Ransomware Operator Claims - Week 26 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 23rd June and 29th June 2025, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 27 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th June and 6th July 2025.

2nd July

6 Million Qantas customers targeted by fraudsters days after FBI warns airlines

53% of Indian Ransomware Victims Paid the Ransom

AI Chatbots Are Pointing Users to Phishing Sites. It’s Worse Than You Think

AI Models Mislead Users on Login URLs

Alleged ransomware, infostealer support prompts US sanctions against Russian hosting provider

Approximately six million Qantas customers hit in cyber attack

Australia’s Qantas Confirms Cyberattack: 6 Million Service Records Compromised

Australian airline Qantas hit by cyber attack

Blind Eagle Linked to Russian Host Proton66 in Latin America Attacks

Chinese Hackers Target France in Ivanti Zero-Day Exploit Campaign

Cofense uncovers dramatic rise in phishing attacks using Spain’s .es domains

Cyber attack derails South African Weather Service’s performance

Cyberattack against airline: Personal information of 6 million customers accessed

Cybercriminals use GenAI, v0.dev to launch advanced phishing

Cybersecurity essentials for the future: From hype to what works

Data Breach - End of Privacy?

Data Breach Affects Nearly Six Million Qantas Customers in Cyberattack

Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones

Data from up to six million Qantas customers stolen in cyber attack

Documents reveal how a massive ransomware attack crippled the Fort Bend County libraries system

Dozens of Corporates Caught in Kelly Benefits Data Breach

Dozens of fake wallet add-ons flood Firefox store to drain crypto

French cybersecurity agency confirms government affected by Ivanti hacks

Fresh expert analysis reveals deeper concerns after Qantas cyber attack

Google Chrome hit by another serious security flaw - update your browser ASAP

Hack in the Clouds: Qantas Massive 6 Million Data Breach Shocks Aviation Industry

Hacked, leaked, exposed: Why you should never use stalkerware apps

Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns

INC Ransom claims pilfering North Carolina city data

Indian Firms Paying Over ₹4 Crore on Average in Ransomware Demands, Says Sophos Report

Iranian Cyber Actors May Target “Entities of Interest” in US, Warns CISA

Is the Qantas Data Breach the Latest Scattered Spider Hit?

Israel-Iran conflict fuels hacktivist operations

KnowBe4 Urges Organizations to Recognize Social Engineering's Critical Role in Ransomware Surge

Major data breach at Qantas Airlines risks personal information of 6 million customers

Marks & Spencer (M&S) aims for full online restoration within four weeks following major cyber attack

Marks & Spencer (M&S) expects full recovery from cyber attack by August

Marks & Spencer (M&S) targets full online return post cyber attack by August

Marks & Spencer (M&S) to be fully back online by end of month as it recovers from crippling cyber attack

Marks and Spencer (M&S) CEO issues update on when website will fully reopen after 'human error' cyber attack

Marks and Spencer gives huge update on online shopping recovery following cyber attack

Massive Qantas Data Breach - Information Of 6 Million Passengers Leaked

Medicare data breach may have compromised personal information of 100,000 Americans

Millions of customers have been exposed in the Qantas cyber attack – here’s everything we know so far

Millions of customers hit in Qantas data breach

Millions of Qantas customers’ data breached in cyber attack

New DEVMAN Ransomware From DragonForce Attacking Windows 10 and 11 Users

New manipulative attack method gives hackers control over what AI sees

No, Bitpanda has not just suffered a breach of 5.4 million users

Over 260K exposed in St. Louis healthcare hack

Over half a million people impacted by major data breach - full names, SSNs, financial data and more exposed

Qantas confirms customer data breach amid Scattered Spider attacks

Qantas confirms cyber-attack exposed records of up to 6 million customers

Qantas confirms data breach affecting up to six million customers

Qantas customers' data leaks in major cyber attack of the airline

Qantas cyber attack affects up to six million customer records

Qantas Cyber Attack Exposes Data of Six Million Customers Through Breached Third-Party Platform

Qantas cyber attack exposes six million customer records

Qantas cyber attack sparks customer alert

Qantas cyberattack affects 6 Million customers

Qantas cyberattack becomes Australia's most significant data breach in recent years, with over six million customers exposed

Qantas data breach: Frequent flyer list targeted in cyber attack is problematic because security breach compromised THIS info

Qantas Data Breach Affecting Millions of Australians

Qantas data breach affects six million

Qantas data breach could affect 6 million customers

Qantas Data Breach Exposes Millions of Travelers: What You Need to Know

Qantas Data Breach Exposes Personal Information of Airline Customers

Qantas data breach exposes up to six million customer profiles

Qantas Data Breach Hits 6 Million Individuals: How Will This Affect You?

Qantas Data Breach Impacts Up to 6 Million Customers

Qantas data breach sees up to 6 Million customer records at risk

Qantas faces major data breach: 6 million customer records exposed

Qantas facing 'significant' data theft after cyber attack

Qantas hack: Experts point finger at Scattered Spider collective

Qantas hack results in theft of 6 million passengers’ personal data

Qantas Hit By Cyber Attack: Are You Affected?

Qantas hit by cyber attack, 6 million customer records at risk of data breach

Qantas hit by cyber attack, leaving 6 million customer records at risk of data breach

Qantas hit by cyber attack, millions of customer records at risk

Qantas Hit By Major Cyber Attack At Call Centre

Qantas hit by ‘significant’ data breach affecting millions of customers

Qantas investigates major data breach impacting up to six million customers

Qantas reveals massive data breach - 6 million customers possibly affected, here's what we know

Qantas Reveals “Significant” Contact Center Data Breach

Qantas suffers data breach as hackers accesses millions of customer records

Qantas suffers serious data breach - millions of customer records at risk

Qantas warns 6 million customers their data may have been exposed in cyber attack

Radiology Associates of Richmond (RAR) Data Breach Exposes Social Security Numbers

Ransomware gang attacks German charity that feeds starving children

Ransomware negotiator talks tales, threats, and New York's new ransom payment dislosure law

Report Finds LLMs Are Prone to Be Exploited by Phishing Campaigns

Researchers track financial cyberattacks in Africa and spot new ransomware group

Rising Waves of QR-Code Attacks Driving Users to Phishing and Malware Websites

Russian defense contractor NPO Mars suffers major data breach allegedly exposing naval command systems

Scammers are tricking travelers into booking trips that don’t exist

Scattered Spider shifts focus to airlines as strikes hit Hawaiian, WestJet — and now Qantas

‘Significant’ amount of customer data accessed during cyberattack on Qantas airline

Silent Push flags Chinese phishing scam campaign that uses websites to spoof retail brands

Sinaloa Cartel Hacker Tracked FBI Agent to Locate and Kill Informants, Report Finds

Spain arrests two over data leaks targeting state officials, journalists

Swiss crypto-friendly app forced to ramp up its anti-fraud efforts

Swiss tech firm Radix hit by ransomware attack exposing federal data

The AI arms race: when attackers leverage cutting-edge tech

U.S. Calls Iranian Hacker Threat to Release Trump-Related Emails a 'Smear Campaign'

U.S. Treasury Sanctions Bulletproof Hosting Firm Fueling Ransomware Campaigns

U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

U.S. Treasury Sanctioned Bulletproof Hosting Provider Used by Ransomware Operator Groups

U.S. Treasury Sanctions Bulletproof Hosting Firm Linked to Ransomware Gangs

U.S., UK & Australia sanction Russian “Bulletproof” hosting firm linked to LockBit ransomware

United Natural Foods (UNFI) warns of Q4 FY2025 earnings hit due to recent cyber attack

US drops sanctions on second Russian bulletproof hosting vehicle this year

US sanctions crypto wallet tied to ransomware, infostealer host

US Sanctions Russian Cybercrime Group Aeza for Hosting Ransomware and Global Attacks

US Treasury Sanctions Russian Bulletproof Hosting Service Aeza Group

Vercel's v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale

Verizon and T-Mobile Deny Data Breaches as Millions of User Records Sold Online

What we know about Scattered Spider, the hacker group targeting airlines

Worst of cyber attack impact to be over by August, says Marks & Spencer (M&S) boss

1st July

Aeza Group sanctioned for hosting ransomware, infostealer servers

Ahold Delhaize data breach exposes personal information of over 2.2 million individuals

Ahold Delhaize Ransomware Breach: A Wake-Up Call for Retail Cybersecurity

AI drives 80 percent of phishing with USD $112 million lost in India

AT&T rolls out "Wireless Lock" feature to block SIM swap attacks

Australian ransomware payments drop drastically year on year

Blind Eagle Hackers Leverage Open-Source RATs and Ciphers to Evade Static Detection

British hacker “IntelBroker” charged in U.S. for multimillion-dollar global data theft scheme

Canada orders Hikvision to shut down operations over national security concerns

Canadian government orders Hikvision to cease all activities

Cartel Hacker Used Security Cameras, FBI Official’s Phone to Hunt Informants

Centers for Medicare and Medicaid Services (CMS) notifies patients impacted by data breach

Chrome Zero-Day CVE-2025-6554 Under Active Attack - Google Issues Security Update

Cloudflare Now Blocks AI Web Scraping by Default

Columbia data stolen in cyberattack that caused dayslong IT outage, University says

Could Increased MOVEit Transfer Scanning Signal Emerging Threat Activity?

Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits

Crypto Hack Losses in First Half of 2025 Exceed 2024 Total

Crypto-Procrastination: Preparing for a Quantum Secure Economy, Today

Cyber attack hits Qantas airline

Cyber-Attack Targets International Criminal Court

Cyberattack on Russian independent media had links to US-sanctioned institute, researchers find

Department of Government Efficiency (DOGE) spoofed in new phishing campaign

Department of Justice (DOJ) announces arrest, indictments in North Korean IT worker scheme

Department of Justice (DOJ) Charges 324 in Sprawling $14.6 Billion Health Care Fraud Scams

Did Verizon Have A Data Breach? Here’s What We Know

Don’t Act in Isolation: Transforming Malware Intelligence in the AI Era

DragonForce ransomware variant tied to emerging DEVMAN threat actor

Drug cartel hacker tracked FBI official’s phone to kill informants, US says

During NATO summit, International Criminal Court hit with cyber attack

Esse Health data breach impacted 263,000 individuals

Esse Health says recent data breach affects over 263,000 patients

Estes Forwarding investigates data breach after Qilin ransomware claim

FBI Warns of Health Insurance Scam Stealing Personal and Medical Data

Food Lion workers, families among 2.2M victims of latest corporate data breach

GenAI is everywhere, but security policies haven’t caught up

Glasgow City Council services begin to be restored following cyber attack

Glasgow City Council's online services still down a week after cyber attack

Google fixes fourth actively exploited Chrome zero-day of 2025

Google Issues Emergency Patch for Fourth Chrome Zero-Day of 2025

Google patches actively exploited Chrome (CVE‑2025‑6554)

Got a suspicious UPS text? Don't reply - it might be a scam. Here's how to tell

Hacker enlisted to help Mexican cartel track, kill FBI informants

Hacker who boldly broke into computer systems to promote his cybersecurity business pleads guilty

Hackers abuse generative AI tool to create phishing sites in 30 seconds

Hackers breached Norwegian dam’s control system for hours

Hackers Build Malware That Tries to Reprogram AI Security Tools

Hackers can listen in on your headphones: Sony, Bose, Marshall, and other major brands affected

Hackers claim they snatched city budgets and plans from a North Carolina town

Hackers tighten grip as ransomware epidemic hits South Africa hard

Here’s how North Korean “IT workers” tricked their crypto employers

How cybercriminals are weaponizing AI and what CISOs should do about it

Humac listed on ransomware gang’s leak site amid alleged data breach

International Criminal Court hit by cyber attack

International Criminal Court hit by new 'sophisticated' cyberattack

International Criminal Court Hit by “Sophisticated and Targeted” Attack

International Criminal Court hit with cyber attack during NATO summit

International Criminal Court hit with "sophisticated" cyberattack

International Criminal Court (ICC) says ‘targeted’ and ‘sophisticated’ cyber attack has been contained

International Criminal Court targeted by new ‘sophisticated’ attack

International Criminal Court Targeted by “Sophisticated” Cyber-attack

International Criminal Court targeted in cyber attack

Iran-linked hackers resurface, threaten to release more stolen Trump emails

Iran-linked hackers threaten to release Trump aides' emails

Iranian Hacker Group Threatens to Release Trove of Emails from Top Aides to Trump

Johnson Controls Data Breach Exposes Employees' Sensitive Information

Johnson Controls notifies victims of breach in 2023 ransomware attack

Johnson Controls starts notifying people affected by 2023 breach

Kelly Benefits says 2024 data breach impacts 550,000 customers

Kenya Facing Rise in Cyberthreats from Bank Fraud, Sextortion, and Ransomware

Kimsuky hackers attempt psychological cyber attack on U.S. security officials

Kyivstar Cyber Attack: A Deep Dive Into Cyber Warfare in Ukraine

Like SEO, LLMs May Soon Fall Prey to Phishing Scams

Lock down your AT&T account to prevent SIM swapping attacks - here's how

Major Russian defense contractor breached, navy secrets exposed, hacker claims

Marks & Spencer (M&S) shoppers warned 'it's only a matter of time' after cyber attack update

Marks & Spencer (M&S) to take weeks to recover fully from devastating cyber attack

Marks & Spencer’s online business should be ‘fully’ operational by end of month, CEO says

Marks and Spencer boss says operations set to be up and running by August following cyber attack

Massive Ahold Delhaize data breach sees 2.2 million people's data exposed in ransomware attacks against major US food retailer

Microsoft introduces protection against email bombing

New DEVMAN Ransomware by DragonForce Targets Windows 10 and 11 Users

New FileFix attack runs JScript while bypassing Windows Mark of the Web (MoTW) alerts

New Flaw in Integrated Development Environments (IDEs) Like Visual Studio Code Lets Malicious Extensions Bypass Verified Status

New Report Uncovers Major Overlaps in Cybercrime and State-Sponsored Espionage

Notorious hacker group sets sights on airline industry in alarming security threat

People warned to watch out for scam emails following cyber attack on Marks & Spencer (M&S)

Phishing Attacks Dominate Crypto Security Threats in 2024, Costing Over $1 Billion

Popular TikTok video editor CapCut used to trick victims in phishing scam

PowerSchool Education Technology Company Announces Data Breach

Qantas airline contact centre hit by cyber attack

Qilin Solidifies Claim as Top Ransomware Group

Qantas discloses cyberattack amid Scattered Spider aviation breaches

Ransomware attack hits Swiss government data

Ransomware Detection Best Practices: How to Catch Attacks Before Data is Lost

Ransomware Reshaped How Cyber Insurers Perform Security Assessments

Ransomware Strike on Swiss Health Foundation Exposes Government Data

Resident hits out after receiving scam text following Glasgow council cyber attack

Retail grocery giant cyber attack impacts millions

Russian bulletproof hosting service Aeza Group sanctioned by US for ransomware work

Sarcoma ransomware hits Radix: data from Swiss federal agencies stolen, 1.3 TB published on the dark web

Scam centers are spreading, and so is the human cost

Scam Centers Expand Global Footprint with Trafficked Victims

Scammers Use Microsoft 365 Direct Send to Spoof Emails Targeting US Firms

‘Sophisticated’ cyber attack contained, says International Criminal Court

Spanish Company Housfy Breached, Hackers Announce Selling Access to Admin, VPN, Database

Spanish police arrest five over $542 million crypto investment scheme

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)

Swiss government confirms cyber attack on health foundation

Swiss government data published following supply chain attack – here’s what we know about the culprits

Swissquote ordered to curb impersonation, fraud attempts

TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns

‘Targeted, sophisticated’ cyber attack hits International Criminal Court (ICC)

Tehran-linked bot army targeted Americans during war with Israel, Diaspora Ministry says

Telkom Phishing Incident: Employee Account Compromised, Now Resolved

The golden cybersecurity rule South African businesses are flouting

Top Ransomware Groups June 2025: Qilin Reclaims Top Spot

U.S. Arrests Facilitator in North Korean IT Worker Scheme; Seizes 29 Domains and Raids 21 Laptop Farms

U.S. Target North Korean IT Worker Scams with Raids, Indictments

UK IT worker jailed for revenge cyber-attack that cost employer £200,000

US Department of Justice (DoJ) and Microsoft Target North Korean IT Workers

US disrupts North Korean IT worker "laptop farm" scheme in 16 states

US Sanctions Aeza Group for Hosting Infostealers, Ransomware

US sanctions bulletproof hosting provider for supporting ransomware, infostealer operations

US under cyber 'attack'? Iran-linked hackers threaten to release Trump aides' emails; CISA issues stern warning

Watch out for this crafty iPhone phishing scam

We've All Been Wrong: Phishing Training Doesn't Work

Were 16 Billion Passwords Breached? The Claim Is Called Into Question

Why Hawaiian Airlines’ Silence Stands Out After Cyber Attack

Why this Cyber Attack on a Norwegian Dam should have you Paying Attention

WiFi routers now tracking motion: Xfinity’s new feature sparks privacy concerns

Worst of cyber attack impact to be over by August, says Marks & Spencer (M&S) boss

30th June

61 Million Records Listed for Sale Online, Allegedly Belong to Verizon

70% of new hires click on phishing links within the first 3 months of employment - here's how to stay safe

A DNS Examination of the Phishing Campaign Targeting Japanese Brokerage Firms

Aflac Suffers an Apparent Scattered Spider Cyber Attack, Exposing Extensive Sensitive Information

Ahold Delhaize Confirms Data Breach of 2.2M amid INC Ransomware Claims

Ahold Delhaize data breach affected over 2.2 Million individuals

Ahold Delhaize Data Breach Affects Over 2 Million People

Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers

Ahold Delhaize Data Breach Impacts 2.2 Million People

Ahold Delhaize USA Confirms Data Breach Affected 2.2 Million People

AI is aiding sextortion schemes

Alleged Verizon data breach sees 61M customer records offered for sale

Android 16 will flag fake cell towers and warn users of potential spying threats

Another Billing Software Vendor Hacked by Ransomware

Apple ID, credit card details targeted by CapCut phishing

Are we securing AI like the rest of the cloud?

Asheville Eye Associates Faces Fallout From Cyber Attack

Austrian Crypto Giant Bitpanda Allegedly Breached – 5.4 Million User Data for Sale

Authorities crush cryptocurrency investment fraud ring

Bajaj Finserv Allegedly Breached – Sensitive Customer and Employee Data For Sale Online

Blind Eagle Uses Proton66 Hosting for Phishing, RAT Deployment on Colombian Banks

BreachForums revival rumored as French police nab ShinyHunters

Canada Bans Chinese CCTV Vendor Hikvision Over National Security Concerns

Canada suspends Hikvision operations over national security concerns

Cartel hacker used an FBI agent’s phone to hunt informants

Chaos Ransomware Hits Optima Tax Relief, Leaks 69GB of Sensitive Data

CitrixBleed 2 might be actively exploited (CVE-2025-5777)

ClickFix fake error surges, spreads ransomware and other malware

Colombian Cybercrime Group Blind Eagle May be Connected to Russian Hosting Service Proton66

Covenant hospitals 'running normally' again following May cyber attack

Cybercriminals steal health data posing as fraud investigators

Data breach at healthcare services firm Episource affects 5.4M

Data Breach May Have Exposed Health Records of 200,000 Ontarians, Investigation Underway

December data breach at Nth degree affects 40,000 people

'Disgruntled' British IT worker jailed for hacking employer after being suspended

Disgruntled employee takes revenge with cyberattack

Department of Justice (DOJ) raids 29 ‘laptop farms’ in crackdown on North Korean IT worker scheme

DragonForce Ransomware Empowers Affiliates with Modular Toolkit to Create Custom Ransomware Payloads

DragonForce Ransomware Equips Affiliates with Modular Toolkit for Crafting Custom Payloads

El Chapo Hacker Infiltrated FBI, Helping Silence Witnesses

El Chapo's Mexican Drug Cartel FBI Rats Hit-List - How Brutal Mob Launched Hack Attack Plan to Trace and Wipe Out Government Snitches

European Construction Giant Eiffage Allegedly Hit by Major Data Breach

Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects

Europol helps disrupt $540 million crypto investment fraud ring

FBI Data Security Breach in Mexico Led to Murders of Drug Informants

FBI warns about fraudsters posing as health insurers

FBI warns infamous cybercriminal group 'Scattered Spider' is targeting US airlines

FBI; CMS Issue Warning About Fraud and Phishing Attempts on Healthcare Orgs

Food Retailer Ahold Delhaize Discloses Data Breach Impacting 2.2 Million

Fraudsters behind €460 million crypto scam arrested in Spain

Germany asks Google, Apple to remove DeepSeek AI from app stores

Glasgow City Council Warns of Parking Fine Scam

Glasgow City Issues Alert Over Parking Fine Scam During Ongoing Cyber Attack

Got a Brother printer? It could have a critical security flaw - how to check and what to do next

H1 2025 Crypto Losses Outpace 2024; CertiK Counts 344 Onchain Heists, $187M Recovered

Hacked Iranian crypto exchange Nobitex returns, exploit linked to spying

Hacker for El Chapo helped boss hunt and kill FBI informants

Hacker group targeting US airlines, FBI says

Hacker pleads guilty to breaching company networks to pitch his own services

Health Care and Rehabilitation Services of Southeastern Vermont Data Breach

Healthcare Hacker Facing Extradition to US and Up to 50 Years in Jail

Hikvision Canada ordered to cease operations over security risks

Hired Hacker Assists Drug Cartel in Finding, Killing FBI Sources

How 2 Ransomware Attacks on 2 Hospitals Led to 2 Deaths in Europe

Hungryroot Allegedly Breached – Over 1.1 Million User Data for Sale

India: Government strengthens cybercrime crackdown as cases surge nationwide

Integrated Oncology Network Reports Data Breach Affecting cCARE Patients

International Criminal Court contains ’sophisticated’ cyber attack

International Criminal Court hit with "sophisticated" cyberattack

International Taskforce Dismantles €460m Crypto Fraud Network

Iran-linked hackers may target US firms and critical infrastructure, US government warns

Iranian Cyber Threats Persist Despite Ceasefire, US Intelligence Warns

IT Worker Jailed After Revenge Attack on Employer

Kenya Detects Over 2.5 Billion Cyber Threats in Three Months

Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To Non-Human Identity (NHI) Inventories

Lockton flags rising ransomware risks for Australian businesses

Los Angeles LGBT Center Allegedly Hit by Data Breach

Major Ukrainian Investment Firm Dragon Capital Allegedly Breached

Marketing Firm Tenacious Marketing USA Allegedly Breached – 414,000 Records for Sale

Massive data breach at Hannaford parent company affects over 95,000 Mainers

Median Ransom Now $1M, But 53% Paid Less Than Asked

Mexican cartel hackers used FBI agent’s phone and public cameras to track down and kill informants

Mexican drug cartel hacker spied on FBI official’s phone to track and kill informants, report says

Microsoft Defender for Office 365 now blocks email bombing attacks

Millions of Android, iPhone Users Could Be Sending Data to China

More than 25% of UK businesses hit by cyber-attack in last year, report finds

Myrtue Medical Center investigates major cyberattack linked to "Worldleaks" threat group

New Iranian phishing attacks take aim at Israeli tech experts

New Report Reveals Exploited Vulnerabilities as Leading Cause of Ransomware Attacks on Organizations

New Report Unveils Most of The Ransomware Attacks Targeting Organizations Via Exploited Vulnerabilities

New statutory instrument for Legal Aid Agency following cyber attack

Nigeria ranks 3rd in Africa for ransomware threats

Nigeria ranks third in Africa for ransomware threat detections in 2024

Nordic’s largest Apple Premium partner breached, hackers claim

Norwegian Dam Valve Forced Open for Hours in Cyberattack

Notorious cartel hired hacker to use surveillance cameras, phone data to track and kill FBI informants, U.S. says

Notorious Hacker “IntelBroker” Charged in $25 Million Global Cybercrime Spree

Over 1,200 Citrix servers unpatched against critical auth bypass flaw

Owner Of Several Iowa Newspapers To Settle Lawsuit Over Data Breach

Pakistan’s National Citizen Database Allegedly Breached – 602 Million Records Leaked Online

Peoples Bank Data Breach Affects Personal and Financial Information

Popular TikTok video editor used in phishing scam – here’s how to stay safe

RansomHub Ransomware Attacking RDP Servers Using Mimikatz and Advanced IP Scanner Tools

RansomHub Ransomware Deployment Linked to Remote Desktop Protocol Password Spray Attack

Ransomware payment ban and businesses

Ransomware pressures and higher stakes for public sector risk management

Ransomware victims still paying, Sophos finds

Remcos RAT spread via hijacked school, small business accounts

Scania Confirms Data Breach that Leaked Insurance Claim Documents

Scattered Spider Actively Targeting Airlines, FBI Warns

Scattered Spider Attacking Tech Companies Using Phishing Frameworks Like Evilginx and Social Engineering Methods

Scattered Spider Hacking Spree Continues With Airline Sector Attacks

Scattered Spider Targets Tech Companies with Phishing Frameworks like Evilginx and Social Engineering Tactics

Sinaloa Cartel hired hacker to use surveillance cameras, phone data to track and kill FBI informants

Southwood Financial Data Breach Affects Borrowers

SquareX Reveals that Employees are No Longer the Weakest Link, Browser AI Agents Are

Supermarket giant admits 2.2 million people could be hit by worrying data breach - what to do if you're affected

Swiss nonprofit health organization breached by Sarcoma ransomware group

Switzerland says government data stolen in ransomware attack

Syrian IPTV Provider Allegedly Breached

Teen hacking group behind Marks & Spencer (M&S) cyber attack finds new target

The Scattered Spider hacker group has a new industry in its crosshairs

Third-party breaches double, creating ripple effects across industries

U.S. Agencies Warn of Rising Iranian Cyberattacks on Defense, Operational Technology (OT) Networks, and Critical Infrastructure

U.S. warns of Iranian cyber threats on critical infrastructure

Unibail-Rodamco-Westfield Corporate Database Allegedly Leaked

US defense firms must ‘remain vigilant’ against Iranian cyber activity, agencies warn

US government takes down major North Korean ‘remote IT workers’ operation

Verizon users should be on their guard after post from hacker

Why 95% of phishing attacks go unreported in healthcare

Zurich non-profit hit by ransomware, Swiss federal data at risk

Ransomware Operator Claims - Week 25 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 16th June and 22nd June 2025, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 26 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 23rd June and 29th June 2025.

29th June

Bluetooth flaws could let hackers spy through your microphone

cCARE Fresno Data Breach Exposes Sensitive Patient Info

Cybercrime: Half Of Victims Paid Ransom In 2025

Department of Justice (DOJ) bombshell report exposes how a Mexican cartel used a hacker to hunt down FBI informants

Disgruntled IT worker launched cyber attack costing former employer £200,000 within hours

Drug cartel used FBI phone data, cameras to find and kill informants, audit says

Hacker working for Mexican cartel breached U.S. officials’ phones to find, kill informants

Hackers Hit Krispy Kreme – 161,676 Americans Warned Social Security Numbers, Names, Drivers Licenses and Other Sensitive Data At Risk

Hannaford data breach affected more than 2.2 million customers

Hawaiian Airlines investigates data security breach impacting essential IT systems

Horizon Healthcare RCM Data Breach Exposes Patients' Sensitive Info

How Mexican cartel hacked FBI, killed informants

Myrtue Medical Center Data Breach: 1.2TB of Data Stolen

New CapCut phishing scam puts Apple IDs at risk

Nigeria ranks third in Africa for ransomware threat detections in 2024

Sinaloa drug cartel used hacker to track FBI official, then killed potential informants, audit says

Warning: ‘Some Kind Of God’ Hacker Demands $1,650 For Your Sins

28th June

5.4 million patient records exposed in healthcare data breach

$5,000 Payout Heading To Data Breach Victims After Insurance Incident Exposes ‘Highly Sensitive’ Information of 479,261 People

2,200,000 People Affected As Data Breach Hits Retail Grocery Giant - Names, Government IDs, Bank Account Numbers and Health Info Stolen

A notorious hacker group is now targeting the aviation industry, the FBI says

Abuse of Microsoft 365 Direct Send to Send Phishing Emails Impersonating Internal Users

Cartel Hacked Mexico City Cameras To Track FBI Agent, Murder Informants

Cointribune Hit By Scam Mimicking Its Newsletter Design

Director of US intelligence earns €177,000 per year and couldn’t prevent a hacker from stealing her passwords

El Chapo’s Mexican drug cartel ‘hired hacker to infiltrate public CCTV cameras to track down and kill FBI informants’

ESET Warns Cybercriminals Are Targeting NFC Data for Contactless Payments

ESET Warns of Cybercriminals Attacking NFC Data for Contactless Payment Fraud

Ex-NATO hacker: 'In the cyber world, there's no such thing as a ceasefire'

Facebook's New AI Tool Asks to Upload Your Photos for Story Ideas, Sparking Privacy Concerns

FBI confirms hacker group behind Hawaiian Airlines attack

FBI Warns of Scattered Spider's Expanding Attacks on Airlines Using Social Engineering

FBI, cybersecurity firms say a prolific hacking crew is now targeting airlines and the transportation sector

GIFTEDCROOK Malware Evolves: From Browser Stealer to Intelligence-Gathering Tool

Hacker Breaches FBI Secrecy to Aid Sinaloa Cartel Assassinations

Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report

India: Ransomware targets IT firm handling college admissions

IntelBroker hacker arrested: he is Kai West, 25, from the UK. Unmasked after a Bitcoin transaction

‘IntelBroker’ Hacker Arrested for Wave of High-Profile Data Breaches

Ireland: Department writes to data watchdog over alleged ‘significant data breach’ at Arts Council

Malicious AI Models Are Behind a New Wave of Cybercrime

Mexican drug cartel hacked surveillance cameras to track and kill FBI informants

Mexican drug cartel used hacker to track FBI official, then killed potential informants, government audit says

New PayPal scam uses real emails to trick you

Patient death linked to NHS cyberattack

Phishing Scam: What They Are and How to Protect Yourself After Clicking a Malicious Link

Qilin Ransomware Attack on NHS Causes Patient Death in the UK

Rising Sophistication in Phishing Attacks Threatens Cryptocurrency Security

Sinaloa cartel used phone data, surveillance cameras to find FBI informants

These US airlines were targeted by cyber hackers this month

UK firms pay higher ransoms as recovery costs from attacks rise

Weaponized DeepSeek Installers Deploy Sainbox RAT and Hidden Rootkit

27th June

5.4 million patient records exposed in healthcare data breach

61 million "Verizon USA" customer records for sale online

Africa’s cybercrime crisis deepens as scam cases spike 3,000% across key countries

After a hack many firms still say nothing, and that’s a problem

Aftermath of legal aid cyber attack becoming problematic in courts

Ahold Delhaize USA confirms 2M+ victims affected by 2024 cyberattack

Akira Ransomware Allegedly Breaches MultiStone, Imblum Law Offices, and Martin Showers Smith & McDonald

Alaska Airlines subsidiary hit by cyber attack

APT42 impersonates cyber professionals to phish Israeli academics and journalists

Arrested IntelBroker hacker tied to 2018 UK school bomb hoax

Audio Geeks Allegedly Breached

Australian Financial Software Provider DataSafeApps Allegedly Suffers Full Source Code Leak

Batley IT worker jailed after revenge cyber attack costs Huddersfield company £200,000 in lost business

Breach of Walmart and Volvo event organizer exposes nearly 40K

British ‘hacker’ charged in US with running cybercrime scheme causing £18m in damages

British Hacker ‘IntelBroker’ Charged in $25M Cybercrime Case, US Seeks Extradition

British man accused of fronting global hacker group charged by US

British man arrested over global hacking scheme

Building a Cybersecurity Program that Aligns with the Business

Canada: Ministry of Health confirms it is investigating atHome data breach

Canada: Ontario investigating alleged data breach of 200,000 home care patients' info

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

Citrix Bleed 2 flaw now believed to be exploited in attacks

CitrixBleed 2 Vulnerability Exploited, Recalling Earlier CitrixBleed Fallout

ClickFix Attacks Soar by 500%: Hackers Intensify Use of This Manipulative Technique to Deceive Users

ClickFix intrusions skyrocket, report finds

Cloudflare blocks largest DDoS attack - here's how to protect yourself

Critical Vulnerabilities Expose Hundreds of Brother Printers to Remote Attacks

Crypto’s Worst Six Months Yet? North Korea Hacks Lead to $2.1B in Thefts

Cybercriminals Exploit CapCut’s Popularity to Harvest Apple ID and Credit Card Information

Data breach may have exposed 200,000 home-care patients' information, say Ontario Liberals

Data breach may have impacted health information of 200K Ontarians

Denmark clamps down on deepfakes by letting people copyright their own features

Disgruntled IT worker jailed for cyber attack on former workplace in Huddersfield

Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield

Exploitation of Microsoft 365 Direct Send to Deliver Phishing Emails as Internal Users

Fake DocuSign email hides tricky phishing attempt

FBI Warns: Phishing Hits All-Time High—These Stealth Tactics Are Why

German data protection official wants Apple, Google to remove DeepSeek from the country’s app stores

Glasgow City Council issues warning over parking fine scam amid ongoing cyber attack

Glasgow City Council reveals major data breach, critical systems offline

Glasgow City Council warns of parking fine scam days after cyber attack

Gmail users on high alert over 'serious' new cyber attack - six rules to follow

Google issues urgent warning to anyone who uses Gmail after sophisticated cyber attack

Guilt admitted by hacker who sought to promote cybersecurity services

Hacker Leaks Personal Data of Spanish Politicians

Hackers are using Microsoft 365 features to bombard enterprises with phishing emails – and they’ve already hit more than 70 organizations

Hackers claim to be selling 61 million Verizon records online, but it might not be what it seems

Hackers Exploit Microsoft 365 Feature To Send Phishing Emails

Hackers stole data on 2.2 million people in cyberattack affecting American grocery chains

Half of ransomware victims paid hackers, according to a study

Hannaford data breach affected more than 95,000 Mainers

Hannaford Supermarket data breach exposes info of 95,000 Mainers

Hawaiian Airlines cyberattack has marks of Scattered Spider, sources say

Hawaiian Airlines discloses cyberattack, flights not affected

Hawaiian Airlines Hit by Cybersecurity Incident

Hawaiian Airlines suffers massive IT outage, ransomware attack suspected

How an Email, Crypto Wallet and YouTube Activity Led the FBI to IntelBroker

Identity theft explained: what can be done with just your name

Identity theft was goal for Glasgow City Council cyber attack hackers, expert fears

Inside a Cyber Attack

Iran unleashes cyber attack on Trump's Truth Social as expert warns of chilling escalation

Iran's hackers keep a low profile after Israeli and US strikes

Legal Aid systems still offline months after cyber attack, despite emergency reforms

London hospital cyberattack: Report blames hackers for patient’s death

Mainline Health Systems Reports 101,000-Record Data Breach

Managing through chaos to secure networks

Massive breach exposes US Federal Bureau of Prisons, hacker claims

Microsoft 365 Direct Send Abused for Phishing

Microsoft 365 Under Attack: How Hackers Use Direct Send to Send Phishing Emails

Millions of Printers Exposed to Hacking Due to New Vulnerabilities

Money mule networks evolve into hierarchical, business-like criminal enterprises

Montana’s largest newspaper company agrees to $95M payout

Morocco Clinic System Patient Data Allegedly Leaked Online

MOVEit Transfer Faces Increased Threats as Scanning Surges and CVE Flaws Are Targeted

MOVEit Transfer Systems Face Fresh Attack Risk Following Scanning Activity Surge

New Iranian phishing attacks take aim at Israeli tech experts

New Stealthy Remcos Malware Campaigns Target Businesses and Schools

NHS patient death linked to cyber attack delays

Nigerian Crypto Exchange Dtunes.ng Allegedly Breached – User Database For Sale

Northern Light Health vendor experienced data breach in February

OneClik Malware Targets Energy Sector Using Microsoft ClickOnce and Golang Backdoors

Ongoing Microsoft 365 Direct Send phishing campaign primarily aimed at US

Ontario health agency ordered to inform patients of major data breach

Ontario investigating alleged data breach of 200,000 home care patients' info

Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign

Patient Death Linked to Ransomware Attack on Pathology Services Provider

Pepe Creator’s NFT Project Accidentally Hired a North Korean Hacker

Prolific cybercrime gang now targeting airlines and the transportation sector

PUBLOAD and Pubshell Malware Used in Mustang Panda's Tibet-Specific Attack

Qilin hackers infiltrate Covenant Health, claim theft of confidential data

Qilin Ransomware Allegedly Hits Spanish City of Melilla and Fijian Giant Tappoo Group

Qilin Ransomware Attack Allegedly Results in Patient’s Death

Ransomware laws: is the UK risking resilience for rhetoric?

Ransomware Response Improves Even as Preparation Lags

Ransomware, deepfakes pose increasing cyber risks

Researchers Warn Free VPNs Could Leak US Data to China

Retail giant Ahold Delhaize says data breach affects 2.2 million people

RuskiNet Group Allegedly Breaches Har Hevron Regional Council, Neot Hovav, Haruv Institute, ITIM, and Moti

Scattered Spider hackers shift focus to aviation, transportation firms

Scattered Spider targeting North American airlines, Hawaiian Airlines likely first ransom victim

Sinaloa cartel hacked security cameras to track and kill FBI informants, US says

Sinaloa cartel hacker turned Mexico City cameras against FBI, leading to killings, Department of Justice (DOJ) says

SMBs are being hit by malicious productivity tools – Zoom and ChatGPT spoofed by hackers

Stablecoin protocol Resupply exploited to the tune of $9.6M

Suspended worker who launched cyber attack on employer jailed for 7.5 months

Tech sector faces sharp rise in AI & ransomware threats

Thousands of Hannaford employees in New Hampshire may have been affected by data breach

Trump Administration Reaches for States’ Data

Two Million People Affected by US Retail Data Breach

UK hacker ‘IntelBroker’ to face charges in the US

UK patient’s death partially the result of a cyber attack

Ukrainian Internet Provider “Express” Allegedly Breached

United Natural Foods says week-long cyber incident will impact quarterly income

We know GenAI is risky, so why aren’t we fixing its flaws?

Western Sydney University Cyber Attack: A Four-Year Hacking Saga Unveiled

Western Sydney University hacker granted bail, university releases comment

Whole Foods supplier United Natural Foods (UNFI) restores core systems after cyberattack

Why healthcare remains a prime target for ransomware attacks

Zinli Data Breach - Over 100K Users of Popular Venezuelan Digital Wallet Allegedly Exposed

26th June

3 key takeaways from the Scattered Spider attacks on insurance firms

4 Ways to Protect Networks from Botnets Before It’s Too Late

8 arrested in Hong Kong after HK$46 million lost in investor phishing scams

25-year-old Kai West, aka IntelBroker, arrested in France for high-profile data breaches

Aditya Birla Capital Unit Hit By Cyber Attack, Gold Worth Rs 2 Crore Sold From Over 400 Accounts

AhnLab warns of phishing emails disguised as violation notices to steal data

AMI MegaRAC bug enabling server hijacks exploited in attacks

Australia: New South Wales (NSW) Police arrest and charge hacker behind years of Western Sydney University cyber attacks

Brave, Firefox, or Tor: you can’t trust your browser to protect you from tracking

BreachForums: ShinyHunters Members Arrested, IntelBroker Identified as Kai West

Breaking the cycle of attack playbook reuse

British Hacker Charged in U.S. for Cybercrime Network

British hacker 'IntelBroker' charged in US over spree of company breaches

British hacker IntelBroker faces years in a US prison cell

British man behind ‘IntelBroker’ hacker group charged with stealing millions

British Man Suspected of Being the Hacker IntelBroker Arrested, Charged

British National Alleged to be ‘IntelBroker’ in U.S. Court Filings

Brother printer bug in 689 models exposes default admin passwords

Building cyber resilience in always-on industrial environments

Central Kentucky Radiology Data Breach Impacts 167,000

ChainIQ Cyber Attack Causes Data Leak Impacting UBS, Pictet, KPMG and Others

Chinese Hackers Deploy Pubload Malware Using Tibetan Community Lures and Weaponized Filenames

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Cisco warns of max severity RCE flaws in Identity Services Engine

Claroty detects widespread cyber risks in building management systems, including ransomware-linked KEVs

ClickFix attacks skyrocketing more than 500%

ClickFix Attacks Surge 517% in 2025

Complaint says Bumble feature connected to OpenAI violates European data privacy rules

Council Chaos: Scotland’s Largest Council Targeted in Suspected Ransomware Attack

Critical Open VSX Registry Flaw Exposes Millions of Developers to Supply Chain Attacks

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Cyber Criminals Exploit Open-Source Tools to Compromise Financial Institutions Across Africa

Cyberattack on Arkansas health center compromises data of over 100,000

Cybercrime surge hits technology sector as AI & supply chain attacks rise

Cybercriminals Exploit LLM Models to Enhance Hacking Activities

Data Breach at Decisely Insurance Services exposes personal information of over 65,000 individuals

Digital Gold Heist In Mumbai! Hacker Sells Rs 1.95 Crore Digital Gold Via ABCD App; 435 Accounts Hacked

Don’t trust that email: It could be from a hacker using your printer to scam you

Ex-student charged over hacking university for cheap parking, data breaches

Ex-student charged with wave of cyber attacks on Sydney university

FBI's undercover $250 Bitcoin payment helps take down alleged serial corporate hacker

Food and Drug Administration (FDA) Urges Secure Cyber Practices for Medical Product Manufacturing

Former student charged over alleged cyber attacks at Western Sydney University

Former Western Sydney University student charged in cyber attack, data theft and mark alteration case

Fox Kitten and Br0k3r: The Iranian Cyber Contractor Collaborating with Ransomware Gangs

French authorities arrest BreachForums operators tied to massive global data breaches

French Authorities Arrest Four with Suspected Ties to Notorious BreachForums

From Hack to Tragedy: London Patient Dies After Cyber Attack on NHS

German and Romanian police uncover massive fraud scheme

Glasgow Council services remain offline a week after cyber attack

Hacker Drains $9.6 Million From DeFi Stablecoin Protocol Resupply

Hacker exploits Resupply protocol and steals $9.5 million in stablecoins

Hacker Exploits ResupplyFi Bug to Steal $9.6M in Crypto

Hacker Who Stole Lawmaker Data From Insurance Market Charged

Hackers sell 436 users’ digital gold on financial services app

Homeland Security warns of Iran-backed cyberattacks targeting US networks

Hong Kong Police Arrest 8 in Large-Scale Phishing Scam; Victims' Securities Accounts Hijacked Involving $46M+

Hundreds of Model Context Protocol (MCP) Servers at Risk of Remote Code Execution (RCE) and Data Leaks

India: AI driving force behind 82.8 per cent of phishing emails in Karnataka

India: Data breach alert! Telegram chatbot selling information at Rs 99 - From past address to Adhaar, voter ID details

Infostealer Threat Persists Despite Data Breach Questions

Iranian APT35 Hackers Target Prominent Cybersecurity Experts and Academics in Israel

Iranian Spear-Phishing Attack Impersonates Google, Outlook, and Yahoo Domains

Insider at crypto security firm accused of exploiting protocol for $2 million

Interpol Warns of Rapid Rise in Cybercrime on African Continent

Iranian APT35 Hackers Attacking High-Profile Cyber Security Experts & Professors from Israel

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

Israeli cyber and computer science experts phished by Iran-linked APT42

London NHS cyberattack linked to patient death amid ongoing fallout from ransomware breach

Lumu 2025 Compromise Report Finds Key Trends Across Evasion, Malware, and Phishing Attack Vectors

Major Israeli Staffing Firms JobPlace and QHR Allegedly Breached by Handala Group

Man pleads guilty to hacking networks to pitch security services

May 2025 Healthcare Data Breach Report

Microsoft 365 'Direct Send' abused to send phishing as internal users

Millions of Brother printers threatened by multiple serious vulnerabilities – enterprise and home printers at risk

Minister announces temporary legal aid reforms after cyber-attack on Legal Aid Agency

Monero-only hacker IntelBroker caught after accepting Bitcoin from FBI

Most AI and SaaS apps are outside IT’s control

New FileFix Method Emerges as a Threat Following 517% Rise in ClickFix Attacks

New Hires More Likely to Fall for Phishing + Social Engineering Attacks

No, Iran’s nuclear program wasn’t just hacked

North Korean Group BlueNoroff Uses Deepfake Zoom Calls in Crypto Scams

North Korean hackers BlueNoroff blamed for cyber attack on Canadian gambling firm

Patient Death Linked to NHS Cyber-Attack

Protecting Business Data From Unauthorized Encryption Threats

Qilin Ransomware Allegedly Hits Five Companies Including Tecore Networks, CMI, and Habitat for Humanity

Qilin ransomware attack on NHS supplier contributed to patient fatality

Ransomware: Almost every second company pays - often after negotiation

Ransomware Attack on Hospital Linked to Patient Death

Ransomware disruptions contributed to a patient death, NHS finds

Ransomware incidence in retail spikes, report finds

Ransomware Payments Fall, But Half Of Victims Still Pay To Recover Data

Retail ransomware attacks surge 40% as Safepay tops threats

Russian Hackers Sentenced 7 & 5 Years...Massive Ransomware Bitcoin Seizure Hits €60M

Serial Hacker “IntelBroker” Charged For Causing $25 Million In Damages To Victims

Services disrupted as cyber attack hits Glasgow Council

South Africa is a prime target for ransomware attacks: How to safeguard your system

South Korea: Pizza Franchise Papa John’s Probed for Data Breach

Spanish Insurer Asemas Allegedly Breached - 11 Million Records for Sale Online

Supply Chain Incident Imperils Glasgow Council Services and Data

Ten months later, McLaren reveals 740,000 impacted by ransomware attack

Thai Conglomerate BTS Group Holdings Allegedly Breached

That WhatsApp from an Israeli infosec expert could be a Iranian phish

The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience

The Unmasking of IntelBroker: Inside the Global Manhunt that Toppled a Cybercrime Kingpin

Threat Actors Exploit ChatGPT, Cisco AnyConnect, Google Meet, and Teams in Attacks on SMBs

UK firms face rising ransomware costs but recover faster

UK Ransomware Attack Leads to Patient's Death Due to Disabled Blood Services

UK SMEs face rise in cyber attacks with average cost GBP £7,960

US charges British hacker and seeks extradition from France in data theft case

US Identifies and Nabs 'IntelBroker' Hacker, Who Tried to Extort AMD, Hewlett-Packard Enterprise (HPE)

US seeks extradition of alleged hacker arrested in France

US, French authorities confirm arrest of BreachForums hackers

Wazuh warns Windows users of new "DOGE Big Balls" ransomware variant

Western Sydney University hacker charged and identified as former student who allegedly threatened to publish data on dark web

WhatsApp Banned on US House of Representatives Devices

When synthetic identity fraud looks just like a good customer

Why data breaches are getting costlier in India

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

25th June

16 billion passwords from Apple, Facebook, Google and more leaked. Why has no one heard of it?

$90M Removed From Iran’s Largest Cryptocurrency Exchange in Cyberattack

$918,510 Settlement Agreed to Resolve Data Breach Litigation Against OB/GYN Clinics

A free service to protect US critical infrastructure against Russian cyber attacks has ended - but did it shut down just a touch too soon?

Africa faces cybercrime crisis amid weak enforcement, INTERPOL warns

AI Agents Are Creating Insider Security Threat Blind Spots, Research Finds

Akira Ransomware Allegedly Hits Six Companies, Including Seppeler Gruppe and Access Financial

Alleged Data Leak at AKRAB Resource Malaysia Exposes Sensitive Student Information

Alliedbankers Insurance Corporation Allegedly Hit by Massive 80GB Data Breach

Arisa Health to pay $1.9 million in settlement over 2024 data breach affecting 375,000 patients

Authorization sprawl: Attacking modern access models

Beware the Hidden Risk in Your Entra Environment

Breach of University of Massachusetts (UMass) Dartmouth’s systems earns it a lawsuit

BreachForums hacking forum operators reportedly arrested in France

BreachForums Operators Arrested by French Police

Bridewell report indicates rise in lone wolf ransomware actors

Cambodian Education Giant MJQ Education Allegedly Breached, Applicant Data Leaked

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

Citrix warns of exploitation of Netscaler devices through new bugs

Citrix warns of NetScaler vulnerability exploited in DoS attacks

Close to half of firms impacted by ransomware chose to pay, survey finds

Columbia University hit in suspected cyberattack, systems down

Columbia University investigating cyber incident after tech outages

Common Good Cyber Fund Launched to Support Non-Profit Security Efforts

Companies negotiate their way to lower ransom payments

Compliance Firm Warns Registered Investment Advisors (RIAs) of Phishing Scammers Impersonating the Securities and Exchange Commission (SEC)

Cork hacker sends ETH to Tornado Cash, donates to Roman Storm’s fund

Crypto-stealing SparKitty trojan slips into app stores

Customer Documents from Dubai Motorcycle Rental Firm Allegedly Leaked Online

Cyber attack on hospitals ‘contributed to patient death’

Cybercrime: 46% of firms paid ransom in 2025

Data possibly stolen and council services offline after Glasgow cyber attack

Data theft fears after cyber attack on Glasgow City Council

Data theft possible in Glasgow City Council cyber attack

Do-nut ignore: Krispy Kreme informs 160k affected in November cyber attack

Envato investigates cyber attack claims, no evidence of breach so far

Feds Warns of Possible Iranian Hacker Attacks Against U.S. Infrastructure

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)

French police reportedly arrest suspected BreachForums administrators

GhostSec’s ground war on Israeli satellites

Glasgow City Council dealing with major cyber attack

Glasgow city council hit by cyber attack that may have stolen residents’ data

Glasgow City Council hit by cyber attack which 'may have involved theft of customer data'

Glasgow City Council hit by major cyber security incident

Glasgow City Council impacted by ‘cyber incident’

Glasgow City Council warns public after local authority hit by cyber attack

Green River City Computer Systems Crippled by Ransomware

Hacker 'IntelBroker' charged in US for global data theft breaches

Hackers abuse Microsoft ClickOnce and AWS services for stealthy attacks

Hackers May Be Using LLMs to Target You

Hackers may have had access to Fall River schools' data for months before cyberattack

Hackers turn ScreenConnect into malware using Authenticode stuffing

Hackers Use Open-Source Offensive Cyber Tools to Attack Financial Businesses in Africa

Half of businesses yield to ransomware demands

Half of Customer Signups Are Now Fraudulent

Half of Singapore companies pay ransom in cyberattacks

How SMBs Must Manage Rising Ransomware and Social-Engineering Attacks

How to Tame Your Multi-Cloud Attack Surface with Pentesting

Kenya: Cyber phishing threatens privacy

LapDogs Campaign Shows Chinese Groups’ Growing Use of ORB Networks

Lessons from Black Basta - How to protect against evolving ransomware threats

Mainline Health Systems data breach impacted over 100,000 individuals

Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People

Many End up Paying Ransomware Demands, Though Less Than They Did in Prior Years

Marquette County Medical Care Facility Data Breach Caused by HR Email Compromise

Microsoft nOAuth Flaw Still Exposes SaaS Apps Two Years After Discovery

Nearly half of companies say they pay up ransomware demands - but here's why that could be a bad idea

New 'CitrixBleed 2' NetScaler flaw let hackers hijack sessions

New TeamViewer Vulnerability Puts Windows Systems at Risk of Privilege Escalation

New wave of ‘fake interviews’ use 35 npm packages to spread malware

New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare

NHS cyber attack contributed to London hospital patient’s death, trust reveals

NHS cyber attack death confirmed as patient dies after blood test delay

NHS cyber attack disaster leads to first confirmed patient death

nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

Nova Scotia Power (NSP) confirms wider data breach, offers all customers five years of credit monitoring

NSA and CISA Urge Adoption of Memory Safe Languages for Safety

Nucor confirms data breach exposed sensitive personal information in recent cyber attack

Over 100K exposed in Arkansas health system hack

PACER electronic filing system under attack by hackers, federal judge warns lawmakers

Patient Dies After Ransomware Attack Disrupts UK Hospital

Patient's death linked to cyber attack on NHS, hospital trust says

Police alerts about new SMS "blaster" scams used for smishing

Pro-Iranian hackers leak personal data of Saudi Games 2024 participants

Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

Qilin & Associates Law Firm: Ransomware Hires Lawyers, Launches “Intimidation Package”

Quantum Computing: A Call to Action for Security Professionals

Ransom Costs Drop, But Half of Firms Still Pay Hackers

Ransomware attack contributed to patient’s death

Ransomware attack contributed to patient’s death, says Britain’s National Health Service (NHS)

Ransomware Attacks Dip in May Despite Persistent Retail Targeting

Ransomware Groups Increasingly Conducting Extortion-Only Attacks

Ransomware threat actors today and how to thwart them

Ransomware victims are getting better at haggling with hackers

Rising Cyber Storm: Navigating Ransomware, Hacktivism, and Geopolitical Conflict

Russian cyber attack on hospitals ‘contributed to patient death’

SAP GUI Input History Found Vulnerable to Weak Encryption

Saudi Mining & Logistics Firm Kalad Allegedly Breached, Full Database Leaked

Scale AI Leaks Meta, Google, xAI Confidential Files Through ‘Incredibly Janky’ Document Practices

Some Erie Insurance operations back online after cyber attack, 2 other insurers attacked

SonicWall NetExtender Trojan and ConnectWise Exploits Used in Remote Access Attacks

SonicWall warns of fake VPN apps stealing user logins and putting businesses at risk - here's what we know

SonicWall warns of trojanized NetExtender app stealing sensitive data

Sophos finds ransomware crooks still getting paid

Sophos Ransomware Report: More Paying Ransoms, Minimizing Impact

Spanish Insurer Pelayo Seguros Allegedly Breached – Database of 1.5 Million Users For Sale

Tonga's health system paralysed by major ransomware attack, staff forced to go manual

U.S. Lawmakers Target ‘Adversarial AI’ in Bipartisan Push to Fortify Federal Systems

UK Ransom Payments Double as Victims Fall Behind Global Peers

US lawmakers push new bill to ban DeepSeek and other Chinese AI models across government agencies

Users lack control as major AI platforms share personal info with third parties

Warning as Glasgow City Council hit by cyber attack

Why should companies or organizations convert to FIDO security keys?

Why the Security Operations Center (SOC) needs its “Moneyball” moment

Windows users warned of major security issue - here's why FileFix attack could be a big concern

WinRAR patches bug letting malware launch from extracted archives

World’s largest data breach spurs rush to passkeys

YES24 faces ransomware attack as global incidents rise, costing Korea billions

Your Data Appeared in a Leak. Now What?

24th June

16 Billion Login Credentials Exposed in Massive Data Breach

16 billion passwords leak online in massive data dump with data from Google, Facebook, Apple, and more

18 Simple, Budget-Friendly Strategies To Boost Ransomware Resilience

Aflac faces proposed class action in data breach

Aflac reveals a data breach that occurred earlier this month

Africa Faces a Digital Sextortion Crisis as Numbers Surge Across the Continent

Agentic AI ransomware is on its way

AI Security Turning Point: Echo Chamber Jailbreak Exposes Dangerous Blind Spot

Androxgh0st Botnet Expands Reach, Exploiting US University Servers

Anubis ransomware gang claims massive Disneyland Paris data breach

APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine

Arisa Health to Pay $1.9 Million to Settle Data Breach Litigation

AT&T Settles $177M Over 2024 Data Breach Lawsuits

BT says nearly half small businesses have suffered a cyber attack in the last year

California real estate firm Income Property Investments exposes 170,000 records in major data breach

CERT-In issues advisory after data breach of 16 billion credentials, asks people to change passwords

China-linked APT Salt Typhoon targets Canadian Telecom companies

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

China-linked Salt Typhoon hacked Canadian telecom

Cyber Intel Pros and Hobbyists Can Now Report Threats Anonymously

Data breach affecting over 75,000 people at University of Massachusetts (UMass) leads to lawsuit

Don’t be blindsided by a cyber attack

Ex-CISA head urges vigilance, warns retaliatory cyberattacks after Iran nuclear strikes likely

Fewer ransomware attacks encrypting data, new report finds

Four REvil ransomware crooks walk free, escape gulag fate, after admitting guilt

Gambling Addict Accused of Stealing $4m from Coinbase Users

Generative AI and privacy are best frenemies - a new study ranks the best and worst offenders

Hacker Group Claims it Destroyed Israeli Military-linked Company's Database

Hackers Are Poisoning Google Search Results for AI Tools to Deliver Infostealer Malware

Hackers Exploit Misconfigured Docker APIs to Mine Cryptocurrency via Tor Network

Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers

Half of Security Pros Want GenAI Deployment Pause

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)

How to Recognize Social Engineering and Block the Modern Kill Chain

Indian Nuclear and Chemical Firm Allegedly Breached

Inside the Cyber Crisis Facing Healthcare

Insurer Aflac Experiences Cyber Incident

Iran’s Nuclear Program Data Allegedly Breached - 25 GB of Sensitive Information For Sale

Iranian-Linked Hackers Disrupt Services in Tirana Cyber Assault

Judge approves AT&T’s $177M data breach settlement

Krispy Kreme data breach exposes personal information of over 160,000 individuals

Leak of data belonging to 7.4 million Paraguayans traced back to infostealers

Lessons from Helsinki: NCSC-FI's Role in Mitigating a Major Data Breach

Major Data Breach Allegedly Hits Cetdigit, Exposing 19 Million B2B Records

Major data breach at McLaren Health Care sees 743,000 patients affected - here's what we know

Malware Campaign Uses Rogue WordPress Plugin to Skim Credit Cards

McLaren Health Care data breach affects over 740,000 individuals

McLaren Health Care Data Breach Impacts Over 743,000 Patients

McLaren notifies 743K patients about data breach

Mexican Hospital Civil de Guadalajara Allegedly Breached

Myrtue Medical Center Allegedly Hit by Ransomware Attack

Nearly Half of Companies Opt to Pay the Ransom, Sophos Report Finds

Negotiating with ransomware gangs works, survey finds

New FileFix attack weaponizes Windows File Explorer for stealthy commands

NHS demands doctors stop using unapproved AI software to record patient conversations

North Korean Hackers Try to Steal Crypto Via Deepfake Zoom Call

Outdated systems are a hacker’s dream

Patients Allege Home Delivery Pharmacy Failed Timely Notification of Data Breach

Peruvian Chocolate Giant Machu Picchu Foods Allegedly Hit by Sarcoma Ransomware Attack

Phishing against Trezor users, fake support emails attempt to steal the seed phrase: how to recognise them

Pro-Russian hackers claim DDoS attack on Dutch government websites

Ransom demands surge as UK organisations grapple with ransomware fallout

Ransomware attack hits Krispy Kreme systems

Record Data Breaches: Is Your Team Secure?

Reported Impersonation Scams Surge 148% as AI Takes Hold

Researchers Find Way to Shut Down Cryptominer Campaigns Using Bad Shares and XMRogue

REvil ransomware members freed by Russia after conviction

Russia releases REvil members after convictions for payment card fraud

Saving Your Wallet Details, Seed Phrase as a Photo on Your Phone? This Trojan May Be Targeting You

Second Time’s Not the Charm: McLaren Hit Again by Ransomware Breach

Security researchers warn that old or expired Discord invites are being used in phishing attacks

Singapore: Organisations cite Business Email Compromise (BEC), phishing as top threats for 2025

SK Telecom to resume new subscriptions after completion of USIM replacement

Social engineering and Signal chats led to new Russian malware attacks, Ukraine says

SonicWall warns of trojanized NetExtender stealing VPN logins

SparkKitty Spyware on App Store and Play Store, Steals Photos for Crypto Data

State of Ransomware 2025: Sophos Finds Median Ransom Payment Now $1 Million

Sweeping Department of Motor Vehicles (DMV) phishing campaign hits US

Taiwan Military Database Allegedly Compromised, Sensitive Data Offered for Sale

The ‘16 billion password breach’ story is a farce

The Security Fallout of Cyberattacks on Government Agencies

The State of Ransomware 2025

The story of the secret cyber attack on Iran's nuclear sites

This dangerous new malware is hitting iOS and Android phones alike - and it's even stealing photos and crypto

Trezor under phishing attack, maximum alert

Trezor Warns of Phishing Emails Mimicking Support

Trezor Warns Users After Phishing Emails Exploit Support System

Trezor’s support platform abused in crypto theft phishing attacks

Trojanized SonicWall NetExtender app exfiltrates VPN credentials

U.S. Hit by Hacktivist DDoS Attacks Following Iran Bombings

U.S. House of Representatives Bans WhatsApp on Official Devices Over Security and Data Protection Issues

U.S. warns of incoming cyber threats following Iran airstrikes

UK ransomware costs significantly outpace other countries

University of Massachusetts Dartmouth (UMass Dartmouth) Sued Over Data Breach That Affected 75K

Unprecedented Data Breach: Largest Password Leak in History Exposes Millions

Urgent warning to Facebook, Apple and Google users after ‘largest data breach in history’

US House of Representatives bans WhatsApp from staff devices

US House of Representatives bans WhatsApp on staff devices over security concerns

US insurance company Aflac reports customer data breach

Using AI to Identify Patterns in Vishing Attempts

Weaponized DMV-Themed Phishing Attacking U.S. Citizens to Harvest Personal and Financial Data

White House bans Congress from using WhatsApp on their devices

Why One-Off Pen Tests Could Be Leaving You at Risk

23rd June

16 Billion Login Credentials Exposed in World’s Largest Data Breach

16 Billion Passwords Stolen in Largest Cyber Attack Ever

71% of new hires click on phishing emails within 3 months

184 million passwords leaked across Facebook, Google, more: What to know about this data breach

743,000 Impacted by McLaren Health Care Data Breach

743,131 Americans Affected by Massive Data Breach - Firm Says Unknown Attacker May Have Exposed Names, Social Security Numbers, Driver’s License Numbers and More

Aflac confirms data breach in widespread cyberattack targeting US insurance sector

Aflac Latest Major Insurer to Suffer Cyberattack and Data Breach

Aflac probes potential data breach after suspicious US network activity

AI was once a developer’s best friend, but now it's a threat to the software supply chain

Alleged Sale of Vivaia Customer Data from January 2025 Breach Impacts 12 Million

American steel giant Nucor confirms data breach in May attack

Angolan Government Documentation Panel Allegedly Breached

Anti-regime hackers infiltrate Iran's banking system

APT28 hackers use Signal chats to launch new malware attacks on Ukraine

APT36 Hackers Attacking Indian Defense Personnel in Sophisticated Phishing Attack

APT36 Hackers Target Indian Defense Personnel with Sophisticated Phishing Campaign

Are your passwords part of recent data breach? Here's how to check

Banks enhance customer screening amid rising voice phishing crimes in Korea

Canada says Salt Typhoon hacked telecom firm via Cisco flaw

Canada says telcos were breached in China-linked espionage hacks

China-linked LapDogs Campaign Drops ShortLeash Backdoor with Fake Certs

Chinese “LapDogs” Operational Relay Box (ORB) Network Targets US and Asia

CoinMarketCap, Cointelegraph compromised to serve pop-ups to drain crypto wallets

Cointelegraph Hit by Front-End Exploit, Fake Phishing Airdrop Pop Up on Website

Cointelegraph Website Hacked to Promote Fake Airdrop Scam

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)

Crypto phishing blitz hits CoinMarketCap, Cointelegraph, and Trezor

Cyber Essentials Breaks Quarterly Record for Certifications

Cyber Fattah Leaks Data from Saudi Games in Alleged Iranian Operation

Cyberattack disrupts Tonga Ministry of Health

Data of more than 740,000 stolen in ransomware attack on Michigan hospital network

Department of Homeland Security (DHS) Warns Pro-Iranian Hackers Likely to Target U.S. Networks After Iranian Nuclear Strikes

Disneyland Paris data allegedly stolen by Anubis ransomware

Echo Chamber Jailbreak Tricks LLMs Like OpenAI and Google into Generating Harmful Content

Erie Insurance works to determine what, if any, data was affected by security incident

Everything You Need To Know About The Record Data Breach Leaking 16 Billion Passwords

Fake Department of Motor Vehicles (DMV) Texts Scam Hit Thousands in Widespread Phishing Campaign

Fake Minecraft Mods on GitHub Found Stealing Player Data

Fake Web3 Wallet Prompt Steals $43,000 from CoinMarketCap Users

FC Barcelona documents leaked in ransomware breach

FC Barcelona’s data compromised in ransomware attack on insurer

Federal officials warn of potential Iran cyber attacks. How to protect yourself

French Insurance Broker AMI 3F Allegedly Breached 20K Customer Records Leaked

Genomics company fined over data breach

Gigabytes of Disneyland data “just end up” in ransomware gangs’ hands

Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks

Hacken token plunges 99% after hacker mints and dumps $250K

Hacker Daytwo Stole $4M from Coinbase Users

Hacker offers files for sale after Scania data breach

Hackers Allegedly Selling Intelbras Router 0-Day Exploit on Hacker Forums

Hackers exploit Trezor's website to send phishing emails

Hackers take advantage of Google Apps Script for phishing

Heightened Cyber Threat from Iran Sparks Urgent Calls for Vigilance and Mitigation

Highly targeted spear phishing campaign targets corporate leaders, financial executives

How CISOs can justify security investments in financial terms

Inside the UK’s Fight Against Ransomware

Iran cyberattacks against US biz more likely following air strikes

Iran-linked cyberattack reportedly disrupts public services in Albania’s capital

Iranian hacker group reportedly behind Albania cyber attack

Israeli officials say Iran exploiting security cameras to guide missile strikes

Krispy Kreme confirms data leak after ransomware attack

Krispy Kreme Data Breach Update: 160,000 Individuals Affected

Lawsuit alleges Erie Insurance failed to safeguard customer data in network breach

Leading at the Speed of Algorithms: Immediate AI Priorities for Cybersecurity Leaders

Lost devices "systemic risk" to UK cybersecurity

Major insurance company discloses cyber attack: What you need to know if you’re impacted

Malware on Google Play, Apple App Store stole your photos - and crypto

McLaren Health Care Data Breach Exposes 743,000 People Personal Information

McLaren Health Care Data Breach Exposes Personal Information of 743,000 Individuals

McLaren Health Care data breach impacted over 743,000 people

McLaren Health Care hit by another data breach, exposing 743K people’s data

McLaren Health Care Notifies Almost 750,000 Individuals About August 2024 Ransomware Attack

McLaren Health Care says data breach impacts 743,000 patients

McLaren Health Says 743,000 Affected by 2024 Ransomware Hack

Medical device cyberattacks push hospitals into crisis mode

Mower County experienced ransomware attack last week; still working to fully restore services

New ransomware groups, rise in supply chain attacks in May 2025

"No evidence" - here's why the massive 16 billion record data breach may not be as bad as first thought

Over 700K people hit in major healthcare data breach - full names, SSNs, medical info and more exposed

Over Half of Online Shopping Traffic is Made Up of Bots

Oxford City Council confirms data breach affecting election workers and staff

Oxford City Council data breach affects legacy systems

Oxford City Council data breach leaks two decades of data

Oxford City Council reports election worker data breach (2001–2022)

Paraguay Hit By Yet Another Cyber Attack

Phishing Attacks Hit Top Crypto Sites: CoinMarketCap & CoinTelegraph Affected

Pro-Russian hacker group claims attack on Dutch government websites

Qilin ransomware strengthens data extortion tactics

Quantum risk is already changing cybersecurity

Ransomware group now lets you call a lawyer

Researchers say cybercriminals are using jailbroken AI tools from Mistral and xAI

REvil ransomware members released after time served on carding charges

Russian court releases several REvil ransomware gang members

Russian hackers target Gmail passwords to crack down on international critics

Salt Typhoon Targets Telecoms via Router Flaws, Warn FBI and Canada

Security experts confirm 16 billion ‘data breach’ contained old data

SK Telecom resumes new customer sign-ups after April's SIM data breach

So, you’ve been hit by ransomware and you want to pay - here’s what to expect in a negotiation

Spanish Retailer Electropolis Allegedly Breached Over 100k Customers Affected

Stealthy backdoor found hiding in Small Office and Home Office (SOHO) devices running Linux

Steel giant Nucor confirms hackers stole data in recent breach

Steelmaker Nucor Hacked - Attackers Gained Unauthorized Access to IT Systems

Steelmaker Nucor restores operations, confirms limited data breach

Steelmaker Nucor Says Hackers Stole Data in Recent Attack

Stop Blaming CVSS: The Real Problem in Vulnerability Management is Us

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

This Aflac Data Breach Compromised an Unknown Number of Accounts

Threat Actor ‘MazingerZ’ Claims Breach of Ocaso Seguros’ Customer Data

Trezor issues phishing alert after attackers abuse support contact form to send scam emails

Trezor issues security alert after contact form exploit used in phishing scam

Trezor Issues ‘Urgent Alert’ After Support-Form Exploit Sends Phishing Emails - What Users Must Know

Trezor users targeted in phishing scam as attackers exploit support system flaw

Trezor Wallet Issues Phishing Scam Warning to Its Users

Trezor warns users about phishing emails mimicking customer support

Trezor Warns Users of Phishing Scam After Security Breach

Ukrainian Government Systems Targeted With Backdoors Hidden in Cloud APIs and Docs

United Natural Foods restores ordering systems, resumes deliveries across North America

US Homeland Security warns of escalating Iranian cyberattack risks

US insurance giant Aflac says customers’ personal data stolen during cyberattack

US strike on Iran sends online ripples: major Saudi leak, DDoS on Truth Social

US Warns of Heightened Risk of Iranian Cyber-Attacks After Military Strikes

US-Based Telcom Insurance Group Allegedly Targeted in Lynx Ransomware Attack

Was there a recent dental data breach?

Welcome to the password apocalypse: 16 billion Apple, Google, Facebook passwords leaked

Why Banks Are Prime Cyber Attack Targets - and How They Can Fight Back

Why privacy is everyone’s business in 2025 - and what you can do about it

XDigo Malware Exploits Windows LNK Flaw in Eastern European Government Attacks

Zyxel Devices Hit by Active Exploits Targeting CVE-2023-28771 Vulnerability