Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Tuesday, 2 June 2026

Data-Leaking Ransomware Report - May 2026

Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st May and 31st May 2026.


DBD discovered and researched 722 Global Ransomware Victims over 82 Countries and Islands, including 312 US Ransomware Victims over 43 States and Districts, claimed by 60 Data-Leaking Ransomware Operators in May 2026.

DBD also discovered and researched 7 New Active Ransomware Operators called 0DAY, Bavacai, CMD Organization, Icarus, SPY CORPORATE, TITAN and Triple X in May 2026.

Download PDF



Data Source: Data Breaches Digest.

Posted by at
Labels: , ,

Monday, 1 June 2026

Data Breaches Digest - Week 23 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 1st June and 7th June 2026.


3rd June

Acer working to patch max severity zero-days in Wave 7 routers

AI-Powered Cybercrime Tools Surge on Dark Web

Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft

Anxious Security Pros Watch as Anthropic, OpenAI Expand Access to Frontier AI Models

Autonomous AI-driven worm can reason its way through corporate networks

Belgium: Antwerp court rules banks must immediately reimburse phishing victims

Black Kite’s 2026 State of Financial Services Report Reveals Ransomware Surge and Vulnerability Deluge Driving Two-Front Cyber Threat

Carnival Data Breach Travel Alert: Nearly Six Million Cruise Travelers Impacted as Experts Urge Immediate Steps to Protect Personal Information

City of York Council investigation - blue badge data breach

Data Breach Hits Over One Hundred Dutch Hotels

Dozens of Dutch hotels affected by data breach

Emmys data leak: update exposes access to award submissions

Google adds Android protection against AI deepfake scam calls

'Groundbreaking' ruling: Banks in Belgium must immediately reimburse phishing victims

Hacker claims breach of the Australian Centre for the Moving Image, PII allegedly compromised

How to prevent ransomware

IMA Diligence Services Data Breach Impacts 525,000 People

India: Has JEE Advanced 2026 Data Leaked? Hacker Flags Data Of 179,600 result records, 187,300 admit cards Online; IIT Roorkee Reacts Quick To Save Image

Infostealers are becoming the go-to phishing payload

JEE Advanced 2026: Over 1.79 lakh candidates records exposed in IIT Roorkee data breach

Kelp DAO Hacker Launders Nearly All Stolen $220 Million

Known vulnerabilities behind most application security incidents

Korea's big five banks freeze 150,000 scam-linked accounts as fraud shifts

Malware campaign targeting Minecraft users infects over 116,000 systems

Mass data breach on over 100 Dutch hotels hits guests

New Android feature promises to spot deepfake scam calls

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

New Identity Battleground: Attackers Don’t Need to Break MFA, they Just Need a Help Desk

No more calls from fake mom: Google releases Android fake call detection feature

One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens

Only 11% of production agents pass the AI agent security bar

Patch Responsibility Remains Up for Grabs as AI Unearths Decades of Flaws

RAlord Affiliate Banned for Breaking CIS Ransomware Rule, Infecting Eriell Group

Ransomware Attacks Surge 30% in 2026 as Qilin and INC Ransom Intensify Operations

Subpostmaster federation hit by ransomware attack

TVING confirms data breach in South Korea, apologizes and boosts security

TVING Data Breach Exposes Millions To Risk

TVING Reports Data Breach Affecting User Information

TVING Suffers Data Breach, Member Personal Information Leaked

Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes

VS Code zero-day lets hackers steal GitHub tokens in one click

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

WeedHack Malware Infects 116,000+ Minecraft Systems via Fake Mods

Why cyber criminals favour phishing and how to better predict, prioritise and prevent attacks

2nd June

5 Signs AI Phishing Has Compromised Your Web3 Social Media Account

64,000 accounts exposed in breach of Grand Theft Auto V (GTA V) cheat service Atlas Menu

Accounting firm Kennedy McLaughlin confirms ‘cyber incident’ following Qilin ransomware attack

AI-built ransomware toolkit automates EDR evasion, Active Directory (AD) discovery

Android 0-Day Vulnerability Exploited for Full Device Control

Another Gen Z hacker now claims data security flaw on National Testing Agency (NTA) re-exam portal

Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets

Australian jewellery retailer confirms cyber attack

Australian workplace catering firm Hampr suffers alleged 360k record data breach

Australias amongst millions affected in Carnival Cruise Line data breach by cyber criminals

AZUREVEIL Adaptix C2 Agent Delivered via Targeted Spearphishing Attacks

Booking.com data breach scare hits Japanese travellers as scammers target hotel bookings

Business Leaders Lack Understanding of Threat Intelligence, Study Warns

California Suing Former 23andMe Firm for 2023 Data Breach

Carnival Corporation data breach: What affected customers need to know

Carnival Corporation Data Breach Compromises Six Million Customer Records

Carnival Corporation Data Breach Exposed Just Under 6 Million Records

Carnival Cruise Data Breach Becomes Wake-Up Call for International Travelers Amid Rising Cybersecurity Threats in Tourism

Carnival Cruise Data Breach Exposes Nearly 6 Million People in Cyber Attack Linked to ShinyHunters

Carnival Cruises Line faces data breach exposing cruise passengers passport details

Carnival Data Breach Exposes Millions Of Customer Records

Carnival data breach exposes personal information of nearly 6 million cruise passengers

Carnival Data Breach Potentially Impacts 6 Million Cruisers

CISA Flags Palo Alto PAN-OS Flaw as Actively Exploited

CISA flags two-year-old Oracle flaw as actively exploited in attacks

Critical Kirki flaw exploited to hijack WordPress admin accounts

Critical KMW CCTV Flaw Enables Unauthorized Camera Access

Critical StrongDM Vulnerability Enables Authentication Theft

Cyber attack targeted nearly 33k patients at Bedfordshire Hospitals Trust

Dashlane Discloses Brute-Force Attack Bypassing 2FA Protocols

Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded

Data Breach at Internet Service Provider Exposes Records

Data Breach Hits Grand Theft Auto V (GTA V) Cheat Tool Atlas Menu, Leaking 64,000 User Account Info

Data of 600,000 Gaza households exposed in World Food Programme (WFP) cyber-attack

'Dumbass' criminal breaks the 'first rule of ransomware club'

Dutch hotels hit by data breach exposing customer information

Dutch watchdog files complaint over Flo collecting and selling intimate data

Fake ChatGPT Desktop App Ads Used to Push Password-Stealing Malware

Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Tickets, AI Phishing, Network Threats Target FIFA World Cup

Family Medicine Centers Pays $2.15 Million to Resolve Data Breach Lawsuit

FBI Warning: World Cup Scammers Are Spoofing FIFA Tickets, Job Sites

FBI Warns Microsoft 365 Users About Dangerous Phishing Tool

FBI-Flagged Phishing Kit Kali365 Expands Its Reach

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

German police may be using advertising data unlawfully obtained from brokers

Google fixes actively exploited Android vulnerability (CVE-2025-48595)

Google fixes one actively exploited Android zero-day, 124 flaws

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google Patches Android Zero-Day Vulnerability in June 2026 Security Update

Grand Theft Auto 5 (GTA 5) Cheat Service Atlas Menu Hit by Major Data Breach Affecting Thousands of Users

Grand Theft Auto (GTA) Online Cheat Provider Hit By Widespread Data Breach

Grand Theft Auto V (GTA V) cheat service Atlas Menu hacked, exposing 64,000 accounts

Grand Theft Auto V (GTA V) cheat service Atlas Menu hacked, exposing nearly 64,000 user accounts

Grand Theft Auto V (GTA V) Cheating Platform Atlas Menu Suffers Major Data Breach

Hackers Abuse Meta AI Bot to Hijack Instagram Accounts

Hackers Abused Meta’s AI Support Bot to Hijack Major Instagram Accounts

Hackers trick Meta AI into handing over Instagram accounts - including Barack Obama’s

Hackers trick Meta AI into stealing Instagram accounts

Hackers Tricked Instagram’s AI Chatbot to Hijack Accounts

Healthcare consulting company Phia Group says 2024 data breach impacted over 120,000 people

How to Recover Financial Losses After a Corporate Data Breach in 2026

IKEA targeted by teenage hackers who hit Microsoft and Uber

India: Central Board of Secondary Education (CBSE) re-evaluation portal faces DoS cyber attack; records 1.5 million hits in two minutes

Instagram Patches Meta AI Support Assistant Hijacking Vulnerability

Instagram users locked out after Meta AI abused to steal accounts

Kaspersky Warns of Evolving QR Code Phishing Attacks

La Perouse reports data breach incident

Malicious Packages Target Cloud Keys, Wallets, and SSH Credentials

Mariner Reports Data Breach Affecting Nearly 9,000

Mariner Reports Data Breach After Hack

Mariner Wealth Advisors Data Breach Affects Nearly 9,000 Customers

Meta AI Support Flaw Lets Hacker Hijack Instagram Accounts

Miasma Malware Targets Red Hat npm Packages in New Supply Chain Attack

Microsoft backs down after zero-day dispute, says it won’t sue security researchers

Microsoft Entra pushes passkeys, tightens identity security

Mobile Phishing surpasses Email Cyber Threat

National Identity Management Commission (NIMC) Warns Nigerians Against Fake ‘Free NIN Correction Portal’ Phishing Scam

Nearly 33,000 Bedfordshire hospital patients affected by cyber attack in 2024

New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions

Oracle WebLogic CVE-2024-21182 Added to Known Exploited Vulnerabilities (KEV) Catalog After Active Exploitation

Orange Liberia Fined Over Unauthorized SIM Swap and Customer Data Breach

Over 30 Red Hat npm Packages Compromised by Shai-Hulud Malware Variant

Over 5,000 malicious domains targeting 2026 US Midterm elections spotted going live – and they could be used for fraud, phishing, or worse

Over 116,000 Minecraft systems infected in WeedHack malware campaign

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

Passwords and locations at risk in alleged Grindr data leak

Password manager Dashlane says hackers stole some customers’ password vaults

Plaza Home Mortgage discloses data breach affecting customers and employees

Ransomware activity peaks on Weekdays and reaches its highest levels in October

Ransomware attack on City of Sandstone compromised residents' personal data

Ransomware group profits are rising faster than FTSE 350 firms

Ransomware groups grow revenue by almost 40% in Q1 2026

Red Hat npm packages compromised in new Mini Shai-Hulud malware wave

Red Hat removes tainted packages after software pipeline compromise

Russia claims foreign spy agencies hacked officials' phones

Russian military hacker who targeted Pittsburgh-area nuclear firm evades FBI for 8 years

Russian spy campaigns are increasingly targeting Western technological know-how, Europe warns

Sensitive government personnel data posted online, Spanish police arrest suspect

Signal Backup Phishing Attacks Hit Users in 2026

Singapore: Personal Data Protection Commission (PDPC) investigating potential data breach involving PCF Sparkletots pupil information

SolyxImmortal Python Malware Steals Browser Passwords and Cookies

Sophos uncovers AI-powered malware lab built for EDR evasion

Spain arrests suspected hacker for publishing personal data of police, prosecutors and cyber officials

Spain Police Arrests Suspect in Massive Doxing Campaign Against State Officials

Strategic Education Data Breach Exposes Student SSNs and More

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

This AI model backdoor attack stays hidden until you customize the model

Threat Actor Uses AI to Build EDR Evasion Tools

Threat Actors Target Critical Windows Netlogon Flaw CVE-2026-41089

TP-Link Router Vulnerability Enables Arbitrary Command Execution

UK Firms Prioritize AI Threat Preparedness as Cyber Risks Evolve

United States Carnival Corporation Data Breach Raises Alarms About Travel Data Security and Passenger Privacy Across North America and International Cruise Markets

ViaQuest Data Breach Compromises PII and PHI Belonging to Thousands

When Your Phone is Subscribed Without Consent, the Attack Has Already Worked

Your car is following you - how to reclaim your data privacy on the open road

1st June

32 Million Bumble users’ data leaked online, hackers claim

145 AI laws passed in 2025 and privacy teams aren’t catching a break

Afghan finance officials targeted by suspected Pakistani cyberespionage campaign

AI SOCs Will Still Need SOC Analysts, Security Vendors Say

Another South African organisation denies a major data breach

Atlas Menu Data Breach Exposes Approximately 64,000 User Accounts

Attackers Abuse Shared Content for ChatGPT Phishing Campaign

Brute-force attack triggers Dashlane account lockouts

California Attorney General files lawsuit against 23andMe for data breach

California Attorney General Sues Over 23andMe Data Breach

California sues 23andMe over 2023 data breach

Carnival Corporation's data breach exposed personal data of nearly 6 million customers

Carnival Cruise Data Breach Puts Millions Of Travellers’ Personal Information At Risk: What You Need To Know

Carnival customer information, including passport details, impacted by data breach, cruise line says

Carnival data breach affects nearly 6 million people

Carnival data breach exposes info of nearly 6 Million cruise travelers

Carnival data breach hits nearly 6 million customers

Carnival warns nearly 6 million people of potential data breach

ChatGPhish Technique Shows How Browser Prompt Injection Can Manipulate ChatGPT Summaries

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

Chrome now protects you from hackers who steal browser cookies - how it works

Critical Flowise Flaw Gives Attackers Full Server Control

Critical Magento Cache Plugin Flaw Enables Remote Code Execution

Critical Windows Netlogon RCE flaw now exploited in attacks

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

Cruise giant says six million customers’ personal information was exposed in breach

Crypto Exploit Losses Reach $68 Million In May Despite Limited Phishing Damage

Cybercriminals Leverage GHOSTYNETWORKS and OMEGATECH for JS Malware Hosting

Dashlane password manager users locked out by brute force attacks

Dashlane suspends multiple accounts after ‘brute force’ cyber attack

Data Breach Affects Thousands of Melbourne Film Festival Customers

Data discovery gaps that catch enterprises off guard

Deepfake CEOs, fake suppliers, AI phishing: Scams United Arab Emirates (UAE) businesses need to watch out for

Dutch police arrests 35-year-old for hacking into Ajax' computer systems

Election interlopers register 5K+ domains, hope to catch some voting phish

EU organizations buckle under rising compliance pressure

Fake McAfee emails refuse to die as new round of phishing emails targets consumers

FBI Warns Microsoft Users as Kali365 Attack Spreads Across Outlook and Teams

Federal Trade Commission (FTC) Warns About Digital Invite Phishing Scam

Film festival hack leaves thousands fearing identity theft

FSB Group Gamaredon Hides Worm in Windows Data Streams

Gamaredon APT Hides Malware in Windows Features, Uses Cloud C2

German tax authority may train AI on citizens’ unaltered data

Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking

Grand Theft Auto 6 (GTA 6) Hype Fuels Surge in Phishing Scams and Malware Campaigns

Grand Theft Auto V cheat service gets hacked, exposing thousands of gamers

Grand Theft Auto V cheaters caught in a massive data breach

Hacker arrested in Granada after leaking personal data of state officials

Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)

Hackers Attacking Signal Users to Steal Backups in New Wave of Attacks

Hackers breach Obama White House Instagram years after it went silent

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

Hackers hijacked Instagram accounts by tricking Meta AI support chatbot into granting access

Hackers Target Signal Users in Phishing Campaign to Steal Backup Recovery Keys

Hackers Target Signal Users to Steal Backups in New Attack Wave

Hackers trick Meta AI support bot to infiltrate Obama White House Instagram account

How NIST fumbled management of the National Vulnerability Database

India: Bombay High Court Blocks Ransomware Group ‘Morpheus’ After Massive 680 GB HDFC Asset Management Company (AMC) Data Theft

India: Central Board of Secondary Education (CBSE) admits security flaws after teen hacker exposes class 12 data risk

India: Central Board of Secondary Education (CBSE) Admits Vulnerabilities in Evaluation System After Teen Hacker's Findings

India: Central Board of Secondary Education (CBSE) admits vulnerabilities in OnMark portal amid answer sheet mismatch allegations; Congress calls it a massive data breach

India: Central Board of Secondary Education (CBSE) data security under scanner after hacker claims access to answer sheets

India: Central Board of Secondary Education (CBSE) Engages IIT Experts After Admitting OSM Security Vulnerabilities

India: Delhi High Court Says Banks Not Automatically Liable When Customers Click Phishing Links

Inspector general finds NIST mistakes have made vulnerability database ineffective

Instagram Meta AI Flaw Allegedly Enables Account Password Resets

Iran-Linked Hackers Wipe IT Systems and Backups in Middle East Cyberattack

Lakeview Health Systems reaches proposed settlement in data breach class action

Logistics giant suffers massive 840-million-record data breach

Luxembourg holidaymakers falling victim to phishing scams

Massive 17-Million Device Botnet in the Netherlands Dismantled in a Police and NCSC Joint Operation

Medical Billing Company Data Breach Affects 7 Medical Groups

Melbourne International Film Festival customers' data leaked via Ferve platform

Meta tries to get ahead of scammers before the World Cup begins

Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

Microsoft says it will not pursue security researchers after zero-day backlash

More than 800,000 Texans possibly affected by Carnival cruise data breach

Nearly 6 million individuals affected in Carnival Cruise Line data breach

Nearly 60 Lakh Passenger Records Exposed in Carnival’s Massive Data Breach

New ChatGPhish Technique Uses Prompt Injection to Manipulate ChatGPT Responses

New DriveSurge Campaign Delivers Malware Through ClickFix Lures

North Carolina man jailed for selling US senior citizens’ data to Jamaican scammers

North Korean hackers target macOS users with advanced malware campaign

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Palo Alto Warns High-Severity Bug Is Being Actively Exploited

Phishing Flub At Miami Cruise Giant Exposes Nearly 6 Million Customers

Phishing Scams: How to Spot and Avoid Them

Plaza Home Mortgage discloses data breach affecting customers, employees

Ransomware leak posts show weekday peak, October spikes

Ransomware Operators Keep Business Hours. The Data Proves It

Ransomware used to have rules. AI just blew them up

Red Hat npm packages compromised to steal developer credentials

Rich Products discloses data breach linked to cyberattack on vendor First Advantage

Russian hacker used AI to run fraud scheme on MAGA Telegram channel

Spain arrests doxer leaking sensitive data of government employees

Station Casinos confirms March data breach, notification of people impacted

Station Casinos Hacked, History Indicates Ransom Paid

Stealer Malware Surges as AsyncRAT, DCRat Lead Weekly Uploads

The biggest cybersecurity threats businesses are facing this year

The First World Cup in the Agentic Era

The Gentlemen ransomware combines advanced encryption with self-propagation, targeting critical sectors

Threat Actors Abuse ChatGPT Chats to Host Fake Outage Page, Deliver Malware

Threat Actors Linked to Iran Leverage AppDomainManager to Evade Detection

Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years

US Troops in Active War Zones Tracked with Commercial Location Data

VSP Solutions responding to Stormous ransomware attack

WhatsApp: How to protect your account from hackers

Why Encrypted File Sharing Is Essential for Modern Businesses

Windows Netlogon 0-Click RCE Flaw Exploited in the Wild

WordPress malware campaign hides payloads in Steam profiles

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

Posted by at
Labels:

Tuesday, 26 May 2026

Ransomware Operator Claims - Week 21 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 18th May and 24th May 2026, kindly assisted by our partners.

DBD discovered and researched 152 Ransomware Victims over 38 Countries and Islands claimed by 31 Data-Leaking Ransomware Operators, including 3 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels: ,

Monday, 25 May 2026

Data Breaches Digest - Week 22 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th May and 31st May 2026.


31st May

2026 World Cup Faces Elevated Cyber Risk Across Multi-Nation Infrastructure

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

BinDawood Holding Reports Limited Data Breach Affecting Some BINDAWOOD.SA Customer Orders

California Sues 23andMe Over Massive Data Breach Affecting Millions

Carnival announces data breach where the information of nearly 6 million people may have been leaked

Carnival Corporation Data Breach Exposes Six Million Customer Records

Carnival Corporation Data Breach Exposes Six Million Travelers Information

Carnival Cruise Data Breach - Louisiana Passengers Affected

Carnival Cruise Line Data Breach Exposes the Information of 10 Million Travelers

Carnival data breach impacting nearly 6 million travelers announced

Carnival data breach may affect thousands of Texans, exposing passport and driver’s license information

Carnival data breach may impact more than 800K Texans. Here’s what experts say you should do now

Central Board of Secondary Education (CBSE) admits security breach: What led the board’s U-turn on OSM controversy, explained

Central Board of Secondary Education (CBSE) Answer Sheet Leak Row: Students Allege AWS Data Breach, Poor Scanning and Evaluation Errors

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

Estonian police could soon gain powers to demand your photos and videos

Ethical Hacker Who Exposed CBSE OSM System, Claims Early Warnings Were Ignored

France Hit by a Data-Breach Blitz: 90 Million Accounts Exposed in a Single Month

India: After Central Board of Secondary Education (CBSE) 'monitors' issues over OSM portal, hacker says 'my work is done'

India: After Hacker Flag, Central Board of Secondary Education (CBSE) Admits Security Lapse In Digital Exam Records

India: Central Board of Secondary Education (CBSE) Admits Flaws In OSM Portal After Hacker Flags Alleged Exposure

India: Central Board of Secondary Education (CBSE) Admits Portal Vulnerabilities After Ethical Hacker Flags Flaws

India: Central Board of Secondary Education (CBSE) Admits Security Flaws in Marking Portal After Teenage Hacker's Expose

India: Central Board of Secondary Education (CBSE) says 'monitoring portal' after hacker flags OSM flaws

India: Central Board of Secondary Education (CBSE) says OnMark vulnerabilities contained after teen hacker flags access to answer sheets, question papers

India: Central Board of Secondary Education (CBSE) U-turns, admits security gaps after online marking portal hacked twice

India: Congress flags massive data breach in CBSE answer sheets

India: Congress Highlights Massive Data Breach Involving CBSE Exam Papers

'Insanely insecure': Ethical hacker alleges CBSE answer sheets, question papers were publicly accessible

iPhone Users Targeted in Phishing Scam Using Lost Devices, MHA Issues Warning

Kenya: 29.5 Million Safaricom Customers’ Data Breach Lands Odibets Boss Andrew Aligula In Police Custody, Firm Now Operating On A Thin Line Of Court Order

Massive Data Breach Exposes 1.5 Million Higher Education Commission (HEC) Records in Pakistan

Massive data leak dumps 6.2GB of customer invoices tied to France’s Groupe IMA, raising fraud fears

Quantum computing looms, and your security is nowhere near ready

Signal Phishing Attack Steals Backup Keys, Exposing Full Encrypted Chat History

'Teen hacker was right’: CBSE admits security flaws in evaluation portal after days of denial

WP Maps Pro bug exploited to create admin accounts on WordPress sites

30th May

7-Eleven Data Breach: Did You Apply for a Franchise? Your SSN May Have Been Stolen

California attorney general sues 23andMe for data breach

California Sues 23andMe Successor Over Massive 2023 Data Breach

Carnival Corporation Offers Two Years of Free Credit Monitoring After Data Breach Affects Nearly 6 Million Customers

Cruise Carnival Corporation Data Breach Exposes Nearly 6 Million Travelers Data Compromised in Massive Cruise Line Hack

Cruise Carnival Guests Receiving Data Breach Notifications: 6 Million Affected in 2026

‘Exercise the utmost caution’: Zara warns customers after possible data breach

Fake Anthropic Sites Deliver Fileless Infostealer to Claude Code Users

FBI Issues Urgent Warning Over Kali365 Phishing Tool Targeting Outlook, Teams and Microsoft 365 Users

Hackers abuse ChatGPT's content-sharing feature to spread malware

India: Central Board of Secondary Education (CBSE) Portal Faces Cyber Attack Affecting 50 Students

India: Central Board of Secondary Education (CBSE) Revaluation Portal Hit by Cyber Attack, 50 Students Gained Unauthorised Access

Kenya: OdiBets Faces Investigation After 29.5 Million Safaricom Customers’ Data Breach, Risks Losing License

Luxembourg: Fraudsters posing as hotel staff target guests' credit card details

New CIFSwitch Linux flaw gives root on multiple distributions

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

Pennsylvania Bank Issues Urgent Alert After AI Application Triggers Data Breach, Exposing Sensitive Customer Info

ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers

Signal Phishing Campaign Targets Journalists and Activists to Steal Backup Recovery Keys

What Is A Data Breach? California sues Chrome Holding Co. over 23andMe hack

29th May

6 million Carnival Cruise customers’ data impacted amid hacker group’s slew of breaches

23andMe accused of failing to protect user data in new lawsuit

71% of organizations suffered at least 1 data breach in past year

A Russian hacker tricked a 17,000-strong MAGA Telegram channel with a jailbroken AI for over 5 years, leading to fraud, credential theft, and an empty crypto wallet

Accounting firm Kennedy McLaughlin confirms ‘cyber incident’ following Qilin ransomware attack

Adversaries Exploit US Troop Geolocation Data via Ad Profiles

AI agent steals database, makes real-time hacking decisions in less than an hour

AI-Generated npm Malware Leaks Its Own GitHub Token

Attackers Target Signal Secure Backups via Phishing Campaign

Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit

California Attorney General Files Lawsuit Over 23andMe Data Breach

California Attorney General sues 23andMe over 2023 breach exposing health data

California is suing 23andMe over its 2023 breach that exposed 7 million users' DNA data

California sues 23andMe over 2023 data breach that affected 7 million users

California sues 23andMe over genetic data breach affecting 6.9 million users

California Sues 23andMe Successor Over Genetic Data Breach That Targeted Ethnic Groups

California Sues Former 23andMe Over 2023 Ancestry And Genetic Data Breach

Carnival Corporation data breach hits Holland America’s Mariner Society

Carnival Corporation says data breach may have exposed personal info

Carnival Cruise Faces Cybersecurity Concerns as Data Breach Notifications Raise New Questions About Digital Safety in Tourism

Carnival Cruise Just Had a Massive Data Breach

Carnival cruise operator confirms nearly 6 million people affected in data breach

Carnival Data Breach Exposes Data of Nearly 6 Million Customers

Carnival Data Breach Impacts Nearly 6 Million Customers

Carnival Navigates the Crosscurrents of a Data Breach and Falling Fuel Costs

Charter Communications data breach affects 4.9 million accounts

Charter confirms Spectrum data breach: 13 million customers exposed

Charter Data Breach: Approximately 4.9 Million Emails Added to Have I Been Pwned (HIBP) Following ShinyHunters Claim

Charter Data Breach Exposes 4.9 Million Accounts After Hack

ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface

ChatGPT blindly trusts browser content, turning the page into a payload

ChatGPT share links abused to host fake outage pages to deliver malware

Chinese Hacker Gets Four Years for Hijacking 157 Government, Enterprise Websites

Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies

Chinese Phishing Service Scams Thousands of FIFA World Cup Fans

Concern as figures show fewer charities prioritise cybersecurity

Countering the 22-second ransomware hand-off: Why the first alert now determines the entire incident

Cruise Carnival Guests Receiving Data Breach Notifications for 6 Million

Cruise Operator Carnival Discloses Personal Data Breach

Data breach at Oregon Department of Corrections impacted staff, inmates and visitors

Dutch government disrupts malware botnet with 17 million infected devices

Dutch police dismantle massive botnet controlling 17 million infected devices

Dutch police disrupts botnet composed of 17 million devices

European cyber experts have discovered a new Russian hacker group, GREYVIBE, which is attacking Ukraine using AI

Fake Adobe Document Cloud Pages Spread ScreenConnect Malware

Fake Party Invitation Phishing Scam Spoofs Google and Microsoft OAuth Logins

FBI confirms 25 ransomware groups using First VPN’s now seized services - here’s what we know

FBI warns about new Kali365 Phishing platform targeting Microsoft Accounts

FBI Warns Of New Phishing Threat Targeting Your Personal Data

FBI warns World Cup fans over fake FIFA ticket scams

FIFA domain registrations surge ahead of 2026 World Cup, signaling fraud risks

From the Hammer to the Scalpel: The Evolution of Account Takeover

Gentlemen ransomware spreads automatically within networks

Google Chrome adds session cookie theft protection for all users

Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware

How a Cline Vulnerability Exposed a Growing AI Agent Security Gap

How Ransomware Gangs Operate in 2026: From Phishing to Physical Intrusions in Law Firms and Hospitals

How St. Paul, Minnesota, Recovered From a Ransomware Attack

Industrial Acceptance Data Breach Affects 79,216 Individuals

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

LinkedIn-themed phishing abuses Adobe’s A/B testing platform

Lithuania confirms intelligence officers among victims of major registry data breach

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Man sent to prison for selling data of 7 millions elderly Americans

Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more

Microsoft Dispute with Security Researcher Escalates as Sides Trade Threats

Microsoft under fire for threatening security researcher with criminal investigation

New ChatGPT Vulnerability Lets Attackers Turn Web Pages Into Phishing Payloads

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

New Phishing Tool Lets Hackers Access Microsoft Accounts, FBI Says

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

Notepad++ Patches High-Severity RCE Flaws in Version 8.9.6.1

Notepad++ requires urgent update: hackers swapping configs to run malware

Nursa Data Breach Affects 13,168 in Washington

OpenAI credential-stealing malware found hidden inside popular Codex tool

Pay Tel Data Leak: Microsoft Azure Server Misconfiguration Exposes 300,000 Government-Issued IDs

Phishing campaign imitates Adobe Document Cloud and installs malware

Phishing email led to a breach of US food giant Rich Products

Pick n Pay data breach: What customers need to know

Plaza Home Mortgage Confirms Data Breach, Urges Action from Victims

Ransomware Abuses SYSTEM Task to Encrypt Drives with Elevated Privileges

Ransomware Activity Stays High as New Threat Groups Emerge

Ransomware Trends: Bypassing Security With Rapid Attacks

Ransomware Uses SYSTEM Scheduled Task to Encrypt Local Drives With Elevated Privileges

Report Surfaces Sharp Spike in Malicious Logins from Low-Risk Sources

Renting a smart apartment? Your landlord may have access to your cameras and locks

Rochester Philharmonic Data Breach Exposes Personal and Health Information

Scam broker sells data on 7 Million elderly Americans, gets 10 years in prison

Scots affected by Capita cyber attack given route to compensation

ShinyHunters allegedly behind Carnival Cruise Line cyber attack

Signal users targeted in backup-stealing phishing attacks

Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems

Six million cruise customers thought to be impacted by new data breach

Spectrum Owner Charter Says Data Breach Exposed 4.9 Million Accounts

Station Casinos Discloses Data Breach Exposing Names, Social Security Numbers, and Financial Data

The Beginning of the End of Human Penetration Testing

The behavioral signals that sharpen Trojan malware detection

The Gentlemen are coming for your files, and then your network

University of Dallas Data Breach Exposes Social Security Numbers and Health Records

US policymakers mad about phones betraying troops' location to foreign adversaries

‘We are truly sorry’ - Pick n Pay on customers’ data breach

Websites can spy on user activity by analyzing SSD behavior

WP Maps Pro Vulnerability Exposed 15,000 WordPress Sites to Site Takeover

Your AI assistant is breaking the law up to 90% of the time

Your OnlyFans may not be private - and neither are your passwords

28th May

6 Million Impacted by Carnival Cruise Data Breach

23andMe Sued by California Over Massive 2023 Data Breach

A security lapse at prison pay phone service Pay Tel publicly exposed over 300K callers’ driver’s licenses

AI Agent Conducted a Cyberattack on Its Own - It Took Less Than One Hour

AI threatens financial stability as Mythos-style models accelerate cyberattacks

AI-driven cybercrime industrializes as ransomware damage soars 389%

AI-Generated npm Malware Leaks Hacker’s Private GitHub Token

Anthropic confirms Claude Mythos-class models will roll out to the public

As Summer Closes In, the Travel Sector Is Unprepared

Attackers Move Past Typosquatting to Realistic Package Impersonation

Beware of Fake RSVP Links: Hackers Use Wedding and Graduation Invites to Steal Personal Data

BTMOB Android malware service generates custom phishing payloads

Bulk of Identities Are Unseen and Unmanaged in the Enterprise

California Attorney General Bonta Sues Chrome Holding Co., Formerly Known as 23andMe, Over 2023 Data Breach

California Attorney General sues 23andMe successor for 2023 data breach

California sues 23andMe over 2023 data breach

California sues 23andMe, alleging it failed to protect user data in 2023 breach

California sues former 23andMe over 2023 ancestry and genetic data breach

California sues 23andMe over alleged DNA data breach

Carnival begins notifying 6 million people of a data breach

Carnival confirms data breach impacting nearly 6 million

Carnival Corporation contacts clients after data breach

Carnival Corporation Discloses Details of Data Breach

Carnival Cruise confirms data breach affecting nearly 6 million people

Carnival Cruise Data Breach Exposes Millions of Customers’ Personal Information

Carnival Cruise Guests Are Now Receiving Data Breach Notifications

Carnival Cruise Line Notifies Victims Over Data Breach That Leaked Passport Numbers

Carnival Cruise Line Sets the Record Straight on Latest Data Breach

Carnival Data Breach: Here’s Exactly How Scammers Got Your Personal Information

Carnival Data Breach Exposed 6 Million People

Carnival Data Breach Exposes Personal Data of Nearly 6 Million Customers

Carnival Data Breach Impacts 5.9 Million Individuals

Chinese-speaking fraud gang could be stealing millions from 2026 World Cup fans

Close to 200,000 Frost Bank customers affected by Sefas security breach

Companies built AI into core systems before figuring out how to govern it

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

CrowdStrike, Google smash Glassworm developer botnet

Cruise giant Carnival confirms data breach affecting nearly 6 million people

Cruise Operator Carnival Corp Data Breach Occurred Due to Social Engineering

Cruise Operator Carnival Discloses Personal Data Breach

Cybercriminals sail away with data from 6 million Carnival customers

Cybersecurity Staff Prefer CISOs With Real Attack Response Experience, Study Reveals

Dutch police arrest suspect for breaking into Ajax’s computer systems

Edwards, Faust & Smith (EFS) Data Breach: Social Security Numbers and Financial Account Information

Everest Ito Group Data Breach: Social Security Numbers Compromised

Fake Data Breach Emails on the Rise, Cybersecurity Experts Warn

FBI Flags Dangerous Microsoft 365 And Outlook Phishing Scam

FBI Issues Urgent Warning For Microsoft 365 Users: Kali365 Phishing Kit Bypasses MFA

FBI reveals top 4 internet crime trends from 2025 as losses hit $20.9 billion

FBI sounds alarm on phishing tool that steals Microsoft 365 accounts without passwords

FBI Warns Companies About Ransom Gang’s Fake IT Support Tactics

FBI Warns Hackers Can Bypass Microsoft Outlook, Teams and 365 Without Your Password - Here's What You Should Do

FBI Warns Kali365 Phishing Kit Can Bypass Microsoft 365 MFA

FBI warns of fake FIFA websites running World Cup fraud schemes

FBI warns of major phishing scam, with hackers ‘hijacking' Microsoft Outlook, 365 users

FBI warns of new phishing scam targeting Microsoft 365 users

FBI warns of Ransomware groups sending individuals to steal Data physically

FBI warns OneDrive, Teams users about phishing scam. What it looks like

FBI warns scammers can access Outlook, Teams without passwords

Federal Officials Warn United States Firms of Phishing Invitation Scams

Federal Trade Commission (FTC) Warns of Phishing Scam Disguised as Party Invitations

FortiClient EMS Exploited via CVE-2026-35616 for EKZ Infostealer Deployment

Frontier AI models collapse under multi-turn AI attacks, Cisco finds

GCHQ Chief Urges Action as AI Reshapes Cyber Threats

GreyVibe hackers use ChatGPT, Gemini to power cyberattacks

Hacker Steals $700,000 from Polymarket via Compromised Private Key

Hacker Who Sold Access to Oregon Emergency Network Gets Prison

Hackers are trying to steal Signal users’ backups in new wave of phishing attacks

Hackers Deploy VIP Keylogger Through Phishing Emails Masquerading as Business Documents

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers tricked a Carnival employee and leaked customer names, addresses, and government IDs

House Republicans press FBI Director Patel to intensify fight against hospital ransomware

How AI is Changing Ransomware - and Why It’s Faster, Smarter, and Harder to Detect

Iconic 138-year-old South African sports club allegedly struck in 674,000-record cyber attack

India: Kanpur Municipal Corporation Website Hit by Cyber Attack

Inside the Charter Communications data breach: hackers leak 13 Million+ customer data

JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware

Juventus FC: Data Breach Communication

Kemper Corporation Exposes Approximately 270,000 Accounts Following ShinyHunters Breach Claim

Korea to Freeze Accounts Tied to Romance Scams, New Phishing from Next Month

Lakeview Health Systems Settles Class Action Data Breach Lawsuit

LoneStar Truck Group Data Breach Exposes Sensitive Personal Information

Louisiana Cat Data Breach: PHI and PII Exposed

Major data leak hits nearly 20% of Lithuania's population

Microsoft accused of leaking data of Dutch civil servants working on tech laws to US government

Microsoft Condemns "Uncoordinated" Zero Day Disclosures

Microsoft email and Teams users are being warned of phishing trick that doesn’t need your password

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

Mt. Baker Imaging seeks settlement in ransomware attack lawsuits

Multiple German hospitals impacted in billing provider data breach

Nearly 10K Mainers entitled to credit monitoring after Carnival Cruise data breach

NetLine Data Breach Exposes Social Security Numbers

New Gogs zero-day flaw lets hackers get remote code execution

New phishing scam targets Microsoft Outlook and Teams users

New Threat Actor Jinx-0164 Targets Crypto Developers on macOS

Oil shipments, drone makers, and a poisoned code library targeted in recent APT campaigns

One Email Could Give Hackers Access to Your Microsoft Account: FBI Warns They Don't Even Need Your Password

Passports and selfies of 100,000 UK visa applicants leaked, issue remains unaddressed

Perma-Chink Systems Data Breach Exposes Social Security Numbers

Phishing most prevalent cyber attack, confirms UK survey

Police arrest suspect in Ajax football club hack that exposed 300,000 fan records

Ransomware attacks are now targeting businesses nobody expected

Ransomware dominates 58% of Singapore’s cyber incidents

Ransomware group adds New Zealand health company to its leak site

Researchers question alleged IBM breach spreading across underground forums

Romanian gets 5 years in prison for hacking Oregon government network

Russian hacker network exposed in the Netherlands. 800 servers were seized

Shadow AI Continues to Expose Company IP

ShinyHunters Alleges 42 Million Records Stolen from Charter Communications

South Africa: Pick n Pay confirms data breach affecting delivery service users

South Africa: Telkom says no evidence that its systems were compromised after hacker claimed to have customer records for sale

South Korea: Government to freeze accounts tied to scam crimes beyond voice phishing

SpeedX data leak exposes more than 840 million customer and driver records

The FBI Just Issued an Urgent Warning for Anyone Using Microsoft Teams, Outlook, or OneDrive Over a New Phishing Scheme

The FBI warns Microsoft 365 services are being bombarded with new phishing emails - here are 3 steps you can take to stay safe

The Gentlemen is Making Its Mark in the Ransomware World

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

The Real Microsoft Site Phishing Scam Bypassing Your Security

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

US says troops were targeted with location data, as senator warns ad industry is a ‘national security threat’

Users report phishing emails coming from Microsoft’s system, and the company is digging in

VaultJacking Attack Exposes Google Password Vaults via Single PIN

Watch Out for Fake FIFA Websites Appearing Ahead of the 2026 World Cup, FBI and Internet Crime Complaint Center (IC3) Warn

Zapier exploit chain shows how known anti-patterns compose into critical risk

27th May

7-Eleven Breach: Hackers Claim 600,000 Records Stolen

7-Eleven data breach exposes 185,000 people, including names, addresses and SSNs

68% of UK Firms Plan to Increase Cyber Spending as AI Risks Rise

300+ Fake Domains Used in GHOST STADIUM Campaign Targeting World Cup Fans

A Krispy Kreme data breach may qualify thousands of Americans for payouts over $3,000

AI Accelerating Data Breach Attacks from Months to Hours

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

AI Is Making Software Autonomous, and Governance Must Follow

AI-powered phishing a growing threat

Ameriprise Financial Data Breach: ShinyHunters Leaks 200GB, Over 502,000 Accounts Added to Have I Been Pwned (HIBP)

Apple and Google warn Canada bill could force secret backdoors into encrypted devices

Attackers disguising phishing as Google AppSheet notifications

BadHost Exploit Exposes Sensitive AI Agent Server Endpoints

Caesars Entertainment Data Breach Impacts 44k: Social Security Numbers Compromised

CERT-In Urges Firms to Patch Critical Vulnerabilities Within 12 Hours Amid AI Threat Surge

Charter Communications confirms data breach - ShinyHunters blamed after threat to leak user info online

CISA gives feds 4 days to patch actively exploited cPanel plugin flaw

CISA Warns of Exploited LiteSpeed cPanel Plugin Flaw

CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

CrowdStrike, Google Take Down Glassworm Botnet

Cruise operator Carnival discloses personal data breach

Cyber attackers are hijacking Microsoft Outlook, Teams and 365 log-ins, FBI says

Data of 340 million OnlyFans users put up for sale on the dark web

Delivery mega leak: 840 Million+ files exposed as US delivery company leaks massive file storage

Dutch police arrest man over cyber breach at Ajax football club

Dutch Police Arrest Suspect in AFC Ajax Football Club Data Breach

Dutch police arrests suspect linked to Ajax football club hack

Easy Dynamics Data Breach Compromises Personal Information of Employees

Ermi Data Breach Compromises Health Records

European AI adoption hits 99% with regulated data driving most policy violations

Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware

Fake LinkedIn Collaboration Emails Abuse Adobe Target to Track Victims in Phishing Campaign

FBI Issues Scam Warning for Users of Microsoft Outlook, Teams

FBI issues serious warning for Outlook, Teams, OneDrive users

FBI Issues Warning To Microsoft 365 Users

FBI links First VPN Service to ransomware gangs, botnets, criminal dark web activity; calls for layered defensive controls

FBI Warning: IT Personnel Impersonated by Cybercriminals

FBI warns extortion hackers are visiting US law firms to steal data

FBI warns law firms of cyber gang impersonating IT staff to steal sensitive data

FBI warns law firms of in-person data theft by Silent Ransom Group

FBI warns Microsoft users about a new AI scam that can steal accounts without passwords

FBI warns of cybercrime group targeting US law firms

FBI warns of in-person data theft attacks from extortion gang

FBI warns of Kali365 phishing platform hijacking Microsoft 365 accounts

FBI warns of Kali365 phishing-as-a-service targeting Microsoft 365 access tokens

FBI warns of phishing scam targeting Microsoft 365 accounts

GHOST STADIUM Phishing Campaign Targets FIFA World Cup Fans With 300+ Fake Domains

Gitea Vulnerability Exposes Private Container Images without Authentication

Glassworm botnet disrupted after resilient C2 infrastructure takedown

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

Google flags KnowledgeDeliver flaw and Chinese phishing surge

GPU mining malware spreads via SEO poisoning, AI chatbots

Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users

Hacker Mints 5.4 Trillion Tokens in StakeDAO Exploit, Nets $91K

Hackers Abuse Trusted Google Domains to Hide Phishing Links From Email Gateways

Hackers adopt double-tap tactics: steal gaming accounts, return with a convincing recovery scam

Hackers are knocking on office doors pretending to be IT staff

Hackers Sending Operatives in Person to Insert USB Drives and Steal Data

Healthcare Data Breaches, Developer Tool Abuse, and Supply Chain Ransomware Risks Rise

‘Hostile states' behind massive data breach, Lithuanian president says

How the Canvas data breach further frayed families’ trust in ed tech

India: Central Board of Secondary Education (CBSE) denies security breach in On Screen Marking (OSM) evaluation system after student hacker’s claims

Interstate Management Data Breach: 22k Individuals Impacted

Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages

Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms

Iranian intelligence service behind hack of Los Angeles transit system, researchers say

Iranian-Backed Group Behind Attacks on Transit Systems in Los Angeles, South Florida

Kali365 phishing kit bypasses MFA and steals Microsoft logins

Kali365 Phishing-As-A-Service Bypasses MFA To Hijack Microsoft 365 Accounts

Lithuania: Foreign involvement suspected in record data breach

Lithuania: President Gitanas NausÄ—da says indications point to hostile states behind major data breach

Lithuania Data Breach: 600,000 Records Expose Spy Home Addresses to Hostile States

Lithuania Investigates State Registry Breach of 600,000 Records

Lithuanian Prime Minister says government will not resign over major data breach

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Mass database extortion causes significant damage despite low payment rates

Massive Data Breach: Fake UK Visa Portal Leaks Over 100,000 Passports, Selfies Online

Metropolitan Marine Maintenance Contractors' Association (MMMCA) Data Breach Exposes PHI and PII for 25,528 Individuals

Microsoft adds automatic endpoint isolation to Defender platform

More than 185,000 affected in 7-Eleven data breach linked to ShinyHunters

Multiple sophisticated fraud campaigns target FIFA World Cup

National Institute of Standards and Technology (NIST) Releases Special Publication Draft to Focus on Ransomware Response and Recovery in Manufacturing Networks

Netherlands blocks US firm Kyndryl from buying national ID system provider

New BTMOB Malware Enables Remote Control of Android Devices

New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacks

New Zealand: ManageMyHealth warned before massive data breach

NHS trust issues public apology over Nottingham attacks medical data breaches

Oncology Institute says third-party vendor breach compromised patient data

OverlayPhantom Android Banking Trojan Targets 180+ Financial Apps Across 10 Countries

PureLogs Variant Steals Data via Purchase Order Lures

Ransomware Actors Show Up In Person to Steal Law Firm Data

Ransomware recovery rarely ends when the ransom is paid

Romanian Hacker Gets Nearly 5 Years in US Prison Over Network Intrusion

Romanian hacker sentenced to 56 months for selling access to Oregon government network

Romanian Hacker Sentenced to Prison in US for Selling Access to State Network

Romanian national sentenced to more than 4 years for hacking Oregon government systems

Scammers are sending phishing emails from a real Microsoft address

Silent Ransom Group Sends Operatives Into Law Firm Offices: 38 Firms Already Leaked

South African Revenue Service (SARS) Denies Being Hacked by Nullsec Nigeria, Hacker Group

Spain: The ‘hacker’ Alcasec accepts two years and seven months in prison for stealing more than half a million bank details

TeamPCP Hackers Weaponize LiteLLM for Credential Harvesting Attacks

The AI Phishing Revolution: From Spray-and-Pray to Autonomous Operations

The Gentlemen emerging as key ransomware player

The Lithuanian Prime Minister said her family was also affected by a major data breach

The LLM Effect: Why Ransomware in 2026 Is Faster, Smarter, and More Targeted

The Next AI Security Failure May Start With a Trusted Assistant

The Oncology Institute Confirms Unauthorized Access to Systems Due to Vendor Breach

The Rise Of “New Brand” Cybercrime Groups And The Business Of Ransomware

Thousands of Fake FIFA Domains Target World Cup Fans

Tycoon 2FA Adversary-in-the-Middle (AiTM) Kit Bypasses MFA on Entra ID and Google Workspace Accounts

Tycoon 2FA Adversary-in-the-Middle (AiTM) Kit Targets Entra ID and Google Workspace In MFA Bypass Campaigns

‘UK Visa Portal’ Compromises 100,000 Applicant Passports and Biometric Data

Ukrainian Authorities Help Uncover VPN Admin Who Shielded Hacker Attacks

United Medical Systems Data Breach: Social Security Numbers Exposed

Why Burnout in Cybersecurity Demands Risk-Based Response

Why phishing as a service is a growing threat

Why the Surge in DDoS Attacks Should Worry Security Leaders

Windows Kernel Flaw Lets Attackers Modify Memory Counters

Windows Users Targeted in New Phishing Campaign

26th May

7-Eleven data breach affects over 185,000 people’s personal data

7-Eleven data breach exposes personal information of 185,000 people

185,000 Likely Impacted by 7-Eleven Data Breach

600,000 Lithuanian National Register Entries Leaked

Actively exploited Trend Micro Apex One flaw gets CISA warning (CVE-2026-34926)

Alleged Mercedes-Benz customer data listed for sale on cybercrime marketplace

Anthropic: Claude Mythos identified 10,000+ software flaws

Australia: Practice lost $150,000 after cyber attack locked staff out of Best Practice

Automotive ransomware more than doubled - and AI is partly to blame

Beacon Mutual Begins Notifying Those Affected by Data Breach

Bomco Data Breach Exposes Social Security Numbers and Health Information

BTMOB Android RAT Spreads Through No-Code Builder Tooling

CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

Charter Communications confirms data breach after ShinyHunters extortion threat

Chinese phishing gangs grow into a force to be reckoned with

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

Chinese-Language Phishing Services Adopt AI and Real-Time MFA Bypass

CISA orders feds to patch actively exploited Drupal vulnerability

Claude Mythos AI Identified 10,000+ Software Vulnerabilities in One Month

CMD Outsourcing Solutions Data Breach Exposes SSNs

Critical Ghost CMS Vulnerability Exploited to Hack 700+ Websites

Cyber attack costs the Town of Huntsville $59,000

Cyber insurers warn AI is accelerating phishing and business email compromise attacks

Dutch authorities arrest men suspected of providing infrastructure for Russian cyber operations

Dutch Authorities Seize 800 Servers Linked to Russian Cyberattacks, Arrest Two Individuals

Dutch consultant and concert pianist arrested for hosting servers for pro-Russian hackers

East Coast Regional Workers Comp Insurer Reports Data Breach

Eight Years In, GDPR Changed Everything

FBI Warns: ‘Kali365’ Phishing Service Targets Microsoft 365 Accounts

FBI warns about Phishing-as-a-Service (PhaaS) platform used to access Microsoft 365 environments

FBI warns Microsoft 365 users about a new phishing tool that bypasses two-factor authentication

FBI warns Microsoft users about a sophisticated phishing scam

FBI warns Microsoft 365 users about another phishing as a service attack - here's how to avoid it

FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts - no password required

Fraudsters Target Ukrainians with Fake Tax Debt Emails Impersonating the State Tax Service

Ghost hackers: the cybersecurity mystery that nobody has solved

Google blocks AI Powered Cyber Attack on 2FA and Megalodon Malware attack on GitHub

Hacker offers data of 340 million OnlyFans users for sale

High-severity SharePoint RCE bug patched by Microsoft (CVE-2026-45659)

India's CERT-In Sets 12-Hour Patch Deadline for Exposed Flaws

Investigation launched into data breach at Telford & Wrekin Council

Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages

Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign

Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover

Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning

Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated Nimbus Manticore group attacks defense, aerospace, telecom sectors using Minifast malware toolkit

Jailbroken Gemini AI Model Supercharged Russian-Speaker’s Fraud Campaign

KnowledgeDeliver flaw exploited as a zero-day to install web shells

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

KnowledgeDeliver LMS ViewState Deserialization Flaw (CVE-2026-5426) Exploited for Cobalt Strike Backdoor and Godzilla Malware Deployment

Krispy Kreme settles 2024 data breach suit for $1.6 million

Law firm Wiley Rein hit with class action over data breach tied to Chinese hackers

Lithuania investigates theft of 600,000 state registry records by foreign actor

Lithuania Suspects Foreign Involvement in Data Leak of Over 600,000 National Register Entries

Marketing and merchandise firm Branded Products listed by Qilin ransomware

Megalodon Supply Chain Attack Hits 5,500+ GitHub Repositories in Six Hours

Microsoft Dismantles Fox Tempest Cybercrime Platform Linked to Hospital and School Ransomware Attacks

Microsoft Disrupts Fox Tempest Malware-Signing Service Used in Ransomware Attacks

Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions

Mission Community Hospital Pays $1.55M to Settle Data Breach Lawsuit

Motorola’s pre-installed app hijacks Amazon app

MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries

MyPillow must decide whether to be firm or soft as ransomware criminals demand pay

Mythos may not be an evil AI hacker, but it’s a warning that cybercrime can now go machine speed

New Research Says Every WiFi Router Can Be Turned ‘Into A Potential Means For Surveillance’

NightSpire Ransomware Abuses RDP for Stealthy Persistence

NightSpire Ransomware Uses RDP Access and Remote Admin Tools for Stealthy Persistence

Noll & Tam Architects Data Breach Exposes Social Security Numbers

Nottingham Village Data Breach Impacts 7,919 Individuals: PII Exposed

Payload Ransomware Uses ChaCha20 and Curve25519 ECDH to Encrypt Windows Files

Personal information of 185,000 people exposed after cyberattack on 7-Eleven

Phishing Campaigns Exploit RCS and iMessage to Evade SMS Security Filters

Phishing Services Use RCS and iMessage to Bypass Traditional SMS Security Filters

Private radiology practice reports security breach impacting over 250,000 individuals

Q-Day Could Arrive by 2029, Raising Global Encryption Security Fears

Radiology Associates of Richmond reports data breach affecting 266,000 individuals

Ransomware Attack Costs Medical Practice $150,000 in Repairs and Lost Revenue

Ransomware attacks on automotive and smart mobility more than doubled in 2025

Ransomware Uses ChaCha20 and Curve25519 to Encrypt Windows Files

Reported ransomware incidents are just the tip of the iceberg

Rhode Island workers' comp insurer faces class action over data breach

Russian Hacker Allegedly Used Jailbroken Gemini in Global Cyber Fraud Operation

ShinyHunters extorts Charter Communications after data breach

Some developers seeing 7-fold increase in supply chain compromises

South African Revenue Service (SARS) and South African Information Technology Agency (SITA) refutes false claims of a data breach

South African Revenue Service (SARS) denies alleged cyberattack and data breach claims

South Korea cuts voice phishing cases and losses for seven straight months

Station Casinos Data Breach Highlights Ongoing Cybersecurity Risks

Station Casinos Reveals Data Breach Took Place in March 2026

Stolen passwords, phishing emails and data loss – how secure is your Microsoft 365?

Taiwan Cyber Incidents in 2025: Fake Messaging Apps, Custom Ransomware, Supply Chain Vulnerabilities

Texas-based DocketWise reports data breach impacting thousands

Thailand warns of phishing scams targeting ‘Thai Help Thai Plus’ registrations

The Hidden Ransomware Economy Running on Exposed Databases

Third-Party Cyberattack Impacts Patient Information at The Oncology Institute

Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning

Trump Mobile probes data breach of 27,000 T1 pre-order customers

UK Visa Portal spilled thousands of applicants’ passports and selfies online - and hasn’t fixed the leak

Ukraine: Fraudsters send letters about "tax debt" on behalf of the State Tax Service. How to avoid becoming a victim of phishing

Uniswap Phishing Scam Through Google Ads Steals $400K

What happens when security teams inherit identity

When ransomware shutters the ER, cyber resilience can help teams mitigate the damage

Why AI-Native Cybersecurity Matters in the Age of Machine-Speed Threats

25th May

7-Eleven Data Breach Exposes Over 185,000 Accounts in ShinyHunters Extortion Campaign

90 Days to Full NHI Management, Agentic AI Security and Operational Efficiency

266,000 Affected by Data Breach at Radiology Associates of Richmond

A massive data breach involving government registries has been uncovered in Lithuania

AI-driven exploitation beats phishing as most popular initial access strategy

Anthropic’s Mythos Finds 10,000 Security Flaws, Exposes Patching Obstacles

Australia: Foreign state actor hacked parliamentarian's WhatsApp account

Australia: Victorian regional newspaper allegedly hacked by ransomware group

Authorities seize 800 servers used for cyberattacks and disinformation

Billion-Dollar Bank To Hand Out up to $25,000 per Customer in Settlement Over Data Breach That Impacted 2,187,170 Americans

Breaking The Silo: What the Economic Crime and Corporate Transparency Act (ECCTA) Information-Sharing Gateway Means for Security Leaders

British drivers may be exposed after Mercedes data surfaces on hacker market

Canadian man arrested over massive KimWolf DDoS botnet that infected millions of devices worldwide

Carnival class action claims cruise line failed to notify customers of data breach

Cybercrime is 3rd largest economy sparing no country or enterprise

DocketWise Data Breach Impacts 143,000

Europol: Cybercriminal VPN used by ransomware actors dismantled in global crackdown

Fake Streams, Counterfeit Merchandise and Other Scams: How Fraudsters Target Formula 1 (F1) Fans

FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack

FBI director Kash Patel’s merchandise website taken offline after malware attack

FBI Flags Kali365 as New Phishing Threat Targeting Microsoft 365 Users

FBI warning on Kali365 phishing kit exposes limits of weaker authentication

FBI Warns Kali365 Can Bypass Microsoft 365 MFA Using OAuth Tokens

FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens

FBI warns of Kali phishing scam hitting Microsoft OAuth tokens - warns 'Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lures'

FBI warns of Kali365 phishing service targeting Microsoft 365 accounts

Forget facial recognition, WiFi can accurately tell who you are, researchers say

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS SQL Injection Vulnerability Facilitates Large-Scale ClickFix Campaigns

GitHub bans vindictive security researcher dropping Windows zero-days

GitHub Hacker Claims Security Breach Involved About 4,000 Internal Repositories, Takes Bids on Stolen Data

Hacker Lists 340 Million OnlyFans User Records for Sale

Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches

Halton Hills Chamber of Commerce warns of phishing email seeking unpaid invoices

India: Cyber Fraudsters Misuse Cockroach Janata Party Name in WhatsApp Phishing Scam, Warn Ludhiana Police

Indian Cyber Crime Coordination Centre (I4C) Cautions Apple iPhone Users About Phishing Scam Targeting Lost Devices

Is OnlyFans Facing A Massive Data Breach? Hackers Claim 340 Million-Record Leak

Kali365 phishing service targets Microsoft 365 accounts

Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms

Lessons for organizations from the Verizon 2026 Data Breach Investigations Report

Lithuania investigates massive data breach, suspects foreign intelligence operation

Most ransomware attacks are opportunistic. Here’s how you can stop attackers

Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime

Network Nightmares: America’s printers carry hidden hacker risks

Oncology Institute Discloses Data Breach

Only 1 in 4 Australian farmers eye cyber insurance as ‘smart’ farms become hacker targets

OnlyFans Data May Be Under Threat As Hacker Sells Records Of 340 Million Users

OnlyFans denies a 340-million-record breach, and so does the hacker selling it

OnlyFans mega leak reveals 340 Million user records, hackers claim

Pro-Palestinian hackers leak Israeli Navy officers allegedly involved in Gaza Flotilla interception

South Africa: State Information Technology Agency (SITA) refutes suffering cyber attack

South African Revenue Service (SARS) denies it was breached by Nigerian hacker group

South African Revenue Service (SARS) denies social media claims of data breach

South African Revenue Service (SARS) dismisses data breach claims, says no evidence of system compromise

South African Revenue Service (SARS) refutes ‘false’ claims of data breach

South African Revenue Service (SARS) refutes false claims of major data breach

South African Revenue Service (SARS) responds to data breach claims

South Korea: CJ Group Identifies Insider in Corporate Personal Data Breach

Station Casinos Confirms Cybersecurity Breach

Station Casinos Discloses Data Breach That Occurred in March, Begins Notifying Affected Customers

Store Chain 7-Eleven Confirms Data Breach Linked to the ShinyHunters Ransomware Gang

Taiwan Flags Five Major Cyber Risks After 726 Security Incidents in 2025

The AI Governance Gap Is Bigger Than We Think

The Surprising Tactic Your Company Should Use If It’s the Victim of a Ransomware Attack

'This is a sales tactic': Experts warn ransomware hackers will often lower their prices - with some giving discounts up to 96%

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor Supply Chain Attack Targets npm, PyPI, and Crates.io, Steals Credentials, Crypto

Trump Mobile data breach may affect far more than its own customers

Turns out the C-suite loves shadow AI

Ukraine: Mass phishing emails purporting to be from the State Tax Service has been recorded – do not open fraudulent emails

US states step up cyber defenses to protect local communities

WhatsApp Local Storage Claim Raises Apple Privacy Questions

WhatsApp users on alert after hacker drops massive dataset

Wireshark 4.6.6 Resolves Robust Header Compression (ROHC) Parser and Buffer Overflow Vulnerabilities

Posted by at
Labels:
Subscribe to: Posts (Atom)