Data Breaches Digest - Week 21 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th May and 25th May 2025.

20th May

100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

Adidas Data Breach - Customers’ Personal Information Exposed

Adidas Türkiye unveils data breach affecting customer information

After Bankruptcy, 23andMe Finds a Buyer in Regeneron - But What Happens to Your Data?

AI voice hijacking: How well can you trust your ears?

Broadcom confirms employee data exposed in supply chain ransomware breach

Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization

Coinbase changed lawsuit rules a day before disclosing data breach

Coinbase Data Breach Will ‘Lead to People Dying,’ TechCrunch Founder Says

Coinbase Under Federal Investigation After Massive Data Breach

Companies are increasingly limiting access to AI tools: millions of DNS queries blocked

Compromised RVTools Installer Spreading Bumblebee Malware

Containers are just processes: The illusion of namespace security

Critical Software Vulnerabilities Rose 37% in 2024

Cyber Attack Hits Supplier to Major UK Supermarkets

Cyber attack on Indian media Zee News, experts foil nefarious attempt

Cyber attack threat keeps me awake at night, HSBC bank boss says

Cybersecurity firm says more people in Japan being targeted by phishing emails

Data breach on Coinbase: risk to user security

DDoSecrets publishes 410 GB of messages from hacked Signal clone used by Mike Waltz

Department of Justice (DOJ) Launches Criminal Probe into Coinbase Insider Data Breach

Dutch government passes law to criminalize cyber-espionage

Food distributor for supermarkets hit by ransomware attack

Food distributor the latest to fall foul of cyber attack

Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse

Google Warns Hackers That Victimized UK Retailers Now Targeting US Firms With Cyber Attacks

Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack

Hack.gov: TeleMessage data breach published by DDoSecrets

Hackers are distributing a cracked password manager that steals data, deploys ransomware

Hackers are spreading fake password manager ransomware via Bing ads

Hacking, ransomware driving more healthcare data breaches

Half of Consumers Targeted by Social Media Fraud Ads

Half of Firms Hit by Months-Long Cyber-attack Disruption

How Schools Can Use Strategic Communication to Tackle Rising Cyber Threats

HSBC boss says cyber attack threat keeps him ‘awake at night’

India: Gujarat Anti-Terrorism Squad (ATS) Nabs Teen Hacker Behind Attacks On Indian Government Websites During Operation Sindoor

India: Gujarat Teen Arrested, Minor Booked for Launching Cyber Attack on Government Websites

Legal Aid Agency (LAA) offline to deal with cyber attack after unconfirmed reports of 2.1 million records affected

Legal Aid Agency suffers data breach

LockBit Leak Shows Affiliates Use Pressure Tactics, Rarely Get Paid

Low Effort, High Reward: How Nailing Basic Cyber Hygiene Makes an Organization Stronger in the Age of the ‘Novel’ Attack Vector

Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

Marks & Spencer (M&S) faces lawsuit following cyber attack data leak

Marks & Spencer (M&S) hackers used employee logins from third-party consulting firm Tata Consultancy Services (TCS), sources say

Marks and Spencer (M&S) hit with class action lawsuit over cyber attack

Million-dollar lawsuit threatens Marks & Spencer after cyber attack

Ministry of Justice (MoJ) Confirms Massive Data Breach in Legal Aid System Affecting Applicants Since 2010

Morgan County 911 Cyber attack leaves systems down for days

Mounting GenAI Cyber Risks Spur Investment in AI Security

MPs grill Barclays on outages as HSBC raises cyber attack concerns

New DBatLoader campaign sets sights on Turkey

New Nitrogen Ransomware Targets Financial Firms in the US, UK and Canada

Nobody safe from cyber attacks, says Gloucester City Council boss

Novel Phishing Attack Combines AES With Poisoned npm Packages

Ohio: Ransomware attack triggers ‘system-wide’ tech outage at large network of medical centers

Over 50% of the top oil and gas companies suffered data breaches in the past 30 days

Pakistan: Higher Education Commission (HEC) alerts public of increasing cyber attacks

Peter Green Chilled cyber attack: Major supermarket distributor to Tesco and Sainsbury's 'held to ransom'

Peter Green Chilled Cyberattack Disrupts Supermarket Supply Chain Across the UK

Phishing Attack Prevention - Best Practices for 2025

Phishing, online scams dominate global cybercrime landscape, says Interpol

Post Office agrees to compensate hundreds of sub-postmasters following data breach

Post Office agrees to pay compensation over subpostmaster data breach

Post Office data breach victims to get compensation

Post Office to compensate hundreds of data breach victims

Ransomware attack hits supplier of refrigerated groceries to British supermarkets

Ransomware attack on food distributor spells more pain for UK supermarkets

Ransomware deployed via Atlassian Confluence exploit

Retailer Tesco, Aldi’s supplier, hit with ransomware

Russian group 'Qilin' claims City of Abilene data breach, demands ransom by May 27th

Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang

Second Adidas location confirms data breach

Serviceaide Cyber Attack Exposes 480,000 Catholic Health Patients’ Data

Skitnet malware: The new ransomware favorite

Somerset distributor to supermarkets hit by cyber attack

Somerset-based Peter Green Chilled hit by cyber attack

South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware

Supplier for Tesco, Aldi and Sainsbury's hit by cyber attack

Supplier to major UK supermarkets Aldi, Tesco & Sainsbury’s hit by cyber attack with hackers ‘demanding payment’

Supplier to Sainsbury’s, Tesco, and Aldi hit by new cyber attack

Supplier to Tesco, Aldi and Lidl hit with ransomware

Surveillance apps Cocospy, Spyic, and Spyzie shut down following massive data breach

Tesco and Sainsbury's supplier hit in cyber attack with 'products wasting away'

Tesco and Sainsbury’s supplier hit in latest cyber attack

Tesco, Aldi, Lidl, Sainsbury's supplier hit by cyber attack after M&S and Co-op

Tesco, Sainsbury's and Aldi supplier 'held to ransom' in latest cyber attack

The Changing Landscape of Ransomware: Why Healthcare Organizations Are Paying Less

The Philippines: ‘Scam hub’ shut down after hacker’s exposure

Trojanized KeePass app versions facilitate ransomware compromise

Trojanized KeePass opens doors for ransomware attackers

Tycoon2FA Linked Phishing Attack Targeting Microsoft 365 Users to Steal Logins

UK: Supplier to major supermarkets hit by cyber attack

Unrestricted chatbot Venice.ai empowers hackers to wreak havoc online

US Department of Justice (DoJ) Said to Open Probe Into Coinbase Data Breach, Firm Claims Involvement of Indian Employees

US mental health clinic hack exposes tens of thousands

W3LL Phishing Kit Actively Attacking Users to Steal Outlook Login Credentials

W3LL Phishing Kit Launches Active Campaign to Steal Outlook Login Credentials

Your AI isn’t safe: How LLM hijacking and prompt leaks are fueling a new wave of data breaches

19th May

23andMe sold for $256 million as buyer pledges to comply with existing privacy policies

67% of Organizations Faced Cyber Attacks in The Past 12 Months

200,000 Harbin Clinic Patients Impacted by Nationwide Recovery Services (NRS) Data Breach

210,000 American clinics‘ patients had their financial data leaked

AI hallucinations and their risk to cybersecurity operations

Arla Foods confirms cyberattack disrupts production, causes delays

Australian Police Seize Hacker’s Bitcoin, Mansion and Luxury Car

Binance and Kraken Thwart Coinbase-Style Phishing Attacks

Bitcoin trail leads police to $2.6m asset seizure in Australia

Breaches at Serviceaide, Nationwide Recovery Services expose medical info of more than 500,000 people

BreachForums Admin to Pay $700,000 in Health Care Data Breach

Brussels Court Slams Tracking-Based Ads, Upholds GDPR Privacy Standards

Cocospy stalkerware apps go offline after data breach

Coinbase Crypto Exchange Reports Losses of Up to $400 Million After Data Breach

Coinbase Faces Legal Storm Amid S&P 500 Inclusion and Data Breach

Coinbase Faces Multiple Lawsuits After User Data Breach

Coinbase Faces Wave of Lawsuits Over Customer Data Breach

Coinbase hit by multiple data breach lawsuits

Coinbase Slammed With Face Scan, Data Breach Lawsuits as User Fury Grows

Communications Data Group reports data breach affecting over 40,000 individuals

Criminal history stolen in Legal Aid Agency hack

Criminal records stolen in 'significant' cyber attack on Legal Aid Agency

Criminal records, financial data exposed in cyber attack on Legal Aid Agency

Crypto Heist Aftermath: Australian Hacker Loses Mansion and Bitcoin Fortune

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide

Cyber attack on legal aid agency

Cyber attack on Legal Aid Agency exposed 'significant' personal data

Cyber attack on UK legal aid agency exposes private data, including criminal records

Cyberattacks a severe hit on brand reputation, industry report founds

Data breach at Effortel exposes personal information of 70,000 Belgian mobile users

Data breach at Nationwide Recovery Services (NRS) affects over 210,000 Harbin Clinic patients

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index

Department of Justice (DOJ) is investigating Coinbase data breach

Domestic abuse victim data stolen in Legal Aid hack

Eindhoven University of Technology: ‘TU/e acted well in cyber attack, but there are also learning points’

ELPACO-Team Ransomware Targets Confluence Servers Through Flaw CVE-2023-22527

EU Stakes Out Digital Sovereignty With Vulnerability Database

Excelsior Springs School District Details Cybersecurity Response After $253K Phishing Theft

Fake clinics used in healthcare phishing scam

Fake KeePass password manager leads to ESXi ransomware attack

Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards

GDPR Changes Risk Undermining its Principles, Civil Society Groups Warn

Hacker Arrested for Taking Over SEC Social Media to Spread False Bitcoin News

Hacker Charged for Hijacking SEC Account to Promote Fake Bitcoin News

Hacker had broad access to Eindhoven University's network for days in January

Health Care Data Breach Costs BreachForums Admin $700,000 Fine

Hacker of Securities and Exchange Commission's X account gets 14 month jail time

How CISOs Can Stay Ahead of Evolving Cloud Threats

How to protect your data after a cyber-attack

Huge cyber attack targets Legal Aid as names and personal details at risk

Inside the LockBit Leak: Rare Insights Into Their Operations

Legal Aid Agency Admits Major Breach of Applicant Data

Legal Aid Agency Cyber Attack Exposes ‘Significant’ Personal Data in Major Breach

Legal Aid Agency data breach

Legal Aid Agency hit by cyber attack

Legal Aid Agency Loses ‘Significant’ Amount of Data to Cyber-Attack

Legal Aid Agency suffers serious data breach

Legal Aid cyber attack: Huge amount of personal data stolen

Legal aid cyber attack: 'Significant amount of personal data' stolen in latest major hack to hit UK

Legal aid hack: data from hundreds of thousands of people accessed, says Ministry of Justice (MoJ)

Legal aid hack: Names, financial details and criminal histories compromised in cyberattack, Ministry of Justice says

Malicious RVTools installer found on official site, researcher warns

Man Behind SEC Bitcoin Hoax Tweet Sentenced in SIM Swap Hack

Marks & Spencer (M&S) CEO faces multimillion-pound pay hit after cyber attack

Marks & Spencer (M&S) confirms staff data stolen in cyber attack

Marks & Spencer (M&S) hack: attackers gained access via compromised third-party

Marks & Spencer (M&S) Hong Kong not responding to Privacy Commissioner’s Office after online customer data breach

Marks & Spencer (M&S) staff data stolen in cyber attack

Ministry of Justice hit by brazen cyberattack as hackers steal ‘significant amount’ of personal data

More Than 100 Groups and Individuals Oppose GDPR Changes

Mozilla fixes Firefox zero-days exploited at hacking contest

Nearly 27 million mobile fingerprints leaked in SK Telecom data breach

New Malware on PyPI Poses Threat to Open-Source Developers

NHS Charter Urges Vendors to Improve Cybersecurity to Prevent Ransomware

NHS England launches cyber charter to shore up vendor security practices

Northumbria Police report rise of extortion and phishing

O2 UK patches bug leaking mobile user location from call metadata

O2 was leaking user geolocation to anyone who was initiating a call

Official UK records confirm cyberattacks put NHS patients at risk of clinical harm

Over 40,000 iOS Apps Found Exploiting Private Entitlements

Personal data accessed in legal aid cyber attack

Personal data taken in UK legal aid cyber attack

Personal data taken in UK legal aid cyber attack, government says

Queensland hacker Shane Duffy loses $4.5M in cybercrime asset seizure, including Bitcoins

Ransomware attacks on agriculture industry now twice as high compared to year prior

Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access

RCE Vulnerability Found in RomethemeKit For Elementor Plugin

Redcar and Cleveland: The inside story of a council held to ransom in cyber-attack

Research Tracked 1 Malicious Email Every 42 Seconds in 2024

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

Securities and Exchange Commission (SEC) hacker gets jail time

Securities and Exchange Commission (SEC) SIM Swapper Gets 14 Months for X Account Hijack

Security Leaders Discuss the New EU Vulnerability Database

Serviceaide Leak Exposes Records of 500,000 Catholic Health Patients

Serviceaide leak impacts over 480K Catholic Health patients

'Significant amount' of data taken in cyber attack on Legal Aid Agency

'Significant' amount of personal data accessed in Legal Aid Agency (LAA) cyber attack

'Significant' personal data exposed in cyber attack on Legal Aid Agency

SIM Swap Hacker Jailed for Hijacking SEC’s X Account and Faking Bitcoin ETF News

SK Telecom data breach exposes 27 million user records

SK Telecom data breach larger than initially reported

SK Telecom USIM Data Compromise: Millions of Customers at Risk

Solicitors criticise ‘antiquated’ Legal Aid Agency IT system after cyber attack

Suspect sentenced to 14 months in prison for SIM swapping the SEC’s X account

The Ransomware Threat: How to respond and protect your organisation

Thousands of WordPress Sites at Risk Due to Critical Crawlomatic Plugin Vulnerability

Tracking Accusations May Have Roblox Back in Court

UK government confirms massive data breach following hack of Legal Aid Agency

UK Legal Aid Agency confirms applicant data stolen in data breach

UK Legal Aid Agency Finds Data Breach Following Cyberattack

UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen

US President Donald Trump to sign bill criminalizing revenge porn and explicit deepfakes

What it’s like to negotiate with ransomware gangs

When it Comes to AI Cybersecurity Tools, We’re Always Buying Vibes

Ransomware Operator Claims - Week 19 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 5th May and 11th May 2025, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 20 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 12th May and 18th May 2025.

18th May

Action Fraud warns of extortion risk amid surge of phishing email scams

Ascension healthcare data breach exposes 430,000 patient records

Checks Being Sent To Victims Of T-Mobile Data Breach

Cybercrime cops land a crushing blow on Aussie 'hacker' who allegedly stole $150m in Bitcoin

Deepfake voice scams target US officials in phishing surge

Digital War: Pakistan’s Cyber Activity Against India

FBI Warns of AI Voice Scams Impersonating US Government Officials

Hacker Behind SEC Bitcoin ETF Hoax Sentenced to 14 Months in Prison

Investors and shoppers await clues on fallout from M&S cyber-attack

January 2024 SEC’s X account hacker got 14 months in prison for cyber fraud

Marks & Spencer (M&S) cyber attack mystery culprit gang - and why another retailer falling victim is 'inevitable'

Marks & Spencer (M&S) face multi-million pound court action by Scots customers over cyber attack data leak

Marks & Spencer (M&S) facing court action from Scots after cyber attack

Marks & Spencer (M&S) Scots customers launch multi-million pound lawsuit over cyber attack data leak

Marks & Spencer (M&S) to break silence on 'devastating' impact of cyber attack

Marks & Spencer (M&S) to reveal cyber attack impact after customers left unable to shop

Russia-Linked SpyPress Malware Exploits Webmails to Spy on Ukraine

Shareholders eye more details on Marks & Spencer (M&S) cyber attack impact

17th May

14 Months in Prison for SEC Hacker: How a SIM Swap Sent Bitcoin Prices Soaring - And Exposed Cybersecurity Flaws

59% of finance professionals still skip basic security, yet claim they could spot a cyber attack

Binance and Kraken Also Targeted in Phishing Campaign Behind Coinbase Breach

Binance and Kraken Avoid Data Breach Through Strong Security Measures

Binance and Kraken Stop Coinbase-Like Phishing Attacks

Binance and Kraken Thwart Hacker Attempts on User Data After Coinbase Breach

Binance Co-founder and Former CEO Changpeng Zhao (CZ) Shares Crucial Tips to Stop Phishing Scams Targeting Crypto Users

Bloomberg Reveals How Binance and Kraken Foiled Phishing Attacks

Co-op update on empty shelves after cyber-attack

Coinbase Faces $400 Million Fallout After Major Data Breach Impacting Customer Information

Coinbase Says Data Breach Could Cost Up to $400 Million

Critical WordPress Plugin Vulnerability Exposes 10K+ Sites to Cyber Attack

Crypto Exchanges Fight Back Against Rising Phishing Attacks

Cybersecurity Scams are Targeting Busy Employees

Hackers breached M&S' IT systems 'through a contractor and spent 52 hours plundering data' before cyber attack was exposed - with shop now working 24 hours a day to fix crisis

Hacker Explores Kitsap Mental Health Services Systems and then Steals Data Next Month

Healthcare cyberattacks surge: Ransomware behind one in three breached patient records

Marks & Spencer (M&S) hackers believed to have gained access through third party

Marks and Spencer (M&S) hackers went undetected for 52 hours before cyber attack, Fortnite unavailable on iPhones globally

New 'Defendnot' tool tricks Windows into disabling Microsoft Defender

New Ransomware Attack Mocking Elon Musk Supporters Using PowerShell to Deploy Payloads

Nova Scotia Power reveals month-long delay in detecting cyberattack on internal network

Preventing Phishing Attacks on Cryptocurrency Exchanges

Ransomware Attack on ADP Partner Exposes Broadcom Employee Data

San Marcos warns of ‘phishing scam’ using public meeting documents

Securities and Exchange Commission (SEC) Hacker Jailed 14 Months for SIM-Swap Bitcoin ETF Scam

Securities and Exchange Commission (SEC) X Account Hacker Sentenced to 14 Months in Prison

Sequoia Partner Caught in Coinbase Data Breach, More VCs May Be Affected

The Coinbase Data Breach: A Breakdown of What Went Wrong

The Cyber Attack on Business Systems House (BSH) Claimed by El Dorado Last Year Exposed Broadcom’s Employee Data

Thousands of Customers’ Names, Addresses, Birthdays and Other Info Leaked in Cyber Attack on Retail Giant

Uttarakhand: Military Police Station In Dehradun Targeted In Cyber Attack

16th May

Adidas and Dior confirm breaches involving customer data

Agentic AI Ransomware Is On Its Way

Alexandria switches ambulance transportation billing vendor after data breach

Almost Half of Healthcare Breaches Involved Microsoft 365

Analyzing the Current Cloud Threat Landscape

Attacker Specialization Puts Threat Modeling on Defensive

Australia: Sophisticated phishing scam impersonates postal giant

Australia Post issues warning after spike in 'Darcula' scam texts and emails

Australian Human Rights Commission Leaks Docs in Data Breach

Billion-Dollar Bank Warns 7,537 Customers After Data Breach Triggers Unauthorized Account Access

Binance, Kraken successfully thwart phishing attacks similar to Coinbase hack

Broadcom employee data stolen by ransomware crooks following hit on payroll provider

Chinese Cyber Attack Statistics By Industry, Market Share and Facts (2025)

CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)

CISA tags recently patched Chrome bug as actively exploited

CISA Warns About Unsophisticated Hackers Compromising U.S. Critical Infrastructure

Coinbase Cyberattack: The Anatomy of a $400 Million Data Breach

Coinbase Data Breach: Sensitive Information Exposed Following Ransomware Attack

Coinbase estimates $400M cost after data breach and crypto scam

Coinbase Faces Up to $400 Million Loss After Cyber Attack

Coinbase offers USD $20 million bounty after insider data breach

Coinbase Rejects $20M Ransom, Offers $20M Bounty After Major Data Breach

Coinbase reveals data breach, says hackers demanded $20 million

Coinbase Reveals Insider Bribery Scheme Led to Data Breach, Potential $400M Cost

Coinbase Says Breach May Cost $400 Million, Issues $20 Million Bounty

Coinbase Shares Fall on Customer Data Breach but Damage Manageable

Coinbase Shares Slide 7% After Data Breach and SEC Probe Trigger Market Panic

Coinbase Under Securities and Exchange Commission (SEC) Probe Amid Major User Data Breach Reveal

Coinbase users suffer data theft in cyber attack

Court Confirms Kentucky Consumer Protection Act Doesn’t Cover Employees, But Legal Risks Remain: 5 Steps for Employers to Avoid Data Breach Lawsuits

Credential Harvesting Becomes Top Retail Data Threat

Crypto giant Coinbase faces $400m hit from cyber attack

Cryptocurrency platform Coinbase warns of up to $400m hit from cyber attack

Cybercriminals are circumventing multi-factor authentication

Data breach confirmed by Australian Human Rights Commission

Data of 70,000 customers of Belgian virtual telecom operators leaked

Data Security Risk: Analysis of AI Tools Reveals 84% Breached

DDoS attacks target Eurovision Song Contest as hackers seek attention

Deepfake attacks could cost you more than money

Dior Claims No Financial Data Lost in Cyber-Attack

Dior suffers data breach in China, South Korea

Education slowest to report ransomware-related data breaches

EU court rules that tracking-based online ads are illegal

Everything we know about the Dior cyber attack so far

FBI Issues New Scam Warning, Says Fraudsters Have Been Impersonating ‘Senior US Officials’ in Text and Voice Messages

FBI keeps warning us about phishing: here’s what even experienced users miss

FBI Warns of AI Voice Scam: Smishing & Vishing Campaign Targets US Officials

Feds charge 12 more suspects in Racketeer Influenced and Corrupt Organizations (RICO) case over crypto crime spree

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

Google Chrome’s May Update: What You Need to Know About CVE-2025-4372 and More

Hack of Securities and Exchange Commission (SEC) social media account earns 14-month prison sentence for Alabama man

Hackers Breach Coinbase Ahead of Landmark S&P 500 Entry

Hackers Now Targeting US Retailers After UK Attacks

Healthcare Cyber-Attacks Intensify, Sector Now Prime Target

Healthcare Data Breaches Affected 170 Million People in 2024

Healthcare Organizations Take 3.7 Months To Announce Ransomware Data Breaches

HireClick data leak exposes over 5.7 million job applicants in major resume breach

How AI Is Helping Hackers Hunt for Weaknesses

How to Spot a Phishing Email in 2025 - with Real Examples and Red Flags

How working in a stressful environment affects cybersecurity

Indian Support Agents Accused in Coinbase Data Breach Let Go

Inside job at Coinbase leads to massive data breach, $20 million ransom demanded

Israel arrests new suspect behind Nomad Bridge $190M crypto hack

Ivanti EPMM Hit by Two Actively Exploited 0day Vulnerabilities

Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations

Lagging in illicit stablecoin freezing helps criminals launder funds

Lawmakers push for reauthorization of cyber information sharing bill as deadline looms

LockBit Leak Reveals Details About Ransom Payments, Vulnerabilities and RaaS Operations

LockBit Leaks Reveal Drive to Recruit Ransomware Newbies

Marks & Spencer (M&S) says groceries returning to shops after cyber attack left some shelves empty

Marks & Spencer (M&S) warns staff data stolen in cyber attack

Marks and Spencer (M&S) shoppers who recently made online orders given new warning amid cyber attack

Massive data leak: 200 billion files exposed in cloud buckets

Microsoft Highlights Domain Controllers as Prime Ransomware Targets

MKA Accountants confirms Qilin ransomware attack

Most healthcare data breaches caused by hacking

New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

NHS England urges suppliers to fortify cyber defenses amid surge in ransomware threats

Nova Scotia Power data breach exposes sensitive customer information

Pierce County Library System confirms data breach

Polymorphic phishing attacks flood inboxes

Printer maker Procolored offered malware-laced drivers for months

Pro-Ukraine Group Targets Russian Developers with Python Backdoor

Ransomware attackers steal comms firm’s customer details

Ransomware gangs increasingly use Skitnet post-exploitation malware

Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks

Researchers Replicate Advanced Tactics and Tools of VanHelsing Ransomware

Rhode Island Slams Deloitte Over RIBridges Data Breach

Russian Espionage Operation Targets Organizations Linked to Ukraine War

Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack

Securities and Exchange Commission (SEC) hacker sentenced to 14 months for role in fake Bitcoin ETF post

Securities and Exchange Commission (SEC) hacker sentenced to 14 months in prison

Sequoia Capital executive also a victim in Coinbase data breach

SSH Auth Keys Reuse Exposes Sophisticated Targeted Phishing Attack

SSH Auth Key Reuse Uncovers Advanced Targeted Phishing Campaign

Steam hacker’s data leak debunked: Only SMS verification codes were stolen

Study Explores Extent of Hacking and Ransomware Attacks in Healthcare

Tennessee’s largest school district sues PowerSchool over data breach

The Growing Threat of Phishing and Social Engineering Attack and How to Defend Against Them

Top 10 Best Practices for Effective Data Protection

UK Cyber Vacancies Growing 12% Per Year

UK National Health Service suppliers asked to tackle ‘endemic’ ransomware attacks

UK Supermarket Avoided Ransomware Because ‘They Yanked Their Own Plug,’ Hackers Say

US charges 12 more suspects linked to $230 million crypto theft

US man who hacked SEC’s X account to spike Bitcoin price sentenced to prison

US Officials Impersonated Via SMS and Voice Deepfakes

US officials spoofed in ongoing voice, SMS phishing campaign

US officials spoofed in ongoing voice, SMS phishing campaign

Valve denies Steam data breach

Valve denies Steam data breach after hacker’s claims surface

Vehicle Insurance Scams Targeting Colombians with Phishing Websites Urge Them to Pay for Activation

Warning issued by Co-op after 'suspicious activity' flagged after cyber attack

Weis Markets Concludes Investigation Into Data Breach

Were Coinbase employees responsible for data leak to hacker?

What hackers do with their stolen money? Turns out they like brick-and-mortar businesses

Who's got this? Adidas reports customer data breach

World Organisation of Family Doctors (WONCA) again targeted by phishing scam

15th May

32 Million records nicked from The Epoch Times up for grabs online

89 Million Steam Accounts Allegedly Compromised in Massive Data Breach

430,000 Patients’ Data Exposed in Ascension Breach

Agentic AI Is Everywhere - So Are the Security Risks

‘Aggressive, creative’ hackers behind UK breaches now eyeing US retailers

AI transforms cybercrime: researchers warn about the rise of AI agent hackers

Alleged Breach Exposes Data of 88 Million Indian Car Owners

Alleged Data Exposure Hits Indonesian Supreme Court

An Examination Of Cybercrime And The Effectiveness Of Legal Frameworks In Combating Digital Offenses

Attack claimed by pro-Ukraine hackers reportedly erases a third of Russian court case archive

Australia: Personal data breach at rights commission triggers new alarm

Australian Human Rights Commission Discloses Data Breach

Australian Human Rights Commission suffers data breach exposing sensitive personal information

BlackDB Cybercrime Forum Admin Arrested in Kosovo to Remain in the U.S. for the Pending Trial

Building cybersecurity culture in science-driven organizations

Canadian Electric Utility Lists Customer Information Stolen by Hackers

Co-op CEO to Members: We’re Fighting to Protect Your Data

Co-op continues recovery efforts following recent data security incident

Co-op in recovery phase and restocking after cyber-attack

Co-op Outsmarts DragonForce: Swift System Shutdown Foils Ransomware Demand in UK Retail Cyberattack Spree

Co-op says store is in 'much stronger position' following cyber attack

Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails

Coinbase Breach Exposes Customer Data in Major Cyber Attack

Coinbase Could Pay Customers Up to $400M for Data Breach

Coinbase Customer Info Stolen by Bribed Overseas Agents

Coinbase data breach exposes customer info and government IDs

Coinbase Details Insider Data Theft in Remarkable Disclosure

Coinbase disclosed a data breach after an extortion attempt

Coinbase expects up to $400 million hit from cyber attack

Coinbase Faces Up To $400 Million Fallout After Cyber Attack

Coinbase Hit Hard: Cyber Attack Could Cost Up to $400 Million

Coinbase launches $20 Million bounty to catch perpetrators of data breach

Coinbase offers $20 million bounty after extortion attempt with stolen data

Coinbase Offers $20M Bounty After Spurned Extortion Attempt, Vows to Reimburse Victims of Bribe-Driven Data Breach

Coinbase Offers $20m Bounty to Take Down Cybercrime Ring Behind Hack

Coinbase Reimburses Customers Following $20 Million Extortion Attempt

Coinbase says bribed workers leaked data to hacker seeking $20 million in ransom

Coinbase says customers’ personal information stolen in data breach

Coinbase Stock Slips as Crypto Exchange Informs SEC of Customer Data Breach

Coinbase suffers cyber attack as oversees employees were bribed to steal customer data

Coinbase suffers data breach as hackers demand $20m ransom, firm offers matching bounty

Coinbase suffers data breach, gets extorted (but won’t pay)

Coinbase warns of up to $400 million hit from cyber attack

Coinbase Won’t Pay $20 Million Ransom After Data Breach

Cyber attack caused temporary website disruptions, says South African Airways (SAA)

Cyber fiends battering UK retailers now turn to US stores

Cyber gang behind UK attacks shifts focus to US

Cyberattack Hits Nova Scotia Power: Customer Data Compromised

Cybersecurity expert urges customers to ‘keep a close eye’ after M&S reveals customer data stolen in cyber attack

Data breach at Bank Street College of Education exposes sensitive information of thousands

Data breach compromises Dior’s Chinese, Korean clients

Data breach hits Australian Human Rights Commission (AHRC)

Data breach reporting lags in education sector, study finds

Did A Steam Data Breach Compromise 89 Million Accounts? Valve Responds

Dior Confirms Data Breach Affecting Customer Information

Dior faces potential ₩30 million fine in South Korea over unreported data breach

Dior fell victim to a cyber-security attack

Dior is latest retailer to suffer data breach

Dior notifies Hong Kong customers of data breach, assures no financial information compromised

Dior under fire for mishandling data breach in South Korea

DoorDash driver pleads guilty for operating $2.5M online delivery scam

Education Giant Pearson Confirms Customer Data Breach After Cyber Attack

"Endemic" Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity

‘Expect Imposters’ Coinbase Tells Customers Whose Information Was Exposed in Data Breach

Fileless Remcos RAT Attack Evades Antivirus Using PowerShell Scripts

Fraud Losses Hit $11m Per Company as Customer Abuse Soars

Fresno County fell victim to $1.6M phishing scam in 2020. Suspects indicted this week

FrigidStealer Malware Hits macOS Users via Fake Safari Browser Updates

Google fixes high severity Chrome flaw with public exploit

Government webmail hacked via XSS bugs in global spy campaign

Groceries returning to M&S shops after cyber attack left some shelves empty

Hacker Claims Steam Database Breach; Valve Denies Attack

Hacker claims to have obtained data from 89 million Steam accounts. The company responded

Hackers Allege Steam Data Breach, Data Sold on Dark Web: Here’s how you can be protected

Hackers say Co-op avoided worse cyber attack fallout

Hackers that hit M&S and other UK shops are now attacking US stores, Google says

Here's what we know about the DragonForce ransomware that hit Marks & Spencer

Horabot malware spread in new Latin America-aimed phishing campaign

How AI is Transforming Fraud Detection in Payment Processing

How the Co-op averted worse cyber attack, ‘China-based’ hack targets UK companies

How to manage privacy risks and customer impact following a data breach like Dior's

India: As DDoS and Phishing Surge Post-Pahalgam Attack, Which Other Threats Demand Attention?

Insiders leak Coinbase user data: massive breach can cost company $400 million in losses

Interlock Ransomware Attacking Defense Contractors and Their Supply Chains

It sounds like a six-word horror story, but 'Ransomware running directly from your CPU' is now a real thing

Ivanti Fixes RCE and Auth Bypass Vulnerabilities in Endpoint Manager Mobile

KnowBe4 Research Reveals Most Phish-Prone Countries

Kremlin-linked hackers target webmail servers of Eastern European government agencies

Largest US crypto exchange says cost of recent cyber-attack could reach $400m

Lawsuit Alleges Roblox Tracks Children’s Data Without Parental Consent

Leading crypto firm Coinbase faces up to $400m hit from cyber attack

LeakBit: What we know so far about the LockBit data breach

Lee Enterprises Reports $2M in Recovery Costs After Major Ransomware Incident

Limestone District School Board confirms personal information was stolen during cyber attack

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Malicious NPM package uses Unicode steganography to evade detection

Marks & Spencer (M&S) issues warning to customers after cyber attack

Marks & Spencer (M&S) reveals customer data compromised in cyber attack

Marks & Spencer cyber attack sparks customer data security fears

Marks and Spencer advises customer caution as retailer provides update on devastating cyber attack

Meta to Train AI on E.U. User Data From May 27 Without Consent; NOYB Threatens Lawsuit

Netgain Technology Pays $1.9M in Data Breach Settlement

New blockchain security standards target safer ecosystems

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

New Linux Vulnerabilities Surge 967% in a Year

No Steam Accounts Breached, Confirms Valve After 89 Million User Data Leak Scare

"NOT a breach of Steam systems" - Steam dismisses reports of data leak as fake

Nova Scotia Power confirms hackers stole customer data in cyberattack

On average, how long does it take government to report a data breach?

Over 276M Patient Records Exposed in 2024 Cyber Attacks

Oxford Life Insurance Company Confirms Hacker Accessed Financial Data this February

Patch Tuesday: Microsoft Patches 78 Vulnerabilities, 5 Zero-Day Flaws

Phishing scam targeting arts organizations, including the Allied Arts Council of Lethbridge

Police Shut Down Fake Trading Platform That Scammed Hundreds

PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack

Ransomware drives US health data breaches

Ransomware group sets sights on US retailers after hitting UK merchants

Ransomware groups join attacks on SAP NetWeaver

Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws

Ransomware Landscape Shifts as Attackers Target New Victims

Reports about Steam data breach are false, Valve says

Researchers Emulated VanHelsing Ransomware Advanced Tactics & Tools Used

Retailer Co-op narrowly avoided paralyzing ransomware attack

Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Russia-linked hackers target webmail servers in Ukraine-related espionage operation

Samsung patches MagicINFO 9 Server vulnerability exploited by attackers

SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers

SAP NetWeaver woes worsen as ransomware gangs join the attack

Securing the Code: Building a Culture of Credential Protection in Dev Teams

Six countries allegedly teamed up with Pakistan in cyber attacks on India

Steam Debunks Reported Data Breach

Steam denies data breach claims, scoffs at quality of supposedly leaked data

Steam Says There's No Need to Change Your Password After Data Breach. But Set Up This Safety Feature Anyway

Steel manufacturer Nucor halts production after cybersecurity incident

Switzerland: Hacker attack on mail from reserve power plant operator in Birr

Tennessee’s largest school district sues PowerSchool over data breach

The evolving state of ransomware

The Growing and Changing Threat of Deepfake Attacks

The most effective phishing QR code is a new drug and alcohol policy supposedly from HR

'They yanked their own plug': How Co-op averted an even worse cyber attack

Thousands of channels closed on Telegram, disrupting major illicit marketplaces

Unveiling the World’s First CPU-Level Ransomware

Urgent warning to Dior customers following cyber attack

US officials targeted in voice deepfake attacks since April

Valve confirms your Steam data wasn’t breached in major hack – here’s how to keep your account safe

Valve denies 89 million Steam accounts' data leaked, but gamers concerned

Valve denies reports of "massive" Steam data breach, says no need to change passwords or phone numbers

Valve Has Ruled Out A Steam Data Breach, But They Are Still Investigating Leaks Of Phone Numbers

Valve reassures: no need to change Steam password urgently despite reports of data breach

Weiser Memorial Hospital Data Breach Affects 34,200 Patients

Xanthorox - New BlackHat AI Tool Used to Launch Phishing & Malware Attacks

14th May

3 Million Student-Athletes, College Coaches’ Records Exposed

5.7 Million files with resumes exposed after hiring platform forgot the password

88% of Executives Had Home Floor Plans Available Online

Steam Data Leaked: 89 million Steam account details may be stolen as hackers list them for sale, report claims

89 million Steam account details reportedly affected by massive data breach

89 million Steam accounts could be at risk after a third-party data breach. Here's how to protect your account

‘Admin’ and ‘123456’ Still Among Most Used Passwords in FTP Attacks

AI leads to a new phishing threat every 42 seconds

Alabama probes data breach in state systems

Alabama state government says cyber incident’s effects are limited, but response continues

Android 16 brings massive security improvements to fight scams, fraud, and spyware

Apple to Pay $95 Million in Siri Snooping Lawsuit – Here’s How to Apply

Australian Human Rights Commission leaks docs to search engines

Australian Human Rights Commission suffers data breach to complaints form

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

British retailer M&S reportedly set to claim £100 million from insurers after cyberattack

China Census Database Allegedly Leaked with 92 Million Records

'China-based' hack targets UK companies in 'critical national security threat', says analyst

Co-op: All forms of payment now working after cyber attack

Co-op: stock availability improving after cyber-attack disrupts supply chain

Co-op begins recovery after cyber-attack disrupts systems and services

Co-op Group Resilient After Cyber Attack: Systems Restored

Co-op customers to see big change this weekend following major cyber attack

Co-op cyber-attack: stock availability in stores ‘will not improve until weekend’

Co-op in ‘recovery phase’ after cyber attack

Co-op issues statement about stock levels after cyber attack

Co-op issues stock update to customers after cyber attack

Co-op issues update after cyber attack as retailer re-stocks empty shelves

Co-op promises fuller shelves this weekend following 'malicious' cyber attack

Co-op says food availability starting to improve after cyber-attack

Co-op says shelves to be more fully stocked this weekend

Co-op says stock availability to improve following cyber-attack

Co-op shelves to be restocked following cyber attack, M&S hackers may have ‘partial credit card’ details

Co-op stock levels on track for recovery following cyber attack

Co-op to keep shelves stacked after cyber attack

Co-op updates on recovery after cyber attack forced empty shelves

Columbus crime report portal remains offline following hack

CPU Under Siege: Ransomware Proof-of-Concept Bypasses All Software Defenses

CPU-level ransomware is possible, and it’s terrifying

CTM360 Identifies Surge in Phishing Attacks Targeting Meta Business Users

Cyber Threat Surge Pressures Australian Businesses to Rethink Security Strategies

Cybercriminals Harness AI to Launch Sophisticated Attacks on Individuals and Organizations

Cybersecurity expert urges customers to ‘keep a close eye’ after M&S reveals customer data stolen in cyber attack

Cybersecurity incident forces largest US steelmaker to take some operations offline

Data breach dismissed by Twilio after alleged Steam records leak

Data breach victimization prevalent amid higher cyber spending

Dior confirms customer data breach in China, urges vigilance

Dior Data Breach Exposes the Rising Stakes of Digital Trust

Dior faces scrutiny, fine in Korea for insufficient data breach reporting

Dior Fails to Report Customer Data Breach to South Korean Cybersecurity Authority

Dior hit by customer data breach in China amid hacking wave

Dior leaks customer data in cyber attack

Dior Notifies Chinese Consumers of Data Breach

Earth Ammit Breached Drone Supply Chains via ERP in VENOM, TIDRONE Campaigns

EU launches own vulnerability database in wake of CVE funding issues

European Police Bust €3m Investment Fraud Ring

European Vulnerability Database goes live, but who benefits?

European Vulnerability Database is Live: What This ‘Essential Tool’ Offers Security Experts

Everyone with a Gmail account placed on red alert and warned to 'remain vigilant'

Everything you need to do after M&S cyber attackers steal personal data – protect yourself in four steps

Fashion giant Dior discloses cyberattack, warns of data breach

Federal, state email notification system leveraged for phishing

Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems

French fashion giant Dior admits data breach days after M&S ransomware nightmare: Here’s what we know

From Entry to Escalation: Rethinking Account Takeover Mitigation Strategies

Google says hackers behind UK retail cyber campaign now also targeting US

Google settles for $1.4 billion over Texas privacy lawsuits

Hacker Behind SEC’s X Account Caught and Sentenced to 2 Years in Prison

Hackers Abusing GovDelivery For TxTag ‘Toll Charges’ Phishing Attack

Hackers behind UK retail attacks now targeting US companies

Hackers Can Take Control via SAP NetWeaver Flaw: SAP Security Analyst Discusses the Risks

Healthcare Cyberattacks in 2024 Exposed 276 Million Patient Records

Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails

How businesses are fighting sophisticated cyber threats with AI

How can I protect myself from Marks and Spencer cyber attack?

Indiana: Security breach sends phishing scams to your inbox

Indiana warns of phishing scam via state emails

Insider risk management needs a human strategy

Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks

Job Seekers Targeted as Scammers Pose as Government Agencies on WhatsApp

Kosovo extradites BlackDB admin to face US cybercrime charges

LastPass can now monitor employees' rogue reliance on shadow SaaS - including AI tools

Learning How to Hack: Why Offensive Security Training Benefits Your Entire Security Team

LockBit Ransomware Suffers Its Own Data Breach, Internal Conversations With Victims Leaked

Los Rios Students Targeted by Email Phishing Campaign

Major update as supermarket relaunches IT systems after cyber attack

Marks & Spencer Seeks Major Payout After Cyber Attack Loss

Marks & Spencer to claim £100m in losses after Easter cyber attack hits sales

Marks & Spencer (M&S) Warns Customers of Scam Risk After Cyber Attack Exposes Personal Data

Marks & Spencer (M&S) warns shoppers they could be targeted by scammers after hackers stole customers' contact details, dates of birth and order histories in massive cyber attack

Marks and Spencer (M&S) customers warned as type of personal information stolen in cyber attack explained

Marks and Spencer cyber attack insurance claim could hit £100m

Marks and Spencer eyes £100m cyber payout after data breach

Marks and Spencer Group (M&S) cyber attack rattles investors but insurance may soften the blow

Marks and Spencer (M&S) to claim up to £100m from cyber insurance policy after major data breach

Marriott International one of 72 victims claimed by Silent Ransom Group in a single day

Microsoft Fixes Seven Zero-Days in May Patch Tuesday

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

Millions of Steam Accounts Are at Risk of Phishing Scam

Millions of Steam Accounts Reportedly Impacted by Data Breach

Nearly 90 million Steam accounts affected in apparent data breach

New 'Chihuahua’ Infostealer Targets Browser Data and Crypto Wallet Extensions

New Fortinet and Ivanti Zero Days Exploited in the Wild

No Ceasefire in the Cyberspace Between India and Pakistan

North Korean hackers step up phishing attacks on Ukraine government

North Korean Hackers Stole $88M by Posing as US Tech Workers

Nova Scotia Power provides update on data breach

Nova Scotia Power says customer banking details may have been stolen by hackers

Now's a good time to check in on your Steam account security

Nucor shuts down systems after cyber attack

One hacked email exposes several thousand California credit unions’ customers

Over 89 Million Steam Accounts Exposed in Massive Third-Party Data Breach

Over 89 Million Steam Accounts Said To Be Compromised In Data Breach

Personal information exposed by Australian Human Rights Commission data breach

PowerSchool Confirms Ongoing Cyber Extortion of Individual Schools Despite Ransom Payment

PowerSchool shows why ransom payments don’t work

Ransomware attacks drive majority of US health data breaches, analysis shows

Ransomware Attacks Increase 123% in 2 Years with 52 New Groups Emerging in 2024

Ransomware gangs join ongoing SAP NetWeaver attacks

Ransomware scum have put a target on the no man's land between IT and operations

Ransomware spreads faster, not smarter

Ransomware-as-a-Service (RaaS) Explained: How Cybercriminals Are Scaling Attacks Like Startups

Researchers Unveil New Mechanism to Track Compartmentalized Cyber Threats

Retail in the Crosshairs: The M&S Data Breach and the Rising Cost of Customer Trust

Robeson Health Care Corporation Agrees to $750K Data Breach Settlement

Russian military cadet reportedly arrested for selling hacking tool to FSB agent

Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit

SAP NetWeaver flaw exploited by ransomware groups BianLian, RansomEXX

Scattered Spider retail attacks spreading to US, says Google

Security training cuts phishing risk by 86% globally in a year

SMBs remain easy pickings for cybercriminals - here’s why

Southwest Airlines CISO on tackling cyber risks in the aviation industry

Steam data breach leads to potential release of 89 million records

Steam Data Breach Scare: Over 89 Million Accounts Potentially Exposed

Steam reportedly hit by massive data breach, you're urged to change 1 setting asap

Steam's 89M Password Leak Scare Refuted By Communications Firm

Steel giant Nucor Corporation facing disruptions after cyberattack

The Co-op: cyber attack news as hacked supermarket to restock stores and resume orders this weekend

The recent ransomware attacks on UK retailers all targeted gaps in identity

There’s a new phishing attack targeting Mac users

These hacker groups from Pakistan and Bangladesh tried to bring down Indian websites after Operation Sindoor

Threat Actors Leverage Weaponized HTML Files to Deliver Horabot Malware

UK: Shoppers still experiencing cyber-attack impact

UK’s Legal Aid Agency probes potential cyberattack amid rising threat landscape

Valve responds to alleged Steam "data breach" leak of 89 million account details - here's the full story

Valve responds to Steam leak rumors: ‘this was not a breach of Steam systems’

What should M&S customers do after criminals stole personal data in huge attack?

While India downed Pakistan drones & missiles, China-backed 6-nation hacker army launched cyberattack

World's first CPU-level ransomware can "bypass every freaking traditional technology we have out there" - new firmware-based attacks could usher in new era of unavoidable ransomware

You Can Now Claim a Payout From the 23andMe Data Breach

Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering

You may want to change your Steam password: data from over 89 million Steam users is reportedly on the dark web following a vendor breach

13th May

AI vs AI: How cybersecurity pros can use criminals’ tools against them

Alabama: Potential data breach hits state systems; investigation ongoing

Alabama says ‘cybersecurity event’ could disrupt state government services

Alleged Breach of Everest Bank Customer Database

Apple Device Users Can File Claims in $95 Million Siri Spying Settlement

Australia’s Data Breach Reporting Numbers Highest in Half a Decade

Banking update glitch allowed users to view each other’s accounts

Black Kite Releases 2025 Ransomware Report, Revealing 123% Increase in Ransomware Attacks Over Two Years

Breaking down silos in cybersecurity

British supermarkets almost empty for a week after cyber attack

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

Chinese-speaking hackers disrupt drone supply chains in Taiwan, researchers say

CISA Adds TeleMessage Vulnerability to Known Exploited Vulnerabilities (KEV) List Following Breach

Co-op was hit by hackers aligned with Kremlin’s agenda, researchers believe

Co-op working “around the clock” to resolve issues caused by cyber attack

Crypto-stealing malware now found on AI content generators

Curve Finance warns users of DNS hijack in second cyber attack this month

Customer data stolen in cyber attack, Marks and Spencer (M&S) confirms

Cyber attack disrupts Edinburgh school networks

Cyber attack hits GlobalX, disrupting internal network

Cyber-attack on the GlobalX Airline which was confined by Hackers

Cyber experts issue urgent advice to Marks & Spencer (M&S) customers after data breach

Defending infrastructure under siege

Dior confirms China data breach

Dior is latest big name to reveal data breach

DoppelPaymer ransomware suspect arrested

DPRK-Backed TA406 Targets Ukraine With Malware Campaigns

EU launches vulnerability database to tackle cybersecurity threats

EU Vulnerability Database Officially Launches Amid CVE Program Concerns

European Vulnerability Database Launches Amid US CVE Chaos

Europol busts up criminal organzation operating fake online trading platform

Everything we know about the M&S cyber attack that halted online orders

Forget software, researcher develops proof of concept ransomware that infects CPU

Fortinet fixes critical zero-day exploited in FortiVoice attacks

Google announces new security features for Android for protection against scam and theft

Hacker hype vs. real risks: Inside the true scale of India-Pakistan cyber clash

Hackers exploit SK Telecom incident, impersonate Korea Consumer Agency with phishing scams

Hackers get hacked: LockBit in cyberattack

Hong Kong Science and Technology Parks (HKSTP) Drug Safety Testing Center hit by ransomware attack

How did M&S and Co-op become victims of a cyber attack?

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

iClicker Website Hacked with Fake CAPTCHA in ClickFix Attack

Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)

Ivanti fixes EPMM zero-days chained in code execution attacks

Ivanti warns of critical Neurons for ITSM auth bypass flaw

JPGs: New Ransomware Trick Bypasses Antivirus Detection

Leaked LockBit chats reveal how professional ransomware group operates

LPL Financial Drops Data-Breach Defamation Suit Against Ameriprise

Malicious PyPI Package Posing as Solana Tool Stole Source Code in 761 Downloads

Marks & Spencer (M&S): FTSE 100 shares rise after major cyber attack update

Marks & Spencer (M&S) admits customer data was stolen by hackers in cyber attack

Marks & Spencer (M&S) admits customer data was stolen in cyber attack

Marks & Spencer Claims Customer Data Taken In Cyberattack

Marks & Spencer confirms consumer data stolen in cyber attack

Marks & Spencer (M&S) Confirms Customer Data Breach After Cyber-attack

Marks & Spencer confirms customer data stolen in cyber attack

Marks & Spencer (M&S) Confirms Customer Data Stolen in Cyber-Attack

Marks & Spencer confirms customer data stolen in cyberattack

Marks & Spencer confirms customers’ personal data was stolen in hack

Marks & Spencer (M&S) confirms customers' personal information was stolen during cyber attack

Marks & Spencer confirms some personal customer data was compromised in cyber-attack

Marks & Spencer (M&S) customer data stolen amid ongoing cyber attack

Marks & Spencer (M&S) customers' data was stolen in cyber attack

Marks & Spencer (M&S) cyber attack: Personal customer data stolen by hackers

Marks & Spencer (M&S) cyber attack: What data has been stolen? How long will the attack last?

Marks & Spencer issue major update in wake of cyber attack that has crippled high street giant

Marks & Spencer issues warning to customers after cyber attack

Marks & Spencer reveals customer data taken by hackers after cyber attack

Marks & Spencer (M&S) reveals customers’ personal information was STOLEN in major cyber attack update

Marks & Spencer (M&S) reveals hackers accessed customer data, including names, addresses and phone numbers

Marks & Spencer (M&S) says customer data stolen in cyber attack

Marks & Spencer (M&S) says customers' personal data taken by hackers

Marks & Spencer Says Data Stolen in Ransomware Attack

Marks & Spencer (M&S) says some personal data was taken in cyber-attack

Marks and Spencer confirms customer data was stolen in Easter cyber attack

Marks and Spencer confirms data breach exposed sensitive customer information

Marks and Spencer (M&S) customer data was stolen in last month’s cyberattack — how to stay safe

Marks and Spencer Cyber Attack Exposes Customer Data

Marks and Spencer cyber attack saga takes another twist as retailer admits customer data stolen

Marks and Spencer (M&S) cyber attack update as bosses warn customer information was stolen

Marks and Spencer Group (M&S) reveals personal customer data stolen during cyber attack

Marks and Spencer (M&S) issue 'important update' to customers following cyber attack

Marks and Spencer (M&S) issues cyber attack update as it confirms customer data was stolen

Marks and Spencer (M&S) says customer data stolen in cyberattack, forces password resets

Marks and Spencer says customer data was stolen in cyber attack

Marks and Spencer says customers' information stolen in cyber attack

Marks and Spencer (M&S) urges all customers to make one change after cyber attack exposes data

Meet the 7 Pakistani Hacker Groups That Tried to Breach India - and Failed Miserably

Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws

Microsoft Patch Tuesday May 2025: 5 Zero Days, 8 High-Risk Vulnerabilities

Moldovan Police Arrest Key Suspect in €4.5 Million International Ransomware Case

Moldovan Police Arrest Suspect in €4.5M Ransomware Attack on Dutch Research Agency

Moldovan Police arrested a 45-year-old foreign man participating in ransomware attacks on Dutch companies

Netgain Technology Agrees to $1.9 Million Settlement to Resolve Data Breach Litigation

New Intel CPU flaws leak sensitive data from privileged memory

New VMware Tools Vulnerability Allows Attackers to Tamper with Virtual Machines, Broadcom Issues Urgent Patch

Noodlophile Malware Distributed Through Bogus AI Video Generators: Who Are the Targets?

North Korean cyber spies hack Ukraine to measure Russia’s war needs

North Korean hackers target Ukrainian government in new espionage campaign

North Korean hackers, Konni APT, are targeting Ukraine

North Korean Konni APT Targets Ukraine with Malware to track Russian Invasion Progress

North Korea ramps up cyberspying in Ukraine to assess war risk

Nova Scotia Power is still not giving details about the cyber attack against the company

Official Indiana .gov email addresses are phishing residents

Pakistani hackers attacked 1.5 million-plus Indian websites after Operation Sindoor: Failure rate, names of 7 Pakistani hacker groups; techniques used and more

Patch Tuesday: Microsoft fixes 5 actively exploited zero-days

Personal data stolen in Marks & Spencer cyber-attack

PrepHero-Linked Database Exposed Data of 3 Million Students and Coaches

RansomHub tops Group-IB’s 2025 list of most prolific cybercriminal groups

Ransomware attack costs $2M for Lee Enterprises

Ransomware surge sees hackers demand up to USD $8.6 million

Ransomware Wreaks Havoc on Businesses Struggling to Bolster Digital Security Measures

Roblox Lawsuit Claims Hidden Tracking Used to Monetize Kids Data

SAP patches second zero-day flaw exploited in recent attacks

Seven things we learned from WhatsApp vs. NSO Group spyware lawsuit

SIM Swap Hacker Faces 2-Year Sentence for SEC X Account Hack

South Korean researchers uncover another cyber-espionage campaign from the North

Suspect arrested with links to €4.5M DoppelPaymer ransomware attacks

Suspected Dutch research agency attacker busted in Moldova

Texas County Continues Recovery From Library Cyber Attack

The Clock Is Ticking: Why Phishing Remains The Fastest-Moving Cyber Threat in 2025

The Co-op, M&S, Harrods...You? Mitigating the Risk of Ransomware

Theft of Novia Scotia Power customer data is likely ransomware attack

Turkey-Aligned Hackers Targeted Iraq-Based Kurds with Zero-Day Exploit

Turkish Cyber Espionage Campaign Leverages Zero-Day in Output Messenger

Türkiye Hackers Exploited Output Messenger Zero-Day to Drop Golang Backdoors on Kurdish Servers

Twilio denies breach following leak of alleged Steam 2FA codes

Tycoon 2FA phishing kit update timeline reveals new evasion techniques

UK Considers New Enterprise IoT Security Law

UK's Marks and Spencer (M&S) says customer data was taken in cyberattack

Urgent advice for Marks and Spencer customers following cyber attack

US extradites Kosovo national charged in operating illegal online marketplace

VMware Tools vulnerability enables hackers to tamper with virtual machines

Was my data stolen in Marks and Spencer (M&S) cyber attack and when will it be back online?

What Every Business Needs To Know About Multi-Factor Authentication

What we know as Marks & Spencer (M&S) hackers steal customer data

Why conventional disaster recovery won’t save you from ransomware

Why do we still fall for phishing?

Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)

Zoom Fixes High-Risk Flaw in Latest Update

12th May - International Anti-Ransomware Day

10 Years of Ransomware-as-a-Service (RaaS) and the Making of a Billion-Dollar Business

23 Million New Credentials Leaked Online - What You Need To Know

161,359 Americans Warned Data Breach May Have Exposed Names, Social Security Numbers, Financial Records and More

A hacker is demanding money to keep your kids’ data safe. It won’t work

Abergavenny and Chepstow affected in job centre data breach last year

AI is giving phishing attacks an edge – here’s how to fight back

AI is Supercharging a Ransomware Boom

Airline carrying out deportation flights confirms cyberattack to Securities and Exchange Commission (SEC)

Allegedly Stolen Data from Brazilian Nuclear Company Nuclep Offered for Sale

Andy Frain Services breach exposes data of over 100,000 people

Anonymous Hackers Steal Flight Data from US Deportation Airline GlobalX

Ascension data breach affects over 435,000 people

Ascension data breach exposes information of over 430,000 patients

ASUS DriverHub flaw let malicious sites run commands with admin rights

ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files

Avoiding double ransomware extortion and the price of one

Breaking Down Ransomware Encryption: Key Strategies, Algorithms and Implementation Trends

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors

Council 'cannot say' when system will be fully back after cyberattack

CPU microcode hack could infect processors with ransomware directly

Criminal Proxy Network Infects Thousands of IoT Devices

Crypto wallet maker Ledger regains control of Discord after phishing attack

CVE-2024-26809: Critical nftables Vulnerability in Linux Kernel Could Lead to Root Access

Cyber attack: People 'turning up at farms' as Machynlleth Co-op shelves remain bare

Cyber attack disrupts South African Airways operations

Cyber resilience urged as ransomware costs hit AUD $3 billion

Cyber Security and Resilience Bill: going beyond compliance

Cyber Threat Escalates: PowerSchool Cybercriminal Returns to Extort Individual Schools Months After Massive Data Breach Purportedly Resolved

Cyber threat trends: a CISO guide to emerging risks

Cybercriminals Hide Undetectable Ransomware Inside JPG Images

Cybersecurity’s Early Warning System: How Live Network Traffic Analysis Detects The ‘Shock Wave’ Before the Breach ‘Tsunami’

'Dance of the Hillary': Intelligence agencies warn of massive cyber attack through social media

Data Exfiltration is the New Ransomware in Evolving Cyber Landscape

DaVita sued after data breach allegedly exposed 20TB of dialysis patient info

DBS Bank Introduces Mobile Wallet Toggle to Help Prevent Phishing-Linked Fraud

DBS Bank Introduces New “Mobile Wallets” Security Feature to Further Protect Customers From Phishing Frauds

Despite drop in cyber claims, Business Email Compromise (BEC) keeps going strong

DOGE Big Balls ransomware returns with updated payloads

EU Launches Free Entry-Level Cyber Training Program

Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures

FakeUpdates, Remcos, AgentTesla Top Malware Charts in Stealth Attack Surge

FBI, Amsterdam police dismantle global cybercrime ring using hacked routers

Fears 'hackers still in the system' leave Co-op shelves running empty across UK

Federal Trade Commission (FTC) delays easy click-to-cancel, hints the rule may be weakened

Firewall Rule Bloat: The Problem and How AI can Solve it

Five new reasons not to pay ransoms

FreeDrain Phishing Scam Drains Crypto Hobbyists' Wallets

German Police Shutter “eXch” Money Laundering Service

Google hit with landmark $1.375 billion privacy settlement in Texas

Google to pay $1.375 billion to settle Texas data privacy violations

Google to pay Texas nearly $1.4 billion over alleged data privacy violations

Growing use of AI increases cyber security threat to critical infrastructure

Hacker on international wanted list detained in Moldova

Hackers Arrested for Ransomware Attacks on Dutch Firms, Causing €4.5 Million in Damages

Hackers Leverage JPG Images to Execute Fully Undetectable Ransomware

Hackers now testing ClickFix attacks against Linux targets

Hackers Target Ledger’s Discord Server with Phishing Attack that Extracts User’s Seed Phrases

Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat

“Hello pervert” sextortion scam: how not to react

Henry County finds phishing scam behind sheriff’s missing pay

How ransomware became big business

iHeartMedia faces class action lawsuit over delayed notification in December 2024 data breach

India: Beware of phishing scams, fake news and malicious links

Insight Partners breach exposes staff and partner data

International Anti-Ransomware Day 2025: Cyber leaders call for resilience against rising ransomware threats

Japanese Account Hijackers Make $2 Billion+ of Illegal Trades

Kimsuky Hacker Group Employs New Phishing Tactics & Malware Infections

KnowBe4 Predicts Agentic AI Ransomware Is Imminent on International Anti-Ransomware Day

Law enforcement takes down proxy botnets used by criminals

Ledger Recovers Discord Server After Phishing Scam Hits Moderator

Ledger secures Discord after hacker bot tried to steal seed phrases

Ledger Shuts Down Discord Server After Phishing Bot Targets Crypto Users

Lee Enterprises spent $2M for ransomware recovery

LockBit Ransomware Group Got Hacked

LockBit ransomware hacked, data on affiliates leaked

Major Retail Chains Suffer Data Breaches Amid Rising Cyber Threats to Consumer Trust

Majority of Browser Extensions Pose Critical Security Risk, A New Report Reveals

Marks & Spencer (M&S) and Co-op: What we know weeks after cyber attacks

Massive Alleged Steam Data Breach Results in Over 89 Million Records for Sale

Memphis-Shelby County Schools (MSCS) files suit against software company after data breach leaked info to hackers

Memphis-Shelby County Schools (MSCS) sues over PowerSchool hack, says 500,000 students had personal information accessed

Memphis-Shelby County Schools (MSCS) sues PowerSchool for data breach, court docs show

Microsoft spots zero-day use in spy campaign against Kurdish military in Iraq

Mobile Threat Management in 2025: What Enterprise Security Teams Miss

Moldova arrests suspect in ransomware attacks targeting Dutch firms

Moldova arrests suspect linked to DoppelPaymer ransomware attacks

More Organizations Are Using Software-Based Pentesting

New Phishing Attack Abusing Blob URLs to Bypass Secure Email Gateways (SEGs) and Evade Analysis

New SEO Poisoning Campaign Targeting IT Admins With Malware

Nitrogen Ransomware Exploits Antirootkit Driver File to Disable AV & EDR Tools

Nonprofits: 11 Crucial Steps To Take After A Data Breach Or Cyberattack

Output Messenger flaw exploited as zero-day in espionage attacks

Phishing Campaign Uses Blob URLs to Bypass Email Security and Avoid Detection

PowerSchool Attackers Extorting Teachers, Security Leaders Respond

Proof-of-Concept (PoC) of CPU-level ransomware attack raises alarm

Ransomware Can Attack Your CPU, Not Just Your OS: How to Be Prepared

Ransomware can now run directly on the CPU, researcher warns

Ransomware groups continue to cause havoc, despite disruptions

Rocky View Schools issues updated advisory with regard to PowerSchool data breach

Rounding Up the DNS Traces of RA World Ransomware

Russia’s aviation personnel's health data leaked en masse

Russian hacker claims UK has 'no idea' how to launch cyber attack on Putin's country

Scotland: Criminal investigation launched into cyber attack on schools

Scotland: Students attended school on weekend after centres hit by phishing attack

Sheffield: Co-op shoppers met with empty shelves due to devastating cyber-attack

SK Telecom (SKT) uncertain about financial impact of data breach

South Korea: Data breach triggers shift to eSIMs, boosting device innovation

Tennessee Attorney General’s Consumer Protection Division warns Tennesseans of phishing toll scams

Texas Attorney General Paxton Takes on Google - and Wins $1.375 Billion in Privacy Case

The Evolution of AI in Phishing Attacks

The Persistence Problem: Why Exposed Credentials Remain Unfixed - and How to Change That

This Microsoft 365 phishing campaign can bypass MFA - here's what we know

Thousands of Edinburgh Pupils Attend School on Saturday After Phishing Attack

Thousands of Node developers compromised by malware in popular npm packages

Threat actors target Brazil execs in phishing campaign

Türkiye-linked Hackers Exploit Output Messenger Zero-Day in Targeted Espionage Campaign

UEFI Ransomware Is So Last Year, Now It’s CPU Ransomware We Need To Worry About

UN Introduces New Cyber-attack Assessment Framework

UNC3944 (Scattered Spider) slows down but remains a threat

Unending ransomware attacks are a symptom, not the sickness

Upgraded crypto wallet drainer Inferno stole $9m in six months

US prosecutors recommend 2 years for Securities and Exchange Commission (SEC) hacker

Why security teams cannot rely solely on AI guardrails

You think ransomware is bad now? Wait until it infects CPUs

Your old router could be a security threat - here's why and what to do

Your password manager is under attack: How to defend yourself against a new threat

Zero Trust in the Age of Digital Transformation: The New Cybersecurity Paradigm