Records

Up to $5,000 Per Person Incoming After Healthcare Firms Accused of Exposing 340,184 Americans in Data Breach

Vidar Malware Bypasses Chrome Encryption Using CryptUnprotectMemory

Why educators and students need to back up critical academic data

19th June

3 million impacted in Texas government department cyber attack

5.5 million records tied to Canada Life are allegedly for sale

10,000 malicious GitHub repos detected: AI agents compromising their owners

140,000 Records Leaked in Ralph Lauren ShinyHunters Salesforce Breach

Acronis report reveals rise of INC ransomware group

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

Apple Patches Beats Studio Buds Flaw That Could Enable Wiretapping

Asia-Pacific scam networks generate nearly $40 billion a year

Australia Post Redelivery Scam Uses Fake Scheduling and Payment Pages

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Bombay High Court Blocks Hacker Data Leak in Privacy Case

Bombay High Court restrains hacker group from disclosing school children’s sensitive data

Brunswick County Schools warns of phishing email sent to student accounts

Bulgaria Let Circles Export Surveillance Tech to Repressive Regimes, Human Rights Watch Says

Canadians could be part of class-action lawsuit filed against popular cruise company

Cherry Health reports possible data breach of patient, staff info

CISA: Splunk Enterprise flaw actively exploited, patch by Sunday

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

CISA warns Fortinet users to secure devices after FortiBleed leak

Commercial Spyware and AI Surveillance Tools Fuel Global Digital Monitoring Risks

Companies are discarding the logs they need to catch a breach

Confidence Lacks in Threat Detection Across Non-Email Channels like Slack and Teams

Critical Flaw in WordPress Plugin Allows Arbitrary File Deletion on 1 Million Sites

Critical unfixable vulnerability allows hackers to take over iPhone XS, XR, 11, and older iPad devices

Cyber attack disrupts website and campus systems at Mount Royal University

CVE-2026-48907 and LiteSpeed cPanel Plugin Flaws Come Under Active Attack

Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware

Day1 Company, Operator of Fast Campus, Suffers Personal Data Breach

Ethical hacker claims she could have "Rickrolled" the entire FIFA World Cup broadcast after HUGE security failure

FBI alerts about Malware infected Traffic Distribution Systems (TDS)

FBI Warns Cyber Criminals Are Using Traffic Distribution Systems to Spread Malware, Phishing Scams and Ransomware

FBI Warns of a Hidden Web Tactic Fueling Phishing and Ransomware

FBI warns of increasing use of Traffic Distribution Systems (TDS) by cybercriminals

Federal Trade Commission (FTC) reports Americans lost a record $3.5 billion in 2025 to impersonation scams

FIFA World Cup 2026: Hackers Target Football Fans With Fake Tickets Sites

Forget Data Leakage: Shadow AI's Real Threat Is Access Control

Former Pakistani PM Named in Secretive Global Network Data Breach

Frontier Airlines left passenger data exposed for more than 100 days, ethical hacker says

Gentlemen Ransomware Explained: How Hackers Can Disable Your Antivirus Nicely

Google thanks researcher for finding major flaw but doesn’t fix it and pays no reward

Hacker pleads guilty to breach of Texas GOP website

Hackers are selling what appears to be ENI France customer data

Hackers Breach Klue Integration to Steal Salesforce CRM Data

Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin

Hackers Snatch 3 Million Driver’s Licenses in Major Texas Government Data Breach

Hackers Use Showboat Post-Exploitation Framework Against Middle East Telecom Firms

Hackers Use Tor-Routed C2 and Local SOCKS5 Proxy to Control Crypto Clipper Malware

Harcourts investigates cyber attack claims, no evidence of impact so far

INC ransomware surges as Australia stays in sights

INC Ransomware Uses Double Extortion and Printer Ransom Notes to Pressure Victims

INC Ransomware Uses LOLBins, RMM Tools, and rclone for Network Intrusion and Data Exfiltration

INC Ransomware Uses Rust-Based Windows and Linux/ESXi Encryptors in New Attacks

Institute of Chartered Accountants of India (ICAI) Refutes Social Media Claims of Examination Data Breach, Assures Students of Complete Data Security

Job Seekers Make for Vulnerable Targets

Johannesburg pensioner says fraudsters stole R1.276m in airline phishing scam

KerberRose data breach impacts 27,000 clients

Klue breach lead to Salesforce data theft, Huntress affected

Klue OAuth breach victim list grows as Icarus hackers claim attack

Klue Supply Chain Breach: Icarus Steals Salesforce Data From Huntress

Madison Square Garden (MSG) facing class-action lawsuit after claims hackers accessed sensitive data of 26 MILLION visitors

Meet 'The Gentlemen': The Ransomware Gang Offering Hackers A 90% Cut

Mount Royal University site down due to cyber attack

New iPhone BootROM Flaw Enables Hardware-Level Compromise

Nintendo: Employee data breach via third-party provider

Nintendo America Employee Data Exposed After Shadowbyt3$ Targets TinyPulse

Nintendo Confirms Employee Data Exposed in TinyPulse Cyberattack

Nintendo Confirms TinyPulse Data Stolen in Shadowbyt3$ Extortion Attack

Nintendo Data Breach: HR Vendor Attack Exposed Decade of Employee Records, $2 Million Demand Refused

Novo Nordisk in touch with authorities over alleged 1 TB data breach claims

Operation Endgame Disrupts Malware Network Linked to Major Ransomware Gang

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Operation Endgame Hits SocGholish Malware Network, 14,971 Websites Cleaned

Pakistan: Online billing services of Capital Development Authority (CDA) suspended after reported ransomware attack

Personal info of 3 million Texas hunters, anglers possibly exposed in data breach

Police raid malware network tied to Russia's Evil Corp hacker group

Ransomware and Third-Party Vendors Drive Highest Cyber Insurance Losses

Ransomware Gang Builds Its Own EDR Killer: Bring Your Own Vulnerable Driver (BYOVD) Arsenal Hits 478 Victims

Ransomware study: Fewer victims - but higher ransoms

Revelations surface as KPMG acknowledges Optus data breach and whistleblower laptop surveillance

Russian Hackers Bypass Firewalls in Major Cyber Intrusion Targeting NATO Member States

Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data

Security Expert Urges Vigilance Following Mackay Sugar Cyber Attack

Singapore: Exchange student gets jail for stalking ex-friends, accessing their Telegram accounts to find out why they cut him off

SocGholish Malware Wiped From 15,000 WordPress Sites as FBI, Europol Seize 106 Evil Corp Servers

South Africa: Pensioner loses R1.2 million in ‘airline’ phishing scam

Swedish regulator says Securitas, a security company, unlawfully monitored drivers with in-car cameras

Texas government data breach exposes over 3 million driver’s licenses

Texas Parks & Wildlife Department: Hunting, fishing license holders possibly affected by cyberattack

Texas Parks & Wildlife Department (TPWD) Data Breach May Affect 3 Million License Holders

The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes

The Growing and Real Threat of Ransomware: Trends, Tactics, and Staying Ahead

The Human Cost of Ransomware: Why CISOs Must Think Beyond Technology

Threat actor adds advanced ‘EDR killer’ tools to ransomware-as-a-service platform

Unauthenticated RCE in Splunk Enterprise under active attack (CVE-2026-20253)

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

US exchange student in Singapore, 23, jailed for stalking 17-year-old girls, hiring Russian hacker to access their Telegram accounts

Utah Soccer warns families of potential data breach leaking their credit information

Vibe-Coded Phishing & AI Exploits: The New Face of Cyber Threats

What the Scope Systems cyber attack reveals about mining’s digital fragility

White House delays release of report on voting machine vulnerabilities ahead of US midterms

Wide-Scale Cyber Attack Targets Fortinet Devices, Threatening Major Institutions Worldwide

Willis report says cyber insurance cover meets most breach losses

Zscaler Research Finds Cybercrime Economics Are Shifting as AI Trades Mass Volume for Lethal Precision

18th June

7 Simple Ways to Protect Your Email From Phishing Before Personal Data Leaks

10 signs that someone is monitoring or accessing your accounts - how to stop them

24 Billion Records Exposed in Massive Leak of Emails, Passwords, and Login Data

124 Million Passwords Exposed as Infostealer Malware Hits Millions of Devices

74,000 Fortinet firewall credentials exposed in FortiBleed data leak

A new cyber threat is rising fast: INC ransomware has already claimed 800 victims

Acronis Research Highlights Rapid Evolution of INC Ransomware into One of the World's Most Active Cyber Threats

Agentjacking: Researchers Show How One Fake Bug Report Can Hijack AI Coding Agents

AI Phishing Gains Inside Access to Vulnerable K–12 Data

Alcott HR Data Breach: Social Security Numbers Compromised

Amazon-Owned One Medical Faces Alleged 8.8TB Data Breach

Amazon’s One Medical company hit by data breach claims: hackers issue last warning

Amazon’s One Medical Senior Health Announces Data Breach, ShinyHunters Claims Stealing 8.8 TB

Apple fixes Beats Studio Buds flaw that let hackers spy on conversations

Australia: Harcourts allegedly hacked by SafePay ransomware

Australia Remains A Key Target As INC Ransomware Rises Following LockBit’s Decline

Australian Clinical Labs Reports SunDoctors Data Breach Potentially Affecting 280,000 Individuals

Australian sugar producer works to restore operations as ransomware group claims attack

Blue Fish Pediatrics Data Breach: Sensitive PHI and PII Exposed

Boots impersonated in major email scam targeting 9 million shoppers

Bulgaria allowed surveillance tech firm to sell products to repressive regimes

Bulgarian licenses enabled EU surveillance exports to repressive regimes

Chinese Hackers Targeting AI, Cyber and National Defense Research

CommSec Phishing Email Targets Client IDs and Passwords

Cyber attack on pharma giant Novo Nordisk exposed clinical trial data

Cybercrime Surges in APAC as Digitalization Takes Hold

Cybercriminals Are Worried About AI Taking Their Jobs Too

Cybercriminals demand $2 Million ransom from Nintendo following data breach

Cybersecurity Is Moving From Detection to AI Resilience

Data leak hits Korea's Startup for All, exposing ideas and judges' remarks

DragonForce exploits Microsoft Teams broadcasts

DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic

DragonForce Ransomware Abused Microsoft Teams to Hide Malware Activity

Dutch Police Arrest Six in Amsterdam Bank Helpdesk Fraud Raid

F5 issues out-of-band patches for critical NGINX vulnerabilities

F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution

Fake Boots emails target millions in large phishing campaign

Fake FIFA Domains Are Phishing for Bank Data

Fake GitHub Stars and AI Videos Mask a Crypto Clipper

FortiBleed: Hackers Compromise Tens of Thousands of Fortinet Firewalls and VPNs, Reportedly Impacting Comcast, Lenovo, Oracle, More

FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices

Fortinet VPN and firewall devices hit by sweeping cyber campaign across 15+ countries, security researchers say

Gang Laundered 3.5 Billion Won From Cambodian Phishing Group via Virtual Assets

GentleKiller targets more than 400 security processes across 48 products

Gentlemen ransomware uses multiple EDR killers to disable defenses

Global ransomware group reportedly claim cyber attack that shut down Mackay Sugar mills

Google cracks down on unrestricted API keys to stop Gemini billing hackers

Hacker says FIFA flaw could have exposed World Cup broadcast control systems

Hackers Abuse Fake Anonymous Tips to Trick Executives Into Clicking Phishing Links

Hackers Abuse PowerShell Commands to Deliver SmartRAT Through Brazilian Bank Phishing Page

Hackers Backdoor pam_unix.so and OpenSSH Binaries to Steal Credentials and Bypass Authentication

Hackers Exploit WordPress SMTP Plugin With 100,000+ Installs

Hackers Use Fake Cloudflare CAPTCHA and BSOD Lures to Deliver SmartRAT Malware

Hackers Use Malicious LNK File and PowerShell Downloader to Stage In-Memory RAT

Hackers Use Resume-Themed LNK Files to Deploy Xctdoor Backdoor via DLL Side Loading

Healthcare sector faces escalating ransomware, supply chain and APT risks as cyber threats intensify

Heart Monitoring Device Manufacturer Discloses Cyberattack; Data Breach

Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, National Cyber Security Centre (NCSC) Warns

Houston pediatric practice says data breach may affect 41,000+ Texans

INC Ransomware: Over 830 victims since 2023

INC Ransomware Claims More Than 800 Victims With Australia Second Most Targeted Country

INC Ransomware Emerges as Major Ransomware-as-a-Service (RaaS) Threat in 2026 with 830+ Victims Since 2023

India’s Digital Fraud Rate Still Nearly Double Global Average Despite Decline

Information Commissioner’s Office (ICO) Cautions Healthcare Worker After Princess of Wales Incident

Interpol Finds Cyber Offenses Make Up One-Third of All Recorded Crime in Asia and South Pacific

INTERPOL Sounds Alarm as Cybercrime Surges Across Asia-Pacific, Driven by AI and Organized Networks

Is multi-factor authentication enough? Kali365 breach fuels security debate

Japanese electric company loses SSD device containing over 10.9 million customer data records

Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks

Kodak Admits Data Breach After ShinyHunters Hack Claims

Kodak confirms data breach as ShinyHunters claims theft of 2.2 million records

Landstar Data Breach: Social Security Numbers and Driver's License Numbers

Latin America (LATAM) Infrastructure Hit by Fortinet and Ivanti Exploits

Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned

Madison Square Garden (MSG) Data Breach Lawsuit Puts Dolan’s Facial Recognition/Data Fight in Spotlight

Malicious Steam Workshop Wallpapers Hijack Accounts via Wallpaper Engine, Distribute DarkKomet, Lumma, Vidar, and RenEngine

Malvertising Campaign Abuses Claude.ai Shared Chat Feature for Social Engineering Attacks

Malware attacks strip Roblox developers of entire games

Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2

Moody Bible Institute investigates potential data breach incident

Most agentic AI projects in production have stalled over data problems

Mount Royal University investigating cyber attack

Mount Royal University responding to cyber attack

Mount Royal University responding to cyber attack, website down

Nelson University suffers ransomware attack that may have exposed sensitive personal data

New INTERPOL Report Highlights Escalating Cyber Threats Across Asia And South Pacific

Nintendo confirms data stolen in WebMD subsidiary cyberattack

Operation Endgame Disrupts SocGholish Malware Infrastructure

Operation Endgame Disrupts SocGholish Malware Network Tied to Ransomware Attacks

Over 140 Mastra npm packages compromised in supply chain attack

Patient 'fuming' over NHS provider cyber attack

Phishing most damaging form of cybercrime, says INTERPOL

Plaza Home Mortgage alerts customers, employees over data security incident

Police clean nearly 15,000 SocGholish-infected sites tied to Evil Corp

Prince George County network outage was caused by cyber attack

Producer of film on Ukraine war targeted by Russian cyber attack

Qilin ransomware claims hack of Australian K-12 tutoring provider

REIC Rentals discloses data breach exposing names and social security numbers

Security Priorities Revealed in Verizon’s 2026 Data Breach Report

ShapedPlugin update flow hacked to infect WordPress sites

ShinyHunters expands leak operation, promises stolen data will remain online “until the end of time”

South Korea: Gift Certificates, Cash, and Back to Crypto...Money Laundering Ring Referred for Detention

South Korea: Ministry of SMEs and Startups Data Breach Leaks 5,000 Emails, Ideas

South Korea: Police Bust 115 Illegal Relay Sites Disguising Overseas Phishing Calls as Local Numbers

South Korea: Police Crack Down on 115 '010 Number Manipulation' Relay Stations...54 Arrested in Sweep

SQL Server 2025 AI Features Can Be Abused to Exfiltrate Sensitive Data

Stanley Pearlman Enterprises Data Breach Exposes PHI and PII

SunSource Data Breach Exposes SSNs and Medical Records

Texas government data breach allowed hackers to steal 3 million driver’s licenses and passports

Texas Parks & Wildlife data breach exposes millions of driver’s licenses, passport numbers

Texas Parks Data Breach Impacts 3.1 Million Individuals

The Gentlemen Ransomware Gang Standardizes EDR Killing

Threat Actors Abuse Remote Monitoring Tools to Bypass Signature-Based Detection

UK says three-quarters of cyberattacks on critical systems are linked to hostile states

University of Nottingham confirms it received no ransom request following cyber attack

University of Nottingham data breach exposes student and alumni records

USB worm spreads crypto-stealing malware via Windows shortcut files

What happens to oversight when AI agents write a lab’s own code

What Ukraine’s Entry Into the EU Cybersecurity Reserve Means

Why the human firewall is important in the age of phishing and AI

Windows Defender Vulnerability Exposed as RoguePlanet Proof-of-Concept (PoC) Spreads Online

World Cup-Themed Phishing Campaign Delivers Voidrift Malware with Highly Personalized Lures

17th June

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

7-Year-Old OpenBSD Flaw Enables Complete PAP Authentication Bypass

15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys

24 billion records, including usernames and passwords, exposed in colossal data leak: What does that mean for you?

144 Mastra npm Packages Compromised via Hijacked Contributor Account

152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Fake Search Clicks

105,000 Chrome Installs Linked to Adware and Fake Google Traffic

AI Threats and Alert Fatigue Challenge Cybersecurity Teams

Android Banker Rokarolla Uses Fake Overlays to Steal PINs, Passwords, and Crypto Wallet Data

Another healthcare firm attacked days after Novo Nordisk breach

Apple makes “Hide My Email” easier to block, raising privacy concerns

Asia-Pacific cyber insurance faces 135,000 ransomware attacks

Attackers drop DragonForce ransomware leveraging Microsoft Teams relay systems

Australia: NSW government pours cold water on ransomware claims

Belarus-Linked GhostWriter Expands Phishing Campaign to Target Gmail Accounts of Polish Public Figures

Bluekit Phishing-as-a-Service (PhaaS)

California water utility probes breach claim by Iran-linked actor

Canada: Data breach of Crime Stoppers confirmed by Ontario police agency

Canada: Nova Scotia hacker convicted of fraudulent impersonation handed conditional discharge

Chinese hackers behind massive AI-powered phishing network that stole millions of cards

CISA Issues Alert on Oracle PeopleSoft Vulnerability Exploited by Ransomware Groups

CISA orders feds to patch max severity Joomla plugin flaw by Friday

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

Claimed Twice: Five Reasons the Same Ransomware Victim Shows Up Under Two Flags

Critical Chrome Vulnerabilities Enable Arbitrary Code Execution Attacks

Critical Fortra Access Manager Flaw Exposes Systems to Command Injection

Critical LiteLLM Flaw Enables Authentication Bypass via Host Header Injection

Critical NVIDIA NeMo Vulnerability Enables OS Command Injection

Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments

Crypto scam losses could reach $17 Billion as approval phishing operations scale, says Chainalysis

Cyber insurance delivers meaningful financial protection, with a majority of data breach and first-party losses covered

Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world

Data Breach Exposes Personal Information of 137,000 School Staff at Infinite Campus

Data breach notification template developed for EU GDPR

Data leak fears after ransomware attack hits Hong Kong’s Kee Wah Bakery

Deno-Based Malware Abuses CloudFront WebSocket C2 for Remote Access and Internal Pivoting

Doing its Job: Large Majority of Cyber Losses Covered by Insurance, Says Willis

DragonForce Exploits Microsoft Teams Relays via Backdoor.Turn

DragonForce Ransomware Group Hid Inside U.S. Firm for Two Months Using Microsoft Teams Relays

ErrTraffic ClickFix Framework Abuses Compromised WordPress Sites to Deliver Infostealers

EU grants Ukraine access to cybersecurity reserve for major attacks

EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks

Ex-health worker cautioned after Princess Kate’s medical notes offered for financial gain

Ex-health worker tried to sell Catherine, Princess of Wales' medical records

Executives Four Times More Confident About AI Risk Than the Teams Managing It

Experts analyse University of Nottingham cyber-attack

FBI dismantles China-based phishing operation that stole $1.9 billion from victims

FBI helps take down AI phishing ring

FBI warns Microsoft 365 users of dangerous Kali365 phishing scam: How it works and how to stay safe

FBI warns of sophisticated Kali365 phishing service targeting Microsoft accounts

FIFA World Cup API Authorization Bug Let Anyone Hijack the Live TV Stream

Fifteen JetBrains Marketplace Plugins Found Stealing API Keys

FishMonger Uses TCP, UDP, and WebSocket C2 Channels in SprySOCKS Windows Attacks

FortiBleed Attack Exposes Fortinet Firewall Credentials in 194 Countries

FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices

Fresenius Kabi Data Breach Compromises Sensitive Personal and Health Information

Frontier AI Models Point to a Shift Defenders Are Not Ready For

Ghostwriter Hackers Abuse Gmail Admin-Themed Emails to Steal Credentials and 2FA Codes

GitBait Phishing Campaign Abuses GitHub Pages to Attack Financial Institutions

GitHub dismissed security reports on flaws now exploited by supply-chain worm, researchers say

Google Lawsuit Cites 9,000 Fake Websites Linked to Phishing Operation

Google sues Chinese AI scam ring over fake texts and phishing sites

Hacker claims to find nightmare loophole inside FIFA's World Cup system

Hacker group claims 1TB data theft from pharmaceutical giant Novo Nordisk

Hacker Threatens to Leak Decade of Nintendo's Internal Data Unless Firm Pays $2 Million Ransom

Hackers Abuse SheetBest API to Exfiltrate Banking Credentials Into Google Sheets

Hackers build database of 30,000 working Fortinet logins, researchers warn

Hackers Claim 1TB Data Theft from Wegovy and Ozempic Maker Novo Nordisk, Demand $25 Million

Hackers Compromise 140+ Mastra npm Packages to Steal Credentials

Hackers Use Potemkin Loader to Deliver RMMProject RAT in ClickFix Intrusion

Health worker cautioned after attempting to sell the Princess of Wales's medical records

Healthcare worker tried to sell Princess of Wales's private medical records

Holiday season is here - but watch out, hackers are launching more phishing scams and attacks than ever before

Hostile states behind three-quarters of attacks on Britain's critical infrastructure

How AI is changing cybersecurity

How DragonForce Ransomware Hid in Plain Sight Using Microsoft Teams Infrastructure

Hyper-Synthetic Data: The Future of Cybersecurity

INC Ransomware Thrives by Mastering the Basics

Indonesia Cyber Security Forum (ICSF) Uncovers Rampant Hacker-for-Hire Trade in Indonesia

Infinite Campus Breach Exposes 137,000 Staff Accounts - What Is A Data Breach?

INTERPOL Warns India Among Top Targets of Cyber Attacks, Deepfake Fraud and Ransomware

Ireland: HSE Fined €300,000 After Tullamore Hospital Data Breach

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Kodak Confirms Breach Following Claims 2.2 Million Records Stolen

Kodak Confirms Data Breach as ShinyHunters Threatens Leak of 2.2 Million Records

Kodak confirms data breach claimed by ShinyHunters extortion gang

Kodak Confirms Data Breach Following ShinyHunters Claims of 2.2 Million Records Theft

Kodak Hit by Data Breach, ShinyHunters Claims 2.2 Million Records

Kodak Investigates Cyber Intrusion After ShinyHunters Group Issues Ransomware Ultimatum

Kodak investigates data breach after ShinyHunters cyberattack

Lifepoint Health Data Breach Exposes Social Security Numbers of Contracted Vendors

Low-skilled attacker used Claude, Codex to breach 14 companies

Mackay Sugar cyber attack flagged as broader risk to Australia’s food supply chain

macOS Users Targeted by Sapphire Sleet Campaign Using Script Editor and Fake Update Dialogs

Madison Square Garden Data Breach: Could James Dolan Face Legal Consequences? Inside $5 Million Class Action Lawsuit Over Massive Hack

Madison Square Garden (MSG) Faces Lawsuit Over Data Breach Of Controversial Surveillance System Amid Knicks’ Celebrations

Madison Square Garden Hit With Class Action Lawsuit Over Apparent Data Breach

Maine Closes Data Breach Portal After Fake Breach Notices

Maine Shuts Data Breach Portal After Fake VRChat and Discord Filings

Malicious JetBrains Plugins Caught Harvesting AI API Keys from Developers

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Malicious JetBrains Plugins Steal OpenAI, DeepSeek, SiliconFlow API Keys, Malicious Chrome Extensions Capture Chatbot Chats

Massive database with 24 billion credentials found exposed online

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development

Microsoft Teams users beware - relays hit by ransomware hackers looking to hide malicious traffic

Microsoft working on Defender patch for RoguePlanet zero-day

Microsoft working on patch for RoguePlanet Defender zero-day (CVE-2026-50656)

Modular Phishing Kit Uses GitHub Pages to Steal Payment Card Details and Passwords

Murray County, Tennessee, Paid $200K After Ransomware Attack

Nelson University Data Breach Compromises Sensitive Data of Students

New INTERPOL report highlights escalating cyber threats across Asia and South Pacific

Nintendo Confirms Data Breach but Refuses to Pay $2 Million Ransom

Nintendo confirms recent data breach, states most of the information is outdated

Nintendo Data Breach Hits Employees, Not Gamers: Hackers Threaten To Release Sensitive Files

Nintendo employee Data reportedly stolen in Cyberattack and Hackers demand $2 Million Ransom

Nintendo faces £1.5 million ransom threat after alleged employee data breach

Nintendo faces $2 Million ransom after employee data breach via TinyPulse

Nintendo Faces $2 Million Ransom Over Third-Party Data Breach Heist

Nintendo issues statement on data breach after hackers demanded $2 Million ransom

Nintendo Of America Dismisses Data Breach, Says No Personal Or Financial Info Were Accessed

Nintendo Officially Responds To $2 Million Hacker Ransom, Assures That No Customer Data Was Stolen

Nintendo responds after alleged third-party data breach: Our ‘systems have not been compromised’

Nintendo Responds to Data Breach Claims, Confirms Limited Employee Data Exposure

North Korean Hiring Fraud Runs on AI and US Laptop Farms

Novo Nordisk Data Breach: Cyber Extortion Group FulcrumSec Claims Theft of 1.3 TB of Sensitive Data After USD 25 Million Ransom Demand

Novo Nordisk Data Breach: FulcrumSec Demands $25 million, Allege Theft of 1.3TB of Drug, Trial and Patient Data

Novo Nordisk hackers turn to private sale after Ozempic maker refuses $25 Million ransom demand

Novo Nordisk Hit by Data Breach: Hackers Steal One Terabyte, Company Refuses $25 Million Ransom

Novo Nordisk IT Security Incident Exposes Limited Patient and HCP Data

Novo Nordisk Reports Cybersecurity Breach Affecting Clinical Trial Patients

Novo security breach claimed by hacking groups seeking multi-million-dollar ransoms

One Medical Seniors reports data breach of third-party file storage system impacting 'limited' number of patients

Oracle PeopleSoft Zero-Day Exploited in Ransomware Attacks, Warns CISA

Organizations’ Emergency Response Fails to Match Confidence Levels

Ozempic Maker Novo Nordisk Confirms Security Incident After $25 Million Hacker Demand

Phishing falls as attackers turn to AI & encryption

Phishing scam targets Microsoft Teams, Outlook, and OneDrive

Portugal registers more than 2.400 cyberattacks per week per organization

Prince George County government hit by cyber attack

Ransomware attack halts operations at Australia's second-largest sugar producer

Ransomware Attack Highlights Maritime Cyber Risks

Ransomware Group Demands $2 Million From Nintendo After Getting Access to Sensitive Information

Ransomware group wants $2 million from Nintendo for Tinypulse hack, Nintendo says its aware

REIC Rentals Data Breach: Social Security Numbers Compromised

Researcher found a way to hijack FIFA World Cup streams but didn't touch it

Resecurity details Anubis ransomware attack on Adriatic Port Authority, exposing maritime infrastructure risks

Rokarolla Android trojan targets banking and crypto users, enables device takeover

Security risks overshadow the debut of Europe’s X rival, W

Sensitive Enterprise Data Uploads to AI Models Double in a Year

Serverless Phishing Kit on GitHub Targets Mexican Banks

ShadowByt3$ Targets Nintendo in Fresh Ransomware Scare

SK Telecom (SKT), Korean National Police Agency identify 475 phishing crime servers with AI

Southwest Behavioral Data Breach Affects 2,316 Individuals

SpyCloud Report Finds Phishing Attacks Surge as Employee Data Is Exposed at 86% of Fortune 100 Companies

Summer vacation scams surge, targeting travel industry

That AI chatbot you secretly use at work? It may be a security risk

The checklist problem behind critical infrastructure cyber safety

The end of ransom payments?

The SOC’s visibility gap comes down to staffing

Think multi-factor authentication keeps you safe? Kali365 shows why that’s no longer enough

Troy Hunt (Have I Been Pwned) Flags 455,000 Emails in University Of Nottingham Data Breach

Ukraine can now tap EU cyber support during major attacks

Ukrainian pleads guilty to role in Conti ransomware group

Understanding OAuth Risks: From Device Code Phishing to Token Abuse

University of Nottingham shares more details on major cyber-attack

'We have no reason to believe that our data or systems have been compromised': US lawmakers said 2.5 million VRChat users were at risk from a hack, but the company says it's a fake notice

What Is A Data Breach? Infinite Campus Leak Hits 137,000 Staff Accounts

What is Kali365? FBI warns of Telegram-based phishing toolkit targeting Microsoft 365 users

What security leaders want you to know about surviving ransomware

What the ThreatLabz 2026 Phishing and Initial Access Report Means for the Public Sector

When should we entertain the Ransom demands of Ransomware Hackers

16th June

84% of professional football clubs have become victims of attacks, now the World Cup 2026 could also become a hacker paradise

94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

Amos Stealer Targets macOS Keychain Files and Browser Passwords

Anyone Can Be a Hacker Now: FBI Exposes Microsoft 365 Phishing Toolkit That Gives Amateurs the Keys to Cybercrime

Apple plans to change its Hide My Email privacy feature that could make it less effective

Asian firms scrutinise cyber insurance limits as ransomware losses climb

Attackers are exploiting FortiSandbox vulnerabilities

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

Australian Medical Council denies ransomware attack in wake of false claim

Australian mortgage broker Keylend warns of phishing incident following single account breach

Belarus-Linked UNC1151 Launches Gmail Phishing Campaign to Steal 2FA Codes

Boots impersonated in phishing scam targeting nearly 9 million shoppers

Bug in FIFA World Cup internal system gave anyone ability to modify TV stream

Cal Water investigates alleged hacker breach affecting Chico customer data

Canada: Ford government scolded agency over cyber attack. Documents show it knew a month earlier

Cardiac patients’ medical data stolen and held to ransom

China Spent Over a Year Inside U.S. Medical Research Networks - And Used Google’s Own Email Rules to Steal Data

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

CISA warns of another cPanel plugin flaw exploited in attacks

Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

Compromised WordPress Site Uses Traffic Direction System to Target Windows Users With GULoader

Conti Ransomware Loader Developer Pleads Guilty in $150 Million Operation Riptide Case

Conti ransomware operator pleads guilty to wire fraud conspiracy and cyber extortion scheme

Cost of ransomware recovery too high? Here’s how to stop footing the bill

Council of Europe investigates ShinyHunters data breach allegations

Critical Fortinet FortiSandbox flaws now exploited in attacks

Critical Microsoft 365 Copilot Flaw Enables One-Click Data Theft

Critical SearchLeak Flaw in Microsoft 365 Copilot Exposed Sensitive Enterprise Data

Crypto scammers are sending couriers to victims’ homes to collect cash

Cyber attack on Southern Illinois Ob-Gyn hospital impacted thousands of patients

Cyber Crooks Hit Long Island Legal Aid, Expose Clients’ Sensitive Data

Cybercriminals mask malicious communications through Microsoft Teams relays

Cybercriminals Use The Quarry Toolkit to Launch IRS and SSA Phishing Attacks

Cybersecurity Awareness and Digital Forensics: Safeguarding the Digital World

Did Jaguar Land Rover (JLR) force brands to rethink cyber for their dealers?

Does the jailbreak that got Anthropic’s Fable 5 pulled exist in every AI model?

DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company

DragonForce ransomware uses Microsoft Teams for covert command and control

Easterly Properties Data Breach: Social Security Numbers Exposed

Error in Breach Notice Leaves Victims Confused, Skeptical

Estonia to quarantine emails sent from Russian .ru domain before they reach government officials

EU Cybersecurity Act 2.0: When good regulation goes bad

EvilTokens: Phishing-as-a-Service (PhaaS) Kit Abusing OAuth Device Code Flow on Microsoft 365

Experts Say Google's Recent Scam Lawsuit May Have Limited Impact

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

FBI Issues Urgent Scam Alert for Microsoft Teams, Outlook and OneDrive Users

FBI issues warning about Kali365 phishing scam that bypasses MFA in Microsoft 365 accounts

FBI Warns Courier Cash Pickups Are Driving Crypto Scams

FBI Warns Microsoft 365 Users About 'Kali365' Phishing Scam That Can Bypass MFA

FBI warns Microsoft 365 users of new Kali365 phishing scam: What it is, how it works

FBI warns Microsoft 365 users of phishing scam. How to stay safe

Federal Government dismisses report of cyber attack on Nigeria education management information system

Federal Trade Commission (FTC) warns of record $3.5 billion losses to imposter scams in 2025

Former LockBit and Qilin Operators Launch New RaaS Programs With AI-Based Victim Analysis

Gentlemen Ransomware targets Mackay Sugar in Australia

Ghana: Cyber Security Authority (CSA) urges Universities to strengthen cybersecurity following university of Nottingham cyber-attack

Ghana: Cyber Security Authority (CSA) warns educational institutions to strengthen cybersecurity following major UK data breach

Global Ransomware Incidents Increase 48% in May 2026

Google and FBI join forces to combat AI-generated phishing scams targeting smartphone users

Google Takes Legal Action Against Chinese Hackers Accused Of Weaponising Gemini AI For Massive Scam Operation

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

Hacker: 'I Could Have Rickrolled the World Cup'

Hacker Group Demands $2 Million from Nintendo

Hackers Abuse Legitimate RMM Tools in The Quarry IRS and SSA Phishing Campaigns

Hackers Abuse Microsoft Teams to Conceal Ransomware Activity

Hackers boast of data dump involving 5.4 million Swedes, but there’s a catch

Hackers Hijack Terminal Server to Launch 8.9 Million-Email Boots Phishing Campaign

Hackers Use The Quarry PhaaS Ecosystem to Target U.S. Victims With IRS Phishing

Hackers Weaponize Microsoft Teams Relay to Hide Ransomware Traffic

Hacking group claims major hack of Novo Nordisk and attempted $25 million extortion

Hidden in Teams: DragonForce Attackers Weaponize Microsoft Teams Relays to Stay Hidden

How could the Ransomware Bill be diminished without compromising on Cybersecurity

How to protect yourself from online scams, phishing, and identity theft

India: Did hackers access ICAI's exam portal? Alleged data breach sparks concern days before Chartered Accountants (CA) Inter, Final results 2026

Infinite Campus Data Breach Exposes 137,000 Users Personal Details

Interlock and Rhysida Ransomware Operations Share Supper Backdoor and Malware Codebase

INTERPOL-Backed Operation Dismantles Decade-Long Phishing Platform, Arrests Alleged Administrator

Ireland: Cork man extradited to US pleads guilty to involvement in global ransomware fraud

Ireland: HSE Fined €300k Over Data Breach At Offaly Hospital

Ireland: HSE hit with €300,000 fine over Tullamore hospital patient data breach

iRhythm Discloses Data Breach After Threat Actor Claims Protected Health Information (PHI) Theft

iRhythm discloses data breach, says hackers stole patient info

iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

iRhythm Holdings Discloses Third-Party Data Breach via Social Engineering

iRhythm Technologies Data Breach Potentially Exposes Protected Health Information

Jackpocket Casino Data Breach Exposes Sensitive Personal Information

Kali365 Phishing Attack Bypasses Microsoft 365 MFA Using Real Login Pages, No Fake Site Needed

Kee Wah Bakery hit by ransomware attack; customer and staff data compromised

Mackay Sugar cyber attack claimed by The Gentlemen ransomware

Maine takes down its data breach notification portal after it is flooded by fake claims

Malicious JetBrains Marketplace plugins steal AI API keys from developers

Malwarebytes Finds Ad Scams Hidden in 40+ World Cup Streaming Sites

Microsoft 365 Device Code Phishing Campaign Bypasses Password Theft With Legitimate Login Flow

Microsoft 365 Users Targeted by Device Code Phishing Campaign Using OAuth 2.0 Flow

More than 40 World Cup streaming sites caught pushing scam ad networks

Murray County paid hackers $200K after ransomware attack in May

New Phishing Scam Targets Microsoft Teams, Outlook, and OneDrive

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

New Rokarolla Android malware targets 217 banking, crypto apps

New Rokarolla Android Trojan Found Targeting 217 Crypto and Banking Apps

Nigeria: Federal Government Denies Cyber Attack on Education Data Platform

Nintendo Is ‘Aware Of An Issue’ Involving Third-Party Hack As Group Allegedly Tries To Ransom Employee Info For $2 Million

Nintendo says hacker group’s stolen employee data is ‘limited and old’ despite $2 Million ransom threat

Novo Nordisk Confirms Cyberattack Exposing Patient Data and AI Assets

Novo Nordisk Data Breach Exposes Clinical Trial Patient Data

Oak View Group Data Breach Exposes Social Security Numbers

OnionDrop Loader Uses Nation-State-Grade Evasion to Deliver LegionLoader, CGrabber, and Vidar

OptinMonster Plugin Flaw Exposes 1.2 Million WordPress Sites to Attacks

Over Two-Thirds of Security Pros Say Cyber Is Getting Harder

Ozempic maker Novo Nordisk hit with $25 million ransom demand after claimed data breach

People’s Republic of China (PRC)-Linked Hackers Exploit REDCap Servers to Target US Research Institutions

Phishing No Longer Looks Wrong: What Security Leaders Should Do Next

Phishing scam victim loses $3,456 claim against bank after failing to act on notification alerts

Planning a trip? Fake travel sites are multiplying this summer

Ransomware Ecosystem Consolidates Around LockBit Alumni, Qilin, Hyflock, and The Gentlemen

Ransomware gang abuses Microsoft Teams relays to hide malicious traffic

Reform Wales faces data breach questions after Tory members receive party emails

Rockstar Games Targeted by ShinyHunters in Massive Cloud Data Breach

Rokarolla Trojan Combines Banking Fraud With Device Surveillance

Samsung boosts Galaxy security, blocks malicious apps and scam calls

Samsung Electronics boosts Galaxy security, blocks phishing apps from installation to execution

Samsung to Block Execution of Phishing Apps on Future Galaxy Devices

Scam Alert: FBI issues warning for Teams, Outlook, OneDrive users

ShinyHunters Claims 297 GB Council of Europe Data Breach

ShinyHunters Claims Council of Europe HR Data, Threatens Leak

ShinyHunters claims theft of 2.2 million records from Kodak in ransomware ultimatum

ShinyHunters exploited Oracle PeopleSoft flaw to victimise hundreds of organisations

ShinyHunters publishes data stolen from school software provider Infinite Campus, 137K users exposed

Shocking New Phishing Scam Lets Hackers Break Into Outlook and Teams Without Stealing Login Details

Silent Ransom Group Threatens US Law Firms With LEAKEDDATA Data Leak Site

SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)

Singapore: Man lost S$3,800 in card phishing scam after clicking on TikTok ad; tribunal finds him liable, not bank

South Korea: Police Arrest 23 in Cambodia-Linked Phishing Crypto Laundering Crackdown

South Korea: Police Bust Phishing Money-Laundering Ring Using Tether

South Korea Busts Crypto Laundering Ring Tied to Cambodian Phishing Group

South Korea Fines Coupang $409 Million Over Massive Data Breach

South Korea slaps Coupang with a record ₩624.7 billion data breach penalty

SprySOCKS Backdoor Expands From Linux to Windows

Steam Workshop abused to spread malware via Wallpaper Engine app

Superior Drywall Data Breach Exposes Financial Account Information and Social Security Numbers

Sysco hit by second extortion claim over 61 Million records, weeks after Qilin ransomware threat

The Gentlemen Ransomware-as-a-Service (RaaS) Scales to 166 Victims as Ransomware Groups Compete for Affiliates

The Hacker Group That Once Targeted BMW and Google Play May Have Changed Its Mission

The Handala hacker group uses cyberterrorism as psychological warfare, study finds

Think your Microsoft 365 account is safe? This new scam may prove otherwise

UAE's most dangerous cyber threat: Why credential phishing is getting harder to detect

Ubeo Data Breach: SSNs and Driver's License Information Compromised

UK watchdog now investigating smart TVs collecting your personal data

UNC1151 Ghostwriter Hackers Target Gmail Users With 2FA-Stealing Phishing Campaign

Update on the California Water Service (Cal Water) Hacking Incident

US restricts Anthropic Mythos and Fable AI models over fears foreign military will use them

“We hit the UK hard:” 9 million targeted in Boots gift scam hosted on hacked government website

What Is Kali365 & How Is It Targeting Microsoft 365 Users With Automated Phishing Attacks

What Is Kali365? Everything You Need to Know About the MFA-Bypassing Phishing Scam

Willis finds cyber insurance coverage adequate for most breach and first-party losses

Windows version of SprySOCKS Linux malware used to attack government organizations

15th June

4 major Iranian banks suffer cyber attack, no customer data impacted

23andMe data breach victims get $46.75 million settlement

152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic

A hacker has allegedly stolen employee data from Nintendo

A hardware neural network backdoor that hides in plain sight

Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks

AI vulnerability discovery is pushing 2026 CVEs toward 66,000

Akira ransomware spotted using LimeWire service for data theft

Alleged Dark Web Leak Exposes Data on 62,208 Paris Transit Workers, Raising Fresh Cybersecurity Fears

Anthropic says US government forced it to disable cybersecurity AI models

Anthropic's most advanced AI models blocked worldwide: US cites cyberattack risks

APT37 Hackers Use NarwhalRAT Malware With Microsoft-Themed Phishing and Dead-Drop C2

Attackers Hijack Popular WordPress Plugins to Deploy Backdoors

Australian Sugar Producer Mackay Sugar Reports Cyber Incident

Belarus-linked hackers target Gmail accounts of Polish public figures and their families

Breaking Down the Novo Nordisk Data Breach

Caldwell Sutter Capital discloses data breach tied to third-party software provider

California Water Systems Secure Despite Hacker Claims

China-linked spies backdoored authentication stack to stay hidden for years

Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails

Chinese hackers breach REDCap servers, steal medical research

Chinese hackers breached North American research institutions via REDCap servers

Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks

Council of Europe investigates ShinyHunters data breach claims

Coupang Faces Record $470 Million Fine, Class Actions Loom Over Data Breach

Cyber Attack on Oracle Exposes Data of Higher-Ed Clients

Cyber threats shift focus to people as AI-driven scams and identity attacks rise in 2026

Cyberattack on Russian tech firm Astral disrupts business, government services for a week

Cybersecurity Experts Urge US to Lift Ban on Anthropic's Frontier AI Models

Cybersecurity veterans protest ‘dangerous’ US government ban on Anthropic’s most powerful models

Cyberwar At the Front Line: Why Enterprises Must Prepare for Digital Conflict

Data Breach Portal Shut Down After Fake Filings Expose Unverified Auto-Publish Flaw

Department of Justice (DOJ) seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act

Don’t just recover from ransomware; recover well, and you could cut your ransomware bill too

FBI: Fraudsters use couriers to steal money in crypto scams

FBI alerts users to Microsoft Teams, Outlook phishing risk

FBI And Google Crush AI Scam Ring Behind 1.59 Million Phishing URLs

FBI Destroys Massive AI Phishing Empire Linked to $1.9 Billion Theft

FBI dismantles Chinese phishing service that coached buyers to generate scam sites using AI - $88 cybercrime product linked to $1.9 billion in losses, 3.87 million stolen cards

FBI takes down Chinese phishing operation

FBI takes out huge AI-powered phishing service: Outsider Enterprise was using over a million phishing URLs to steal credit card data and passwords

FBI warns of Kali365 phishing scam targeting Microsoft 365 users

FBI Warns Of Phantom Hacker Scams Targeting Bank Accounts

FBI, Google Dismantle ‘Outsider Enterprise’ Phishing Service

FBI, Google Take Down AI-Powered Cybercrime Ring That Was Using Over A Million Phishing URLs To Steal Data

Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women

Global crackdown exposes €336m crypto laundering linked to ransomware gangs

Google files lawsuit over AI-assisted phishing operation abusing Gemini

Google says Chinese-linked hackers stole defence and AI data from US and Canadian labs for a year

Google Sues Chinese Crime Ring for Using Gemini AI in Mass Phishing Scams

Google sues Chinese network accused of impersonating Google with AI

Google sues Chinese network over AI text phishing scams

Google Sues Operators of AI-Powered ‘Outsider’ Phishing Kit Linked to 1.5 Million URLs

Hacker claims to have stolen Nintendo employee data and more

Hacker claims to have stolen Nintendo HR data from TINYpulse systems

Hacker claims to have stolen roughly 859 MB of data from Nintendo

Hacker drops Needlework Tours customer data on underground forum

Hacker Group Claims To Have Stolen Nintendo Data, Posts $2 Million Ransom

Hackers claim massive Council of Europe breach: troves of personal data exposed

Hackers demand $2 Million from Nintendo over alleged data breach

Hackers Use Microsoft Account Security Alert Lures to Deliver NarwhalRAT Malware

Handala Hacking Group Claims Breach of California Water Service

How a Chinese hacker group used Google’s AI to scam thousands of users

HSBC Payment Advice Phishing Email Aims to Steal Passwords

Humanity Protocol Hack Linked to Suspected North Korean Actors

Humanity Protocol loses $36 Million in phishing hack linked to North Korean cyber operatives

Infinite Campus: Data breach affects 137,000 school staff accounts

Infinite Campus data breach affects 137,000 school staff accounts

Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise

Ireland: HSE fined €300k over data breach at Midland Regional Hospital Tullamore

Kaspersky identifies phishing campaign using AI web hosting platform

Kimsuky targets South Korea with spear phishing using data-leak lures

Korean Ecommerce Giant Hit With Record-Setting Fine Over Massive Data Breach

Labcorp Agrees to Pay $35 Million to Settle American Medical Collections Agency (AMCA) Data Breach

Legal Services of Long Island Data Breach Exposes Sensitive Personal and Health Information

LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers

Maine closes data breach portal to the public after fake reports

Maine Data Breach Reporting Portal Abused, Taken Offline

Maine Disables Data Breach Portal Due to Fake Submissions

Maine forced to take down data breach portal after fake notices filed with authorities

Maine Takes Breach Reporting Portal Offline After Fake Entries

Maine Takes Data Breach Reporting Portal Offline After Fake Discord and VRChat Filings

Microsoft’s workplace check-in via Wi-Fi tracks who’s in the office, and not everyone’s happy

New attack turned Microsoft 365 Copilot into 1-click data theft tool

Nintendo Alleged Data Breach: Threat Actor Demands $2 Million Ransom

Nintendo Data Breach: Hacker Claims Stealing Approximately 860 MB via TINYpulse Systems

Nintendo Employees’ Private Workplace Confessions May Now Be On a Criminal Forum After Hacker Targets HR Vendor TINYpulse

Nintendo hit with data breach, hacker steals 859MB of data via TINYpulse

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

North Korean hackers steal $36 Million from blockchain service using phishing email

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

OptinMonster WordPress plugin hacked in CDN supply-chain attack

Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited

Orthopaedic Specialists of Massachusetts (OSM) Data Breach Exposes PHI and PII for 20,147 Patients

Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores

Over 73K accounts caught up in breach of France’s government messaging platform Tchap

Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems

Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw

Paylogix data breach exposes sensitive employee and client information in ransomware attack

Phantom Hacker Swindlers Zero In On New Yorkers After $1 Billion Nationwide Heist

Phishing Alert - Beware of Booking.com Phishing Messages Exploiting Suspected Leaked Booking Data

Phishing Through Bithumb Leads to $36 Million Theft From Humanity

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Power Without Control: What Anthropic’s Claude Fable 5 and Mythos 5 Mean for Enterprise Security, AI Governance, and Risk

Protecting Public Safety Networks: A Deep Dive into the Ransomware Threat and Emerging AI Risks

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Ransomware Hits Australia’s Sugar Mills, Shutting Down Operations

Ransomware Insider Betrayal: Guilty Plea In BlackCat Cybercrime Scheme

Ransomware Preparedness Must Be a Boardroom Priority: NCSC (National Cyber Security Centre) Chief

SearchJack Adware Campaign Exposes 758,000 Users to Privacy and Phishing Risks

Senior engineers are spending their week cleaning up AI-generated code

SHADOWBYT3$ Allegedly Claims Nintendo Breach and Theft of Sensitive Data

SHADOWBYT3$ Claims Nintendo Data Breach, Alleges $2 Million Ransom Demand Through HR Platform Exploit

ShinyHunters Claims Council of Europe Hack

ShinyHunters claims Kodak hack, threatens to leak 2.2 Million records

ShinyHunters Publishes Infinite Campus Data in Extortion Campaign Linked to Salesforce, 137,000+ Emails Exposed

SimpleHelp bug lets hackers create rogue remote support accounts

Sniper Dz Scams Target MENA Users via Fake Facebook Offers and Browser Alerts

South Korea: 'Business-Crushing' Ransomware...National Police Agency to Launch Dedicated Investigation Team

South Korea: Privacy Watchdog Probes CU Convenience Store Delivery Data Breach

South Korea Fines Coupang Record £300 million Over Data Breach

Spectrum Sued After Data Breach Exposes 40 Million Customers

Splunk Urges Immediate Patching of Critical Flaw Enabling Arbitrary File Operations

The FBI just issued an urgent warning for anyone using Microsoft Teams, Outlook, or OneDrive over a new phishing scheme

The Philippines: Hacker of government websites identified

The Shared Language Needed to Secure and Govern AI Systems

The US government’s Anthropic models ban was never about an AI jailbreak

Travel Phishing and Cyber Attacks are Surging in 2026, Growing 122% over the last 3 years. Here’s What Cyber Criminals Are Actually Doing

UK Government Finds 400+ Vulnerabilities in AI Hackathons

Ukrainian Man Pleads Guilty in US to Conti Ransomware Charges

Ukrainian national pleads guilty in connection with Conti ransomware

US export controls on Anthropic’s AI models catch Europe unawares

Virta Health Data Breach Exposes Sensitive PHI and PII

What Is Phishing? How It Works, Types, and How to Spot It in 2026