Ransomware Operator Claims - Week 22 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 25th May and 31st May 2026, kindly assisted by our partners.

DBD discovered and researched 157 Ransomware Victims over 37 Countries and Islands claimed by 32 Data-Leaking Ransomware Operators, including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data-Leaking Ransomware Report - May 2026

Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st May and 31st May 2026.

DBD discovered and researched 722 Global Ransomware Victims over 82 Countries and Islands, including 312 US Ransomware Victims over 43 States and Districts, claimed by 60 Data-Leaking Ransomware Operators in May 2026.

DBD also discovered and researched 7 New Active Ransomware Operators called 0DAY, Bavacai, CMD Organization, Icarus, SPY CORPORATE, TITAN and Triple X in May 2026.

Download PDF



Data Source: Data Breaches Digest.

Data Breaches Digest - Week 23 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 1st June and 7th June 2026.

5th June

AI Coding Tools Need Built-In Security for Agentic Development Era

AI is helping low-skill hackers pull off advanced cyberattacks

AI tools becoming hot commodities on ransomware marketplaces

Attackers obtained encrypted password vaults from some Dashlane user accounts

Belgian judge orders bank to reimburse phishing victims after couple lose their life savings

Centrelink denies hacker claims of cyber attack

CISA Warns of Exploited Linux Kernel Authentication Flaw

Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)

Cisco SD-WAN Flaw Exploited to Execute Root-Level Commands

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

Compliance chaos: New York regulators see a data breach - then focus on IT errors

Dashlane Reveals How Hackers Downloaded Encrypted Vaults

DBR & CO Data Breach Exposes Social Security Numbers

ESET report finds 45% of SMBs hit by cyber incidents

FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins

Financial ransomware and supplier risks rise

Global ransomware activity rises modestly in May as Qilin, The Gentlemen, and DragonForce lead attacks

Gravity Bridge Hacker Moves Another $2.1 Million in Stolen ETH to Tornado Cash

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites

Hackers getting an easy ride: misconfigured cloud settings behind growing number of data breaches

How Hotels Can Stay on Top of Security During Travel Season

India: Digital Personal Data Protection (DPDP) and Cybersecurity - Why the Safest Data May Be the Data You Delete

India: Education ministry denies reports of data breach of candidates for JEE (Advanced) exam

India: Education Ministry rejects JEE Advanced data breach claims, says candidate data remains secure

India: JEE-Advanced data breach claims misleading, factually incorrect

Indian Institute of Technology (IIT) denies JEE-Advanced data breach claim: 'Minimal, temporary misconfiguration’

Indian Institute of Technology (IIT) Roorkee denies data breach affecting JEE Advanced candidates

Indian Institute of Technology (IIT) Roorkee Denies Data Breach Allegations Amid Misinformation Claims

Indian Institute of Technology (IIT) Roorkee Rejects JEE Advanced 2026 Data Breach Claims, Says No Sensitive Information Was Compromised

Marks & Spencer CEO loses annual bonus after $175 Million cyberattack

Microsoft Edge Vulnerability Enables Remote Code Execution

Most professionals have seen AI hallucinations in IT operations

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Nigeria: Independent National Electoral Commission (INEC) probes alleged misuse of authorised access to Continuous Voter Registration (CVR) database

Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals

OpenAI Codex Uncovers HTTP/2 Bomb DoS Exploit Affecting nginx, Apache, and Microsoft IIS

Over 60k Grand Theft Auto V (GTA V) players allegedly exposed in cyber attack on game cheat service

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network

PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for SMTP Relay Abuse

Phishing Has Become an Industry, And AI Is Driving Its Growth

Pink Extortion Group Linked to UNC6671 and The Com Uses Vishing and Fake Helpdesk Calls to Target Enterprise Data

Pink ransomware group steals Microsoft 365 data

Post-Quantum Security Standards Exist, Migration Remains the Challenge

Reactive Security Is Failing Healthcare Organizations, Experts Warn

Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords

Southeast Asia Scam Compounds Turn AI Into a Cybersecurity Threat

The Oncology Institute Discloses Data Breach to Securities and Exchange Commission (SEC)

VECT 2.0 Ransomware Breaks Files Beyond Its Own Recovery

VECT 2.0 Ransomware Can Corrupt Encrypted Files Beyond Reliable Decryption

VECT 2.0 Ransomware Can Damage Files Its Own Decryptor Cannot Reliably Restore

VerdantBamboo APT Uses BRICKSTORM Malware in Attacks on Network Appliances

Wales: Cyber attack at Powys school exposes personal data of pupils and staff

World Food Programme (WFP) Gaza Data Breach Exposes 600,000 UN Food Agency Household Records

4th June

7 Data Security Stories to Know About in May 2026

A Simple Tool to Combat Phishing Schemes

Acadia Healthcare Data Breach Exposes Social Security Numbers

Acer Develops Fix for Critical Wave 7 Router Zero-Day Flaw

AI Adoption Creates New Opportunities for Attackers to Distribute Malware, Microsoft Warns

AI Phishing Raises Costs Despite Faster Response

AI Powered Ransomware Outpaces Enterprise Defenses

AI-Powered Bots Are Blurring the Line Between Users and Cyber Threats

AI-Powered Computer Worm Reveals New Cybersecurity Threat

Attackers already know the secrets are on your developers’ machines. Do you?

Attackers Stole Global Stock Exchange Executive’s Mailbox for Five Months in Covert Campaign

Bots Overtake Humans in Global Web Traffic for the First Time

Canadians impacted in cruise line data breach affecting six million

Central Board of Secondary Education (CBSE) Cyber Attack: Claude AI under spotlight as IIT experts review CBSE's tech ecosystem

Charter breach warning: What customers should know

China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa

China’s spies offer freelancers lucrative side hustles via job networks in hunt for secrets, agencies warn

Chinese spies are using LinkedIn to lure Westerners into sharing sensitive information

Chinese-Speaking Actor TA4922 Widens Its Global Reach

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to Known Exploited Vulnerabilities (KEV) Catalog

CISA Warns of Exploited Android Framework Vulnerability

Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public

Cisco warns of critical Unified CM flaw with Proof-of-Concept (PoC) exploit code

Clarinda Regional Health Center Reports Data Breach Affecting 24K Patients

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

Conduent Business Services Data Breach Affected More Than 62.2 Million Individuals

Credit card theft campaign abuses Stripe to host stolen payment info

Cruising Into Danger? 6 Million At Risk In Huge Travel Breach

Cyber attack at Powys school results in 'unauthorised access to some personal data'

Cybercriminals Shift From Fake Login Pages to Infostealer Malware in Phishing Attacks

DentaQuest data breach exposed info of 2.6 million accounts

DentaQuest data breach exposed sensitive info of 2.6 million people

DentaQuest data breach exposes sensitive information of 2.6 million accounts

DentaQuest Exposes Over 2.5 Million Accounts in ShinyHunters Extortion Attack

Department of Justice (DoJ) Disrupts Southeast Asia Crypto Fraud Networks, Freezes $3.8 Million in Assets

Erasmus University reports data breach in staff survey

ETSI sets security requirements for AI data centers and cloud platforms

Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites

Fake ChatGPT Download Site Spreads Malware via Sponsored Results

Fake Chrome Web Store Copyright Alerts Used in Google Credential Theft

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via Traffic Distribution System (TDS)

Fake tickets, phishing and QR scams top FIFA World Cup cyber risks for South Africans

Federal Trade Commission (FTC) considers setting aside or modifying $150 million privacy penalty against X

First Advantage Data Breach Exposes Social Security Numbers

Five Eyes warn Chinese spies are using job sites to recruit insiders

Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Fragmentation, Extortion and the New Ransomware Reality

Fraud, Ransomware, and Fake Apps Are Already Targeting FIFA 2026

From critical to controlled: Cutting vulnerabilities in a live manufacturing environment

Gartner Signals a Cybersecurity Shift From Prevention to Resilience

Gastro Health Data Breach Exposes Protected Personal and Health Information

Global Phishing Surge As 260 Brands Target Mobile Users

Google Sites Hosted Claude Code Impersonation Campaign Targeting Developer Logins

Healthcare Data Breach Statistics

Hola Browser for Windows compromised to deliver cryptominer

How Businesses Can Prepare for a Cybersecurity Crisis with Effective Plans

iFood confirms data breach affecting 1.2 million users

iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil

IIT-led probe finds Claude and other AI tools behind Central Board of Secondary Education (CBSE) cyber attack

IKEA investigating alleged data breach

India: 56,000 students apply for Central Board of Secondary Education (CBSE) re-evaluation by June 3rd, major cyber attack blocked

India: Central Board of Secondary Education (CBSE) gets over 56,000 re-evaluation pleas as students flag OSM concerns, foils major cyber attack on portal

India: Central Board of Secondary Education (CBSE) Re-Evaluation Portal Remains Operational Despite Major Cyber Attack, Over 56,000 Applications Processed

India: Central Board of Secondary Education (CBSE) receives over 56,000 re-evaluation requests, thwarts major cyber attack

Indian Wearable Startup Ultrahuman Confirms Data Breach Exposing User Wellness Logs

Jamaica: Three more arrested and charged in multimillion-dollar National Commercial Bank (NCB) phishing scam, granted $450,000 bail

Japan: Clannad publisher Visual Arts suffers major data breach, including overseas leak of Key’s latest visual novel. Personal information potentially compromised too

Kali365 Phishing-as-a-Service Campaign Broadens Attacks to Okta and MAX Messenger Users

Kali365 Phishing-as-a-Service (PhaaS) Expands to Okta, MAX Messenger Attacks

Kali365 Phishing-as-a-Service (PhaaS) Operation Expands Beyond Microsoft 365 to Target Okta and MAX Messenger

KerberRose Data Breach Impacts 27,076 Individuals

KLM data breach compromises staff's personal information

Korea Privacy Watchdog Launches Probe into TVING Data Breach

Korea probes TVING data breach after unauthorized access hits user info

Korean Police Report Voice Phishing Cases Down 43% in First Year of Lee Government

Lazarus Group Uses npm Brandjacking Campaign to Target Developers

Major data breach hits hotel sector across Europe, guest data used in phishing attacks

Malicious Skill Detector Bypassed on ClawHub, Cisco, and Vercel

Malicious WhatsApp, Slack Alerts Could Have Exposed Millions of Android Users

Manager on Call Data Breach Exposes Social Security Numbers

Medenet Inc. Data Breach Exposes Social Security Numbers

Meta, Microsoft, Department of Justice (DOJ), and Others Disrupt Southeast Asia Scam Compounds

Microsoft 365 Android Apps Had a Token Flaw IT Teams Should Check Now

Nearly 21,000 affected by Middletown data breach

New GitHub Zero-Day Exposed Developer Tokens to Attackers

New IronWorm malware hits 36 packages in npm supply-chain attack

New malspam campaign uses Google DoubleClick to deliver DesckVB RAT

New Payouts King Ransomware Technique Helps Malware Avoid Detection

Onsite Women’s Health $2.5 Million Data Breach Settlement

Password Manager Dashlane Reveals How a Hacker Stole Encrypted Vaults

Payouts King Ransomware Bypasses EDR via Obfuscation and Direct Syscalls

Payouts King Ransomware Evades EDR With Obfuscation and Direct System Calls

Pentesters turn up the heat on Shelly as Bluetooth thermostat flaw leaves smart homes exposed

Personal data on mental health patients stolen in provider group hack

Phishing Attacks Pivot to Infostealer Malware Over Fake Login Pages

Pink Extortion Group Emerges Targeting Microsoft 365 Data

Proofpoint Warns TA4922 Deploys Atlas RAT and Multiple Malware Loaders

Ransomware and Geopolitical Tensions Drive Cyber Threats Across Middle East, Turkey, and Africa (META) in Q1 2026

Ransomware cartels are fragmenting into volatile splinter groups, warns Metropolitan Police cyber chief

Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process

Russia seeks to label two anti-Kremlin hacker groups as ‘extremist’

Russian Hackers allegedly offer Cryptocurrency Rewards through “Patriotic Online Games”

Southern Illinois Ob-Gyn Data Breach Affects 38,700 Patients

Spotless compliance evidence can still hide a broken control

Students and staff targeted in cyber attack on mid-Wales schools

Supreme Court rules Federal Communications Commission (FCC) fines punishing telecom giants for sharing location data were legal

Tax phishing scams surge in Australia

The modern-day business can learn a lot about risk from this year’s mega events

The NHS Was Lucky. The Next Victim Might Not Be

UK firms lag on AI cyber defences

Ukraine’s Experience Highlights the Need for Preparation and Resilience in Cybersecurity

Ultrahuman Data Breach: Hackers Accessed Wellness Data via Internal Analytics Tool

Ultrahuman data breach exposes user info via internal tool

Ultrahuman Data Breach Exposes User Wellness Data

Ultrahuman says hackers accessed user wellness data through stolen credentials: All you need to know about the breach

Ultrahuman smart ring maker reports data breach affecting customer wellness information

Ultrahuman suffers a major security breach, exposing users’ wellness data: How did it happen?

Ultrahuman suffers data breach, hackers access customer wellness information

Ultrahuman's data breach exposes customer details, but passwords stay safe

UN food agency data breach exposes 600,000 Gaza households

UN food agency discloses breach affecting 600,000 Gaza households

UN food agency investigates breach exposing data of Gaza aid recipients

University of Oxford hit by second major data breach of the term as CareerConnect hacked

US Sanctions Iranian Nobitex due to “connection” with ransomware

VECT: Ransomware That Can’t Decrypt

Virta Health Data Breach Exposes Patient Information

Wales: Powys schools cyber attack sees staff and pupil data accessed

Wales: Pupils, staff, and other data accessed in school cyber attack

Weil Gotshal reportedly pays up to $20 million after cyber extortion group steals client data

What the Ultrahuman Data Breach Reveals About the Hidden Risks of Smart Rings

WhatsApp, Slack, SMS Notifications Could Hijack Google Gemini on Android

Why Collaboration Friction is the Hidden Driver of Lost Control

Why eSIMs Are Replacing Traditional SIM Cards

Why Trusted Pipeline Identities Matter More Than Ever in Software Supply Chain Security

World Food Programme (WFP) cyber-attack: Is nearly all of Gaza’s population exposed?

World Food Programme reports data breach affecting Palestinian beneficiaries

3rd June

Acer working to patch max severity zero-days in Wave 7 routers

AI accelerates development of ransomware toolkit with EDR evasion capabilities

AI-Powered Cybercrime Tools Surge on Dark Web

Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft

Anxious Security Pros Watch as Anthropic, OpenAI Expand Access to Frontier AI Models

Argamal RAT Targets Hentai Gamers via Trojanized Games, Kaspersky Reports

Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)

Autonomous AI-driven worm can reason its way through corporate networks

Belgium: Antwerp court rules banks must immediately reimburse phishing victims

Belgium: Court rules "banks must compensate phishing victims immediately"

Black Kite’s 2026 State of Financial Services Report Reveals Ransomware Surge and Vulnerability Deluge Driving Two-Front Cyber Threat

Carnival Corporation Data Breach Leads June Wave of Account-Compromise Incidents

Carnival Cruise Line Passengers Frustrated By Company's Response To Data Breach Victims Outside The U.S.

Carnival Data Breach Travel Alert: Nearly Six Million Cruise Travelers Impacted as Experts Urge Immediate Steps to Protect Personal Information

Carnival to Monitor Credit of 6 Million Customers in Massive Data Breach

China-Linked TA4922 Hackers Target UK, Europe With New SilentRunLoader Malware

Chinese hackers use new Atlas RAT malware in European cyberattacks

CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA warns of active attacks exploiting Android, Linux bugs

CISA warns of cyberattacks targeting fuel tank monitoring systems

City of York Council investigation - blue badge data breach

Critical Apache ActiveMQ Flaw Enables Security Header Injection

Critical Takeaways from the 2026 Verizon Data Breach Investigations Report (DBIR): Mobile is the Most Vulnerable Attack Surface

Cyberattacks Target U.S.-Based Automatic Tank Gauge Systems

Data breach at auto lender Industrial Acceptance Corporation affects nearly 80,000 people

Data Breach Hits Over One Hundred Dutch Hotels

Dozens of Dutch hotels affected by data breach

Educational Employees Credit Union Data Breach Exposes SSNs

Emmys data leak: update exposes access to award submissions

Error 524 Decoys Used in Brand Impersonation Phishing Campaign

Europol Dismantles First VPN Used by Ransomware Gangs

Eversource says data of 3,049 customers exposed in cyberattack

Fulcrum Real Estate data breach exposes Social Security numbers

Gentlemen Ransomware Exploits Fortinet Flaws, AI, and Custom C2 Tools

GitHub Actions Script Injection Flaws Hit 38% of Organizations

Google adds Android protection against AI deepfake scam calls

Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT

Google Patches Android Zero-Day CVE-2025-48595 Exploited in Targeted Attacks

'Groundbreaking' ruling: Banks in Belgium must immediately reimburse phishing victims

Groupe Crit announces data breach at Tunisian subsidiaries

Hacker claims breach of the Australian Centre for the Moving Image, PII allegedly compromised

Hackers Use AI-Generated Tools to Automate Active Directory (AD) Attacks, EDR Evasion

How Texas Businesses Can Protect Themselves from Ransomware Attacks

How to prevent ransomware

Ikron Corp. Data Breach Affects 11.8k Exposing Social Security Numbers

IMA Diligence Services Data Breach Impacts 525,000 People

Increase in ransomware attacks - Qilin and INC Ransom the main culprits

India: Has JEE Advanced 2026 Data Leaked? Hacker Flags Data Of 179,600 result records, 187,300 admit cards Online; IIT Roorkee Reacts Quick To Save Image

Infostealers are becoming the go-to phishing payload

Instagram is alerting users who were targeted by hackers during AI chatbot attacks

Ivanti ITSM Vulnerability Allows Attacker to Gain Admin Privileges

JEE Advanced 2026: Another Gen-Z ‘ethical hacker’ exposes holes in IIT Roorkee’s results portal

JEE Advanced 2026: Over 1.79 lakh candidates records exposed in IIT Roorkee data breach

Juventus reports third-party breach that compromised official club footage

Kali365 PhaaS Expands Targeting Microsoft, Okta, DocuShare, AWS, MAX Messenger

Kelp DAO Hacker Launders Nearly All Stolen $220 Million

Known vulnerabilities behind most application security incidents

Korea's big five banks freeze 150,000 scam-linked accounts as fraud shifts

Laravel CRLF Injection Flaw Enables Email Processing Interference

Malware campaign targeting Minecraft users infects over 116,000 systems

Mass data breach on over 100 Dutch hotels hits guests

Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag

Microsoft 365 users warned over Outlook, Teams and OneDrive FBI alert

Middletown data breach exposed Social Security numbers, personal information of residents

New Android feature promises to spot deepfake scam calls

New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

New Identity Battleground: Attackers Don’t Need to Break MFA, they Just Need a Help Desk

New Scam Targets Microsoft Users, FBI Warns. Here's How to Protect Yourself

Nigeria: Electoral Commission Probes Massive Data Breach Targeting Nigerian Actor

No more calls from fake mom: Google releases Android fake call detection feature

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

Only 9% of Organizations Patch Critical Vulnerabilities in 24 Hours

Only 11% of production agents pass the AI agent security bar

Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

Plaza Home Mortgage Data Breach Exposes Social Security Numbers

Pro-Iran hacker group claims access to US officers’ data, secret military bases

Radiology Associates of Richmond discloses data breach affecting more than 266K patients

RAlord Affiliate Banned for Breaking CIS Ransomware Rule, Infecting Eriell Group

Ransomware Attacks Surge 30% in 2026 as Qilin and INC Ransom Intensify Operations

Ransomware Gang Abuses Fortinet Flaws With Custom C2 Frameworks

Red Hat hit by npm supply‑chain attack - here's how to stay safe

South Korea: Data Breach at TVING Prompts Government Investigation

South Korea launches joint probe into TVING data breach and consumer risks

Spanish hacker Alcasec sentenced to prison for stealing banking details

Station Casinos faces class action lawsuit over data breach

Subpostmaster federation hit by ransomware attack

Texas Capital Bank Data Breach Affects 86,067 Texans

The Gentlemen Ransomware Group Uses Fortinet Exploits, AI, and Custom C2 Frameworks

The worst hacks and breaches of 2026 (so far)

TVING Apologizes After Personal Data Breach Exposes User Information

TVING confirms data breach in South Korea, apologizes and boosts security

TVING Data Breach Exposes Millions To Risk

TVING faces investigation by Ministry of Science, ICT following personal data breach

TVING Reports Data Breach Affecting User Information

TVING reports member personal data leak, suspected hacker theft

TVING Suffers Data Breach, Member Personal Information Leaked

TVING Suffers Member Data Breach: "Hacker Accessed Database"

U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors

Ultrahuman Data Breach: 68 Days to Tell Users

Ultrahuman says hackers accessed customers’ wellness data via internal tool

United Medical Doctors Discloses Data Breach Affecting Patients

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

US Enterprises Targeted With Fake Purchase Order Malware Campaign

VS Code zero-day lets hackers steal GitHub tokens in one click

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

WeedHack Malware Infects 116,000+ Minecraft Systems via Fake Mods

WhatsApp, Slack Notifications Could Hijack Google Gemini on Android

Why cyber criminals favour phishing and how to better predict, prioritise and prevent attacks

Winona County, Minnesota, Alerts Residents After Cyber Attack

WordPress Plugin Flaw Exposes 500,000+ Sites to Privilege Escalation

2nd June

5 Signs AI Phishing Has Compromised Your Web3 Social Media Account

64,000 accounts exposed in breach of Grand Theft Auto V (GTA V) cheat service Atlas Menu

Accounting firm Kennedy McLaughlin confirms ‘cyber incident’ following Qilin ransomware attack

AI-built ransomware toolkit automates EDR evasion, Active Directory (AD) discovery

Android 0-Day Vulnerability Exploited for Full Device Control

Another Gen Z hacker now claims data security flaw on National Testing Agency (NTA) re-exam portal

Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets

Australian jewellery retailer confirms cyber attack

Australian workplace catering firm Hampr suffers alleged 360k record data breach

Australias amongst millions affected in Carnival Cruise Line data breach by cyber criminals

AZUREVEIL Adaptix C2 Agent Delivered via Targeted Spearphishing Attacks

Booking.com data breach scare hits Japanese travellers as scammers target hotel bookings

Business Leaders Lack Understanding of Threat Intelligence, Study Warns

California Suing Former 23andMe Firm for 2023 Data Breach

Carnival Corporation data breach: What affected customers need to know

Carnival Corporation Data Breach Compromises Six Million Customer Records

Carnival Corporation Data Breach Exposed Just Under 6 Million Records

Carnival Cruise Data Breach Becomes Wake-Up Call for International Travelers Amid Rising Cybersecurity Threats in Tourism

Carnival Cruise Data Breach Exposes Nearly 6 Million People in Cyber Attack Linked to ShinyHunters

Carnival Cruises Line faces data breach exposing cruise passengers passport details

Carnival Data Breach Exposes Millions Of Customer Records

Carnival data breach exposes personal information of nearly 6 million cruise passengers

Carnival Data Breach Potentially Impacts 6 Million Cruisers

CISA Flags Palo Alto PAN-OS Flaw as Actively Exploited

CISA flags two-year-old Oracle flaw as actively exploited in attacks

Critical Kirki flaw exploited to hijack WordPress admin accounts

Critical KMW CCTV Flaw Enables Unauthorized Camera Access

Critical StrongDM Vulnerability Enables Authentication Theft

Cyber attack targeted nearly 33k patients at Bedfordshire Hospitals Trust

Dashlane Discloses Brute-Force Attack Bypassing 2FA Protocols

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Data Breach at Internet Service Provider Exposes Records

Data Breach Hits Grand Theft Auto V (GTA V) Cheat Tool Atlas Menu, Leaking 64,000 User Account Info

Data of 600,000 Gaza households exposed in World Food Programme (WFP) cyber-attack

'Dumbass' criminal breaks the 'first rule of ransomware club'

Dutch hotels hit by data breach exposing customer information

Dutch watchdog files complaint over Flo collecting and selling intimate data

Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Tickets, AI Phishing, Network Threats Target FIFA World Cup

Family Medicine Centers Pays $2.15 Million to Resolve Data Breach Lawsuit

FBI Warning: World Cup Scammers Are Spoofing FIFA Tickets, Job Sites

FBI Warns Microsoft 365 Users About Dangerous Phishing Tool

FBI-Flagged Phishing Kit Kali365 Expands Its Reach

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

German police may be using advertising data unlawfully obtained from brokers

Google fixes actively exploited Android vulnerability (CVE-2025-48595)

Google fixes one actively exploited Android zero-day, 124 flaws

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google Patches Android Zero-Day Vulnerability in June 2026 Security Update

Grand Theft Auto 5 (GTA 5) Cheat Service Atlas Menu Hit by Major Data Breach Affecting Thousands of Users

Grand Theft Auto (GTA) Online Cheat Provider Hit By Widespread Data Breach

Grand Theft Auto V (GTA V) cheat service Atlas Menu hacked, exposing 64,000 accounts

Grand Theft Auto V (GTA V) cheat service Atlas Menu hacked, exposing nearly 64,000 user accounts

Grand Theft Auto V (GTA V) Cheating Platform Atlas Menu Suffers Major Data Breach

Hackers Abuse Meta AI Bot to Hijack Instagram Accounts

Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts

Hackers trick Meta AI into handing over Instagram accounts - including Barack Obama’s

Hackers trick Meta AI into stealing Instagram accounts

Hackers Tricked Instagram’s AI Chatbot to Hijack Accounts

Healthcare consulting company Phia Group says 2024 data breach impacted over 120,000 people

How to Recover Financial Losses After a Corporate Data Breach in 2026

IKEA targeted by teenage hackers who hit Microsoft and Uber

India: Central Board of Secondary Education (CBSE) re-evaluation portal faces DoS cyber attack; records 1.5 million hits in two minutes

Instagram Patches Meta AI Support Assistant Hijacking Vulnerability

Instagram users locked out after Meta AI abused to steal accounts

Kaspersky Warns of Evolving QR Code Phishing Attacks

La Perouse reports data breach incident

Malicious Packages Target Cloud Keys, Wallets, and SSH Credentials

Mariner Reports Data Breach Affecting Nearly 9,000

Mariner Reports Data Breach After Hack

Mariner Wealth Advisors Data Breach Affects Nearly 9,000 Customers

Meta AI Support Flaw Lets Hacker Hijack Instagram Accounts

Miasma Malware Targets Red Hat npm Packages in New Supply Chain Attack

Microsoft backs down after zero-day dispute, says it won’t sue security researchers

Microsoft Entra pushes passkeys, tightens identity security

Mobile Phishing surpasses Email Cyber Threat

National Identity Management Commission (NIMC) Warns Nigerians Against Fake ‘Free NIN Correction Portal’ Phishing Scam

Nearly 33,000 Bedfordshire hospital patients affected by cyber attack in 2024

New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions

Oracle WebLogic CVE-2024-21182 Added to Known Exploited Vulnerabilities (KEV) Catalog After Active Exploitation

Orange Liberia Fined Over Unauthorized SIM Swap and Customer Data Breach

Over 30 Red Hat npm Packages Compromised by Shai-Hulud Malware Variant

Over 5,000 malicious domains targeting 2026 US Midterm elections spotted going live – and they could be used for fraud, phishing, or worse

Over 116,000 Minecraft systems infected in WeedHack malware campaign

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Passwords and locations at risk in alleged Grindr data leak

Password manager Dashlane says hackers stole some customers’ password vaults

Plaza Home Mortgage discloses data breach affecting customers and employees

Ransomware activity peaks on Weekdays and reaches its highest levels in October

Ransomware attack on City of Sandstone compromised residents' personal data

Ransomware group profits are rising faster than FTSE 350 firms

Ransomware groups grow revenue by almost 40% in Q1 2026

Red Hat npm packages compromised in new Mini Shai-Hulud malware wave

Red Hat removes tainted packages after software pipeline compromise

Russia claims foreign spy agencies hacked officials' phones

Russian military hacker who targeted Pittsburgh-area nuclear firm evades FBI for 8 years

Russian spy campaigns are increasingly targeting Western technological know-how, Europe warns

Sensitive government personnel data posted online, Spanish police arrest suspect

Signal Backup Phishing Attacks Hit Users in 2026

Singapore: Personal Data Protection Commission (PDPC) investigating potential data breach involving PCF Sparkletots pupil information

SolyxImmortal Python Malware Steals Browser Passwords and Cookies

Sophos uncovers AI-powered malware lab built for EDR evasion

Spain arrests suspected hacker for publishing personal data of police, prosecutors and cyber officials

Spain Police Arrests Suspect in Massive Doxing Campaign Against State Officials

Strategic Education Data Breach Exposes Student SSNs and More

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

This AI model backdoor attack stays hidden until you customize the model

Threat Actor Uses AI to Build EDR Evasion Tools

Threat Actors Target Critical Windows Netlogon Flaw CVE-2026-41089

TP-Link Router Vulnerability Enables Arbitrary Command Execution

UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

United States Carnival Corporation Data Breach Raises Alarms About Travel Data Security and Passenger Privacy Across North America and International Cruise Markets

ViaQuest Data Breach Compromises PII and PHI Belonging to Thousands

When Your Phone is Subscribed Without Consent, the Attack Has Already Worked

Your car is following you - how to reclaim your data privacy on the open road

1st June

32 Million Bumble users’ data leaked online, hackers claim

145 AI laws passed in 2025 and privacy teams aren’t catching a break

Afghan finance officials targeted by suspected Pakistani cyberespionage campaign

AI SOCs Will Still Need SOC Analysts, Security Vendors Say

Another South African organisation denies a major data breach

Atlas Menu Data Breach Exposes Approximately 64,000 User Accounts

Attackers Abuse Shared Content for ChatGPT Phishing Campaign

Brute-force attack triggers Dashlane account lockouts

California Attorney General files lawsuit against 23andMe for data breach

California Attorney General Sues Over 23andMe Data Breach

California sues 23andMe over 2023 data breach

Carnival Corporation's data breach exposed personal data of nearly 6 million customers

Carnival Cruise Data Breach Puts Millions Of Travellers’ Personal Information At Risk: What You Need To Know

Carnival customer information, including passport details, impacted by data breach, cruise line says

Carnival data breach affects nearly 6 million people

Carnival data breach exposes info of nearly 6 Million cruise travelers

Carnival data breach hits nearly 6 million customers

Carnival warns nearly 6 million people of potential data breach

ChatGPhish Technique Shows How Browser Prompt Injection Can Manipulate ChatGPT Summaries

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

Chrome now protects you from hackers who steal browser cookies - how it works

Critical Flowise Flaw Gives Attackers Full Server Control

Critical Magento Cache Plugin Flaw Enables Remote Code Execution

Critical Windows Netlogon RCE flaw now exploited in attacks

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Cruise giant says six million customers’ personal information was exposed in breach

Crypto Exploit Losses Reach $68 Million In May Despite Limited Phishing Damage

Cybercriminals Leverage GHOSTYNETWORKS and OMEGATECH for JS Malware Hosting

Dashlane password manager users locked out by brute force attacks

Dashlane suspends multiple accounts after ‘brute force’ cyber attack

Data Breach Affects Thousands of Melbourne Film Festival Customers

Data discovery gaps that catch enterprises off guard

Deepfake CEOs, fake suppliers, AI phishing: Scams United Arab Emirates (UAE) businesses need to watch out for

Dutch police arrests 35-year-old for hacking into Ajax' computer systems

Election interlopers register 5K+ domains, hope to catch some voting phish

EU organizations buckle under rising compliance pressure

Fake McAfee emails refuse to die as new round of phishing emails targets consumers

FBI Warns Microsoft Users as Kali365 Attack Spreads Across Outlook and Teams

Federal Trade Commission (FTC) Warns About Digital Invite Phishing Scam

Film festival hack leaves thousands fearing identity theft

FSB Group Gamaredon Hides Worm in Windows Data Streams

Gamaredon APT Hides Malware in Windows Features, Uses Cloud C2

German tax authority may train AI on citizens’ unaltered data

Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking

Grand Theft Auto 6 (GTA 6) Hype Fuels Surge in Phishing Scams and Malware Campaigns

Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers

Grand Theft Auto V cheaters caught in a massive data breach

Hacker arrested in Granada after leaking personal data of state officials

Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)

Hackers Attacking Signal Users to Steal Backups in New Wave of Attacks

Hackers breach Obama White House Instagram years after it went silent

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access

Hackers Target Signal Users in Phishing Campaign to Steal Backup Recovery Keys

Hackers Target Signal Users to Steal Backups in New Attack Wave

Hackers trick Meta AI support bot to infiltrate Obama White House Instagram account

How NIST fumbled management of the National Vulnerability Database

India: Bombay High Court Blocks Ransomware Group ‘Morpheus’ After Massive 680 GB HDFC Asset Management Company (AMC) Data Theft

India: Central Board of Secondary Education (CBSE) admits security flaws after teen hacker exposes class 12 data risk

India: Central Board of Secondary Education (CBSE) Admits Vulnerabilities in Evaluation System After Teen Hacker's Findings

India: Central Board of Secondary Education (CBSE) admits vulnerabilities in OnMark portal amid answer sheet mismatch allegations; Congress calls it a massive data breach

India: Central Board of Secondary Education (CBSE) data security under scanner after hacker claims access to answer sheets

India: Central Board of Secondary Education (CBSE) Engages IIT Experts After Admitting OSM Security Vulnerabilities

India: Delhi High Court Says Banks Not Automatically Liable When Customers Click Phishing Links

Inspector general finds NIST mistakes have made vulnerability database ineffective

Instagram Meta AI Flaw Allegedly Enables Account Password Resets

Iran-Linked Hackers Wipe IT Systems and Backups in Middle East Cyberattack

Lakeview Health Systems reaches proposed settlement in data breach class action

Logistics giant suffers massive 840-million-record data breach

Luxembourg holidaymakers falling victim to phishing scams

Massive 17-Million Device Botnet in the Netherlands Dismantled in a Police and NCSC Joint Operation

Medical Billing Company Data Breach Affects 7 Medical Groups

Melbourne International Film Festival customers' data leaked via Ferve platform

Meta tries to get ahead of scammers before the World Cup begins

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

Microsoft says it will not pursue security researchers after zero-day backlash

More than 800,000 Texans possibly affected by Carnival cruise data breach

Nearly 6 million individuals affected in Carnival Cruise Line data breach

Nearly 60 Lakh Passenger Records Exposed in Carnival’s Massive Data Breach

New ChatGPhish Technique Uses Prompt Injection to Manipulate ChatGPT Responses

New DriveSurge Campaign Delivers Malware Through ClickFix Lures

North Carolina man jailed for selling US senior citizens’ data to Jamaican scammers

North Korean hackers target macOS users with advanced malware campaign

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Palo Alto Warns High-Severity Bug Is Being Actively Exploited

Phishing Flub At Miami Cruise Giant Exposes Nearly 6 Million Customers

Phishing Scams: How to Spot and Avoid Them

Plaza Home Mortgage discloses data breach affecting customers, employees

Ransomware leak posts show weekday peak, October spikes

Ransomware Operators Keep Business Hours. The Data Proves It

Ransomware used to have rules. AI just blew them up

Red Hat npm packages compromised to steal developer credentials

Rich Products discloses data breach linked to cyberattack on vendor First Advantage

Russian hacker used AI to run fraud scheme on MAGA Telegram channel

Spain arrests doxer leaking sensitive data of government employees

Station Casinos confirms March data breach, notification of people impacted

Station Casinos Hacked, History Indicates Ransom Paid

Stealer Malware Surges as AsyncRAT, DCRat Lead Weekly Uploads

The biggest cybersecurity threats businesses are facing this year

The First World Cup in the Agentic Era

The Gentlemen ransomware combines advanced encryption with self-propagation, targeting critical sectors

Threat Actors Abuse ChatGPT Chats to Host Fake Outage Page, Deliver Malware

Threat Actors Linked to Iran Leverage AppDomainManager to Evade Detection

Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years

US Troops in Active War Zones Tracked with Commercial Location Data

VSP Solutions responding to Stormous ransomware attack

WhatsApp: How to protect your account from hackers

Why Encrypted File Sharing Is Essential for Modern Businesses

Windows Netlogon 0-Click RCE Flaw Exploited in the Wild

WordPress malware campaign hides payloads in Steam profiles

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts