Editor's Message

Welcome to DBD. 2024 was a tough year for me personally, and I'd like to thank every one of you who has supported me - you have been my light in times of darkness. 2024 saw the highest number of ransomware attacks on record, and there's no sign of these attacks slowing down as we head into the new year. Ransomware is a BIG problem that is NOT going away anytime soon, and this year could be just as catastrophic, if not worse, as cyber criminals continue to extort their victims with very little chance of being brought to justice. Wishing you all the very best for 2025. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 3 February 2025

Data Breaches Digest - Week 6 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 3rd February and 9th February 2025.


9th February

AI Tools Used in Cyberattacks: Global Concerns Rise

Bad News & Good News: Ransomware Up, Payments Down in 2024

Econet Refutes Hack Claims And Data Breach

Egyptian hacker targets Israeli TV over Gaza plan

Gmail Users Targeted By 'Sophisticated,' AI-Driven Attacks, FBI Says In Warning

How To Prevent Gmail AI Phishing Attacks? FBI Issues Warning

Ransomware Attacks Climbed in 2024 - but Some Companies Are Just Refusing to Pay Hackers

Sophisticated Gmail Phishing Attacks Are Exploding – FBI’s Latest Warning

South African Weather Service (SAWS) fights to restore systems after crippling cyber attack

The rising threat of financial fraud: Reconsider your approach to email security

UAE authorities warn residents against fresh phishing tactics

8th February

Econet Refutes Data Breach Claims, Says No Hack Detected

Econet Zimbabwe denies data breach claims, initiates investigations

Fota Wildlife Park cyber-attack - 'very convincing' scammers calling people across Cork

Fraudulent X Token and Phishing Websites in Crypto Scam Offering a Trip to Mars

From DDoS to Ransomware – Nine Most Common Cyberattacks

Hackers Monetize LLMjacking, Selling Stolen AI Access for $30 per Month

Hewlett Packard Enterprise (HPE) Alerts Employees of Data Breach After Russian Cyberattack on Office 365

Hewlett Packard Enterprise (HPE) Discloses Major Data Breach by Russian Hackers

Hewlett Packard Enterprise Notifies Employees of Data Breach Tied to Russian Hackers

Huge healthcare data breach exposes over 1 million Americans' sensitive information

Malicious Machine Learning (ML) Models on Hugging Face Leverage Broken Pickle Format to Evade Detection

Massive brute force attack uses 2.8 million IPs to target VPN devices

Most Sophisticated Gmail Attacks Ever - FBI Says: Do Not Click Anything

New Research Shows Despite Increase in Ransomware Attacks in 2024, There Was a Decline in Its Payments

Phantom Wallet Users Targeted by Phishing Scam Amid Rising Popularity

Police warn of terrifying one-step scam that allows a hacker into your phone within seconds

Teen Hacker “Natohub” Caught for NATO, UN, and US Army Breaches

Zimbabwe's Econet Wireless suffers major data breach

7th February

59% of insurance sector breaches caused by third parties

7,000 Exposed Ollama APIs Leave DeepSeek AI Models Wide Open to Attack

A Ransomware Attack Has Struck the New York Blood Center Amid Ongoing Shortages

AI-Powered Social Engineering: Reinvented Threats

ASP.NET Vulnerability Lets Hackers Hijack Servers, Inject Malicious Code

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

Bank Central Asia (BCA) denies allegations of customer data breach following cyberattack claims

‘Big Game’ Ransomware Tactics Drives Spike in Attacks

ChatGPT maker OpenAI taking claims of data breach ‘seriously’

ChatGPT users warned 20 Million OpenAI account logins up for sale on hacker forum

CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability

Coalition of US states to file lawsuit after Musk’s Department of Government Efficiency (DOGE) gains access to Americans’ personal data

CPS Energy responds to concerns over 2023 data breach

Cyber Attack Severity Rating System Established in UK

Cybercriminals Weaponize Graphics Files in Phishing Attacks

DeepSeek App Transmits Sensitive User and Device Data Without Encryption

DeepSeek-impersonating malware is stealing data, research finds

Engineering firm IMI hit with cyber attack just days after Smiths Group incident

Facebook copyright infringement scam reinvents itself

Frederick Health in Frederick, Maryland, provides update on operations, ransomware attack

Full Exposure: A Practical Approach to Handling Sensitive Data Leaks

Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers

Hackers exploiting bug in popular Trimble Cityworks tool used by local governments

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware

Hewlett Packard Enterprise (HPE) begins notifying data breach victims after Russian government hack

Hewlett Packard Enterprise Company Files Notice of Recent Data Breach

Hewlett Packard Enterprise (HPE) notifies employees of data breach after Russian Office 365 hack

If Ransomware Inc was a company, its 2024 results would be a horror show

India's Reserve Bank of India (RBI) Introduces Exclusive "bank.in" Domain to Combat Digital Banking Fraud

Infosec pros struggle under growing compliance

IT Teams Worry About Increasing Cost of Cyber Tools From AI Features, While Criminals Barely Use Them

Label maker Avery says ransomware investigation also found credit-card scraper

Malicious AI models infiltrating Hugging Face via ‘bad Pickles’

Malicious AI Models on Hugging Face Exploit Novel Attack Technique

Microsoft Edge update adds AI-powered Scareware Blocker

Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks

Most UK GDPR Enforcement Actions Targeted Public Sector in 2024

New Facebook Attack Warning - What You Need To Do Right Now

New York City Schools Trying to Identify Students Affected by PowerSchool Breach

OpenAI taking claims of data breach ‘seriously’

Overconfident execs are making their companies vulnerable to fraud

Phones, email, classes disrupted in University of The Bahamas ransomware attack

PowerSchool data breach affected 16,000 students in the UK

PowerSchool data breach impacts millions globally

Privacy and security flaws found in DeepSeek iOS mobile app

Puroland Gets Hacked with Ransomware, 2 Million Club Records Potentially Leaked

Ransom Payments Fell 35% in 2024 After LockBit, BlackCat Takedowns

Ransomware attackers turn to workers for data breach access

Ransomware attacks hold your files hostage. These tools can free them

Ransomware hits healthcare, critical services in January

Ransomware payment value fell over 30% in 2024

Ransomware Payments Dropped to $813 Million in 2024

Ransomware payments plunge after law enforcement actions

Report reveals security failures in PowerSchool data breach

Self-sovereign identity could transform fraud prevention, but...

States prepare privacy lawsuit against Department of Government Efficiency (DOGE) over access to federal data

Student group sues Education Department over reported Department of Government Efficiency (DOGE) access to financial aid databases

SVG files are offering cybercriminals an easy way in with new phishing attacks

Taiwan’s DeepSeek Ban Reflects Global Concerns Over AI Security

The biggest breach of US government data is under way

The Democratization of AI-Powered Ransomware: Trend to Watch, Threat to Tackle

Third-Party Risk Management Failures Expose UK Finance Sector

UK data breach rate skyrockets: two accounts compromised every second

UK government demands Apple backdoor to encrypted cloud data

UK Government Reportedly Demands Access to Encrypted iCloud Files Worldwide

UK reportedly demands secret ‘back door’ to Apple users’ iCloud accounts

University Diagnostic Medical Imaging Provides Notice of Data Breach to 138,080 Individuals

US health system notifies 882,000 patients of August 2023 breach

Was Your Personal Data Exposed in the Grubhub Data Breach? Here's How to Protect Yourself

6th February

Arab Civil Aviation Organization hit by cyberattack, sensitive data stolen in latest aviation sector breach

Authorities Arrested Hacker Who Compromised 40+ Organizations

Bank Central Asia (BCA): The Customer Data Claimed by Bjorka Hacker Group is Inaccurate

British engineering firm IMI discloses breach, shares no details

Canadian hacker charged by US with stealing $48M from Vietnam blockchain project

Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc

Critical Cisco ISE bug can let attackers run commands as root

Critical RCE bug in Microsoft Outlook now exploited in attacks

Crypto Hacks: Jupiter DEX Restores X Account after Hacker Shills Meme Coins

Crypto ransomware revenue drops 35% to $813 million in 2024 amid tougher crackdowns and victim resistance

Cyber attack delayed cancer treatment at NHS hospital

Cyber attack on Asheville Eye Associates impacted close to 200,000 patients

DDoS attacks reportedly behind DayZ and Arma network outages

DeepSeek-R1 LLM Fails Over Half of Jailbreak Attacks in Security Analysis

Deloitte to pay $5 million to Rhode Island following ransomware attack

Econet Wireless allegedly suffered massive data breach

Engineer IMI becomes latest British firm to be hit by cyber attack

Engineering group IMI latest UK firm to be hit by cyber attack

Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams

Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking

Grubhub breach exposed customer data. Should you be worried?

GrubHub Hit by Data Breach

Hacker Who Targeted NATO, US Army Arrested in Spain

Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware

Hackers used stolen password to steal customer data from GrubHub's network

Hiring platform serves users raw with 5.4 million CVs exposed

If you're not working on quantum-safe encryption now, it's already too late

IMI becomes the latest British engineering firm to be hacked

IMI plc Confirms Cyberattack: Investigation Underway, Stock Drops 2.4%

IMI reports ‘unauthorized’ cyber activity in latest incident affecting UK engineering firms

India: Kaveri 2.0 portal back to normal after cyber attack disrupts services

India to launch new domain name for banks to fight digital fraud

Kimsuky hackers use new custom RDP Wrapper for remote access

Lawmakers push for DeepSeek ban from federal devices over China concerns

Lawsuit against automatic license plate reader cameras can move forward, judge says

Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam

Malicious actors using multimedia messages to promote Bitcoin scams

Malware Bypasses Chrome App-Bound Encryption With Dual Injection

Microsoft authentication system spoofed via phishing attack

Microsoft says attackers use exposed ASP.NET keys to deploy malware

Mississippi's rural power utility confirms a major cyber attack

New Banking Malware Attacking Users of Indian banks to Steal Aadhar, PAN, ATM & Credit Card PINs

New Facebook Copyright Infringement Phishing Campaign

New Mass Phishing Attack Fakes Microsoft ADFS Login Portals to Hijack Business Email Accounts

New UK Cyber Monitoring Centre Introduces 'Richter Scale' for Cyber-Attacks

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

OpenAI Data Breach: Threat Actor Allegedly Claims 20 Million Logins for Sale

Over 5 billion accounts breached in 2024, China emerges as top target

Password stores are targeted by 25% of malware

Phishing up almost 50 percent since 2021 with AI attacks on the rise

Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023

Ransomware Payments Decreased by 35% in 2024, Research Finds

Ransomware payments drop 35% in 2024 amid law enforcement crackdowns

Ransomware payments plummet as more victims refuse to pay

Ransomware Payouts Plummet by £350M in 2024

Ransomware Payments Plummet in 2024 as Law Enforcement Cracks Down on Crypto Crime

Ransomware Profits Tumble 35% to $813M in 2024, Marking First Decline Since 2022

Responding To Ransomware: The Importance Of Not Paying The Ransom

Salesforce emails used in massive Facebook phishing attack

Several Tokio Marine HCC companies report data breach

SmokeLoader Malware Exploits 7-Zip Flaw to Target Ukrainian Industries

South Korea’s Notorious Sex Crime Hub Ya-moon Hacked, User Data Leaked

Spanish police arrest dangerous hacker behind attacks on NATO and US army

Spanish Police Arrest Suspected NATO and US Army Hacker

SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images

Spyware maker Paragon terminates contract with Italian government

Suspected NATO, UN, US Army hacker arrested in Spain

Teen Hacker Arrested In Alicante After Cyberattacks On Spanish Defence Ministry And NATO

Texas' McKinney City struck by a major cyber attack

The Impact of Cybersecurity on Game Development

The overlooked risks of poor data hygiene in AI-driven organizations

There’s a new UK cyber attack severity rating system – here’s what it means

Thousands notified of McKinney data breach. Here’s how to stay safe

Trump Hotels allegedly breached by a little-known BreachForums user

U.S. Army Hacker—Suspect With 50 Crypto Accounts Arrested

UK legal sector sees 39% surge in data breach incidents

UK to get new cyber attack severity rating system

Ukraine’s largest bank PrivatBank Targeted with SmokeLoader malware

Using DeepSeek in the US may result in $1 million fine and jail time under proposed bill

Wales: Bridgend man masterminded national phishing scam

Warning: Organizations Need to Prep For AI-Powered Ransomware Attacks

Why rebooting your phone daily is your best defense against zero-click hackers

WordPress ASE Plugin Vulnerability Threatens Site Security

XE Hacker Group Exploiting Veracode 0-Days To Deploy Malware & Steal Credit Card Details

Your Netgear Wi-Fi router could be wide open to hackers - install the fix now

5th February

1 Million-Plus In Connecticut Affected By Healthcare Data Breach

21% of CISOs Have Been Pressured Not to Report a Compliance Issue, Research Finds

850,000 individuals impacted by Globe Life ransomware incident

AMD fixes bug that lets hackers load malicious microcode patches

AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks

Banking Malware Uses Live Numbers to Hijack OTPs, Targeting 50,000 Victims

Biomedical lab enhances cybersecurity following data breach

Canadian Charged in $65M KyberSwap, Indexed Finance DeFi Hack

CISA Adds Four Actively Exploited Vulnerabilities to Known Exploited Vulnerabilities (KEV) Catalog, Urges Fixes by February 25th

CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise

CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks

CISA Updates Known Exploited Vulnerabilities (KEV) Catalog with High-Severity Vulnerabilities - Patch Now!

CISA orders agencies to patch Linux kernel bug exploited in attacks

Critical Questions For Boards: Are You Prepared For Ransomware?

Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign

Crypto-stealing iOS, Android malware found on App Store, Google Play

Cyber attack on NorthBay Healthcare impacted over 570,000 patients

Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)

Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development

Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts

Data Breach For McKinney Residents, Potential Personal Information Leaked

DeepSeek AI Model Riddled With Security Vulnerabilities

Deloitte to Pay $5 Million to Rhode Island to Cover Ransomware Attack Expenses

Delta County hospital district says cyber attack affected over 570,000 patients

Destructive Attacks on Financial Institutions Surge

Ex-Google engineer accused of stealing AI secrets for Chinese companies

Five Eyes Launch Guidance to Improve Edge Device Security

Global ransomware payments plunge by a third amid crackdown

GrubHub third-party breach exposes partial payment info

Hackers spoof Microsoft ADFS login pages to steal credentials

Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials

How to Spot and Avoid Phishing Scams

Italy says Paragon spyware targeted victims in dozens of European countries

Jamaica: Biomedical expresses regret over data breach, upgrades cybersecurity

Jefferson School District cancels Thursday classes after ransomware attack

KraftCPAs Experiences Apparent Cyberattack Leading to Data Breach

Law enforcement, victim resilience lead to 35% year-over-year drop in ransomware payments

Less than half of ransomware incidents end in payment - but you should still be on your guard

LevelBlue research highlights surge in phishing-as-a-service kits

MacOS infostealers rising sharply: stolen data putting enterprises at risk

Mobile Malware Targeting Indian Banks Exposes 50,000 Users

More destructive cyberattacks target financial institutions

New 'browser syncjacking' cyberattack lets hackers take over your computer via Chrome

New target of Paragon spyware comes forward

New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack

Over 1 million Connecticut residents affected by data breach involving Community Health Center

Paragon spyware used to target citizens across Europe, says Italian government

Python packages posing as DeepSeek contain nasty surprise

Ransomware cashouts down 35% as victims snub demand

Ransomware is a growing threat, but local governments are training staffers to be more aware

Ransomware losses down 35% year-over-year

Ransomware Payments Decline 35% as Victims Resist Demands

Ransomware payments drop 35% in 2024, first decrease since 2022

Ransomware payments drop for first time in years following law enforcement disruptions

Ransomware payments dropped 35% in 2024

Ransomware Payments Dropped Dramatically Last Year

Ransomware payments dropped in 2024 as victims refused to pay hackers

Ransomware payments fell by 35% in 2024, totalling $813,550,000

Researchers warn of risks tied to abandoned cloud storage buckets

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers

San Francisco-Marin Food Bank reports data breach

Scalable Vector Graphics files pose a novel phishing threat

Several Tokio Marine HCC Companies File Collective Notice of Data Breach

Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks

SmokeLoader malware aimed at multiple Ukrainian industries, using bug in file archiver

Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank

Spain arrests suspected hacker of US and Spanish military agencies

Spanish police arrest hacker accused of attacks on NATO, US Army

Swap End-of-Life (EOL) Zyxel routers, upgrade Netgear ones!

Thailand cuts power supply to Myanmar scam hubs

The biggest breach of US government data is under way

Thousands of McKinney, Texas, residents impacted by October data breach

US: Local schools alerted of data breach affecting past, present students, staff

US requested extradition of hacker who served his time in Israeli prison, violating deal

4th February

7-Zip Mark of the Web (MotW) bypass exploited in zero-day attacks against Ukraine

8 steps to secure GenAI integration in financial services

39 cybercrime domains seized, linked to HeartSender cybercrime group

A new phishing campaign is exploiting Microsoft’s legacy ADFS identity solution to steal credentials and bypass MFA

AI-Powered Cyber Warfare, Ransomware Evolution, and Cloud Threats Shape 2025 Cyber Landscape

AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access

Australia bans DeepSeek on government devices

Bitcoin scammers sending MMS with 3GP videos: old format surprisingly effective

California man steals $50 million using fake investment sites, gets 7 years

Canadian Charged for Stealing $65 Million in Crypto from KyberSwap and Indexed Finance

Canadian Hacker Charged After Stealing $65M in Crypto – Still on the Run?

Canadian Hacker Charged in $65M Cryptocurrency Platform Thefts

Casio and Others Hit by Magento Web Skimmer Campaign

Casio UK site compromised, equipped with web skimmer

Chinese cyberspies use new SSH backdoor in network device hacks

Coinbase faces heavy fire as users duped for millions in social engineering scams

Coinbase Users Lose $65M in Phishing Scams Amid Security Failures

Community Health Center reports data breach affecting over 1 million patients

Crypto phishing losses dropped 56% to $10.2m

Crypto Phishing Losses Plunge 56% as Malware Attacks Soar in January

Crypto phishing scams drained $10.25 million in January

Cyber agencies share security guidance for network edge devices

Cyber attack on Connecticut Community Health Centre impacted over 1 million patients

Cybercriminals are using AI to target macOS in 2025

Cybersecurity Threats & Solutions: Outlook for 2025

DaggerFly-Linked Linux Malware Targets Network Appliances

Dangerous Google AI phishing attack threatens 2.5 billion Gmail users

Data Breach Shakes Schools Using PowerSchool Software

Google Ads Phishing Campaign Targets Microsoft Advertisers with Sophisticated Techniques

Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104

Google Play, Apple App Store apps caught stealing crypto wallets

Grubhub announces data breach impacting some customers, drivers: What to know

Grubhub confirms data breach affecting customers and drivers

GrubHub Data Breach – Customers Phone Numbers Exposed

Grubhub Data Breach Compromises Information of Customers and Drivers

GrubHub data breach impacts customers, drivers, and merchants

Grubhub Hack Exposes Campus Diners, Those Who Contacted Customer Service

Grubhub says data breach impacts some customers, drivers

Grubhub says hack on third-party exposed information on campus customers

Grubhub serves up security incident with a side of needing to change your password

Hacker attack on Alltours: A security incident and its impact on customers and companies

Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware

Hackers Hide Malware in Fake DeepSeek PyPI Packages

How threat actors use Command and Control (C2) and data exfiltration as part of double extortion

How to Prevent Data Breach: Practical Steps For Your Business In 2025

How to Prevent Phishing Attacks with Multi-Factor Authentication

Japanese sporting goods maker Mizuno says cyber attack compromised US customers' data

Kenya: Government issues cyber-security alert over potential data breach

Kenya data breach: fingers point to Moldovan firm, B2Bhint

Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access

Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities

Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score

Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform

Navigating public sector cyber risk amidst new legislation

Netgear warns users to patch critical WiFi router vulnerabilities

New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads

North Korean ‘FlexibleFerret’ Malware Hits macOS with Fake Zoom, Job Scams

North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS

Online lottery service warns users of fraud and phishing scams

Patient info accessed in Middletown-based Community Health Center data breach

Personal Information Compromised in GrubHub Data Breach

Phishing Crypto Scams Wiped $10.2 Million in January: All About It

Phishing alert: how to protect your accounts against cyber attacks in Monaco

Powerschool data breach impacts millions globally

Ransomware attack locks energy contractor out of financial systems for six weeks

Ransomware attack targets the New York Blood Center

Ransomware Payments: New legislative proposals in the UK

Researchers unearth more North Korean malware variants attacking macOS

Russian cyber research companies post alerts about infostealer, industrial threats

Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows Mark of the Web (MotW) Protections

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)

Scammers break hearts, leaving lonely online daters penniless

Sophisticated Phishing Attack Bypasses Microsoft ADFS Multi-Factor Authentication (MFA)

Spyware maker Paragon confirms US government is a customer

Surge in Infostealer Attacks Threatens EMEA Organizations' Data Security

Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks

Tata Technologies Reports Ransomware Attack, says IT Assets Affected

Tata Technologies reports ransomware incident; client services unaffected

TD Bank reports data breach involving unauthorized access to sensitive customer information

Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks

Threat actor claims to have breached Trump Hotels

Threefold Increase in Malware Targeting Credential Stores

Union groups sue Treasury over giving Department of Government Efficiency (DOGE) access to sensitive data

What is a Ransomware scam and how you can protect yourself?

Young Hacker Steals $65 Million in Cryptocurrency, but His Overconfidence Leads to Capture

Zyxel won’t patch newly exploited flaws in end-of-life routers

3rd February

1 Million Impacted by Data Breach at Connecticut Healthcare Provider

1-Click Phishing Campaign Targets High-Profile X Accounts

4 exotic phishing scams are on the rise. Here’s how to catch them in the act

47% of organizations have put off cybersecurity upgrades

$65 Million Canadian crypto hacker charged

768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023

768 CVEs Exploited in the Wild in 2024

2024 Breaks Records with Highest Ever Ransomware Attacks, as Cyber Criminals Target Critical Infrastructure

AI-driven phishing scams are the new entrant to the hacking era. Here's how you can stay safe

AI-Powered Phishing Attacks Target Gmail Users, Bypassing Security Measures

Almost 1 million Discord users just had their account details exposed in new RestoreCord data breach - what to do now

Amazon Redshift gets new default settings to prevent data breaches

As Department of Government Efficiency (DOGE) teams plug into federal networks, cybersecurity risks could be huge, experts say

British PM scrapped ‘dangerously obvious’ email after Russian hacking

Canadian charged in two crypto platform thefts totaling $65 million

Canadian charged with stealing $65 million using DeFI crypto exploits

Casio UK online store hacked to steal customer credit cards

Circle K franchisee waited 7 months to inform employees of data breach, lawsuit says

CISA Warns of Backdoor Vulnerability in Contec Patient Monitors

Cisco Finds DeepSeek R1 Highly Vulnerable to Harmful Prompts

Comhairle nan Eilean Siar (CnES) question marks continue after cyber attack

Community Health Center Hit By Major Data Breach

Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions

Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware

Data Breach at Globe Life’s American Income Life Insurance Company Impacts as Many as 850k

Data Breach Impacting Over One Million Patients Reported By Community Health Center

Data breach in Kenya's Business Registration Service puts President Ruto and others at risk

DeepSeek: The countries and agencies that have banned the AI company’s tech

DeepSeek AI Faces Major Data Breach Amid Security Concerns

DeepSeek AI tools impersonated by infostealer malware on PyPI

DeepSeek’s popularity exploited to push malicious packages via PyPI

Delta County Memorial Hospital Data Breach Affects an Estimated 148,363 People

Department of Justice (DOJ), Allies Seize Cybercrime Forums Affecting 17 Million-Plus Americans

Department of Justice (DOJ), Dutch police take down group selling phishing tools to cybercriminals

Devil-Traff – New Malicious Bulk SMS Portal That Fuels Phishing Attacks

Discord user data leak resurfaces on hacker forum as third-party service disputes breach

European Police: Data Volumes and Deletion Hindering Investigations

FBI and Global Task Force Dismantle Cracked and Nulled, Seizing Millions in Stolen Data

Fraudulent Google ads seek to breach Microsoft advertisers’ credentials

Globe Life data breach may have affected 850,000 more patients than previously thought

Globe Life Ransomware Attack – 850,000+ Users Personal & Health Data Exposed

Globe Life Ransomware Attack Exposes Personal and Health Data of 850,000+ Users

Google fixes Android kernel zero-day exploited in attacks

Google's AI powering cyber operations of dozens of hacker groups

Hackers acquired health information as part of Columbus cyber attack, city reveals

Hackers Hijack JFK File Release: Malware & Phishing Surge

Help! We're drowning in email spam, it's about to get worse and there's nothing we can do to stop it

High-profile X Accounts Targeted in Phishing Campaign

Indexed Finance hacker charged in US for alleged $65m theft

Indian edtech firm SkilloVilla suffers alleged data breach

INDOHAXSEC Hacker Group Allegedly Breaches Malaysia’s National Tuberculosis Registry

InterCon Construction Notifies 6,634 People of Recent Data Breach

Japanese sportswear company Mizuno confirms data breach after 2024 ransomware claims

Journalist targeted on WhatsApp by Paragon spyware: ‘I feel violated’

Justice Department Disrupts Cybercrime Network Selling Hacking Tools to Organized Crime Groups

Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack

Kenya: Business Registration Service says its probing alleged data breach

Kenya: Government Confirms Data Breach on main registry exposing millions of companies

Lucent Health Files Notice of Data Breach Following Email Phishing Incident

Massive healthcare data breach just exposed the personal info of 1 million Americans - what to do now

Microsoft Advertisers Accounts Hacked Using Malicious Google Ads

Microsoft Defender ditches privacy protection feature, leaving users without VPN

Microsoft Impersonated in Dodgy Google Ads

Microsoft kills off Defender 'Privacy Protection' VPN feature

Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe

Mississippi electric utility warns 20,000 residents of data breach

New Malware Campaign Mimics Tax Agencies Attacking Financial Organizations

New Phishing Attack Hijacking High-Profile X Accounts To Promote Phishing Sites

New Russian Hacktivist Group Emerges, Targets US Critical Infrastructure

New York Blood Center Enterprises hit by ransomware attack

NoName057(16) and Z-Pentest Launch Cyber Attack on Sewage Treatment Plants in Poland

Notorious teen hacker charged with stealing $65M crypto by exploiting defi protocols

O’Connor Corporation Files Notice of Data Breach Following Period of Unauthorized Access

One Million Patients Affected by Community Health Center Data Breach

Online gaming safety for kids: learn how to protect your children

Only 3% of organizations have a dedicated budget for SaaS security

Over a million patients potentially hit after another US healthcare provider hit by cyberattack

Phishing campaign targets X accounts for crypto scams

Phishing major cybersecurity threat in Saudi Arabia in 2024

Phishing scam targets Microsoft Ad accounts via Google Search

Phishing tax scams increase as tax deadlines approach

Police Service of Northern Ireland (PSNI) Investigates £500 Payments to Staff Related to Data Breach

PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages

Qilin Ransomware Group Targets Hikari Seiko, Claims of Over 500 GB Data

Ransomware attack disrupts Tata Technologies

Ransomware Groups Weathered Raids, Profited in 2024

Ransomware incident cancels some Community Blood Center donation events in Kansas City area

Russian gang targets crypto holders with cross-platform spear-phishing malware

Russian hackers suspected of compromising British PM’s personal email account

Some Nebraska schools impacted by data breach

Taiwan bans government departments from using DeepSeek AI

Tata Technologies confirms ransomware attack, says investigation still ongoing

Tata Technologies hit by ransomware attack

U.S Community Health Center Hacked – 1 Million Patients Data Stolen

UK Announces “World-First” AI Security Standard

Urgent warning issued to 1 million Americans after medical records are stolen by 'skilled criminal hacker'

US: Two more state employees fired after accessing Texans’ private information

Using the NIST Phish Scale Framework to Detect and Fight Phishing Attacks

Warning: Phishing Campaign Targets Germany with New Malware

What Cybersecurity Can Teach Us About the Human Body

What Is Attack Surface Management?

What PowerSchool won’t say about its data breach affecting millions of students

When you ask an app “not to track” it tracks you anyway, and the data is sold

Wirral cyber attack set back cancer waiting times by months

Woman nabbed by Thai police on alleged link to $182 million romance scam

Yazoo Valley Electric Power Association Provides Data Breach Notice Following Unauthorized Access to IT Network

Your Health Information Was Compromised. Now What?