Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th July and 19th July 2026.14th July
5 charged in UK investigation into Russian Coms scam platform
11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
140+ Malicious npm Packages Turned Web Proxies for Students Into a DDoS Botnet
148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
8,400 Phishing Domains Targeted Turkish Banks
A Ransomware Sanction Accidentally Took Down Telegram's Domain
A U.S. Sanctions Entry for a Ransomware VPN Appears to Have Accidentally Broken Telegram Links Worldwide
American Express “Sign-In Alert” phishing email leads to fake multi‑step credential harvesting pages
Apple Accuses Ex-Engineer of Exploiting ‘Rare’ Zero-Day to Steal Trade Secrets for OpenAI
Australia: Lifeline confirms data breach
Canada: Cyber attack at Loyalist College
China opposes spreading false cybersecurity information for political purposes, Foreign Ministry on US, Paraguay’s claims of so-called ‘hacker threat’ from China
China rejects US-Paraguay ‘hacker threat’ allegation
CISA Warns 18-Year-Old Cisco IOS Vulnerability Exploited for Arbitrary Command Execution
“Context bombs” can frustrate AI-driven attacks, researchers found
Cybercriminals Exploit AI Hallucinations To Launch Advanced Phishing Campaigns
Cybercriminals Target Turkish Banks With 8,400 Phishing Domains and 6,600 Scam Ads
Data Breach Hits AssuranceAmerica Exposing Personal Information of Nearly 7 Million People
EU Blacklists Russian Hackers and Firms Over Cyberattacks on Europe and Ukraine
EU sanctions Russian hackers and firms over cyberattacks
EU sanctions Russian surveillance firms behind state-controlled tracking app
EU, UK Attribute Russia Cyberattack to FSB, Announce Sanctions
EU, UK Sanction VKontakte Over FSB-Linked MaxApp Surveillance Tool, Lumma Stealer Operators, GRU Members
Every cybersecurity team needs a hacker mindset
Five Charged in “Russian Coms” Fraud Platform Case
Forg365 industrializes Microsoft 365 phishing with AI-generated lures
Georgia Medical Firm Paying $4,000,000 In Data Breach Settlement Affecting Thousands
German Foreign Ministry Calls Russian Ambassador Regarding Cyber Attack Operation
Germany Among the Top Three Countries for Ransomware
Giant Telegram user database just hit hacker forums: here's why that's bad news
Global cyber attacks rise 17% as ransomware activity accelerates
Google Follows Microsoft to Remove ModHeader Extension from Store Following Reports of Covert Exfiltration Capability
Hackers Abuse Fake OAuth Client IDs to Validate Microsoft Entra Accounts and Passwords
Hackers steal Lidl customer data from external service provider
He negotiated with ransomware gangs - Then joined them. Now he's headed to prison
How Post-Quantum Cryptography is Gaining Adoption
Immutable backup: Why it matters for ransomware recovery
Iran abused mobile networks’ vulnerabilities to locate US military in the Middle East, report says
Japan's largest taxi company knocked offline by cyberattack as dispatch systems go dark
LabubaRAT Masquerades as NVIDIA Software to Control Windows Hosts
LastPass, Bitwarden users targeted with fake security alerts
Lidl Confirms Customer Data Breach at IT Service Provider
Lidl Confirms Data Breach After Third-Party IT Provider Hack
Lidl data breach: Supermarket chain warns customers after third-party 'IT incident' exposes customer information - here's what we know so far
Lidl Notifies Customers of Third-Party Data Breach
Lifeline Australia confirms staff data compromised following hacking claims
Lucent Health Solutions to Pay Up to 1.95 Million to Settle Data Breach Litigation
Major data breach at Tata Electronics exposes Apple’s confidential files, raising global supply chain security concerns
Match Group Breach: ShinyHunters Claim 10 Million Records
May 2026 Healthcare Data Breach Report
Microsoft ditches SMS and voice authentication for Entra ID, passkeys rolling out as default
Microsoft Entra ID authentication overhaul to start in September 2026
Microsoft Entra ID gets passkeys default authentication starting September
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
Microsoft Saw 18.7 Million QR Phishing Attacks in March Alone - Here’s Why Defenders Keep Missing Them
Millions of Microsoft Entra Accounts Targeted in OAuth Client ID Spoofing Campaigns
Mountain View warns of phishing scam targeting planning project applicants
NATO logistics, Ukrainian troops are top subjects of Russian camera hacks, advisory says
New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter
New macOS malware steals passwords by posing as Apple’s crash-reporting tool
New phishing kits target Microsoft 365 accounts, evade MFA
New Qilin Ransomware Attack Uses DCSync Technique to Abuse AD Replication Protocol
New tutorials on underground hacking forums have roughly doubled
Nigeria Data Protection Commission (NDPC) Claims It Acts on Every Data Breach Complaint, Yet There’s No Outcome in 3 Major Cases
Nihon Kotsu Cyberattack Disrupts Japan’s Largest Taxi Operator
No-one knows how many old shims can still bypass UEFI Secure Boot
OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
Oklahoma: Mystery deepens over data breach of inmate info
Phishing, UPI Scams and Remote Access Fraud on the Rise, Experts Warn
Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
RabbitMQ Vulnerability Exposes OAuth Secrets to Attackers
Russian hackers are targeting routers to infiltrate critical infrastructure, CISA warns
SAP warns of critical flaws in NetWeaver and Commerce Cloud
Scammers Use 8,400 Phishing Domains to Target Turkish Banking Customers
South Africa records over 2,000 weekly cyber attacks
Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks
The best defense against AI attacks turns out to be a skeptical human
The inside job that cost ransomware victims millions
The negotiator was the leak: insider who betrayed ransomware victims gets 70 months
U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
UK: Public to be told to stockpile food in case of cyber attack from Russia
UK charges five persons linked to fraud platform behind more than a million scam calls
Uninstall this Chrome extension now: it contains surveillance code
US: Pentagon Suspends Cybersecurity Maturity Model Certification (CMMC) Phase II Requirements for Defense Contractors
US police now armed with Israeli spy vans simulating mobile phone towers
US Sanctions VPN Provider 1VPNS Over Alleged Role in Supporting Hospital Ransomware Attacks
US sanctions VPN, malware providers for enabling ransomware attacks
US Treasury sanctions First VPN Service, others for abetting ransomware gangs
US Treasury sanctions VPN and cryptor operators linked to ransomware
US Treasury Sanctions VPN Provider Linked to Ransomware
Woman charged in $68,000 phishing scam against Southern Door Schools
World Cup scams are a glimpse of the cybersecurity future
World War 3 (WW3) warning as Britons will be told to stockpile food ready for Russian cyber attack
Your phishing defense was built for 2016, but attackers are operating in 2026
13th July
65% of Organisations Think a Serious Cyber Attack Could Threaten their Survival
99.9% of fixable AI vulnerabilities remain unpatched
A ransomware negotiator who colluded with attackers to scam victims was sentenced to 70 months in prison
A zeroed signature let a hacker drain nine million dollars from Hedera's biggest lender
After years on the run, alleged Ryuk ransomware operator pleads guilty
Agentic Ransomware Is Real and Getting Cheaper: What Comes After JadePuffer
AI & Service Management Company, Serviceaide Inc, Agrees to Pay $1.8 Million For Data Breach of 400,000 Health Patients’ Information
AI Phishing Surge Forces New Zealand Casinos to Fight Back
ApolloMD agrees to multi-million-dollar settlement over 2025 data breach
Apple says former employee exploited ‘rare’ bug to download confidential files after leaving for OpenAI
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory
Australian Cyber Agency Warns of Global CMS Exploitation Campaign
California: State can’t seek damages from 23andMe successor over data breach
California Gay & Lesbian Services Center Data Breach Affects 75,500 Individuals
Cambodian Voice Phishing Ringleader Sentenced to 14 Years for $44.3 Billion Fraud
Carle Health Data Breach Exposes Sensitive PHI and PII
Centers Laboratory Data Breach Affects 540,000 Individuals
Centers Laboratory New Jersey discloses data breach incident impacting 542,000 people
CISA Warns of Actively Exploited Joomla Zero-Day Vulnerabilities
CISA warns of actively exploited RCE flaws in Joomla extensions
Columbia Orthopaedic Group Data Breach Exposes PHI
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
Cyber Attack at Mount Royal University Disrupts Operations, Cybercrime Gang Demands $1.9 Million Ransom
Cyber incidents - a 'litmus test' of a company’s management capability
Cybersecurity gaps leave small businesses vulnerable
Dark Web Profile: Krybit Ransomware
Data Breach at Aflac Japan Impacts 4.38 Million Customers and Sales Agents
Data breach at Lidl: online store customer data stolen
Difficult to detect: Phishing campaign uses Microsoft infrastructure
Doing Its Job: Large Majority of Cyber Losses Covered by Insurance, Says Willis
Estée Lauder Data Breach Exposes Health Information and SSNs
EU and UK blacklist Russia’s cyber operators over efforts to destabilize Europe
EU imposes new sanctions against Russian cyber espionage
EU sanctions Russian GRU military hackers over cyberattacks
European Parliament Revives Controversial Chat Scanning Law
Evilginx: Three phishing operations revealed by mistake
Ex-ransomware negotiator gets 70 months for betraying clients to hackers
Exposed Server Unmasks Evilginx Operators Stealing Microsoft 365 Sessions and OAuth Tokens
Fake Bank Apps Let Scammers Control Android Phones in Southeast Asia
Fake OAuth client IDs are helping attackers slip past sign-in logs
Fake ‘Vote for Me’ links on X target users in new phishing campaign
Feds Slam Ransomware Supply Chain: US And Allies Cut Off Cybercriminals’ Digital Lifelines
Fiji: Phishing attack surge
Finland: Police issue wanted notice for Vastaamo hacker Aleksanteri Kivimäki
Finland: Vastaamo hacker wanted after appeal rejected
Foreign National Admits Guilt in $15,000,000 Bitcoin Ransomware Attacks on U.S. Firms
Forg365 Phishing-as-a-Service (PhaaS) Targets Microsoft 365 with Device Code and Adversary-in-the-Middle (AitM) Session Theft
GhostCommit Attack Hides Prompt Injection in PNG to Steal Developer Secrets
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
Hacker Extradited from Ukraine Pleads Guilty to Ryuk Ransomware Charges
Hackers backdoor Jscrambler npm package with infostealer malware
Hackers blackmail Bosch as secret engineering files surface on the dark web
Hackers breach Lidl’s IT service provider, steal customer data
Healthcare ransomware attacks rose 14% in first half of 2026
Healthcare Services Group Agrees to $3 Million Settlement Over 2024 Data Breach
Hong Kong: Securities and Futures Commission (SFC) Mandates Phishing-Resistant Authentication Methods for Internet Brokers and Virtual Asset Trading Platforms (VATPs) to Protect Client Accounts
How small businesses get hacked through employees
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days
India: Government Confirms No Critical Data Loss In Tata Electronics Cyber Attack, Vows Continued Vigilance Amid Rising Digital Threats
India: Government examining alleged Tata Electronics data breach
Is that QR code a trap? How to spot quishing scams before it's too late
It’s a First: An AI Agent Carries Out a Ransomware Attack on AI App Builder
Japan's largest taxi operator shuts systems after cyberattack
Jscrambler npm Supply Chain Attack Steals Developer and Cloud Credentials
Lake Region Healthcare Alerts Patients of Data Breach
Law Firms Launch Investigations Into Frontier Airlines Following Data Breach Tied to Ransomware Group
Lawyers Investigate Frontier Airlines Over Data Breach That May Have Exposed ‘Sensitive’ Personal Information
LIA Insurance Data Breach Exposes Financial Account Info
Lidl Confirms Data Breach at Third-Party IT Provider
Lidl customers across Europe hit in suspected data breach - here's what we know
Lidl customers' bank details at risk after third-party security failure
Lidl discloses online shop breach after service provider hack
Lidl Notified Online Shop Customers in Germany, Belgium, and the Netherlands of a Data Breach
Lidl reports data breach affecting online customers in Germany, Belgium, and the Netherlands
Lidl Warns of Phishing Risk After Customer Data Theft
Los Angeles Police Department (LAPD) lets contract with surveillance giant Flock expire, citing ‘serious concerns’ over civil liberties and privacy
Marlboro-Chesterfield Pathology Agrees to Settle Lawsuit Over 2025 Ransomware Attack
Meridian Health Plan of Illinois Data Breach Affects 21,027
Meta Removes Muse Image Instagram Feature After Consent Backlash
Microsoft Patches Zero-Day RoguePlanet Defender Flaw that Allows SYSTEM-Level Access
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365
Nearly 12,000 military Tricare beneficiaries warned of data breach
New CrashStealer malware poses as Apple crash reporting tool
New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email
New ransomware leader emerges as global cyberattacks rise in June 2026
Nigeria: Zenith Bank, Others To Be Arraigned Over Alleged Data Breach
Nihon Kotsu Confirms Malware Infection, Taxi Dispatch Systems Disrupted
Novel OAuth Client ID Spoofing Technique Targets Cloud Environments
Office of Foreign Assets Control (OFAC) Sanctions FirstVPN and Ransomware Enablers Behind Attacks on Americans
One Misconfigured Python HTTP Server Exposed Three Active Campaigns from Attackers
Open Directory Exposes Three Evilginx Phishing Operators
Pakistan: International Hacker accused of stealing 5 Million Bank Records arrested in Karachi
Pakistan: Karachi hacker arrested for alleged theft of millions of foreign citizens’ financial data
Pakistan: National Cyber Crime Investigation Agency (NCCIA) Busts International Hacker in Major Data Breach Case
Pakistani Police Systems Hit by Chinese and Indian Espionage
PennyMac Data Breach Affects 3k Individuals: PHI Exposed
Progress Software Warns of "External Security Threat" to ShareFile
Progress warns ShareFile Users: shut down on-premises servers immediately
Prolific hacker 2019 selling alleged HotToner Australia customer data online
Public Key Infrastructure (PKI) Under Pressure: AI, PQC and Shorter Lifecycles Drive New Security Challenges
Ransomware ecosystem grows, but ‘four-headed monster’ dominates
Ransomware Groups Change Identities to Evade Cybercops
Ransomware negotiator jailed for 70 months after he just helped infect victims with malware
Ransomware negotiator who betrayed clients sentenced to 70 months in prison
Ransomware Targets 2.74% Of Malaysian Firms In 1Q26
RokRAT Malware Hides Behind Academic Event PDFs and Cloud Storage Links
Russia's FSB blamed for Poland grid attack as UK and EU impose first joint cyber sanctions
Russian celebrity journalist Ksenia Sobchak says hackers accessed Telegram channels via email breach
Russian State Hackers Target Vulnerable Routers Worldwide, Joint Advisory Warns
Ryuk ransomware operator pleads guilty in $15 Million bitcoin extortion
Samsung Health users who refuse AI training get their data deleted
Security Leaders Discuss Exposure of 24 Billion Credentials
Security threat prompts Progress to disable ShareFile accounts, tell customers to shut down servers
ShinyHunters' PeopleSoft Zero-Day Rampage: 100+ Organizations Breached Before Oracle Even Published an Advisory
Siggen Backdoor Hits Windows Developers Via Infected Visual Studio Projects
Social Media Users Warned Against Phishing Campaign on X
South Korea Military Faces Highest Cyberattack Volume Since 2021
Spear-Phishing Campaign Uses Proton Drive Links and LNK Files to Deliver SpyGlace
St. Paul, Minnesota, Notifies People Affected by 2025 Cyber Attack
Sturdy Health Data Breach Affects 1k Individuals
Supply Chain Attack: jscrambler npm Package Compromised, Targeting Wallets, AI Tools, Cloud Credentials
The Decision Burden Behind SOC Alert Fatigue and How Experts Would Reduce It
The ransomware negotiator who was working for the other side
The Rising Tide of AI-Enabled Social Engineering Scams: What Organizations Need to Know
This one cyber crime group accounted for nearly a fifth of all ransomware attacks in June
TriWest Healthcare Alliance Notifies 11,844 Beneficiaries of Data Breach Affecting Health Information
U.S. sanctions First VPN Service over ransomware support
U.S. Treasury sanctions cybercrime enablers tied to ransomware attacks
UK charges suspects linked to Russian Coms call spoofing platform
UK Cyber Attacks Climb 34% as Ransomware Leadership Shifts
Ukraine: OPORA has been targeted by a coordinated phishing attack. Attackers are attempting to gain access to Gmail accounts via OAuth
United States: Sanctioning Ransomware Enablers In Coordinated International Action
US: Millions of Drivers in 12 States May Have Had Their Driver’s License Info Exposed in a Data Breach - Were You One of Them?
US and allies warn of Russian critical infrastructure attacks
US Imposes Sanctions on Belarusian Man in Ransomware Case
US Treasury Sanctions Malware and Infrastructure Providers Supporting Ransomware Attacks Against Americans
US Treasury sanctions malware providers tied to cyberattacks
Vermont: Funds recovered in recycling-related phishing scam
Vishing Call Becomes Key Lead in Massive Odido Cyberattack
VPN service favored by ransomware groups is sanctioned by US
Why cybercrime is becoming everyone’s problem in Ghana
Why Software Bill of Materials (SBOMs), signing, and provenance still don’t tell you if software is safe
Wildwood Surgical Data Breach Exposes Social Security Numbers
Year-Long Microsoft Device Code Phishing Campaign Bypasses MFA and Claims 218 Victims
YKK AP Data Breach Highlights Ongoing Cyber Risks Facing Glass Industry
Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and 
Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 29th June and 5th July 2026, kindly assisted by our partners.