Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 6th July and 12th July 2026.6th July
70,000 people affected in Singapore Land Authority (SLA) data breach
A new AI agent can hack systems and deploy ransomware without human intervention
AI Agent Pulls Off Full Ransomware Attack Without Human Help, Researchers Say
AI Can Forge Documents in Minutes - “Looks Right” Is No Longer Enough
Australia: Data Breach Alerts Hit Record High in 2025
Bad Epoll Zero-Day Linux Kernel Flaw Lets Unprivileged Users Escalate to Root
ClickFix spear-phishing technique tops Q2 malware charts
Cybersecurity Experts Warn: Your Biggest Risk May Be a Vendor, Not a Hacker
FIFA World Cup Phishing Scam Uses Fake Reward Pages to Steal Credit Card Data
Finding focus: Strategic approach to cyber security for small and medium companies
First Autonomous AI Ransomware Attack Confirmed by Security Researchers
First AI-run ransomware attack highlights emerging cyber threat landscape
Gaslight Malware Abuses Prompt Injection to Trick Automated AI Cybersecurity Agents
Hackers Use Fake World Cup Reward Pages to Capture Names, Addresses, PAN, CVV, and Expiry Data
Hong Kong: Two investors lost over $550k in fake Futu Securities phishing attack
How to prioritize AI agent security by business impact
INC Ransom Adds City of Acworth, Georgia, and City of Oak Park, Michigan, to Dark Web Leak Site
Indirect Prompt Injection Attacks Hide Malicious Instructions in Websites to Target AI Agents
Institute of Chartered Accountants of India (ICAI) Dismisses Chartered Accountant (CA) Exam Data Breach Claims, Calls Viral Notice 'False and Malicious'
Institute of Chartered Accountants of India (ICAI) dismisses claims of data breach, says members' and students' records remain secure
Institute of Chartered Accountants of India (ICAI) dismisses viral 'data breach' notice as fake, says records of students and members remain secure
INTERPOL Report Warns of Sharp Rise in AI-Powered Cybercrime Across Asia-Pacific
Meet JadePuffer: The AI Ransomware That Can Hack Systems Without Human Help
Microsoft device telemetry key to unmasking alleged Scattered Spider hacker
ModSecurity Flaws Let Attackers Bypass WAF Rules and Request-Body Inspection
National Crime Agency (NCA) Issues Warning to Parents As Shared Child Photos Exploited by AI Tools
New AI agent can hack systems and deploy ransomware without human help
New ClamAV security patch closes seven scanner bugs dating back two decades
New Java-Based QuimaRAT Malware-as-a-Service (MaaS) Built to Run on Windows, Linux, and macOS
New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions
'No hacker needed': New AI ransomware can automate database attacks from start to finish, warns cybersecurity firm
OAuth, guest accounts, and weak MFA drive SaaS risk
Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages
Opera GX Universal CSS Injection Flaw Enabled Zero-Click XSLeak Attacks
Ousaban Banking Trojan Uses Daily-Changing DDNS Domains to Hide C2 Infrastructure
Personal details of about 70,000 people exposed in Singapore Land Authority (SLA) cloud security incident, investigations ongoing
Renting The Exploits: How Fraud-As-A-Service Platforms Turned Digital Crime Into A Subscription Business
Researchers Claim First Fully Agentic Ransomware: JadePuffer
Russian hackers expose UK government logins in FortiBleed credential breach
Securing the inbox: Where identity, brand and security meet
Seven FatFs Vulnerabilities Exposing Embedded Devices to Code Execution
SilverFox ValleyRAT Campaign Uses Eight-Stage Chain to Deploy Kernel Rootkit
SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
Suspected China-Nexus Hackers Use Fake Indian Tax Filing Utility to Deploy DcRAT
The first known ‘agentic ransomware’ has arrived
The future of payment fraud could be automated
The Gentlemen Ransomware-as-a-Service (RaaS) Turns Infected Hosts Into SMB Distribution Points for Rapid Spread
The operational challenge: What the Mackay Sugar cyber attack reveals about Australia’s cyber readiness
UK Government Credentials Reportedly Stolen in FortiBleed Campaign Targeting Fortinet Devices
When checking the URL isn’t enough: a Device Code Phishing attack via a Microsoft website
Women's Wellness of Southern Delaware discloses data breach tied to former provider
World's First AI Agent Ransomware Attack Comes to Light: Automated Crime Chain Without Human Intervention
Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and 
Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 22nd June and 28th June 2026, kindly assisted by our partners.