Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Friday, 12 June 2026

Ransomware Operator Claims - Week 23 2026

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 1st June and 7th June 2026, kindly assisted by our partners.

DBD discovered and researched 132 Ransomware Victims over 37 Countries and Islands claimed by 30 Data-Leaking Ransomware Operators, including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels: ,

Monday, 8 June 2026

Data Breaches Digest - Week 24 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th June and 14th June 2026.


12th June

163 Organizations Hit by Thai Gambling SEO Poisoning Campaign

Africa remains among most targeted by cyber crime

Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code

AI sovereignty makes data centers strategic targets for cyber operations

APT28 Weaponizes Outlook Zero-Click Flaw to Steal Net-NTLMv2 Hashes From NATO Targets

Authorities dismantle crypto laundering service that moved €336 million for cybercriminals

Authorities Dismantle Cryptocurrency Laundering Services ‘AudiA6’ Used by Ransomware Gangs

Britons largely unaware how smart devices are quietly harvesting personal data, survey finds

Check Point reports ransomware attacks jump 48% year over year despite decline in overall cyberattack activity

Chinese hackers use fake FIFA sites to steal card data in Facebook-targeted scam

CISA Orders Federal Agencies to Patch High-Risk Vulnerabilities Within 3 Days Under New Directive

CISA orders feds to patch actively exploited Ivanti flaw by Sunday

Coupang Faces Data Breach Settlement as 37.56 Million Users Affected

Coupang faces record $410 million in fine over data breach

Coupang Fined 624.7 Billion Won After Personal Data Breach

Coupang hit with record 624.7 billion won fine by Korean regulator over privacy violations

Coupang to Challenge Record $460 Million Data Breach Fine, Warns of Profit Hit

Criminal hacker group threatens to publish Nottingham students’ data online if university doesn’t pay

Critical LangGraph Vulnerability Chain Enables Full Server Takeover

Critical Microsoft Outlook and Word Flaws Enable Malicious Code Execution

Critical Microsoft Teams for Android Vulnerability Could Lead to Sensitive Information Disclosure

Critical Palo Alto PAN-OS Flaw Enables Root-Level Command Execution

Crypto Laundering Network Shut Down, How a Ransomware Cash-Out Service Fell

Cyber Incidents Rarely Start With a Hacker: The Weak Links Businesses Overlook

Cybercriminals are moving away from mass phishing campaigns

Data stolen from patients at Norfolk and Norwich hospital

Europe’s digital identity wallet gets its first set of standards

European Data Protection Board (EDPB) adopts common data breach notification template for GDPR compliance

Europol dismantles AudiA6 crypto laundering network used by gangs

Europol Dismantles AudiA6 Crypto Laundering Network Used by Ransomware Gangs

Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs

Europol Takes Down AudiA6 Crypto Laundering Service

Europol-backed operation dismantles crypto laundering service used by ransomware gangs

Everett-based Fluke Corp. failed to prevent data breach, lawsuit says

Fake Spotify Premium Tutorials Use PowerShell Commands to Infect Windows Users With Malware

Feds Seize AudiA6 and Dark2Web in $389 Million Crypto Laundering Case

FIFA World Cup 2026 Scams: Fake Websites, Ticket Fraud, and Job Scams Already Active

Forget phishing: This dangerous hacker group is physically walking into offices to steal data

Google files lawsuit against suspected Chinese cybercrime operation over 2 million scam texts

Google links ShinyHunters to Oracle PeopleSoft zero-day extortion campaign targeting universities

Google Sues Alleged AI Phishing Network Over Scam Texts

Google Sues Chinese Cybercrime Network for Using Gemini AI to Launch Cyberattacks

Google sues the cybercrime ring that turned Gemini AI into a phishing machine

Google targets AI-powered phishing in New York lawsuit

Hackers Abuse Google Sheets Tabs to Control 91 Victims in SHEETCREEP Campaign

Hackers Abuse NinjaOne RMM Agent to Gain Remote Access to Brazilian Organizations

Hackers claim theft of source code from AI giant Dynatrace

Hackers Spread GoFlateLoader Through Cracked Software and Malicious TDS Campaigns

Hackers Use Fake Fiscal Documents to Deliver NinjaOne RMM Agent for Remote Access

Hackers Use Fake Windows Update Installers to Deliver OnyxC2 Credential Stealer

Healthcare Data Fuels Cybercrime Economy

Hong Kong: Phishing Alert - Beware of Fraudulent “WhatsApp Security Centre” Pages Hijacking Accounts

How Microsoft Copilot Studio Creator Permissions Expand the Blast Radius of Prompt Injection Attacks

How to Prevent a Data Breach: A Practical Playbook

International Operation Dismantles EUR 336 Million Ransomware Laundering Pipeline AudiA6

INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator

Iran-linked group claims hack of FBI drones, threatens World Cup

Iran-Linked Hacker Group Makes Serious Threat To Attack FIFA World Cup With Drones

Iran-linked hackers claim breach of California water systems

Japan Data Breach: Kyushu Electric Loses Unencrypted SSD with 10.9 Million Customer Records

Japan Hotel Association Warns Booking.com Users About Phishing Messages

Labcorp Agrees to $35M Settlement to Resolve American Medical Collection Agency (AMCA) Data Breach Litigation

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Mackay Sugar mills shut by cyber attack hope to reopen next week

Major Cybercrime Operation Dismantles Money Laundering Service Linked to Ransomware Attacks

Malicious npm Packages Abuse Postinstall Scripts to Steal Ethereum Private Keys and Mnemonic Phrases

Nottingham University cyber attack: Everything we know so far as ShinyHunters claims responsibility

Novo Nordisk flags patient data breach from some clinical trials in cyberattack

Oracle PeopleSoft 0-Day RCE Flaw Under Active Exploitation by ShinyHunters

Over 80% of Sports Organizations Targeted by Hackers in the Last Year

Over 73,000 French government employees affected in Tchap messenger breach

Oxford University Confirms Third-Party Data Breach Impacting CareerConnect Platform Exposed Personal Information

Ozempic maker Novo Nordisk says clinical trial patient data copied in cyberattack

Passco Companies Data Breach Exposes Personal Info of 8,335 People

Pharma giant Novo Nordisk discloses breach of clinical trials data

Phishing Attack Volume Down 20%, But Risk Still Rising

Ralph Lauren suffers ransomware attack, 220 GB of data leaked

Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol

Record fine for Coupang is only the beginning of its troubles

Researchers release details, Proof-of-Concept (PoC) for exploited Check Point VPN flaw (CVE-2026-50751)

Rethinking MDR as Attackers and Defenders Embrace AI

ShinyHunters claim JCPenney retail data theft involving SSNs and payroll files

Solana FakeFix Campaign Uses 25 Malicious npm and PyPI Packages to Steal Developer Secrets

South Korea Fines Coupang US$409 Million Over Major Customer Data Breach

South Korea Fines Coupang Record $409 Million for Data Breach

South Korea Slaps Coupang with Record $409 Million Fine Over Unprecedented Data Breach

Spectrum class action alleges over 40 Million customer records exposed in data breach

Tchap Messenger Breach Exposes Data of 73,000+ French Government Employees

The assembly line behind 1.5 million malicious domains

The Gentlemen ransomware with 478 victims spreads like a worm

Threat actors look beyond inbox in phishing attacks

UNC1151/Ghostwriter phishing campaign targeting Gmail accounts

University of Nottingham Data Breached by ShinyHunters

US charges suspected Russian hacker with facilitating cyber campaign

US surveillance law to expire for first time after lawmakers reject Trump’s controversial pick to lead spy agencies

VRChat data breach exposes 2.4 Million users, but they say it’s fake

VRChat says Data Breach notification filed with Maine Attorney General was Fake

Was New York Knicks owner breached? ShinyHunters say so

What The FIFA World Cup 2026 Means For Fraud

World Cup Kicks Off With Player Passport Leak, Active Phishing Operations

11th June

2.4 billion TikTok user records leaked online, hackers claim

2.4 Million Impacted by VRChat Breach

5 Ways Quantum and AI Will Rewrite the Rules of Cyberattacks

9 out of 10 people can no longer distinguish real from AI-generated content

AudiA6 cryptocurrency service dismantled for allegedly laundering over $380 million

Authorities dismantle 'AudiA6' ransomware crypto-laundering service

British high school sends students home following cyberattack

Celebrities’ and influencers’ private communications exposed in stalkerware data breach

China-linked JDY botnet rapidly exploits new flaws, raising fresh Volt Typhoon concerns

CISA gives federal agencies 72 hours to fix critical flaws as AI speeds up cyberattacks

CISA Orders Agencies to Patch by Risk, Not Severity

CISA orders federal agencies to “patch smarter”

CISA Sets 72-Hour Patch Window for Federal Systems Facing Highest Cyber Risks

CISA tells government agencies to patch critical exploited flaws in 3 days

CISA Warning: LiteLLM Flaw Could Expose Enterprise AI Gateways

Clinical Registry Solutions Data Breach Exposes Sensitive Patient Data

Coupang faces record fine as data breach exposes millions of users

Coupang Fined 624.7 Billion Won Over Data Breach, Nearly Wiping Out 2024 Profit

Coupang fined a record $409 million over massive data breach affecting 33 million users

Coupang hit by massive $456 million fine for 2025 data breach incident

Coupang hit with record $409 million data breach fine in Korea

Coupang hit with 624.7 billion won fine over personal data breach, largest ever

Coupang Hit With Record 624.6 Billion Won Fine Over Data Breach of 37.5 Million

Coupang Hit With Record Fine on Revenue Basis Over Massive Data Breach

Coupang pledges legal action against record $409 million fine over massive data breach

Coupang to Pursue Legal Action Against 624.6 Billion Won Data Breach Fine

Crypto laundering service “AudiA6” shut down, leaving ransomware gangs without crypto cleaner

Cyber attack forces shutdown of two Mackay sugar mills in Australia

Cyber-Attack Disrupts Exams At Buckinghamshire School

Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware

Decade-Long SniperDz Phishing Network Disrupted in Operation Ramz

Dutch women launch mass lawsuit over cervical cancer screening data breach

Elmwood Home Care Data Breach Exposes Personal and Medical Information

Encrypted chats expose criminal network

Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims

Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware

FBI seizes 13 websites linked to alleged Chinese intelligence-gathering effort

Finding More Vulnerabilities Won’t Fix AppSec’s Biggest Challenge if AI Can’t Explain What’s at Risk

First Sight Family Vision Data Breach: Personal and Health Information Compromised

France’s Tchap Breach: 650,000 Messages, 73,000 Accounts Exposed

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

Got hacked? The EU wants every company to explain data breaches using the same reporting form

Hacker Drained $1.34 Million From Raydium by Faking Ownership of Abandoned Pools

Hacker group boasts about Ralph Lauren data breach: 220GB allegedly stolen

Hacker linked to Void Blizzard faces charges over cyberespionage campaign

Hackers claim massive Wise data breach affecting 4.9 Million records

Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware

Hackers use “free Spotify Premium” TikTok videos to steal passwords

How scammers use "scraped New York Times content" to trick security scanners - and exploit "free" Google Cloud links to flood your inbox

How Time Bomb Ransomware has emerged as a severe Cyber Threat to Backup Engines

IBM and AT&T Accused of Covering Up Foreign Hacks

Identity Crimes Have Become Multi-Layered

Interpol Dismantles SniperDz Phishing-as-a-Service Platform

Jamaica: Opposition calls for speedy cybersecurity law following possible data breach at National Health Fund (NHF)

Japanese energy firm loses drive with data of 10.9 million clients

Kaspersky Identifies Sophisticated World Cup Phishing Campaigns and Ticket Fraud

Korea fines e-commerce giant $400m over data breach affecting millions

Mackay Sugar Security Incident Forces Mill Shutdowns and Halts Harvesting Operations

Maine breach portal abused to publish fake data breach disclosures

Max severity Ivanti Sentry vulnerability now exploited in attacks

Microsoft is limiting employee use of Anthropic’s Claude AI over concerns about how it stores company data

Microsoft Restricts Claude Fable 5 Access Amid AI Safety Review

Most Cybersecurity Teams Struggle to Find Time for Training on New Cyber Threats

New “Agentjacking” Attacks Could Hijack AI Coding Agents

New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files

Nottingham University data breach affects over 450,000 students

Novo Nordisk flags patient data breach from some clinical trials in cyberattack

Novo Nordisk hit by cyber incident, probes data

Novo Nordisk reports patient data breach in clinical trial cyberattack

Novo reports data breach, tells clinical trial patients to 'remain vigilant'

OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack

Open Arms Care Data Breach Exposes Sensitive Personal Information

Oracle mitigates PeopleSoft zero-day exploited in data theft attacks

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert

Oracle warns of security bug that hackers abused to breach 100+ companies

Organizations can’t see much of their mobile AI activity

Organizations Take Too Long to Fix Application Vulnerabilities

Phishing attack put VHC Health patients’ medical records, personal information at risk

Pro-Iran hacker group claims imminent cyber warfare operations against US

Prompt injection still drives most agentic AI security failures in production

Ransomware attacks hit near-record high

Ransomware group The Gentlemen linked to Russian national

ServiceNow Fixes Flaw That Could Lead to Unauthorized Access to Instances

ServiceNow Flaw Exploited by Threat Actors to Access Customer Instances

ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

ShinyHunters Leak 40GB of University of Nottingham Student Data

Someone Filed A Fake VRChat Data Breach Notice To Maine's Attorney General

South Korea: Another Data Breach Hits Customers...Why Are Retailers Prime Targets for Hackers?

South Korea Drops a $409 Million Fine on Coupang in Historic Data Breach Ruling

South Korea fines Coupang $409 million in country's largest data breach penalty

South Korea fines Coupang S$526.5 million in country’s largest data breach penalty

South Korea fines Coupang record $409 million for data breach

South Korea Fines Coupang Record 625 Billion Won Over Data Breach

South Korea hits Coupang with $400 Million+ fine for data breach that affected millions

South Korea Hits Coupang With Record Fine For Massive Data Breach

South Korea hits e-commerce giant Coupang with record US$409 million fine for data breach

South Korea imposes record $410 million fine on Coupang over data breach

South Korea Imposes Record Fine on E-Commerce Giant Coupang After Massive Data Breach

Student data compromised in second University of Western Australia data breach in 6 months

Suspected Void Blizzard Hacker Charged After Boston Court Appearance

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm

The Hidden Security Risks of Poor Software Testing

The Philippines: Hacker group claims attack on official Senate website

Threat actors are recruiting the people who hold cloud logins

Towerpoint Wealth Data Breach Exposes Social Security Numbers of Clients and Their Dependents

University of Nottingham confirms cyber incident as Shiny Hunters group claims data theft

US charges Russian hacker over cyber espionage targeting US companies and NATO

US seizes 13 website domains tied to alleged Chinese intelligence collection

VRChat says reported data breach never happened

When a data breach is more than an inconvenience: understanding serious privacy harm

Why AI-driven threats are exposing the limits of MSP security stacks

10th June

1 in 5 Enterprise Phishing Attacks Go Completely Undetected by the Security Tools Built to Stop Them

3 ways to respond to time bomb ransomware

Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards

Anthropic’s Claude Fable 5 is out for public use, with safeguards for high-risk requests

Australia: Cyber attack shuts down two Mackay Sugar mills

Australian travel agency FirstClass hit by alleged data breach

Autonomous AI agents duped into leaking sensitive data in phishing test

Banking Association of Georgia warns of rising phishing and messaging scams

Buckinghamshire school closed after cyber attack

China-linked JDY botnet expands targeting of U.S. military networks

China-Linked JDY Botnet Expands to 1,500+ Devices for Cyber Reconnaissance

Chinese Cyber Campaigns Intensify as AI Becomes Strategic Target

CISA Adds Cisco, Chrome, and Arista Flaws to Known Exploited Vulnerabilities (KEV) Catalog Amid Active Exploitation

City of York, Pennsylvania, reports data breach

Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions

Criminals have accessed the data of Nottingham University students in cyber attack

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)

Critical Veeam Vulnerability Enables RCE on Backup Servers

Cyber attack closes Great Marlow School in Buckinghamshire

Cyberattack shuts down major Australian sugar mills, disrupting harvest

Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations

Cybersecurity researchers aren’t happy about the guardrails on Anthropic’s Fable

Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks

Delaware North data breach compromised customers' driver's licences and state IDs

Every set of AI guardrails can be broken by the right prompt

Fake Software Tutorials on TikTok Spread Vidar Stealer

FBI Seizes China-Linked Fake Consulting Sites Targeting US Clearance Holders

FIFA World Cup 2026 Scams Are Already Active: Fake Domains, Phishing Sites, and How to Stay Safe

Fortinet FortiSandbox Flaw Enables Unauthorized Command Execution

French government internal messaging tool Tchap hit by data breach - but it doesn't know if any data was compromised

French Government’s Tchap Messaging Platform Breached via Compromised Account

GitHub announces npm security changes to tackle supply-chain attacks

Global cyber attacks fall but ransomware jumps 48%

Global Interest in AI Exploited as Social Engineering Lure

Hackers Exploit Viral Reels and TikToks to Promote Malware-Laced Software Downloads

Hackers Use Tax Phishing Emails to Deploy In-Memory Malware on Windows Systems

How AI APIs are strengthening phishing detection and email security across industrial enterprises

How Scammers are Using AI to Target Football Fans

Humanity Protocol Hack Drains $36 Million After Compromised Laptop Exposes Bridge Controls

Identity Is the New Attack Surface: How Infostealers Are Reshaping Enterprise Risk

Identity theft is turning into a chain reaction for victims

Ivanti: Max severity Sentry flaw allows code execution as root

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Kenya: Betika Faces DCI Probe Over Alleged 29.5 million Safaricom Data Breach

Linux Kernel Bug Caused by Single Character Opens Path to Root Access

Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

Microsoft Fixes 200 CVEs in June Patch Tuesday

Microsoft June 2026 Patch Tuesday Fixes 206 Flaws and 3 Zero-Days

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft patches record 198 Windows bugs in June update - and 3 are zero days

Microsoft Patches Record 200 Vulnerabilities in June 2026 Patch Tuesday

Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs

Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days

Microsoft ships largest Patch Tuesday on record, with one bug under active attack

Microsoft’s Record-Breaking Patch Tuesday Fixes Over 200 Security Flaws

New Browser-in-the-Browser phishing uses fake login popups to steal Microsoft 365 credentials

New ClickFix Campaign Delivers MLTBackdoor Malware in Multi-Stage Attacks

New Fable 5 Is a "Mythos-Class" LLM Available to All, Anthropic Announces

New SilabRAT Trojan Hijacks Sessions to Steal Crypto

North Koreans behind nearly half of US tech industry hacks, says CrowdStrike

OANDA Japan Targets Phishing With Passkeys Following Planned Web-Based MetaTrader Exit

OpenClaw AI Agent Leaks Credentials in Phishing Simulation

OpenClaw AI Agent Leaks Sensitive Credentials in New Phishing Attack Simulation

OpenClaw AI agent tricked into phishing attacks, with user data compromised

Oracle PeopleSoft servers hacked in ShinyHunters data theft attacks

Over a Quarter of Identity Crime Victims Hit by Multiple Incidents

Path traversal flaw in AI dev platform Langflow exploited in attacks

Petrovits, Patrick, Smith & Company Data Breach Exposes Sensitive Personal and Financial Info

Phishing costs rise to USD $51,948 per security analyst yearly

Ransomware group The Gentlemen linked to Russian national

Record Microsoft Patch Tuesday, fresh zero-day

Researchers Expose OpenClaw AI Agent Credential Leak During Phishing Simulation

Scammers use short videos on social media to spread Vidar infostealer

Scammers Use TikTok and Instagram Reels to Spread Vidar Infostealer

Scams now operate like real businesses with budgets and targets

Security breach hits French government chat app Tchap, investigators check for possible data leaks

ServiceNow Data Breach: Gated Advisory Left Customers Unaware of Exploited Zero-Auth API

ServiceNow data breach: security issue gives attacker access

ServiceNow Discloses Security Incident Exposing Customer Data

ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances

ServiceNow tells customers a bug left some of their data exposed to the internet

Shadow AI is Exposing the Same Governance Failures Cybersecurity Teams Have Ignored For Years

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

SoFi Hong Kong discloses data breach tied to third-party vendor

Station Casinos Sued After Hackers Went Undetected for Months in Data Breach

Students' data taken in major University of Nottingham cyber-attack

Survey Shines Spotlight on Risks Created by Identity Blind Spots

Tax Phishing Emails Deliver In-Memory Malware to Windows Systems

Tax-Themed Phishing Emails Deliver In-Memory Malware to Windows Users

The ‘Miasma’ worm source code briefly leaked on GitHub

The security in smartphones is helping send them to landfills

The Vercel incident and the phishing campaigns already hiding in plain sight

Thousands of university students placed at financial risk after vicious cyber attack

UK cracks down on Iran, Russia, North Korea, China cyber operations

UK weakens proposed telecoms defenses against Chinese hackers after industry pushback

University of Nottingham hit by cyber attack

Unpatched Langflow Flaw CVE-2026-5027 Exploited for Unauthenticated RCE

Vengeful researcher repeats Microsoft Patch Tuesday sucker punch, posts new RoguePlanet exploit on GitHub

Who Runs the Ransomware Group ‘The Gentlemen?’

Xsolis data breach exposes patient and health plan member information following phishing attack

Zscaler Research Finds Cybercrime Economics Are Shifting as AI Trades Mass Volume for Lethal Precision

9th June

10 million Discord users named in data breach report nobody can explain

75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs

A giant Instagram phone number database just surfaced. Should you be worried?

AI being used to diversify attacks beyond phishing and email

AI Coding Adoption Hits 97% but Governance Lags Behind

AI Heads to UK Courts, Bringing New Cybersecurity and Governance Challenges

AI strengthens phishing fraudsters by making ‘dodgy’ invoice emails word-perfect

Android Malware MagicAd Delivers Aggressive Ad Flooding Campaign

Anthropic’s Mythos Can Serve Up N-Day Exploits in Minutes or Hours

Anubis group claims a ransomware attack on Singing River Health System

Anubis ransomware gang claims credit as Mississippi hospital reveals attack impacted 54K patients

Australian farming group launches investigation following Qilin cyber attack claims

Belgium: Limburg police test app to help phishing victims faster

Budget Saudi detects limited customer data breach on app

Check Point says VPN attacks caused by Qilin ransomware group - who had a month's head start on them

Check Point VPN 0-Day Exploited to Deploy Ransomware Attacks

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks

Check Point Warning: Actively Exploited VPN Zero-Day Linked to Qilin Ransomware

Check Point Warns Critical Auth Bypass Bug Exploited in the Wild

Check Point warns of ransomware-linked attacks exploiting outdated VPN protocol

Check Point warns of zero-day flaw targeted by ransomware affiliate

Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now

CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day

CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang

Critical Check Point zero-day exploited in the wild, Qilin ransomware already at work

Critical phpBB Flaw Lets Attackers Hijack Any Account with One Request

Cyber Governance: The Pressure Point in Ransomware Incidents

Cybercriminals Abuse AI Brand Trust to Launch Sophisticated Credential Harvesting Scams

Cybercriminals Weaponize Banking Apps to Spread NFCShare Malware

Data from 35 Million OkCupid users leaked online, hackers claim everyone’s exposed

Decade-old login opens door to massive 10 Million student data breach

Discord data breach claim filed with Maine Attorney General raises red flags

Email and text phishing scams have moved to calendar invites

Expired domains let hacker snoop through debt clients’ emails

Fake Grand Theft Auto 6 (GTA 6) Malware Campaigns Spread Globally Ahead of Launch

French government messaging platform breached through account hijacking

French government messaging service breached in account hijacking attack

Ghost-Sender Flaw Enables Sender Spoofing in Exchange Online

GitHub disables Microsoft repos pushing password-stealing malware

Global Cyber Attacks Ease in May 2026, But Ransomware Surges 48% As Threats Reorganize

Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)

Google patches new Chrome zero-day flaw exploited in the wild

Google Releases Patch for Chrome Vulnerability Exploited in the Wild

Hacker claims breach of Australian travel agency FirstClass, 53k customers potentially impacted

Hackers hijack Microsoft packages to steal developer logins

Hackers pose as women seeking romance to spy on Russian soldiers

Hackers steal $1.7 Million worth of condoms after hijacking Walmart shipment - here’s how they did it

Hacktivist Groups 4BID, Hakerskii Kit, and C.A.S. Broaden Attack Geography

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

Handala Claims Israeli Radar Hack, But Evidence Shows Phone Admin Panel

Healthcare data fuels underground cybercrime economy

Hidden camera found in ceiling of government building renews UK’s spying fears

How Enterprises are Adapting Governance, Risk and Compliance (GRC) For a More Complex Risk Environment

How to protect your business from cyber attacks

Indonesian Media Outlet Tempo Targeted by 24.9 Million DDoS Requests

Japan: Improper hard drive disposal triggers major data breach at Hokkaido hospitals

Japan: Massive data breach feared at Kyushu Power as SSD missing

Kuwait and Oman Sign Cybersecurity Pact to Counter Rising Digital Threats

Lansing Community College data breach impacts more than 170K people

Law firm Fox Rothschild hit with class action over data breach

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

LiteLLM RCE Vulnerability Exploited in the Wild to Run Commands

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

Maine Government Portal Lists 10 Million Discord Data Breach Notice, But Filing Shows Red Flags

Malware ships with bugs that defenders could use against it

Manzil Data Breach Exposes Social Security Numbers

Marin County, California, warns of phishing scam targeting building permit applicants

Meta accuses Israeli spyware firm of again targeting WhatsApp users

Meta AI data breach impacts over 20,000 Instagram users

Meta blasts facial recognition claims, then deletes the code from its app

Meta Instagram Recovery Flaw Exposed More Than 20,000 Accounts

Meta Moves to Hold NSO Group in Contempt Over New WhatsApp Phishing Campaign

Meta to Use Off-Site Business Data for Feed and AI Personalization

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges

Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft shuts down its open source projects hosted on GitHub as it investigates a data breach

MP staffer’s account sent almost 2,000 phishing emails after suspected hack

New Browser-in-the-Browser Phishing Attack Targets Microsoft 365 Login Credentials

New Browser-in-the-Browser (BitB) Phishing Attack Targets Microsoft 365 Logins

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

New Linux Kernel Vulnerability Enables Root Privilege Escalation

New PyPI Wave in Mini Shai-Hulud, Miasma, and Hades Campaign: 23 New Malicious PyPI Artifacts

New Veeam vulnerability exposes backup servers to RCE attacks

New WhatsApp Phishing Attempts Rekindle High-Profile Spyware Fight

NHS Trust reveals thousands of records were stolen during cyber attack

North Korea-Linked Hackers Infect Developers via GitHub

North Korean hackers are at it again - phishing scheme targets hundreds of workers to try and steal crypto and more

OEConnection Data Breach: Social Security Numbers Compromised

OpenClaw AI agent found falling for phishing attacks, spills user data

Operational Technology (OT) Cybersecurity Is Maturing, But Visibility Is Still a Challenge

Oxford University Discloses Data Breach

Oxford University discloses second data breach of 2025 after career services platform compromised

Privacy complaints spike in the Netherlands, driven by data breaches and camera surveillance

Qilin NHS breach tally grows as Essex trust confirms stolen records

Rethink phishing training for the age of AI

SAP fixes critical flaws in NetWeaver and Commerce Cloud

Security Debt Rarely Arrives All at Once but its Consequences Often Do

ServiceNow discloses security incident exposing customer data

Shai-Hulud Attack Compromises 23 PyPI Packages Targeting MCP Developers

ShinyHunters Secret to Success: Breaking the Trust Barrier

Signal, DuckDuckGo, NordVPN threaten to pull services if Canada passes “surveillance” bill

SoFi Hong Kong warns of data breach after third-party vendor compromise

South Africa: Official suspended as labour department probes job seekers’ data breach

Spyware Alert: WhatsApp thwarts NSO Group-sponsored spear phishing attack

Stolen NHS Patient Data linked to Synnovis Data Breach reportedly appears on Dark Web

Suspicious Assistive Agent Behavior Detected Through Microsoft Entra Agent ID Logs

The security questions around Chinese AI coding models in U.S. software

Threat Actors Abuse ChatGPT, Claude, and DeepSeek Brands as Phishing Lures to Steal Credentials

Ultrahuman data breach compromised users' contact info and health data

Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code

Vulnerabilities Can Be Found in Minutes While Safe Remediation Requires More Than Speed

Wales: Conwy Council's website down as pro-Russia group makes cyber attack claim

Wales: Conwy high school investigates data breach

Wales: School investigating data breach after parent received files on pupils

Weedhack Malware Targets Minecraft Players in Credential Theft Campaign

Wells Fargo Phishing Scam Seeks Banking, Email, and Identity Details

WhatsApp Claims NSO Group-Linked Entity Unsuccessfully Carried Out Fresh Phishing Attacks Against Users

WhatsApp Discovers NSO Group-Linked Spearphishing Attempts

WhatsApp Disrupts New NSO Group Spyware Campaign, Files Contempt Order

WhatsApp Disrupts NSO-Linked Pegasus Spyware Campaign

WhatsApp Flags New Spyware-Linked Attacks Targeting Users

Why Jaguar Land Rover’s CISO Enforced In-Person Password Resets Following Cyber-Attack

WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine

8th June

52% of direct-to-IP threats are missing from intelligence feeds

America's Healthcare Data Breach Problem Has Reached Its Worst Level in History - And Chicago's Hospital Systems Are Among the Most Frequent Targets

BGF Networks Reports Personal Data Breach in CU Convenience Store Delivery Service

CenterWell Data Breach Impacts 9,651 Patients

Check Point links VPN zero-day attacks to Qilin ransomware gang

Chicago-Area High School Closed After Ransomware Attack

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

Cisco Warns of Active Exploitation of Catalyst SD-WAN Flaw With No Patch Available

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Critical UniFi OS bug lets hackers gain root without authentication

Cyber Attack Exposes Vulnerabilities as Hackers Target Kenyan Investment Platform

Cyber-attack targets Gaza aid recipients

Cybercriminals create 19,000 FIFA-themed domains ahead of 2026 World Cup

Cybercriminals Exploit 2026 FIFA World Cup With Phishing, Fake Stores, and Ticket Scams

Did Handala Disrupt Israeli Radar Systems?

Evanston Township High School (ETHS) to reopen Wednesday after ransomware attack forces two-day closure

Even your physical offices aren't safe from hackers - experts warn of Silent Ransom Group breaking into businesses to launch ransomware and extortion campaign

Everything in One Place: Best Practices for Keeping Mobile Devices Secure

Fake Stores and Phishing Campaigns Exploit 2026 FIFA World Cup Hype

Federal Trade Commission (FTC) orders Illuminate Education to improve data security after student data breach

Fintech Holdco Data Breach: Social Security Numbers Exposed

Forget Phishing: This Dangerous Hacker Group Is Physically Walking Into Offices to Steal Data - How the Scheme Works

Fraud Operations Rebuild Faster Than Accounts Disappear While Their Behavior Remains Consistent

Gogs patches critical zero-day enabling remote code execution

Google Patches 429 Chrome Vulnerabilities in Major Browser Update

Gulf enterprises face the resilience gap ransomware is exposing

Hackers Clone Ghidra, dnSpy and Other Tool Sites to Spread Malware

Hackers Exploit 2026 FIFA World Cup With Phishing and Ticket Scams

Hackers Exploit Claude Code MCP to Steal OAuth Credentials

Hackers used Meta’s AI support system to hijack over 20,000 Instagram accounts

How Department of Science, Innovation and Technology (DSIT) Protects Thousands of UK Orgs from Cyber Vulnerabilities

Hull school in data breach over new pupils' details

India: Central Board of Secondary Education (CBSE) Re-Evaluation Portal Goes Live After Final Cybersecurity Clearance

India: IIT-Roorkee denies JEE Advanced data breach, calls report 'misleading'

Instagram Glitch Reportedly Exposed Contact Info of Zuckerberg and Other Users

Instagram Recovery Tool Bug Exposed 20,225 Accounts to Password Reset Abuse

Is OpenAI’s New Lockdown Mode an Admission That Default ChatGPT Was Never Safe Enough?

LinkedIn, Indeed and Upwork Leveraged for Chinese Spying Threat

Massachusetts votes to pass new privacy rights bill that bans sale of precise location data

Meta: NSO Tried Targeting WhatsApp Users Despite Court Order

Meta AI Bug Exposes Over 20,000 Instagram Accounts

Meta AI Support Data Breach Affects Over 20,000 Instagram Accounts

Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order

Meta claims NSO Group still targets WhatsApp users despite court order

Meta confirms critical vulnerability in account recovery tool exposed over 20K Instagram users

Meta escalates legal battle with Israeli spyware firm NSO over WhatsApp attacks

Meta Says Israeli Spyware Firm Targeted WhatsApp Users in Spear-Phishing Campaign

Microsoft’s open source tools were hacked to steal passwords of AI developers

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

NFCShare Android malware spreads via fake banking app updates on GitHub

NJ Pain Care Specialists Data Breach Exposes PHI and PII

No backdoor shenanigans: Grindr denies data breach claims

North Korean Hackers Use Fake Coding Tasks to Steal Crypto

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

OpenAI Expands ChatGPT Lockdown Mode to Millions of Eligible Users

OpenAI is locking down parts of ChatGPT to reduce data theft risks

OpenAI Unveils ChatGPT Account Security Controls

Operation FlutterBridge Uses Fake Google Ads to Spread macOS Backdoor

Over 20,000 Instagram accounts stolen in Meta AI support hack

Over 20,000 Instagram Accounts Hijacked via the Meta AI Support Tool Exploit

Oxford University discloses data breach after careers platform hack

Password Reset Bug Leaked Instagram Emails and Phone Numbers

pfSense Firewall Compromised in VerdantBamboo Cyberattack Deploying BRICKSTORM

PhishByte warns spear phishing drives payment fraud losses

Prompt Injection Remains Unsolved, OWASP Researcher Warns

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Qilin ransomware claims hack of major New York/New Jersey Shipping Association

Ransomware Attack Knocks Evanston Township High School (ETHS) Offline, Scraps Summer School In Evanston

Research says Phishing overtakes Dark Web as primary source of stolen Personal Information

Russia upgrades rules for its digital spy system to better track citizens online

Second theft: How scammers use a lost iPhone to steal your identity

Securing the AI-Driven Public Sector: Why Data Governance and Trust Must Come First

ShinyHunters dump 400K BCD Travel customers data online

Silent Ransom Group Uses Fast Flux Botnet to Hide Law Firm Leak Sites

Sitefinity Vulnerabilities Allow Hackers to Steal Plaintext Credentials

Smart TV Apps Found Converting Samsung and LG Devices Into AI Proxy Nodes

SoFi confirms third-party data breach at Hong Kong subsidiary

South Africa: Cyber Attack Disrupts AVBOB Funeral Services’ Digital Platforms

South Africa: Cyber attack hits funeral services provider AVBOB as systems go offline

South Korea: Police Launch Probe Into CU Convenience Store Parcel Data Breach

South Korea police probe CU parcel data breach, pursue hacker

Strategic Education data breach exposes social security numbers of more than 176,000 people

Summer classes canceled at Evanston Township High School after ransomware attack

Sun Life subsidiary faces lawsuits after mass data breach

Texas Capital Bank data breach puts 91,000 customers' social security numbers at fraud risk

The hacking mastermind behind the 2026 FIFA World Cup

The Hidden Security Risks Behind Popular AI Tools

The New Face of Cybercrime: When the Criminal Isn’t the Hacker

Thousands of Essex NHS patient records taken in cyber attack

Thousands of NHS patient test results stolen in cyber attack

Trinidad and Tobago: New Ministry of Finance (MoF) based phishing scheme in play

Two-Thirds of Open Source Community Unaware of Cyber Resilience Act

UNC3753 Targeted US Law Firms in Vishing Extortion Campaign, Possibly Used Physical Access

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

University of Oxford discloses data breach via third-party career platform

Upper Township, New Jersey, Data Breach Exposed Personal Info

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

WhatsApp Says It Blocked Pegasus Spyware Campaign Linked to NSO

WhatsApp says it disrupted new NSO spyware phishing attacks

WhatsApp says NSO targeted users with spearfishing attacks in violation of court order

Whistleblower Accuses IBM, AT&T of Covering Up Breaches

Xsolis Data Breach Exposes Social Security Numbers and Medical Information

Posted by at
Labels:
Subscribe to: Posts (Atom)