Ransomware Operator Claims - Week 46 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 10th November and 16th November 2025, kindly assisted by our partners.

DBD discovered and researched 201 Ransomware Victims over 48 Countries and Islands claimed by 34 Data-Leaking Ransomware Operators including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 47 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 17th November and 23rd November 2025.

20th November

AI-powered malware email attacks soar by 131% amid new threats

US, Australia, and UK Sanction Russian Cybercrime Infrastructure Supporting Ransomware

19th November

3.5 Billion Numbers Exposed? Massive WhatsApp Leak?

$6.5 Million Settlement Resolves Omni Family Health Class Action Data Breach Lawsuit

7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001)

50,000 CCTVs Hacked in India: Intimate Hospital Footage Sold Online

AI Is Supercharging Phishing: Here’s How to Fight Back

AI-powered fraud is exploding: it peaks in a very specific two-hour window

Airlines Reporting Corporation (ARC) Data Sale Scandal: Airlines’ Travel Records Used for Warrantless Surveillance

American Israel Public Affairs Committee (AIPAC) data breach exposed personal information of 810 individuals after months of unauthorized access

An ingenious Apple Service hoax is convincing users their account is under attack

Attackers are using “Sneaky 2FA” to create fake sign-in windows that look real

Ayuntamiento de Béjar Internal Documents Leaked Following Breach

Beyond The Password Security Checkbox: Why Compliance Isn't Enough

BitB integrated into updated Sneaky 2FA Phishing-as-a-Service (PhaaS) kit

BRSK Data Breach: 230,105 Records of Telecom UK Customers for Sale

Business Overconfidence Increases Ransomware Risk In Australia

California man admits to laundering crypto stolen in $230M heist

Canada: Report released on school cyber attack

Canadian privacy regulators say schools share blame for PowerSchool hack

CarePro to Pay $1.3 Million to Settle Class Action Data Breach Lawsuit

China-aligned threat actor is conducting widespread cyberespionage campaigns

China-Linked Operation “WrtHug” Hijacks Thousands of ASUS Routers

CISA gives government agencies 7 days to patch new Fortinet flaw

Cline Bot AI Agent Vulnerable to Data Theft and Code Execution

Cybercriminals Leveraging Tuoni C2 Framework for Stealthy In-Memory Payload Delivery

Data breach exposes info of over a million people at French agency

Destructive Akira Ransomware Attack with a Single Click on CAPTCHA in Malicious Website

Digital Transformation Risks: Critical Governance Gaps in Cloud Migration Impact 40% of Organizations in 2025

DoorDash Confirms Cybersecurity Incident After Social Engineering Attack

DoorDash Confirms Data Breach Affecting Customers, Couriers, and Merchants

DoorDash Confirms Data Breach, Stolen Information Includes Names, Addresses

DoorDash data breach: User info stolen, how to protect yourself

EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates

Eternidade Stealer Trojan Fuels Aggressive Brazil Cybercrime

Eurofiber confirms November 13th hack, data theft, and extortion attempt

Eurofiber Data Breach - Hackers Exploited Vulnerability to Exfiltrate Users’ Data

Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild

Google Issues Emergency Update for 2 Billion Chrome Users

Hacker Selling Alleged Samsung Medison Data Stolen In 3rd Party Breach

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Hackers claim SAS Institute, but researchers are not so sure

Half of Ransomware Access Due to Hijacked VPN Credentials

Haravan Data Breach: Records for 5.3 Million Vietnamese eCommerce Customers Exposed

How Google Protects Its Servers from Cyber Attacks: A Deep Dive into DDoS Defense Mechanisms

How Kraken ransomware benchmarks your system first, then encrypts everything without warning, and steals data in the background silently

HR’s Role in Preventing Insider Threats: 4 Best Practices

Innovative Physical Therapy Data Breach: SSNs & Names Exposed

Kaufman County Data Breach Update: Sensitive County Employee Information Compromised

‘Largest Data Leak in History’: WhatsApp Flaw Exposed Billions of Users

Law firm Pillsbury faces class action over April data breach

Logitech confirms 1.8 terabytes of data breach by hackers, says no sensitive info exposed; Is Clop extortion gang behind the attack?

Major Blow To Cybercrime: US, UK, Australia Sanction Russian Ransomware Hosts

Major names exposed in data breach at Ivy League school

Major Russian insurer facing widespread outages after cyberattack

Malware Attacks See 131% Spike In 2025

Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters

New Hampshire: State alerts SNAP recipients to phishing scam involving false threats to restrict monthly benefits

New Phishing Kit Using BitB Technique Targets Microsoft Accounts to Steal Credentials via Sneaky 2FA Attack

New Phishing Kit Using BitB Technique Targets Users to Steal Microsoft Account Credentials via Sneaky 2FA Attacks

New sanctions target Russian web hosting service over suspected ransomware operations

New Sneaky 2FA Phishing Kit with BitB Technique Attacking Users to Steal Microsoft Account Credentials

New WrtHug campaign hijacks thousands of end-of-life ASUS routers

Nova Stealer Malware Strikes macOS Users by Hijacking Legitimate Apps to Steal Cryptocurrency Wallets

Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

Ontario, Alberta school boards caught unprepared in mass student data breach

Pajemploi data breach exposes personal information of 1.2 million childcare workers

Personic Data Breach Impacts 10,929 Nationwide: Health Information Exposed

Petrobras allegedly compromised by Everest ransomware

‘PlushDaemon’ hackers hijack software updates in supply-chain attacks

PlushDaemon Hackers Unleash New Malware in China-Aligned Spy Campaigns

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

Ransomware attack hits LG battery subsidiary

Ransomware hits LG Energy Solution’s overseas facility

Researchers pull 100 Million WhatsApp phone numbers in an hour

Russia web hosting provider slapped with western sanctions for ransomware operations

Russian bulletproof hosting provider sanctioned over ransomware ties

Score Sports Data Breach Affects 8,430 Individuals

SEKISUI Aerospace Data Breach: 53GB of Sensitive ITAR-Controlled Technical Data for Sale

ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts

Single Click on CAPTCHA Triggers Destructive Akira Ransomware Attack on Malicious Website

Single Click on CAPTCHA Triggers Devastating Akira Ransomware Attack on Malicious Website

Sneaky2FA Phishing Kit Adopts Browser-in-the-Browser Tactics to Steal Credentials via Fake Microsoft Login Pages

South Africa: Company that owns Incredible Connection and HiFi Corp notifies customers about data breach

South Korea: Police Raid Korea Telecom (KT) Offices in Data Breach Investigation

Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034)

Stop Phishing Scams: How to Spot Fake Crypto Websites Fast

The Gentlemen Ransomware Group Deploys Dual-Extortion Tactics, Encrypting and Exfiltrating Data

‘The Gentlemen’ Ransomware Group with Dual-Extortion Strategy Encrypts and Exfiltrates Data

The long conversations that reveal how scammers work

Threat group reroutes software updates through hacked network gear

Three Nations Target Russian 'Bulletproof' Ransomware Host

Tricks that were once enough to protect your crypto can now be trashed

Trust, Habits And Other Drivers Of Modern Phishing

UK Ministry of Defence (MoD) warns staff not to discuss secrets in cars from China

Update Chrome ASAP - attackers are already exploiting this nasty zero-day flaw

US, allies sanction Russian bulletproof hosting services for ransomware support

US, Australia and Britain impose sanctions on Russian cyber firms over ransomware links

US, UK and Australia sanction Russia cyber firms over ransomware links

US, UK, and Australia sanction Russian ‘bulletproof’ web host used in ransomware attacks

US, UK, Australia announce sanctions against Russia-based Media Land over ransomware operations

W3 Total Cache WordPress plugin vulnerable to PHP command injection

WhatsApp Data Breach: 3.5 Billion Numbers and Photos Leaked

Why your compliance training won’t stop the next cyber-attack

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide

18th November

4 U.S. Citizens, Ukrainian Plead Guilty in North Korea IT Worker Scheme

5 Things CISOs, CTOs & CFOs Must Learn From Anthropic’s Autonomous AI Cyberattack Findings

81% of Kenyans targeted by scams, with voice phishing being most common threat

2025 sees a 47 per cent spike in ransomware attacks

A miracle: A company says sorry after a cyber attack - and donates the ransom to cybersecurity research

Agentic AI puts defenders on a tighter timeline to adapt

AI supercharging phishing, vishing and deepfake fraud tactics

AI-Enhanced Tuoni Framework Targets Major US Real Estate Firm

AI's scary new trick: Conducting cyberattacks instead of just helping out

Airline data broker to stop selling individuals’ travel records to government agencies

Alberta and Ontario privacy commissioners release findings of PowerSchool data breach

American Israel Public Affairs Committee (AIPAC) discloses data breach, customer information stolen

Anatomy of an Akira Ransomware Attack: When a Fake CAPTCHA Led to 42 Days of Compromise

Australian Businesses Must Fight Ransomware Criminals

Australian Institute of Criminology (AIC) research examines ransomware affecting individuals and small businesses

Australian Institute of Criminology (AIC) Study Probes Ransomware Impact on Individuals, SMEs

Azure Network Hit by Record-Breaking 15 Tbps DDoS Attack From 500,000+ Devices

Beware! Samsung Members App Becomes The House of a New Phishing Scam

British Hacker Must Repay $5.4M After Twitter Crypto Scam

British Hacker Ordered To Repay Millions In Bitcoin

British Hacker Ordered To Surrender £4.1 Million Bitcoin

Cabify investigates after claims of massive driver data breach

Canada: Privacy commissioner sounds alarm after Alberta student data breach findings released

Canada: ‘Privacy does not happen on its own’ - Report makes recommendations after mass student data breach

Canada: School boards caught unprepared in mass student data breach

Canada: School boards must make privacy changes after PowerSchool breach

CISA 2015 Receives Extension, Offering Brief Relief for Cyber Information Sharing

Cyber attack on Oracle Platform Results in Massive Washington Post Data Leak

Cyber-attack on Kenya’s government sites

Cyberattack Volume Increases Fueled by 48% Year-over-Year Increase in Ransomware Attacks

Dark Web Profile: Sarcoma Ransomware

Data Breach At Princeton University May Have Exposed Student, Staff Information

Data breach compromises Princeton University

Data Stolen in Eurofiber France Hack

Discovery Practice Management Settle Lawsuit Over 2020 Data Breach

DoorDash Confirms Data Breach - Hackers Accessed Users Personal Data

DoorDash confirms data breach affecting customers, drivers and businesses

DoorDash Confirms Data Breach After Hackers Access Users’ Personal Data

DoorDash Confirms Data Breach After Social Engineering Attack, User Details Exposed

DoorDash Confirms Data Breach Compromised User Data

DoorDash Confirms Data Breach Exposing Customer Personal Information

DoorDash data breach exposes personal info after social engineering attack

DoorDash Discloses October Data Breach From Social Engineering Scam, Starts Notifying Users

DoorDash Faces Data Breach Following Social Engineering Scam

DoorDash says personal information of customers, dashers stolen in data breach

Drivestream Data Breach: SSNs & Financial Information Exposed

Dutch police seize hundreds of servers in takedown of criminal hosting network

Eurofiber Data Breach - Hackers Exploited Vulnerability to Exfiltrate Users’ Data

Eurofiber France confirms the major data breach

Eurofiber France discloses data breach

Everest Ransomware Claims Breach of Sportswear Giant Under Armour, Stealing Over 340 GB of Customer and Company Data

Everest ransomware gang claims breach of Under Armour

Everest Ransomware Group Allegedly Exposes 343 GB of Sensitive Data in Major Under Armour Breach

Everest Ransomware Group Allegedly Exposes 343 GB of Sensitive Data in Under Armour Breach

First-Ever AI Cyber Attack: Chinese hackers’ operation targets Governments of multiple Countries

Fortinet Silent Patch Raises Concern Among Security Researchers

Fortinet warns of new FortiWeb zero-day exploited in attacks

French agency Pajemploi reports data breach affecting 1.2M people

Full renewal of state and local cyber grants program passes in House

GenAI and Deepfakes Drive Digital Forgeries and Biometric Fraud

GeoHealthResearch Database Leaked by Threat Actor on Dark Web Forum

Google fixes new Chrome zero-day flaw exploited in attacks

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Google patches yet another exploited Chrome zero-day (CVE-2025-13223)

Greater Toronto Area (GTA) school boards did not have ‘reasonable measures’ to stave off student data breach

Habib Bank AG Zurich Compromised by Qilin Ransomware Group

Hacker behind Obama X breach ordered to return $5.4m in bitcoin

Hackers claim oil giant Petrobras, alleging oil-rich maps theft

Hackers claim to have hit Under Armour in massive data breach - here's what we know, and how you can stay safe

Half a Million Stolen FTSE 100 Credentials Found on Criminal Sites

Hamilton Construction Data Breach: SSNs & Names Exposed

Healthcare Ransomware Attacks Shift to Data Theft

How attackers use patience to push past AI guardrails

Investigation shows major crypto exchanges struggle to stop illicit flows

Iranian Hackers Use DEEPROOT and TWOSTROKE Malware in Aerospace and Defense Attacks

Jaguar Land Rover (JLR) cyber-attack results in Tata loss

Jaguar Land Rover (JLR) revenue drops 25% amid £196m cyber attack costs

Jaguar Land Rover suffers heavy losses due to cyber incident

Japan Financial Investment Association (JFIEA) Data Breach

June Cyber Attack Breaches Dealmed Medical Systems, Personal Info Exposed

Kraken’s Stealth Benchmark: Ransomware Evolves to Test and Terrorize Systems

Lessons from the Information Commissioner's Office’s Capita enforcement action - what can we learn?

LG battery subsidiary says ransomware attack targeted overseas facility

LG Energy Solution Data Breach May Have Exposed 1.7TB of Employee Records and SQL Data

Logitech admits data breach after zero-day exploit linked to Clop gang

Logitech Confirms Data Breach After CL0P Ransomware Claim, Impacting Employees, Consumers, Suppliers

Logitech confirms data breach following Cl0p’s Oracle hack claims

Logitech Hit by Data Security Breach Linked to Oracle E-Business Vulnerability

Logitech IT system hit by zero-day cyberattack

Lovable apps may be dangerous by design, research finds

Lynx Ransomware Deployed via Compromised RDP Logins with Backup Deletion

Major Cyber Attack on Anthropic: Chinese Hackers Target AI Platform

Marquis Software Solutions Data Breach: SSNs & Names Exposed

Massive Cyberattack Hits Kenyan Ministries, Sites Replaced With Racist Messages

Master how to report a breach for fast and effective cyber incident response

Medusa Ransomware Attacks Nationwide Legal, MFE Formwork, and Others

Microsoft Azure Blocks 15.72 Tbps Aisuru Botnet DDoS Attack

Microsoft Azure Fends Off ‘Largest DDoS Attack Ever Observed in the Cloud’

Microsoft Entra guest invites harnessed in new phishing campaign

Microsoft Mitigates Record 5.72 Tbps DDoS Attack Driven by AISURU Botnet

Miller Financial Group Data Breach: SSNs & Financial Details Exposed

NetApp sues former Chief Technology Officer (CTO) for alleged data breach

New npm Malware Campaign Redirects Victims to Crypto Sites

New ShadowRay attacks convert Ray clusters into crypto miners

New Telephone-Oriented Attack Delivery (TOAD) phishing campaign targets Microsoft Entra guest invitees with fake invoices

Oscars Group Hit by Medusa Ransomware, Hackers Threaten Data Release

Pennsylvania Attorney General Confirms Data Breach After Ransomware Attack

Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack

Phishing Season 2025: How AI is Supercharging Cyber Crime

Princeton Database Breached in Targeted Phishing Incident

Princeton University Data Breach: Donor Information Exposed in Compromised Database

Princeton University Data Breach - Database with Donor Info Compromised

Princeton University data breach hits students, alumni - here's what we know

Princeton University Data Breach Impacts Alumni, Students, Employees

Princeton University Hit by Data Breach Affecting Donor Records

Pro-Russian group claims hits on Danish party websites as voters head to polls

Qilin alleges extensive Spark Power hack

QuaLex Manufacturing Hit by Qilin Ransomware Attack

Ransomware Gangs Splinter Over Q3’25 as Ransomware-as-a-Service (RaaS) Model Fades

Ransomware in critical industries: What new data reveals about sector weaknesses and the escalating human toll

Ransomware payment ban proposals spark concern from law firms

Ransomware resilience may be improving in the health sector

Ransomware-related breach confirmed by Pennsylvania Attorney General’s Office

Researchers Detail Tuoni C2's Role in an Attempted 2025 Real-Estate Cyber Intrusion

Resilience At Risk: Talent and Governance in the Age of AI

Russian suspect detained in Thailand is allegedly tied to Void Blizzard group

Rhysida Ransomware Group Breaches Smoll & Banning CPAs in Kansas

Samsung users face massive phishing attack, lurking inside Samsung Members

SAS Institute Data Breach Exposes Source Code and Tools

Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages

Sinobi: The bougie-exclusive ransomware group that wants to be a ninja

Skira Ransomware Strikes Innovex Holdings in Thailand: 30TB of Data Breached

Sneaky 2FA Phishing Kit Adds BitB Pop-ups Designed to Mimic the Browser Address Bar

Somalia government probes digital visa platform data breach

Somalia investigates major e-visa data breach affecting 35,000 applicants

Somalia’s Immigration Agency Implements Security Measures After Data Breach

St. Anthony Hospital in Chicago Notifies Patients About February Data Breach

'Sucker lists': Why you should never pay a ransomware scammer

The Data (Use and Access) Act and How it Affects the UK GDPR and Data Protection Act (DPA) 2018, and Privacy and Electronic Communications Regulations (PECR)

The “deepfake paradox” could undermine the justice system

The New Face of Social Engineering

The privacy panic around machine learning is overblown

The Top Inevitable Cyber Threats Organizations Must Learn to Contain

Thomas Davies, DPM Data Breach Affects 14,581 Patients

Threat Actors Leveraging Compromised RDP Logins to Deploy Lynx Ransomware After Deleting Server Backups

Threat Actors Use Compromised RDP to Deploy Lynx Ransomware After Deleting Backups

UK Hacker Ordered to Return 45 crore rupees Bitcoin After Breaching Barack Obama’s X Account

UK Twitter hacker ordered to repay $8.3 million in Bitcoin

Under Armor data breach by Everest Ransomware Group

W3 Total Cache Vulnerability Puts Over One Million WordPress Sites at Risk

What security pros should know about insurance coverage for AI chatbot wiretapping claims

Which AI models are the hacker’s best friend?

17th November

5 Reasons Why Attackers Are Phishing Over LinkedIn

70 Million+ Installs at Risk as Logic Flaw Exposes Internal Networks

430,000 Cabify drivers’ records stolen, hackers claim

Acting on FBI Tip, Thailand Detains Suspected Russian Hacker

Akira ransomware expands to Nutanix AHV, raising stakes for enterprise security

Akira ransomware poses imminent threat to critical infrastructure, CISA says

Alleged Void Blizzard hacker arrested in Thailand

American Israel Public Affairs Committee (AIPAC) Data Breach Exposed Personal Identifiers, Payment Card Data and Banking Information

American Israel Public Affairs Committee (AIPAC) Discloses Data Breach, Says Hundreds Affected

Bangkok Eagle Wings Co.,Ltd. Targeted in Ransomware Data Breach

Blossom Cloud Data Breach Exposes Source Code

British Hacker Behind 2020 Obama Twitter Breach Loses $5.4M Bitcoin Fortune

British hacker must repay £4m after hijacking celebrity Twitter accounts

British Hacker Ordered to Surrender £4.1m in Bitcoin Linked to 2020 Twitter Breach

British hacker who hit Obama and Musk’s Twitter accounts told to repay $5.4M in Bitcoin

British hacker who targeted celebrities' social accounts ordered to repay over £4m in Bitcoin

British hacker who targeted Kim Kardashian and Kanye West in Bitcoin scam ordered to hand over £4million

Cabify Data Breach: 430K Driver Records Allegedly For Sale

Cargus Data Breach Exposes Over 550k Records

Chinese Cybersecurity Firm Data Breach Exposes State-Sponsored Hackers Cyber Weapons and Target List

CISA gives federal agencies one week to patch exploited Fortinet bug

Community 1st Data Breach: Sensitive Information Exposed

Critical Lynx+ Gateway Vulnerability Exposes Data in Cleartext, CISA Warns

CrowdStrike Reports North America and Europe as Leading Targets for Ransomware Attacks

Cyber Readiness Stalls Despite Confidence in Incident Response

Cyber-Attack Costs Carmaker Jaguar Land Rover (JLR) $258m in Q2

Cyberattack Drains £196m From Jaguar Land Rover’s Quarterly Results

Cyberattack hit Pennsylvania Attorney General’s office, personal data potentially accessed

Cyberattack leaves Jaguar Land Rover short of £680 million

Cybercriminals Use Microsoft Entra Invitations to Deliver Telephone-Oriented Attack Delivery (TOAD) Attacks

Cyble Uncovers Sophisticated Multi-Brand Phishing Campaign Targeting European Enterprises

DoorDash Confirms Data Breach Exposing Customer Information

DoorDash confirms data breach impacting users’ phone numbers and physical addresses

DoorDash email spoofing vulnerability sparks messy disclosure dispute

DoorDash faces data breach due to social engineering

DoorDash Hit by Cybersecurity Breach, Millions of Users Potentially Exposed

DoorDash notifies users of data breach

DoorDash Says Personal Information Stolen in Data Breach

DoorDash Says Social Engineering Scam Led to Data Breach

DoorDash was just hit with its third data breach - what to do next

DoorDash's new data breach leaked emails and physical addresses

Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT

Dutch police seizes 250 servers used by “bulletproof hosting” service

EchoGram Flaw Bypasses Guardrails in Major LLMs

EHR Vendor Identifies Business Associate Data Breach

Eurofiber France Confirms Data Exfiltration After System Breach

Eurofiber France reportedly hit by data breach

Eurofiber France warns of breach after hacker tries to sell customer data

Eurofiber reports data breach in France, major customers affected

Everest Ransomware Says It Stole Data of Millions of Under Armour Users

Fake Streams and Phishing Scams Hit XRP Investors, Ripple Warns

Five men admit helping North Korean IT workers infiltrate US companies

Florida District 1 Medical Examiner Suffers Major Data Breach

Goyal Books Data Breach Exposes 236k User Records

Hacker Behind Musk & Obama Bitcoin Scam Faces Staggering $5M Bill as Stolen Crypto Soars

Hacker group brings down The Copenhagen Post website ahead of local elections

Hacker who hijacked Elon Musk and Barack Obama’s X accounts ordered to pay £4,000,000

How Prepared Are You For The Inevitable Data Breach?

IBM AIX Hit by Three Critical Vulnerabilities, One a Perfect 10. Patch Now!

India Rolls Out New Privacy Rules Giving Users More Control Over Their Data

Indian student sentenced to 97 months in prison for multi-million dollar fraud scheme in Texas; phishing attack targeting elderly

Information Communication Board of the Sarawak Chinese Annual Conference (ICBSCAC) Data Breach Hits Malaysian Methodist Church Website

Jaguar Land Rover (JLR) cyber-attack drags Tata Motors into the red

Jaguar Land Rover (JLR) Reports £485m Loss After Cyber-attack Halts Production

Jaguar Land Rover (JLR) reveals extent of damage caused by cyber attack on bottom line

Jaguar Land Rover (JLR) revenues down 24% as it continues to count cost of cyber attack

Jaguar Land Rover Warns Customer Data May Have Been Stolen

Jaguar Land Rover’s Cyber Siege: Tata’s Data Breach Ripples Through US Supply Chains

Jailed British hacker who hijacked X accounts including Apple, Bill Gates, and Barack Obama - then used them for a 'double your money' Bitcoin scam - has to hand back $5.4 million in ill-gotten crypto gains

Joseph James O'Connor ordered to pay back over £4m in Bitcoin after hacking celebrity X accounts

Kenya: Hackers target several government websites, temporarily take over presidency portal

Kenya: What we know about the cyberattack that defaced multiple government websites

Kenyan government websites back online after hackers deface pages with white supremacist messages

Kraken Uses Benchmarking to Enhance Ransomware Attacks

Lawyers’ Mutual Data Breach: Names & SSNs Exposed

LinkedIn Messages Are a Popular Protocol for Phishing Attacks

Liverpool hacker who targeted Obama, Musk and Kim Kardashian ordered to pay back £4m of Bitcoin

Logitech confirms data breach

Logitech confirms data breach - but says it isn't sure exactly what information was lost

Logitech Confirms Data Breach Following CL0P Victim Claims

Logitech Confirms Data Breach Following Designation as Oracle Hack Victim

Logitech Confirms Data Breach From Zero-Day Exploit Attack

Logitech confirms large customer data breach. What that means for you

Logitech Data Breach - What We Know As 0-Day Hack Attack Confirmed

Logitech discloses cyberattack, after Cl0p claims 1.8TB data theft tied to Oracle flaw

Lotus Powergear Data Breach by NightSpire Ransomware

Malaysian Search and Rescue Operation Coordination System (SAROCS) Data Breach: Coordination System for Sale

Malicious NPM packages abuse Adspect redirects to evade security

Merck Data Breach: Financial Account Information Exposed

Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses

Microsoft Entra Invitations Hijacked in Surge of Telephone-Oriented Attack Delivery (TOAD) Phishing Attacks

Nebraska Attorney General’s Lawsuit Against Change Healthcare Survives Motion to Dismiss

New APT42 cyberespionage campaign sets sights on defense, government officials

New ClickFix attacks reuse ancient ‘finger’ command

New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT

North Korean Hackers Infiltrate 136 U.S. Companies, Generate $2.2 Million

Payroll data for nearly 10,000 Washington Post employees stolen in cyber attack

Pennsylvania Attorney General confirms data breach after INC Ransom attack

Pennsylvania attorney general says SSNs stolen during August ransomware attack

Princeton University discloses data breach affecting donors, alumni

Princeton University reported brief data breach affecting advancement database

Princeton University says database containing donor, alumni info breached

Privia Medical Group Reports Data Breach Affecting 2,024 Texans

Propeller Industries Data Breach Affects SSNs & More

Prosecutors Seize 42 BTC From British Hacker Behind Obama Twitter Breach

Qilin takes responsibility for Cornerstone Staffing Solutions hack

‘Random’ cyberattack shuts down Living Room Theaters in Portland

Ransomware Payments Decline, But Data Resilience Remains Critical for EMEA Enterprises

Research says that Ransomware Payments have declined across Australia

RondoDox botnet malware now hacks servers using XWiki flaw

Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time

Saint Anthony Hospital Data Breach: Names & SSNs Exposed

Samsung users targeted in phishing scam with fake 'Urgent account verification' messages

Samsung’s Pre-Installed AppCloud Sparks Surveillance Controversy Despite No Verified Evidence of Malicious Activity

San Benito County auditor confirms stolen funds recovered from October 15th phishing scam

SeAH Holdings Data Breach Exposes Source Code and Keys

ShinyHunters’ OAuth Onslaught: How Phishing via LinkedIn is Plundering Salesforce Data

South Korean man sentenced to prison for sending $16K to North Korean hacker

SpearSpecter Cyberespionage Campaign Linked to Iranian IRGC Targets High-Value Officials

Surveillance tech provider Protei was hacked, its data stolen and its website defaced

The First Autonomous AI Cyber Attack Exposed

The gang targeting America’s grid now says it’s coming for Canada

The Gentlemen Ransomware Group Claims Two New Victims

There's a phishing scam going around in the Samsung Members app

Threat Actor Claims Cabify Driver Data Breach Affecting 430,000 Records

Threat Actors Exploit Xanthorox AI to Create Multiple Types of Malicious Code

Twitter hacker ordered to repay £4.1m in Bitcoin after celebrity account scam

U.S. Announces Five Guilty Pleas and $15M Seizure in Cybercrime Case

UK Twitter hacker who breached Obama's account ordered to repay $5.4 million in Bitcoin

UK Twitter hacker who hijacked Obama’s account ordered to give up $5.4m in Bitcoin

Under Armour hit by ransomware, hackers claim “millions of personal data”

University of Pennsylvania says info compromised in data breach has been ‘mischaracterized’

Unraveling Threads: Cyber Attack Hits H&M and Adidas Fabric Supplier Fulgar

US: Five Plead Guilty in North Korean IT Worker Fraud Scheme

When Machines Attack Machines: The New Reality of AI Security

Why manufacturers need to do more to avoid the risk of ransomware

Yurei Ransomware: Encryption Mechanics, Operational Model, and Data Exfiltration Methods

Yurei Ransomware Exposed File Encryption Operation Model and Data Transfer Tactics

Yurei Ransomware File Encryption, Operation Model and Data Transfer Methods Uncovered

Ransomware Operator Claims - Week 45 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 3rd November and 9th November 2025, kindly assisted by our partners.

DBD discovered and researched 163 Ransomware Victims over 40 Countries and Islands claimed by 32 Data-Leaking Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 46 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 10th November and 16th November 2025.

16th November

Company refuses to pay ransomware demand - donates the money to cybercrime research instead

Electricity Authority of Cyprus (EAC) warns of new phishing emails targeting consumers

Foreign intelligence specialists flee Somalia after data breach exposes 35,000 people

GenAI’s Perilous Edge: Cybersecurity, Privacy, and the Black Friday Onslaught

Google Uses Courts, Congress to Counter Massive Smishing Campaign

Hacker Group Handala Leaks Data on Nine Israeli Figures

Meet FBI’s most-wanted cybercriminal, Volodymyr Tymoshchuk, Ukrainian hacker accused of attacking hundreds of US firms and extorting millions

North Korea’s secret hacker army crashed: $15M in crypto confiscated by US

Pennsylvania Attorney General's Office alerts residents to data breach that exposed personal information

Princeton University confirms data breach affecting alumni and donor records

Somalia confirms major data breach in electronic visa system

Taiwan warns of biases, data breach in Deepseek, other Chinese AI

The Washington Post reveals thousands impacted via Oracle-based hack

U.S. Department of Justice (DOJ) moves to forfeit $15.1 million in Tether seized from North Korean hacker group

US disrupts North Korean IT worker fraud network used to infiltrate 136 US firms

What to do if your info was compromised in a data breach

With blazing-fast WiFi 7 speeds come extra security risks: what to know before upgrading?

15th November

79% of Indian Organisations Hit by Ransomware in Past Year, 91% Paid Ransom

A Multi-Stage Phishing Kit Using Telegram to Harvest Credentials and Bypass Automated Detection

Akira Ransomware Targets Over 250 Organizations, Extracts $42 Million in Ransom Payments

Anthropic's AI, Claude, Hacked in Maiden Autonomy-driven Cyber Attack

Consero Global Data Breach Exposes Social Security Numbers

Cornerstone staffing ransomware attack leaks 120,000 resumes, claims Qilin gang

Cyber Criminals Turn AI Into A Weapon For Hacking As Attacks Surge 47% Globally

Decades-old ‘Finger’ protocol abused in ClickFix malware attacks

Defying Hackers: Checkout.com’s Bold Stand Against Ransomware

DoorDash hit by data breach after an employee falls for social engineering scam

Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

Inside the Cybercrime Machine: A Reformed Fraudster Reveals the Tactics Fueling 2025’s Digital Heists

Jaguar Land Rover cyberattack cost the company over $220 million

Kraken Arrives: The New Ransomware That Assesses Your Environment to Inflict Maximum Damage

Logitech Data Breach - What We Know As 0-Day Hack Attack Confirmed

Pakistan: Oil & gas sector facing cybersecurity threat

Pakistan Hit by 5.3 Million Cyber Attacks in 2025

Pennsylvania Attorney General reports data breach affecting personal information

Princeton University Informs Students of Data Breach

RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet

Russian alleged cyber-hacker faces extradition to US after arrest in Thailand

Russian alleged hacker linked to Kremlin-backed cybercrime group arrested in Phuket

Scammers threaten Chinese-speaking victims with extradition to pocket their money

South Korea: Voice Phishing Damage Surpasses 1 Trillion Won in 10 Months

SSA Holdings Data Breach Exposes Social Security Numbers

Telangana High Court Website Falls Victim to Cyber Attack

The ransomware payment debate: what it means for organizations

Towne Mortgage Confirms Data Breach Following Ransomware Attack

US and UK warn of major e-visa data breach in Somalia

Washington Post Data Breach Exposes Thousands In Oracle Cyberattack

14th November

10 Million Americans hit in government contractor data breach

127 Groups Oppose Changes to GDPR, EU Data Protection Laws

A Multi-Stage Telegram Phishing Framework for Credential Theft and Detection Bypass

A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn

Advanced Phishing Campaign Targets Customers of Major Italian Web Host Aruba S.p.A.

Afghan data breach: Ministry of Defence (MoD) has not done enough to stop future similar incident, Public Accounts Committee (PAC) warns

Afghans still at risk from fresh data breach as it’s revealed Ministry of Defence (MoD) hasn’t fixed security flaws

Agencies release updated guidance to combat Akira ransomware following recent attacks

AI doesn't just assist cyberattacks anymore - now it can carry them out

AI firm claims it stopped Chinese state-sponsored cyber-attack campaign

AIESEC Canada Data Breach Exposes 158k User Records

Akira group has defrauded $244 million in ransomware payments, says FBI

Akira Ransomware Group Made $244 Million in Ransom Proceeds

Akira Ransomware Haul Surpasses $244M in Illicit Proceeds

Akira ransomware is now targeting Nutanix VMs - and scoring big rewards

Akira ransomware’s evolving tactics prompt global agencies to strengthen critical infrastructure guidance

Akira updates its arsenal, extorts $250 million in ransomware proceeds

Alleged hacker wanted by FBI arrested in Phuket

Altruist Technologies Data Breach Exposes 25GB Database

Amazon CISO Confirms Hacker Exploit Used 2 Zero-Day Attacks

Ang Brothers (M&E) Pte. Ltd. Data Breach by Nova Group

Anthropic 'blames' Chinese hacker group of using Claude to spy on companies across the globe; says targeted large tech companies, financial institutions

Anthropic claims of Claude AI-automated cyberattacks met with doubt

Anthropic Claude AI Used by Chinese-Back Hackers in Spy Campaign

Anthropic Says Its AI Chatbot Was Used By Chinese Hackers for Large-Scale Cyber Attack

ASUS warns of critical auth bypass flaw in DSL series routers

Average ransomware payments in Australia halve to AUD $711,000

Benchmarking optimizes Kraken ransomware encryption

Beware of Phishing Emails as Spam Filter Alerts Steal Your Email Logins in a Blink

Beware! How AI is writing phishing emails that look real

Body Cam Phishing Team Leader Sentenced to Four Years

Businesses must bolster cyber resilience, now more than ever

Businessman Sentenced for Lineage Deal With North Korean Hacker

Cambodia-based voice-phishing 'Ma Dong-seok Team' head Kang sentenced to 4 years

Checkout.com Discloses Data Breach After Extortion Attempt

Checkout.com Hacked - ShinyHunters Breached Cloud Storage, Company Refuses Ransom

Checkout.com Refuses Ransom After Hackers Access Old Merchant Files

Checkout.com snubs hackers after data breach, to donate ransom instead

Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage

China-Based Hackers Used Claude to Automate Global Cyberattack

Chinese cyber spies used Claude AI to automate 90% of their attack campaign, Anthropic claims

Chinese Hackers Automate Cyber-Attacks With AI-Powered Claude Code

Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign

Chinese Hackers Weaponize Claude AI to Execute First Autonomous Cyber Espionage Campaign at Scale

Chinese spies use AI to target government agencies

Chinese State Hackers Jailbroke Claude AI Code for Automated Breaches

Chinese state hackers used Anthropic AI systems in dozens of attacks

Chinese State-Sponsored GTG-1002 Leverages Claude AI and Model Context Protocol (MCP) for Cyberespionage Targeting Tens of Organizations

Chinese Tech Firm Leak Reportedly Exposes State Linked Hacking

Chrome Web Store still features a crypto-stealing extension despite takedown request

CISA and Partners Release Advisory Update on Akira Ransomware

CISA flags imminent threat as Akira ransomware starts hitting Nutanix AHV

CISA Warns: Akira Ransomware Has Extracted $42M After Targeting Hundreds

CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws

CISA, FBI, Partners Issue Updated Guidance Against Akira Ransomware Threat

Civil society decries digital rights ‘rollback' as European Commission pushes data protection changes

Cl0p claims ransomware hit on NHS

Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack

Clop Ransomware Group Targets NHS England in Oracle E-Business Suite Hack

Controversy has intensified around the Russian hacker detained in Thailand

Cyber-Attack Pushes Jaguar Land Rover (JLR) Into £485m Quarterly Loss; Tata Motors CFO Says Systems “Hardened”

Cyberattack on Russian port operator aimed to disrupt coal, fertilizer shipments

DDoS Cyberattack Disrupts Danish Government and Defense Websites

Direct cost of Jaguar Land Rover cyber attack which impacted UK economic growth revealed

DoorDash confirms serious data breach - customer names, addresses, emails are more all leaked, here's what we know

DoorDash just revealed major data breach - here's what customer information was exposed

DoorDash Says Relax, Data Breach Only Exposed Names, Phones, Emails & Addresses

DoorDash suffers another data breach: users’ contact information affected

Dutch police seize thousands of servers used for ransomware, child sex abuse footage

Five plead guilty to helping North Koreans infiltrate US firms

Foreign intelligence specialists flee Somalia after data breach exposes 35,000 people

Former national security advisor John Bolton among Washington Post contributors exposed in hack

Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks

Global Data Breaches and Cyber Attacks in October 2025 - At Least 21.2 Million Breached Records

Google Files Lawsuit to Dismantle 'Lighthouse' Smishing Kit

Google Says Chinese ‘Lighthouse’ Phishing Kit Disrupted Following Lawsuit

Google Sues China-Linked ‘Smishing Triad’ Behind Global Mobile Phishing Campaign

Google Sues Cybercriminals Over Phishing Scams in Global Smishing Crackdown

Hackers claim to sell internal Samsung subsidiary files

Holiday Mobile Threats Quadrupled in 2024 - What’s Expected This Year?

Hyundai Data Breach Puts 2.7 Million Americans at Risk of Identity Theft

Iberia Airlines Data Breach: 77GB of Aircraft Data for Sale

INC Ransom Group Attack Hits Multiple Global Companies

India: Companies to Notify the Data Protection Board of a Data Breach ‘Without Delay’ Under the Digital Personal Data Protection (DPDP) Rules 2025

Iranian Hackers Launch 'SpearSpecter' Spy Operation on Defense & Government Targets

Jaguar Land Rover cyber attack cost company nearly £200m

Jaguar Land Rover cyber attack cost nearly £200m, company reveals

Jaguar Land Rover cyber attack costs firm £485m in the quarter

Jaguar Land Rover cyber attack hits Tata Motors Passenger Vehicle Q2 business, domestic sales gain momentum

Jaguar Land Rover cyber-attack cost nearly £200m

Jaguar Land Rover Data Breach Sparks Regulatory Alert

Jaguar Land Rover plunges to loss after heavy cyber attack costs

Jaguar Land Rover posts heavy loss after cyber-attack

Jaguar Land Rover posts losses of £485 million following cyber attack

Jaguar Land Rover (JLR) reports £485m losses for Q2 in wake of devastating cyber attack - but CEO hails the “speed of recovery”

Jaguar Land Rover (JLR) reports heavy losses as dust settles following major cyber attack

Jaguar Land Rover revenues plunge as firm reports heavy cyber attack costs

Jaguar Land Rover slides to loss of almost £500m after cyber-attack

Kaspersky Reveals Over 5 Million Cyberattacks on Pakistan in 2025

Kraken Cross-Platform Ransomware Attacking Windows, Linux, and VMware ESXi Systems in Enterprise Environments

Kraken Ransomware Expands Attacks to Windows, Linux, and VMware ESXi Systems

Kraken Ransomware Group Emerges with Sophisticated Tactics from the Remnants of the HelloKitty Ransomware Cartel

Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments

Logitech confirms data breach after Clop extortion attack

Logitech suffers data breach, claims no sensitive data stolen

London Pathology Firm Synnovis Begins Notifying Partners Following 2024 Data Breach

Los Alamos researchers warn AI may upend national security

Mass Hospitality Phishing Scheme Expands With 4,300+ Domains, Multilingual Pages, and Advanced Automation

Massive blow to cybercrime: three malware families disrupted, 1025 servers taken down

Metropolitan Adjustment Bureau Hit by Chaos Ransomware Attack

Miticket.com.ve Data Breach Exposes 11k User Records

Multiple US citizens plead guilty to helping North Korean IT workers earn $2 million

NAHGA Claims Services reports intrusion that exposed personal and health data

Nebraska Attorney General’s lawsuit over Change Healthcare data breach moves forward

Nevada Ransomware Attack Started Months Before Being Discovered

New CISA Report Reveals Akira Ransomware Hit 250 Organizations, Collected $42 Million in Ransoms

New "Scam Center Strike Force" to combat crypto investment fraud centers run out of Southeast Asia

North Korean Hackers Turn JSON Services into Covert Malware Delivery Channels

Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts

Oracle attacks: Washington Post confirms data breach, NHS investigating

Our Industries Are Vulnerable to Cyber-Attacks: Boardrooms Must Prioritize Resilience, Not Reaction

Personal Information Potentially Leaked in Pennsylvania AG Data Breach

Phishing kits & steganography drive new wave of email threats

Protecting mobile privacy in real time with predictive adversarial defense

Ransomware surged 30% in October

Ransomware's Fragmentation Reaches a Breaking Point While LockBit Returns

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Russian Hacker Linked to GRU Arrested in Phuket

Samsung Data Breach Exposes Source Code and PII

Security Degradation in AI-Generated Code: A Threat Vector CISOs Can’t Ignore

South Korean man sentenced for involvement with North Korean hacker

SRP Federal Credit Union Faces Renewed Lawsuit Over Ransomware Breach

Suspected Russian hacker reportedly detained in Thailand, faces possible US extradition

Tata Motors: Regulators informed about possibility of Jaguar Land Rover (JLR) customer data leak due to cyber attack

Tata Motors informs regulators of potential Jaguar Land Rover (JLR) customer data breach

The Foot Doctor P.C. Hit by Space Bears Ransomware Attack

The staggering cost of cyber attack on Jaguar Land Rover revealed

Thousands of fake travel sites used in ongoing Russian phishing campaign

Thousands of travelers potentially exposed in Somalia E-Visa data breach, U.S. embassy says

University of Pennsylvania (UPenn) experiences cyber attack

US announces new strike force targeting Chinese crypto scammers

Warning Issued About Akira Ransomware as Attacks on Critical Infrastructure Accelerate

Washington Post Confirms Data Breach as CL0P Claims Over 40 Oracle Victims

13th November

65% of the Forbes AI 50 List Leaked Sensitive Information

After 9-Day Romp, Hyundai Hackers Are Still Out There

Agfa probes ransomware claim, reports on difficult Q3

AI & ransomware reshape cyber threat landscape, report finds

Akira actively engaged in ransomware attacks against critical sectors

Akira gang has received nearly $250 million in ransoms

Akira Ransomware Group Poses ‘Imminent Threat’ to Critical Infrastructure

Allegedly pilfered Collins Aerospace data spilled by Everest ransomware

APT Exploits Cisco and Citrix Zero-Day Vulnerabilities CVE-2025-20337, CVE-2025-5777 in Coordinated Attack

Automation can’t fix broken security basics

Black Shrantac Ransomware Group Hits Global Firms in New Attack

Can a cyber attack reduce a country’s GDP? In the UK, it seems so!

Check Point Uncovers Large-Scale Phishing Attack Exploiting Meta Business Suite

CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks

CISA warns federal agencies to patch flawed Cisco firewalls amid ‘active exploitation’ across the US government

CISA warns feds to fully patch actively exploited Cisco flaws

CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs

CISA warns of WatchGuard firewall flaw exploited in attacks

CISO Pay Increases 7% As Budget Growth Slows

ClickFix Technique Powers SmartApeSG Campaign to Deploy NetSupport RAT

Could quantum computers spot fraud before your bank does?

Cyber attack hits Danish government, defence websites

Cyber Insurance Comes of Age: From Niche Policy to Strategic Risk Tool

Data breach at Malta tax office, company’s details sent to 7,000 recipients

Data breach notices for Qilin hack provided by Synnovis

DoorDash hit by new data breach in October exposing user information

Europol takes down more than 1,000 malicious servers in Operation Endgame

Everest Group Claims Breach on KorPath, Vikor Scientific, and Korgene

Exploiting Code Hosting Platforms to Deliver Malware Through Manipulated JSON Storage Services and Code Repositories

Fake Chrome Extension "Safery" Steals Ethereum Wallet Seed Phrases Using Sui Blockchain

Fake spam filter alerts are hitting inboxes

FBI calls Akira ‘top five’ ransomware variant out of 130 targeting US businesses

Fortinet FortiWeb flaw with public PoC exploited to create admin users

Google files lawsuit to dismantle alleged China-based smishing network Lighthouse

Google lawsuit takes aim at group behind text message scams

Google strikes back at scammers enabling those fake 'stuck package' texts

Google Sues China-Based ‘Lighthouse’ Phishing Service After $1B+ Scams Target Millions

Google Sues Chinese Firm for Phishing Campaign, Targeting Millions Worldwide

Google sues Chinese hacker group which allegedly stole $1 billion from a million victims

Google Sues Chinese ‘Smishing Triad’ Over Global Text Scam Targeting Millions

Google Sues ‘Lighthouse’ Cybercrime Group For Running Global Phishing-As-A-Service Network

Google Sues “Lighthouse” Over Massive Phishing Attacks

Google Sues to Disrupt Chinese SMS Phishing Triad

Google Takes Legal Action Against ‘Lighthouse’ Phishing Kit Behind Major Cyberattacks

Google takes legal action against major phishing network targeting millions

Healthcare security is broken because its systems can’t talk to each other

Holiday Mobile Threats Surge During Shopping Season - Phishing and Malware Risks Escalate

How Adversaries Exploit the Blind Spots in Your External Attack Surface Management (EASM) Strategy

How Attackers Turn SVG Files Into Phishing Lures

How Enterprises Can Fight Ransomware and Defend Customer Data

Improve Collaboration to Hit Back At Rising Fraud, Says techUK

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

Italian textile giant Fulgar hit by ransomware attack, hackers threaten data leak

Jaguar Land Rover (JLR) cyber attack slams brakes on UK economy

Kraken ransomware benchmarks systems for optimal encryption choice

LaBella Associates Data Breach Affects 6,712 People

Large-Scale Spam Campaign Hits npm Registry With 43,000+ Fake Packages

Malicious package with 206k downloads exploited to steal sensitive tokens from GitHub-owned repositories

Malta: Clyde Caruana must take responsibility for data breach, Partit Nazzjonalista says

MedQ Agrees to Settlement to Resolve Ransomware Attack Lawsuit

Most-wanted Russian super hacker suspected over Skripal novichok poisoning & Clinton email leaks ‘ARRESTED in Thailand’

New ‘IndonesianFoods’ worm floods npm with 100,000 packages

New Phishing Attack Targeting iPhone Owners Who’ve Lost Their Devices

NHS Investigating Oracle EBS Hack Claims as Hackers Name Over 40 Alleged Victims

NHS Investigating Oracle EBS Hack Following Cl0p Ransomware Group Claim

NHS supplier ends probe into ransomware attack that contributed to patient death

Not the End Yet: Europol and Global Partners Bulldoze Rhadamanthys, VenomRAT, Elysium and More in Operation Endgame

October 2025 Ransomware Attacks Soar 30% as New Groups Redefine the Cyber Battlefield

Operation Endgame: Police reveal takedowns of three key cybercrime tools

Operation Endgame 3.0 Dismantles Three Major Malware Networks

Operation Endgame Dismantles Rhadamanthys, Venom RAT, and Elysium Botnet in Global Crackdown

Operation Endgame Takedown Hits Rhadamanthys and VenomRAT

Operation Endgame Hits Rhadamanthys, VenomRAT, Elysium Malware, seize 1025 servers

Over 43,000 Spam Packages Infiltrated MPM Registry, Remaining Undetected for Nearly Two Years

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

Palo Alto PAN-OS Vulnerability Allows Attackers to Reboot Firewalls via Malicious Packets

“Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)

Phishing attack targets Azerbaijan’s telecommunications sector

Phishing Attacks in Switzerland: NCSC Reports New Scams Targeting Crypto Users and Seniors

Phishing campaign targets customers of major Italian web hosting provider

Phishing Emails Alert: How Spam Filters Can Steal Your Email Logins in an Instant

Phishing Emails Disguised as Spam Alerts Can Steal Your Email Logins Instantly

POINT Construction Advisory Group Hit by Kraken Ransomware

Police disrupt Rhadamanthys, VenomRAT, and Elysium malware operations

Police take down three cybercrime operations in latest round of ‘whack-a-mole’

Popular Android-based photo frames download malware on boot

Ransomed CTO falls on sword, refuses to pay extortion demand

RansomHouse claims Italian yarn maker compromise

Ransomware attacks climb as AI shapes Australian cyber threats

Ransomware Attacks Soared 30% in October

Ransomware attacks to rise 40% by 2026, report shows

Remote Code Execution (RCE) flaw in ImunifyAV puts millions of Linux-hosted sites at risk

Rhadamanthys infostealer operation disrupted by law enforcement

Roebbelen Data Breach: Sensitive Data Exposed

Russian hacker group threatens Danish websites after new Ukraine aid

Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data

Samsung Data Breach Exposes Source Code and PII

SAP Pushes Emergency Patch for 9.9 Rated CVE-2025-42887 After Full Takeover Risk

Scammers Abuse WhatsApp Screen Sharing to Steal OTPs and Funds

South Africa: Eastern Cape Human Settlements Department exposed, as major ransomware attack compromises data

Stormous Ransomware Claims Attack on Morocco’s Largest Retailer Marjane

Sun Valley Surgery Center Data Breach Affects 27,001

Synnovis concludes investigation of 2024 cyber attack

Synnovis Confirms Patient Information Stolen in Disruptive Ransomware Attack

Synnovis Finally Issues Breach Notification After 2024 Ransomware Attack

Thai-FBI Operation Recovers $432,000 in Crypto From Alleged European Hacker

Thailand: Alleged hacker wanted by FBI arrested in Phuket

The browser is eating your security stack

The State of Ransomware - Q3 2025

Two key cyber laws are back as president signs bill to end shutdown

UK economic growth disappoints in Q3 as Jaguar Land Rover (JLR) cyber attack hits

UK economic growth slows to 0.1% amid hit from Jaguar Land Rover (JLR) cyber-attack

UK economy grew by just 0.1% in third quarter amid hit from Jaguar Land Rover (JLR) cyber-attack

UK government submits bill to strengthen critical infrastructure against cyberattacks

UK proposes cybersecurity bill to boost protection for critical sectors

Uncovering a Multi-Stage Phishing Kit Targeting Italy's Infrastructure

Unleashing the Kraken ransomware group

US Imposes Sanctions on Burma (Myanmar) Over Cyber Scam Operations

US Sanctions Burma (Myanmar) Armed Group Democratic Karen Benevolent Army (DKBA) for Cyber Scams Targeting Americans

Wanna bet? Scammers are playing the odds better than you are

Washington Post confirms data on nearly 10,000 people stolen from its Oracle environment

Washington Post data breach impacts nearly 10K employees, contractors

When Attacks Come Faster Than Patches: Why 2026 Will be the Year of Machine-Speed Security

“World-class” Russian hacker wanted by FBI and arrested in Thailand is likely GRU officer Aleksey Lukashev

Zero-Day Vulnerabilities in Cisco and Citrix Targeted by APT Group

12th November

4,300 Malicious Domains Used in Massive Phishing Attack Masquerading as Travel Brands

Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security

‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days

AI Adoption Accelerates Cyber Risks for Australian Businesses

AI is forcing boards to rethink how they govern security

AI-Native App Boom Creates Security Blind Spots and Major Security Risks, New Report Finds

AI-Powered Phishing Scams and Hidden Exploits Threaten Web3 Security

Akira Ransomware Attack Hits Multiple US-Based Firms

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

Australia’s top spy accuses China of “high-impact” cyber sabotage

Australian firms face surge in AI-driven ransomware attacks

Australian organisations face rising threat from top ransomware groups

Australian spy chief warns Chinese hackers are ‘probing’ critical networks for espionage and sabotage

Avoid These Critical Mistakes in a Ransomware Incident

BK Technologies Data Breach Exposes Sensitive Information

British government unveils long-awaited landmark cybersecurity bill

Central One Federal Credit Union Data Breach Affects SSNs

ChatGPT is the ultimate phishing tool, so why aren’t companies boosting security budgets?

China accuses US of stealing billions in Bitcoin (BTC) as UK jails Chinese crypto queen

China Alleges a Nation-State Entity Hacked LuBian After the Department of Justice (DoJ) Seized Cryptocurrency in the Prince Group Scam

Chinese Hackers Salt Typhoon Probe Australian Infrastructure, Spy Chief Warns of Cyber Sabotage Risks

Conduent faces mounting financial losses from data breach

Counting the true cost of cyber intrusions

Custom GPTs Exploit Server-Side Request Forgery (SSRF) in ChatGPT to Expose Secrets

Cyber complacency could cost retailers millions: half believe their defences are strong despite rising ransomware threats

Cyber-Insurance Payouts Soar 230% in UK

Cybercriminals Launch New Phishing Campaign Aimed at Lost iPhones

DanaBot malware is back to infecting Windows after 6-month break

DarkComet Spyware Resurfaces Disguised as Fake Bitcoin Wallet

Data breach at mysterious Chinese firm reveals state-owned cyber weapons and even a list of targets

Data broker Kochava agrees to change business practices to settle lawsuit

Data leak hits UK's Victorian-era photo archive, exposing photo-mug buyers

Doctor Alliance Data Breach: 353GB of Patient Files Allegedly Compromised, Ransom Demanded

Earnin Data Breach Impacts Thousands of SSNs

Economic Uncertainty Leads to Additional Security Risks

English-Language Cybercrime Hub “The COM” Orchestrates Varied Global Attacks

Everest ransomware claims leading Italian gas producer breach

Everest ransomware gang threatens to leak 159GB of stolen data from Italian gas giant SIAD Group

Facebookmail.com Invites Exploited to Phish Facebook Business Users

Fake cybersecurity companies are back - and they’re smarter than ever

FBI-Thai Police Operation Seizes Crypto from European Hacker

Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns

First Choice Dental Agrees to Pay up to $1,225,000 to Settle Data Breach Lawsuit

GitHub Copilot and Visual Studio Vulnerabilities Allow Attackers to Bypass Security Features

GlobalLogic Becomes Latest Cl0p Victim After Oracle EBS Attack

GlobalLogic Hit by Cyberattack Exploiting Oracle E-Business Suite Vulnerability

GlobalLogic says data on 10,000 workers exposed in Oracle-linked data breach

Google asks US court to shut down Lighthouse phishing-as-a-service operation

Google files lawsuit against Lighthouse ‘phishing for dummies’ text scammers

Google files lawsuit to disrupt massive ‘Lighthouse’ smishing scheme

Google launches a lawsuit targeting text message scammers

Google Launches 'Private AI Compute' - Secure AI Processing with On-Device-Level Privacy

Google lawsuit accuses China-based cybercriminals of massive text-message phishing scams

Google sues 25 China-based scammers behind Lighthouse 'phishing for dummies' kit

Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform

Google sues China-based ‘Lighthouse’ group over alleged online scam network

Google Sues Chinese Cybercriminals Behind ‘Lighthouse’ Phishing Kit

Google sues Chinese hacker group it says stole $1 billion from a million victims in 121 countries - 'Lighthouse' platform offers phishing services to crooks for a monthly fee

Google sues Chinese phishing-as-a-service network behind all those scammy texts

Google sues cybercriminal group behind E-ZPass, USPS text phishing scams

Google sues cybercriminals behind E-ZPass, US Postal Service text scams

Google sues group running massive SMS scam operation

Google sues in New York to break up text phishing scheme

Google Sues ‘Smishing Triad’ Over Massive Global Phishing Operation

Google sues to dismantle Chinese phishing platform behind US toll scams

Google sues to stop Lighthouse phishing-as-a-service targeting millions globally

Google’s Latest Weapon in the Fight Against Fraud: Litigation

Habib Bank AG Zurich Confirms Cyber Incident Amid Qilin Ransomware Allegations

Hackers breached San Joaquin County Superior Court. Here’s what they learned

Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks

Hackers Use KakaoTalk and Google Find Hub in Android Spyware Attack

Healthcare Resolves Less Than Two-Thirds of “Serious” Security Findings

Holiday Fraud Trends 2025: The Top Cyber Threats to Watch This Season

HTML attachment phishing used in new credential theft campaign

Hyundai data breach may have impacted millions of customers

Hyundai’s massive data breach finally comes to light

International Kiteboarding Organization Data Breach Hits 340k Users

Japanese Tech Firm Asahi Kasei Microdevices Hit by Crypto24

Jetobra Data Breach Impacts Hoffman Auto Group

Massive Phishing Attack Impersonate as Travel Brands Attacking Users with 4,300 Malicious Domains

Microsoft 365 Email Scam Spreads Worldwide - Don’t Fall for It

Microsoft 365 Users Face New Automated Phishing Threat

Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack

Microsoft Fixes Windows Kernel Zero Day in November Patch Tuesday

Microsoft Patch Tuesday November 2025: Fixes 63 Security Flaws and One Zero-Day Exploit

Midnight Ransomware: A free decryptor has been released thanks to a bug in the code

Mindgard Finds Sora 2 Vulnerability Leaking Hidden System Prompt via Audio

Ministry of Parliamentary Affairs & Governance Guyana Data Breach

New Google Lawsuit May End Massive Text Phishing Operations

New KomeX Android RAT Advertised on Hacker Forums with Multiple Subscription Options

New laws set to strengthen UK's cyber attack defences

New Phishing Attack Leverages Popular Brands to Harvest Login Credentials

New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials

New Phishing Campaign Exploits Meta Business Suite to Target SMBs Across the U.S. and Beyond

New Phishing Scam Targets iPhone Owners After Device Loss

New “Quantum Route Redirect” Phishing Kit Targets Microsoft 365 Users Worldwide

New Quantum Route Redirect Tool Lets Attackers Launch One-Click Phishing Attacks on Microsoft 365 Users

New UK laws to strengthen critical infrastructure cyber defenses

NHS patients to finally be informed if hackers published their STI and cancer test data

Patch Tuesday: Microsoft fixes actively exploited Windows kernel vulnerability (CVE-2025-62215)

Phishing Attack Impersonates Travel Brands Using 4,300 Malicious Domains

Phishing attacks surge as criminals exploit trusted platforms in 2025

Phishing Campaign Exploits Meta Business Suite to Target SMBs

Phishing emails disguised as spam filter alerts are stealing logins

Phishing Tool Uses Smart Redirects to Bypass Detection

Phishing’s Cruel Hook: How Scammers Exploit Lost iPhones to Steal Your Digital Life

Polymarket users lose over $500,000 in phishing attack exploiting comment section vulnerabilities

Qilin ransomware gang ramps up attacks

Rhadamanthys Infostealer Infrastructure Disrupted in Apparent Law Enforcement Takedown

Russian Broker Pleads Guilty to Profiting From Yanluowang Ransomware Attacks

Russian hacker admits helping Yanluowang ransomware infect companies

Shadow AI risk: Navigating the growing threat of ungoverned AI adoption

South Korea: 53 Cambodia Repatriated Fraud Suspects Indicted for 9.4 Billion Won Scam

South Korea: Korean-Chinese ringleader runs Cambodia-based romance and voice-phishing ring, 53 indicted

South Korea: Prosecutors indict 53 suspects of voice phishing ring based in Cambodia, Thailand

South Korea: Voice Phishing Collector Sentenced for Fraud and Court Contempt

Stepping Stone AG Data Breach Exposes Customer and Internal Data

Survey Surfaces Sharp Rise in Cybersecurity Incidents Involving AI

Suspicious Temu Support Accounts on X Raise Phishing Concerns: Unofficial Accounts Under Scrutiny

Swedish Authority for Privacy Protection Investigates Data Breach Exposing 1.5 Million People

Synnovis notifies of data breach after 2024 ransomware attack

Synnovis to notify NHS of data breach after nearly 18 months

Synnovis Updates On Data Breach From 2024 Ransomware Attack

Telegram bots exploited in European credential phishing campaign

The airport heist isn’t over, as hackers claim to drop Collins Aerospace data

The Future of AI in Security: From Reactive to Proactive Protection

The Italian yarn empire powering H&M and Adidas has been claimed by hackers

The Lighthouse lawsuit is Google's boldest move yet against organized cybercrime

The rise and fall of Tank the hacker who built the Zeus cybercrime empire

The University of Pennsylvania Data Breach: What It Reveals About Cybersecurity in Higher Education

Tuxum Data Breach Exposes Company Source Code

UK Government Finally Introduces Cyber Security and Resilience Bill

UK Tightens Cyber Laws as Attacks Threaten Hospitals, Energy, and Transport

UK’s new Cyber Security and Resilience Bill targets weak links in critical services

UK’s Ransomware Payment Ban: Boon or Burden for Businesses?

US announces ‘strike force’ to counter Southeast Asian cyber scams, sanctions Myanmar armed group

Vietnam: Appsim Data Breach Exposes Over 1 Million Users

When every day is threat assessment day

Wiltshire Police 'accidentally' share passwords in data breach

WordPress users beware - GootLoader strikes again, using font hack to spread malware

11th November

43 East Lothian schools offline amid fear of cyber attack

65% of Leading AI Companies Expose Verified Secrets and Access Keys on GitHub

AI & phishing attacks highlight human risk in Australian fraud

Android Devices Targeted By KONNI APT in Find Hub Exploitation

Android RAT ‘KomeX’ Advertised on Hacker Boards, Sold in Several Subscription Packages

Android Trojan 'Fantasy Hub' Malware Service Turns Telegram Into a Hub for Hackers

Anyone can be a hacker with AI - so what does that mean for the cyber defence industry?

Asahi Cyberattack Brings Japan’s Top Brewer to Its Knees During Peak Beer Season

Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480)

Attackers Use Quantum Route Redirect to Launch Instant Phishing on Microsoft 365

Australian hospitality company faces ransom threat after data breach

Bank of England: “British economy staggers due to cyberattack on Jaguar Land Rover”

“Bitcoin Queen” gets 11 years in prison for $7.3 billion Bitcoin scam

Blavity Inc. Data Breach Exposes 1.2 Million Users

Bringing AI to The SOC Is Not Intended to Replace Humans

CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)

CISA Adds Zero-Day Bug Used in Spyware Attacks to Known Exploited Vulnerabilities (KEV)

CISA Warns of Actively Exploited 0-Day RCE Vulnerability in Samsung Mobile Devices

Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats

CISOs are cracking under pressure

Clop Ransomware Group Lists Allianz UK Following Oracle EBS Breach

Cl0p Ransomware Lists NHS UK as Victim, Days After Washington Post Breach

Cloud Security Automation: Using AI to Strengthen Defenses and Response

Colombia’s CNSC Targeted in 2.9 TB Data Extortion Attack

Conduent Anticipates Data Breach Cost to Rise to $50 Million by Q1, 2026

Cyberattack hangover - Asahi back to fax and phone as rivals seize taps

Cyber insurers paid out over twice as much for UK ransomware attacks last year

Cyble Detects Phishing Campaign Using Telegram Bots to Siphon Corporate Credentials

Cyprus: Paphos municipality warns of phishing email scam

DanaBot Banking Trojan Resurfaces with Version 669 After Operation Endgame Takedown, Focused on Cryptocurrency Theft

Danabot Malware Re-Emerges With Version 669 Following Operation Endgame

Data Breach Exposes Hyundai, Kia, Genesis Owners

Devolutions Server Vulnerability Lets Attackers Impersonate Users Using Pre-MFA Cookie

Everest Ransomware Group Lists Agfa-Gevaert and SIAD as Victims

Fake Facebook Business pages are bombarding users with phishing messages - so what can be done?

Fake NPM Package With 206K Downloads Targeted GitHub for Credentials

Ferocious Kitten Deploys MarkiRAT to Harvest Keystrokes & Clipboard Data

German city’s IT systems taken offline after cyberattack

Global Microsoft 365-targeted phishing facilitated by novel PhaaS platform

Global ransomware activity rises 36% in Q3 2025, but average payments collapse

GlobalLogic warns 10,000 employees of data theft after Oracle breach

Google Cloud says AI will run cybercrime operations by 2026

Google Issues Critical VPN Threat Warning for Billions of Users

Google’s Latest Security Push Marks the Slow Death of Passwords

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

Graebel Companies Inc. Discloses Data Breach from December 2024

Hackers abuse Triofox antivirus feature to deploy remote access tools

Hackers Claim Santander Breach, Data for Sale on Dark Web

Hackers Exploit Critical Flaw in Gladinet's Triofox File Sharing Product

Hackers Launch Sophisticated Phishing Campaign Masquerading as Major Brands

Hackers threaten to leak Italian gas giant’s data

Hackers Use Phishing to Drain Meta Business Suite Logins

Have I Been Pwned Adds 1.96 Billion Accounts From Synthient Credential Data

Hidden risks in the financial sector’s supply chain

Hitachi subsidiary GlobalLogic impacted by Clop’s attack spree on Oracle customers

Hitachi-owned GlobalLogic admits data stolen on 10k current and former staff

How credentials get stolen in seconds, even with a script-kiddie-level phish

How far can police push privacy before it breaks

How hackers exposed personal info of 1.7 Million students in New York, prompting data breach settlement

Hyundai Data Breach Potentially Leaks 2.7 Million Social Security Numbers

Hyundai Data Breach Puts Over 2.7 Million SNNs at Risk

Hyundai Motor Group Suffers Massive Data Breach - Personal Data Of 2.7 Million Customers Falls Into Hacker's Hands

Hyundai Suffers Massive Data Breach, Includes Social Security Numbers

Illicit Facebook notices fuel international credential phishing campaign

Insurers pay out £200m to support businesses hit by cyber attacks

Intel data breach via Insider Threat & Hyundai Data Breach leaks 2.7m Social Security Numbers

LLM Side-Channel Attack ‘Whisper Leak’ Exposes Encrypted Communications

Lost Your iPhone? Beware Fake ‘Find My’ Messages Aiming to Steal Your Apple ID

Lost your iPhone? Make sure you don't make things worse by falling for this evil phishing text giving you hope

Major phishing attack hits hotels with ingenious new scam that also spreads dangerous malware

Malware 2025: The most dangerous groups of the year

Microsoft 365 users targeted by major new phishing operation - here's how to stay safe

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

Microsoft Outlook, Gmail increasingly targeted in phishing attacks

Mozilla rolls out new anti-fingerprinting protections in Firefox 145

Multiple Ivanti Endpoint Manager Vulnerabilities Allow Attackers to Write Arbitrary Files

New “KomeX” Android RAT Hits Hacker Forums with Tiered Subscriptions

New Phishing Campaign Targets Meta Business Suite Users

New Phishing Scam Targets iPhone Users Through Fake ‘Found Device’ Messages, Warns Swiss Cyber Agency

New side channel attack Whisper Leak snoops on encrypted conversations with LLMs

New VanHelsing Ransomware RaaS Model Attacking Windows, Linux, BSD, ARM, and ESXi Systems

New VanHelsing Ransomware-as-a-Service Hits Windows, Linux, BSD, ARM and ESXi

NHS providers reviewing stolen data published by cyber criminals

North Korean Hacker Group ‘Konni’ Targets Android and Windows Devices Using Fake Stress-Relief Apps

Phishing Campaign “I Paid Twice” Targets Booking.com Hotels and Guests

Phishing scam alert: This "We found your lost iPhone" text is fake and wants to steal your Apple ID

Phishing Scam Uses Big-Name Brands to Steal Logins

Polymarket Suffers Major Security Breach

Polymarket users sound alarm over phishing links in private markets

Qilin Ransomware Activity Surges as Attacks Target Small Businesses

Quantum Route Redirect Phishing Kit Democratizes Cyber-Attacks

Quantum Route Redirect Tool Opens Door to One-Click Phishing on Microsoft 365

Ransomware Surge Fuels 230% Jump in UK Cyber-Insurance Payouts

Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories

Researchers Reveal Tight Connections Between Maverick and Coyote Banking Malware

Researchers Uncover Critical runC Bugs Allowing Full Container Escape

Rhadamanthys infostealer disrupted as cybercriminals lose server access

Rising cybersecurity threats: Are South African businesses prepared?

SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor

SAP Releases Critical Security Updates to Fix Code Execution and Injection Vulnerabilities

Security Alert Themed Phishing Emails Attempt to Steal Your Email Login

SMEs ‘Can’t Afford to Wait for a Cyber Attack’

Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland

The ransomware payment ban: what’s the potential impact for UK businesses?

Threat actor alleges treasure trove of sensitive naval info

Threat Actors Leverage RMM Tools to Deploy Medusa & DragonForce Ransomware

Triofox 0-Day Abuse of Anti-Virus Function Enables Remote Payload Execution

Triofox Unauthenticated Access Flaw, Chained with AV Scanning Feature Abuse to Deploy Remote Access Tools

Two-Thirds of Top AI 50 Companies Leaked Sensitive Data on GitHub, Including API Keys and Tokens

UK cyber insurance claims soar by 230% as ransomware devastates businesses

UK cyber resilience guidance criticised as ‘too bland’ amid growing ransomware risks in logistics

UK Regulator Ofcom Monitors VPN Use Following Online Safety Act

Unpacking the Impact of the Synnovis Cyber Attack: Key Repercussions and Insights

VanHelsing Ransomware RaaS Expands Reach to Windows, Linux, BSD, ARM and ESXi Environments

"Vibescamming" is the new online scam everyone’s falling for

Wakefield & Associates Announces Breach of Client Data

WatchGuard Firebox Firewall Vulnerability Allows Attackers to Gain Unauthorized SSH Access

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

Why Microsoft Copilot May Be Your Most Risky Insider Threat

WinRAR Flaw Weaponized by APT-C-08 in Attacks on Government Organizations

World’s Biggest Cybercrime Gangs Change Mind About Retirement, Form Supergroup Instead

xHunt APT Group Spies on Kuwait, Leveraging Microsoft Exchange, IIS, and Custom Backdoors

Your desktop firewall isn't enough - here's how to protect your entire network

Your home Wi-Fi isn't as private as you think - 6 free ways to tighten its security

Zoom Workplace for Windows Vulnerability Allows Users to Escalate Privileges

10th November

5 reasons why attackers are phishing over LinkedIn

10 Popular Black Friday Scams - How to Detect the Red Flags and Protect your wallet and Data

65% of Leading AI Companies Found With Verified Secrets Leaks

170 Mule Accounts Launder 1.5 Trillion Won for Voice Phishing Rings

Advanced Threat Actors Breach Construction Networks to Steal Remote Login Access

AI is rewriting how software is built and secured

AI-generated ransomware extension found on Visual Studio Marketplace

APT37 hackers abuse Google Find Hub in Android data-wiping attacks

AXIS Communications Data Breach Exposes Source Code

Balancer Offers Bounty to Hacker After $100M Exploit

Big tech pressure does the trick: EU moves to placate industry, privacy be damned

China-Aligned UTA0388 Uses AI Tools in Global Phishing Campaigns

Chinese Cybersecurity Firm Data Breach Exposes State-Sponsored Hackers Cyber Weapons and Target List

CISA orders feds to patch Samsung zero-day used in spyware attacks

Critical runC Flaws Expose Docker and Kubernetes to Container Escape, Fixes Available

Cybercriminals Use Remote Management Tools to Deliver Medusa and DragonForce Ransomware

Data Breach at Chinese Cybersecurity Firm Reveals State-Backed Hacking Tools and Target Lists

Data Breach Response: Don’t Panic!

Data privacy whistleblowers would get expanded protections under California proposal

Defensoría del Pueblo de Colombia Hit by Data Breach

Doctor Alliance breach allegedly exposes patients’ health data

ENEA Data Breach: Swedish Telecom Software Firm’s Source Code Leaked

Fewer Businesses Are Making Ransomware Payments

GlassWorm Malware Discovered in Three VS Code Extensions with Thousands of Installs

Hacked RDP credentials facilitate Cephalus ransomware delivery

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

Healthcare Therapy Services Data Breach Exposes Social Security Numbers

Hospitality giant the Oscars Group listed by Medusa ransomware

Hotels Hacker Alert Issued As ‘I Paid Twice’ Attacks Confirmed

How 1.3 billion passwords were stolen: Infostealer malware data breach explained

Hyundai Data Breach Exposes 2.7 Million Social Security Numbers

Hyundai Data Breach Puts 2.7 Million Owners’ SSNs at Risk

Hyundai subsidiary Hyundai AutoEver America (HAEA) data breach: Sensitive information at risk

Hyundai, Kia, And Genesis Suffer Massive Customer Data Breach

Illuminate Education Fined $5.1 Million for Failing to Protect Student Data

IMY investigates major ransomware attack on Swedish IT supplier

India sees spike in AI driven ransomware attacks

Intel engineer disappears with 18,000 secret files

Intel Sues Ex-Engineer for Stealing 18,000 ‘Top Secret’ Files

Invacare Data Breach due to Ransomware Attack: Sensitive Info at Risk

KLA Instruments Data Breach Affects Sensitive PII

Konni Hackers Turn Google's Find Hub into a Remote Data-Wiping Weapon

Korean police report voice phishing losses reach 986.7 billion won through September

LANDFALL Spyware Targeted Samsung Galaxy Phones via Malicious Images

Large-Scale ClickFix Phishing Attacks Target Hotel Systems with PureRAT Malware

Lawsuits Accuse Conduent of Negligence in Protecting Personal Data After Network Breach

Lost iPhone? Watch Out for this Phishing Trap

Massive data breach exposed 10 million nationwide, including Texans

Massive Phishing Campaign Targets Global Hospitality Industry Using Sophisticated ClickFix Tactics and PureRAT Malware

Modularity advances LockBit 5.0 ransomware

Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover

Mozilla Firefox gets new anti-fingerprinting defenses

Multi-Brand themed Phishing Campaign Harvests Credentials via Telegram Bot API

National Cyber Security Centre (NCSC) Set to Retire Web Check and Mail Check Tools

Nearly 30 Alleged Victims of Oracle EBS Hack Named on Cl0p Ransomware Site

New AI Vulnerability Scoring System Announced to Address Gaps in CVSS

New Browser Security Report Reveals Emerging Threats for Enterprises

New National Crime Agency (NCA) Campaign Warns Men Of Crypto Investment Scams

New Phishing Campaign Exploits Meta Business Suite to Target SMBs Across the U.S. and Beyond

New Wave of Crypto Theft: Beware of Phishing Attacks!

Nikkei data breach exposes personal data of over 17,000 staff

North Korea hackers remotely reset smartphones and PCs to steal data and spread malware

North Korean hackers wipe Korean devices by remotely resetting phones and spreading malware

Popular JavaScript library expr-eval vulnerable to RCE flaw

Previously unseen spyware targets Samsung Galaxy owners

Quantum Route Redirect PhaaS targets Microsoft 365 users worldwide

Ransomware Operators Exploit RMM Tools to Deploy Medusa and DragonForce

Resana French Government Service Hit by Data Breach

Russian broker pleads guilty to profiting from Yanluowang ransomware attacks

Russian hacker to plead guilty to aiding Yanluowang ransomware group

Santander Bank Spain Targeted in Alleged Data Breach Impacting Approximately 10,000 Records

Scammers are getting smarter - stay one step ahead!

Shocking Revelation: Balancer Hacker Converts $91M Stolen Funds to Ethereum

Short-term renewal of cyber information sharing law appears in bill to end shutdown

TELACU Data Breach Affects Current and Former Tenant SSNs

That text claiming to have found your lost iPhone could actually be from scammers - don't fall for this phishing scam

The Hacker Who DJed by Night and Robbed Banks by Day

The Washington Post confirms it suffered an Oracle-linked data breach

Threat Actors Attacking Outlook and Google Bypassing Traditional Email Defenses

Three serious vulnerabilities enabling attackers to break out of Docker, Kubernetes containers

Tri-Century Eye Care Data Breach Affects PII & PHI

U.S. Congressional Budget Office Confirms Cyberattack; Foreign Hackers Suspected in Data Breach

U.S. Congressional Budget Office Hit by Cyberattack, Sensitive Data Exposed

Voice phishing scams in touch of AI

West Ada School District seeks to join national lawsuit over PowerSchool data breach

Whose data breach is it anyway?

Why a lot of people are getting hacked with government spyware

Why Backup and Recovery Are Now Central to Every MSP’s Ransomware Strategy

Why Organizations Can’t Ignore Vendor Risk Assessment in Today’s Cyber-Threat Landscape

Why our brains miss red flags about phishing - and how to fix it

World’s Largest Business News Publisher Nikkei Suffers Data Breach after Hackers Compromise Slack Accounts

Yanluowang initial access broker to plead guilty to ransomware attacks

Yanluowang ransomware gang’s Initial Access Broker (IAB) admits guilt