Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 17 February 2025

Data Breaches Digest - Week 8 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 17th February and 23rd February 2025.


23rd February

Anne Arundel County Closes Government Buildings In Response to Cyber Attack

Apple Faces Backlash After Massive ICloud Data Breach

Australian IVF giant Genea confirms a major cyber attack on its systems

BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics

Darcula Phishing Platform Set to Launch Advanced Version, Making Scams Easier Than Ever

Espionage Meets Ransomware: China-linked Actor Shifts to Financially Motivated Attacks

HCRG Care Group investigating a major ransomware attack on its network

How to Defend Amazon S3 Buckets From Ransomware Exploiting SSE-C Encryption

Invest Hong Kong confirms ransomware attack

Massive leak exposes the inner workings of top ransomware syndicate Black Basta

Personal data stolen in school board cyber attack affecting staff and students

Ransomware atacks in the Netherlands decline despite global increase

Ransomware Group Black Basta’s Internal Communications Leaked Online

22nd February

1 Million Stolen Credit Cards Given Away Free On Dark Web Forum

Anne Arundel County Government Hit by Cyber Attack

Anne Arundel County Government Hit by Suspected Cyber Attack, Some Systems Down

Beware: PayPal "New Address" feature abused to send phishing emails

Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in Sophisticated Cold Wallet Attack

Bybit Hack Sees $1.4B Lost as Funds Move

Bybit hack, withdrawals top $5.3B, but ‘reserves exceed liabilities’

Bybit Hacker Becomes 14th Largest Whale Globally...ETH Price Rebounds on Concerns of Reduced Supply

Bybit Lost 70% Of Ethereum Holdings To Hacker, Says CEO

Bybit’s $1.5B Hack Proves No Crypto Exchange Is Safe – Here’s Why

Could Bybit’s $1.4B Hack Have Been Stopped?

Fake Counter-Strike 2 (CS2) tournament streams used to steal crypto, Steam accounts

FBI Says Backup Now - Advisory Warns Of Dangerous Ransomware Attacks

FBI warns of ongoing ‘Ghost’ ransomware attacks, backup data ASAP

Hacker Behind Bybit Hack Stole a Record $1.4 BILLION - Now There's a Record Sized BOUNTY To HUNT Him Down

INC Ransomware Leaks Videos of Sleeping Patients Allegedly from Persante Health Care

Lazarus Group consolidates Bybit funds into Phemex hacker wallet

mETH Protocol and Tether lead campaign to freeze Bybit hacker’s bounty

North Korea’s Lazarus Group Hacks Bybit, Steals $1.5 Billion in Crypto

OpenAI removes users in China, North Korea suspected of malicious activities

21st February

1.6 Million clinical research records exposed in data leakage

A huge trove of leaked Black Basta chat logs expose the ransomware gang’s key members and victims

Alarming cyber mistake exposes passports, bills, and salary slips

Alleged Data Breach Hits Ciba Cobertura Medica

Alleged Data Breach Targets Indian Company Interjet

Apple Breaks Silence on UK Probe, Removes Data Protection Tool From UK Users

Apple Drops iCloud's Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands

Apple pulls iCloud end-to-end encryption feature for UK users after government demanded backdoor

Apple pulls iCloud end-to-end encryption feature in the UK

Apple turns off iCloud encryption feature in UK following reported government legal order

Black Basta Goes Dark Amid Infighting, Chat Leaks Show

Black Basta is latest ransomware group to be hit by leak of chat logs

Black Basta ransomware dissected: 1 Million leaked internal messages fed to chatbot

BlackBasta Ransomware Chatlogs Leaked Online

Bybit crypto exchange suffers largest ever hack of more than $1 billion

Bybit ETH Cold Wallet Breach Sees $1.5 Billion Moved to Unknown Address

Bybit Hack: $1.4 Billion Stolen from World’s 2nd Largest Crypto Exchange

Bybit hacker moves stolen funds to multiple new addresses after $1.4 billion breach

Bybit just suffered the biggest attack in crypto history, suffering $1.4 billion in losses

Bybit under attack: hackers breach a cold wallet and steal $1.46 billion in ETH

Cases of China-Backed Spy Groups Using Ransomware Come to Light

China-linked hackers target European healthcare organizations in suspected espionage campaign

CISA and FBI issue warning for Ghost ransomware activity

CISA flags Craft CMS code injection flaw as exploited in attacks

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

CISA, FBI, MS-ISAC warn of Ghost ransomware exploiting outdated systems across critical infrastructure

Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

CL0P Ransomware Attacking Telecommunications & Healthcare Sectors In Large Scale

CL0P Ransomware Launches Large-Scale Attacks on Telecom and Healthcare Sectors

Combatting voice cloning and deepfake fraud

Crypto exchange Bybit says it was hacked and lost around $1.4B

Cyber-attack disrupts Paratus Namibia

Cyberattack targets Azerbaijani media: Who hit Global Media Group?

Cybercriminals Can Now Clone Any Brand's Site in Minutes Using Darcula PhaaS v3

Darcula 3.0 Tool Automatically Generates Phishing Kit For Any Brand

Data Leak Exposes TopSec's Role in China's Censorship-as-a-Service Operations

Department of Defense (DoD) Contractor Pays $11.2M over False Cyber Certifications Claims

European Healthcare Orgs Targeted With NailaoLocker Ransomware

Experts race to extract intel from Black Basta internal chat leaks

Experts warn of risks as Darcula DIY kit simplifies phishing

FBI Says Backup Now - Advisory Warns Of Dangerous Ransomware Attacks

FBI warns a cyber attack under way and you should back up your data

Feds fine Warby Parker $1.5 million for failing to protect customer health data

Feds Sound Alarm About Ghost Ransomware Group

Fifth consecutive day of DDoS attacks on Italian sites

Ghost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT

Global shipper Hipshipper exposes 14 million records in major data breach

Gmail and Outlook users issued urgent warning over new login attack

Google Cloud’s Multi-Factor Authentication Mandate: Setting a Standard or Creating an Illusion of Security?

GP staff and healthcare records compromised in ransomware attack

Green Nailao cyber threat targets European healthcare with advanced tactics, undocumented ransomware

Hacker Drains $1.46B from Bybit’s Cold Wallet in Massive Security Breach

Hacker steals record $1.46 billion from Bybit ETH cold wallet

Hackers drained $1.4 billion of cryptocurrency from Bybit exchange, CEO confirms

HCRG breach probed after Medusa ransomware claims

Healthcare tops data breach incidents in 2024, surpassing finance

Improper Certificate Validation in RadiAnt DICOM Viewer Puts Healthcare Systems at Risk

Incident Management: How to Ensure Your Organization Can Handle a Crisis

Internal chat logs of Black Basta ransomware gang leaked

Latest On The Bybit Record Breaking 1.4 Billion Dollar Crypto Hack

Leaked Black Basta Chat Logs Show Banality of Ransomware

Massive Data Breach Allegedly Hits Investing.com, Threat Actor Claims 6.5 Million User Records Exposed

Mastering the cybersecurity tightrope of protection, detection, and response

Microsoft 365 Security Warning As URL Hackers Exploit The @ Gap

Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption Protocols

Mobile Phishing Attacks On The Rise

NHS private service provider investigating cyber attack

NHS Tayside chief executive offers personal apology to data breach victims

Niva Bupa says hacker claims to have stolen sensitive user data

North Korean Hackers Were Behind Crypto's Largest 'Theft of All Time'

North Korea is likely behind the $1.5bn Bybit hack, researchers say

Notorious crooks broke into a company network in 48 minutes. Here’s how

Over a million clinical records exposed in data breach

‘Paddington’ estate attacked by Russian cyber criminals

Phishing Attacks Increased by Nearly 200% in H2 2024

Phishing campaign exploits Webflow CDN to steal credit card data

Phishing Kit Abuses Open Graph to Target Social Media Users

Phoenix Rehabilitation and Nursing Center Announces Third-Party Data Breach at Unnamed Vendor

Ransomware Hackers Come for Paddington Bear

Restrict Network Access As World’s Fastest-Rising Ransomware Strikes

Salt Typhoon Exploited Cisco Devices With Custom Tool to Spy on US Telcos

Security and privacy concerns challenge public sector’s efforts to modernize

SpyLend Android malware downloaded 100,000 times from Google Play

Star Solution Services Provides Notice of Data Breach Affecting Over 27k Individuals

‘Stealth’ Phishing Attacks Rise As Over Half Evade Detection

The Emirates airline alerts its passengers of a new phishing scam

Trump, China, Russia: How Geopolitical Tensions Increase Cyber Risk

Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife

Upper Canada District School Board recovers from cyber attack

Urgent warning to all 1.8 billion Gmail users over dangerous attack that lets hackers steal accounts

VectraRx Mail Pharmacy Confirms 2024 Data Breach Leaked Sensitive Information Belonging to 109,383 People

Venture capital firm Insight Partners faces security breach

Verizon faces class action lawsuit over alleged unauthorized sale of customer data

Williamsburg-James City Schools Recovered from Cyber Attack

20th February

300% increase in endpoint malware detections

AI, finance sector to face cyber threats

Alleged Data Breach Claims Surface on Dark Web Targeting Stark Door

Alleged Data Breach Target Indian Ministry of Culture

APT-C-28 Group Launched New Cyber Attack With Fileless RokRat Malware

Black Basta ransomware gang's internal chat logs leak online

California privacy regulator seeks to fine Florida data broker after huge breach of Social Security numbers

Cayuga Health Fends Off Cyber Attack

Chinese hackers use custom malware to spy on US telecom networks

Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware

CISA & FBI Warns that Ghost Ransomware Hits Over 70 Organizations

CISA and FBI Issue Alert as Ghost Ransomware Targets 70+ Organizations

CISA and FBI Warn of Global Threat from Ghost Ransomware

CISA and FBI warns Ghost ransomware is targeting critical infrastructure and businesses

Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability

Clinical Research Firm Exposes 1.6 Million US Medical Survey Records

Cryptominer hidden in pirated games lands mostly on Russian computers

CVE-2024-12284: NetScaler Users Urged to Update Against Critical Flaw

Cyber attack hits university as semester one begins

Cybercriminals Exploit SVG Files For New Phishing Attacks

Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives

Cybersecurity in The Internet Age: Safeguarding Your Assets and Data

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand

Darcula Phishing-as-a-Service (PhaaS) can now auto-generate phishing kits for any brand

Emirates airline warns against fake first-class membership deals as phishing scams rise

FBI and CISA Warn of Ghost Ransomware: A Threat to Firms Worldwide

Financial, medical information stolen during cyber attack on Rainbow District School Board

Finastra confirms customer data breach from file transfer application

Genea cyber attack: Australian IVF giant confirms data breach and service disruptions

Genea patients frustrated by lack of communication amid data breach

Ghost Ransomware Compromised Organisations Across 70+ Countries

Ghost ransomware crew continues to haunt IT departments with scarily bad infosec

Ghost Ransomware Group Exploiting Unpatched Software, FBI and CISA Warn

Hacked, leaked, exposed: Why you should never use stalkerware apps

Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws

Hackers claim responsibility for NHS provider attack

Hackers pose as employers to steal crypto, login credentials

Hackers use social engineering to compromise venture capital firm Insight Partners

Have Your Users’ Credentials Been Leaked on The Dark Web?

HCRG Care Group investigates cybersecurity breach amid ransomware threat

How to Sue a Company Under GDPR for Data Misuse and Privacy Violations

India: Telangana logs over 17K malware attacks per day

Indonesian Firefighting Services Platform Allegedly Breached

Inside a LockBit Ransomware Attack: A Firsthand Account of Financial and Security Fallout

Inside the Ghost ransomware gang – everything you need to know

Kaspersky blocks over 893 million phishing attempts in 2024

Major Australian IVF provider investigating cyber incident

Major Venture Capital (VC) fund with cybersecurity investments confirms falling for social engineering

Malicious Ads Target Freelance Developers via GitHub

Marshall Islands at high risk of cyber attack

Medusa ransomware gang demands $2M from UK private health services provider

Microsoft fixes Power Pages zero-day bug exploited in attacks

Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability

Mobile Phishing Attacks Surge with 16% of Incidents in US

Mobile phishing threats are evolving, according to new research

National Cyber Emergency Response Team of Pakistan (PKCERT) warns citizens about new phishing attacks

New FrigidStealer Malware Infects macOS via Fake Browser Updates

New Google ad tracking policy a ‘Pandora’s box’ for privacy, experts warn

New NailaoLocker ransomware used against EU healthcare orgs

North Korean hackers posing as recruiters to steal crypto with malware

NVIDIA’s key toolkit packed with vulnerabilities, research finds

Over 330 Million Credentials Compromised by Infostealers

Pakistani citizens warned against phishing scams

Porter Police Department alerts public to significant increase in phishing scams targeting mobile devices

Ransomware losses tumble but threat remains

Raymond Limited Confirms Cyberattack, Ensures Business Continuity

Russian Hackers Use Meeting Invite Phishing to Infiltrate Sensitive Accounts

Russian State-Backed Hackers Intensify Attacks on Signal Messenger Accounts

Stalkerware apps Cocospy and Spyic are exposing phone data of millions of people

UK healthcare giant HCRG confirms hack after ransomware gang claims theft of sensitive data

Unknown and unsecured: The risks of poor asset visibility

Unknown Chinese ransomware gang raids dozens of companies using old flaws

Urgent Warning: Active Phishing Campaign Targeting Jupiter Users

US cybersecurity agencies warn of global Ghost ransomware threat

US healthcare organization pays $11M settlement over alleged cybersecurity lapses

Weaponized Complexity: How AI is Supercharging Cyber Threats

19th February

96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs

602K Alleged Yahoo Data Leak Advertised on Dark Web Forum

Accounting Firm Blue & Co. Files Notice of Data Breach with Federal Regulators

AI hallucinations in court papers spell trouble for lawyers

Antwerp slammed for recording public conversations under noise pollution program

Attackers are chaining flaws to breach Palo Alto Networks firewalls

Australian fertility services giant Genea hit by security breach

Australian IVF Clinic Suffers Data Breach Following Cyber Incident

BlackLock Group Surges To Become Top Threat of 2025

BlackLock Ransomware On The Rise, Report Finds

BlackLock Ransomware Targets Windows, VMware ESXi, & Linux Environments

Brazilian Auction Platform Allegedly Breached

Burlington Hydro notifies customers personal information may have been exposed in data breach

Can you guess which AI bot shares the most data with third parties?

Canada: Privacy commissioner says Nova Scotia government failed legal obligations before data breach

Chinese hackers turn phished card data into Apple and Google Wallets

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

Cyber hygiene habits that many still ignore

Cyber Investor Insight Partners Suffers Security Breach

Cyberattack hits Lee Enterprises harder than expected

Cybercrime-as-a-Service (CaaS) Surges in 2025, Along With RATs, Ransomware

Data breach notifications commenced by Finastra

Dior Coin scam: hacker breaches luxury brand’s Instagram account to promote fake memecoin

Don't get hooked: Phishing emails and other online cons costing over $1 trillion a year

Finastra Notifies Customers of Data Breach

Flaws in Xerox VersaLink MFPs Spotlight Printer Security Concerns

Fraudster reportedly stole $5.6M from FTX creditors using AI

Ghost ransomware breached organizations in 70 countries

Gmail users targeted by AI-driven phishing scam

Google exposes new Russian phishing scheme targeting Ukrainian troops in Signal messaging app

Google reveals a new phishing scheme by Russians who attacked Ukrainian military in Signal

Hacker attack on Alf DaFrè furniture company: 350 workers end up on lay-off

Hackers Converting Stolen Payment Card Data into Apple & Google Wallets

Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes

Hackers Tricking Users Into Linking Devices to Steal Signal Messages

Hackers Turning Stolen Payment Card Data into Apple & Google Wallets

Health Net, Centene Settle Cybersecurity Fraud Allegations with $11M Payout

Healthcare cyberattacks continue to escalate in 2025

Hundreds of Dutch medical records bought for pocket change at flea market

Hundreds of US Military and Defense Credentials Compromised

Impact of Updated Data Breach Laws on Legal Practices

INC group claims a ransomware attack on the City of McKinney

Indonesia: Alleged Data Breach at Ministry of Agriculture

Kaspersky reports nearly 900 million phishing attempts in 2024 as cyber threats increase

Lee Enterprises blames cyberattack for encrypting critical systems as US newspaper outages drag on

Lee Enterprises confirms ransomware attack disrupting operations for over two weeks

Lee Enterprises Experienced Ransomware Attack, Raising the Possibility of a Data Breach

Lee Enterprises Newspaper Disruptions Caused by Ransomware

Lee Enterprises Ransomware Attack Compromises ‘Critical’ Systems

Malware hides on Google docs: passwords and private chats at risk

Malware-as-a-Service Lowers the Technology Bar for Threat Actors, Study Finds

Medical data discovered on hard drives sold on flea market

New FrigidStealer infostealer infects Macs via fake browser updates

New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection

Northern Ireland: Enniskillen man in court on PSNI data breach charge

Northern Ireland’s largest housing association, with 10,000 social homes, targeted in cyber attack

OpenSSH vulnerable to man-in-the-middle attacks for ten years: patch now available

Operational Technology (OT) Security in an AI-Powered World

Palo Alto Networks tags new firewall bug as exploited in attacks

Palo Alto Networks warns of another firewall vulnerability under attack by hackers

Pegasus spyware infections found on several private sector phones

Phishing attack hides JavaScript using invisible Unicode trick

Phishing Campaign Exploits Webflow to Steal Credit Card Data

Phishing remains the preferred technique among threat actors

Phobos Ransomware Affiliates Arrested in Coordinated International Disruption

Pro-Russian hackers target Italian banks and airports in cyber attack

Publishing giant Lee Enterprises reports a major ransomware attack on its network

Raymond IT Systems Hit by Cyber Attack - Investigation In progress

Raymond Lifestyle Hit By Cyber Attack, Core System ‘Safe’

Recent Ghost/Cring ransomware activity prompts alert from FBI, CISA

Russian CryptoBytes Hackers Exploiting Windows Machines To Deploy UxCryptor Ransomware

Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware

Russian hackers abusing Signal to spy on victims

Russian Hackers Target Signal Messenger Users to Steal Sensitive Data

Russian Hackers Use Microsoft Teams to Phish 365 Accounts

Russian phishing campaigns exploit Signal's device-linking feature

Russian state hackers spy on Ukrainian military through Signal app

Russian State Hackers Target Signal to Spy on Ukrainians

Smart home device maker exposes 2.7 billion records in huge data breach

Spanish spyware startup Mollitiam Industries shuts down

Spies Eye AUKUS Nuclear Submarine Secrets, Australia’s Intelligence Chief Warns

TD Bank class action claims data breach exposed customers’ Personally Identifiable Information (PII)

Tech investment firm Insight Partners discloses data breach

Telekom Customers Targeted By New Phishing Scam

Teton Orthopaedics faces class action lawsuit over alleged data breach affecting 13,400 patients

Texas-Based Consultants in Pain Medicine Confirms SSNs Leaked in 2024 Data Breach

Thailand to take in 7,000 rescued from illegal cyber scam hubs in Myanmar

Trend Micro predicts increase in AI-driven cyber threats in 2025

Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack

UAE: Ransomware attacks rise by 32% in 2024; all deterred, authority chief says

“Unsuccessful cyber-attack” forced Cayuga Medical Center’s emergency department to divert patients Tuesday

Warning Issued For BlackLock Ransomware Operation After 1,425% Increase in Data Leaks

Widespread GenAI use raising data breach concerns

WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack

Xerox Versalink Printers Vulnerabilities Could Let Hackers Steal Credentials

Zero Trust Must be a Cybersecurity Priority for the Trump Administration

18th February

$10 Infostealers Are Breaching Critical US Security: Military and Even the FBI Hit

2025 ZeroFox Forecast: Dark Web, Ransomware, Gen AI & Beyond

A New Wave of Ransomware Campaigns Targeting Microsoft Teams

Alleged Data Breach Claims Surface Against Thai Telecom Company TOT Mobile

Alleged Data Dump: Threat Actor Claims to Release 4 Million Stolen Credit Cards

As US newspaper outages drag on, Lee Enterprises blames cyberattack for encrypting critical systems

Association of Banks in Singapore (ABS) warns of rise in card phishing scams

Australian National University investigates alleged ransomware attack by FSociety

BerryDunn reaches $7.5 million settlement in data breach lawsuit

Beware of Fake Timesheet Report Email Leading to the Tycoon 2FA Phishing Kit

BlackLock On Track to Be 2025’s Most Prolific Ransomware Group

BlackLock ransomware onslaught: What to expect and how to fight it

Card-issuing banks in Singapore to require additional verification for mobile wallet users

Chinese hackers abuse Microsoft APP-v tool to evade antivirus

Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

COMELEC: Hacker group’s claim of another ‘Comeleak’ a hoax

COMELEC: No cybersecurity breach of election data

Compliance Isn’t Security: Why a Checklist Won’t Stop Cyberattacks

Cracked Garry’s Mod, BeamNG.drive games infect gamers with miners

Critical OpenSSH Vulnerabilities Expose Users to MITM and DoS Attacks

Cyber attack on The Pension Specialists impacted over 70,000 individuals

Cyber threats surge in New Zealand, phishing leads scams

Cyberattack likely to have ‘material impact’ on media giant Lee Enterprises’ bottom line

Cybercriminals Exploit Onerror Event in Image Tags to Deploy Payment Skimmers

Cybercriminals shift focus to social media as attacks reach historic highs

Data Breach Outlook: Healthcare Most Breached Industry in 2024

Debunking the AI Hype: Inside Real Hacker Tactics

DeepSeek sent user data to ByteDance, Seoul confirms

Document management system leak exposed 25 Million records

Dozens of Italian websites targeted by Russian hackers

Ecuador's legislature says hackers attempted to access confidential information

Evolving Snake Keylogger Variant Targets Windows Users

Fake Timesheet Report Emails Linked to Tycoon 2FA Phishing Kit

Finastra Starts Notifying People Impacted by Recent Data Breach

Got a Microsoft Teams invite? Storm-2372 Gang Exploit Device Codes in Global Phishing Attacks

Hackers planted a Steam game with malware to steal gamers’ passwords

Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency

Impact of DeepSeek data breach on database infrastructure

Infostealer malware detected within US military and defense companies

Insight Partners hit by cyber attack with possible data leaks

Italian websites targeted by alleged pro-Russian hackers

Juniper patches critical auth bypass in Session Smart routers

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication

Lee Enterprises newspaper disruptions caused by ransomware attack

Managed healthcare defense contractor to pay $11 million over alleged cyber failings

Michigan casino chain remains closed 9 days after ransomware attack

Mustang Panda Leverages Microsoft Tools to Bypass Anti-Virus Solutions

New FrigidStealer Malware Targets macOS Users via Fake Browser Updates

New hacker attack on Italian sites, pro-Russian group NoName057 claims responsibility

New Mac Malware Poses as Browser Updates

New MacOS malware FrigidStealer targeting users with fake updates

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now

New OpenSSH flaws expose SSH servers to MiTM and DoS attacks

New XCSSET Malware Variant Targeting macOS Notes App and Wallets

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

New Zealand: Hacker nearly hooks Waikato pair after infiltrating law firm

Northern Ireland Assembly reports apparent data breach to UK information watchdog

OpenSSH Flaws Expose Systems to Critical Attacks

Phishing campaign targets Microsoft device-code authentication flows

Phishing scam involving SunPass seeks to collect personal data; fraudulent sites shut down

Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer

Protect Your Data: Russian Spear-Phishing Targets Microsoft 365 Accounts

RansomHub claims theft of 119GB of data from indigenous American tribe’s network

Ransomware: The $270 Billion Beast Shaping Cybersecurity

Ransomware attack disrupts Sault Tribe's casinos in Michigan

Ransomware attack hits 5 Michigan casinos, shuts them down

Ransomware attacks on food and agriculture expected to rise, possible ‘cascading impacts’ on the sector

Ransomware Cyberattack Claims New Casino Victim

Ransomware Spike Driven By Ransomware-as-a-Service (RaaS) Operations

Researchers warn of extremely dangerous ransom gang: pressure to pay up quickly

Russian Railways Portal Allegedly Breached 570K Records Exposed

Sault Tribe Casinos Still Recovering from Hacker Attack

Singapore Reports S$1.2 Million in Losses from Phishing Scams Targeting Mobile Wallets

Singapore warns of rising credit card phishing scams in online purchases, 656 cases linked to mobile wallets

Snake Keylogger Variant Hits Windows, Steals Data via Telegram Bots

South Africa: Weather Service still working to restore IT platform after ransomware attack

South African Weather Service expects website restoration within a week following ransomware attack

There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victims

These nations are banning DeepSeek AI - here's why

Threat Actor Claims Unprotected TensorFlow Database Exposes Sensitive Files Including Passwords

Toll text scam: Drivers warned of phishing scam claiming unpaid tolls on Pennsylvania Turnpike

Tycoon 2FA Phishing Campaign Uses Fake Timesheet Report Emails

US Coast Guard hack leads to paycheck delays, forces personnel systems offline

US Military, Defense Contractors Infected with Infostealers

US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware

Venture Capital giant Insight Partners confirms January cyberattack

Venture capital giant Insight Partners hit by cyberattack

Vgod Ransomware Encrypts Your Entire System and Sets A Ransom Note As Wallpaper

Why rebooting your phone daily is your best defense against zero-click attacks

Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign

Zacks Investment Data Breach Exposes 12 Million Emails and Phone Numbers

Zacks Investment Research Breach Hits 12 Million

17th February

$577 Million Cryptocurrency Fraud: Two Estonians Admit Role in Global Ponzi Scheme

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

Advanced Ransomware Evasion Techniques in 2025

Akira claims cyber attack on closed Australian media company

Alleged Russian hackers attack worldwide sectors by posing as famous people on Teams, WhatsApp, & Signal

Applying Behavioral Economics to Phishing and Social Engineering Attacks

Arthur J. Gallagher & Co. reaches $21 million settlement over 2020 data breach

Barracuda reports fourfold rise in ransomware threats 2024

Beware of Fake Outlook Troubleshooting Calls that Ends Up In Ransomware Deployment

Beware! Fake Outlook Support Calls Leading to Ransomware Attacks

Beyond ransomware payments: A proactive approach to cybersecurity

California’s Included Health Provides Notice of Data Breach to an Unknown Number of Individuals

Charleston Area Medical Center Announces Data Breach Following Email Phishing Attack

Chase will soon block Zelle payments to sellers on social media

Cyber-warfare: the new era of sophisticated attacks

Cybercriminals are stealing AI power, and you might be the one paying for it

Dark Web Post Alleges Sale of 17B Stolen Credentials

Data Breach: US accuses UK of ordering Apple to allow spying on iPhone consumers’ information worldwide

Data breach leaks a whopping 2.7 billion records including smartphone and Wi-Fi info

Data Breach Prompts Coast Guard to Take Personnel and Pay System Offline

Different Types of Apple Phishing Scams in 2025

Dutch police dismantle bulletproof hosting provider, seize 127 servers

Estonian Duo Plead Guilty to $577m Crypto Ponzi Scheme

Finastra Announces Data Breach Following Discovery of November 2024 Cyberattack

Fintech giant Finastra notifies victims of October data breach

Florida Attorney General shuts down fake SunPass sites targeting toll users with phishing scams

Gambling Shutdown As More Casinos Get Hit With Ransomware Attack

Hacker claims they stole 12m customer accounts from Zacks Investment Research

Hackers are using this new phishing technique to bypass MFA

Hackers Exploit Telegram API to Spread New Golang Backdoor

Hackers infect websites of a major Lithuanian food company Vičiūnai Group

Hackers opted for ransomware in 2024 for faster and more advanced attacks

HashFlare Fraud: Two Estonians Admit to Running $577M Crypto Scam

Health tech company Datavant Group says data breach impacted over 45,000 patients

How Small Businesses Can Protect Themselves From Cyber Threats

Innovative Renal Care Sends Data Breach Letters Following Early 2024 Incident

Is Russia Reining In Ransomware-Wielding Criminals?

Kelsey-Seybold Clinic Files Notice of Data Breach

Lucent Health Solutions says cyber attack impacted over 37,000 individuals

Memorial Hospital & Manor faces scrutiny over ransomware attack and data leak

Microsoft Detects New XCSSET MacOS Malware Variant

Microsoft spots XCSSET macOS malware variant used for crypto theft

Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics

Microsoft warns of Storm-2372’s device code phishing attacks and evolving tactics

New downloads of DeepSeek suspended in South Korea

New downloads of DeepSeek suspended in South Korea, data protection agency says

New Golang-Based Backdoor Uses Telegram Bot API for Evasive C2 Operations

Palo Alto Networks and SonicWall Firewalls Under Attack

Phishing attempt strikes FTX creditors on the brink of repayments

Phishing for Love: A Sharp Surge in Valentine’s Day-Themed Scams

PowerSchool data breach exposes student information

Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports

RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems

Ransomware attack affects Michigan casinos and tribal health centers

Ransomware attacks surged in 2024 as hackers looked to strike faster than ever

Ransomware Gangs Encrypt Systems 17 Hours After Initial Infection

Ransomware Gangs Encrypt Systems After 17hrs From Initial Infection

Ransomware gangs extort victims 17 hours after intrusion on average

Ransomware rises fourfold in a year of complex threats

Ransomware-as-a-service actors drive four-times increase in ransomware attacks

Russian cyberattackers spotted hitting Microsoft Teams with new phishing campaign

Russian Hackers Use Device Code Phishing to Hijack Microsoft 365 Accounts

Russian State Hackers Target Organizations With Device Code Phishing

Sault Sainte Marie Tribe perseveres through second week post-ransomware attack

Sault Tribe working to reopen Michigan casinos following ransomware attack on tribal operations

Singapore: Over $1.2m lost to credit card phishing and mobile wallet scams from Oct to Dec 2024

South Korea Suspends DeepSeek AI Downloads Over Privacy Violations

South Korea Suspends Downloads of AI Chatbot DeepSeek

Spy becomes cybercriminal in curious ransomware incident

Telegram Used as C2 Channel for New Golang Malware

Thailand: National Cyber Security Agency (NCSA) watchdog warns delivery firms after major data breach

The Pension Specialists Data Breach Affects Over 71k Consumers

The Philippines: Commission on Elections (COMELEC) denies data breach allegations, ensures system security

The XCSSET info-stealing malware is back, targeting macOS users and devs

This new email scam bypasses 2FA and steals your identity

Thousands of Polish lawyers affected by data breach

Three days later, DOGE site remains defaced: experts point at cybersecurity violations

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

U.S. accounting firm settles major data breach lawsuit for $7.25 million

Ukraine Launches Major Cyber Attack on Russian Gas Infrastructure

United Arab Emirates (UAE) Among Most Targeted Countries by Malware Attacks

United States Coast Guard Suffers a Data Breach Delaying Payments of Over 1000 Members

Urgent warning to all Gmail and Outlook users over ‘dangerous’ new login attack that steals passwords & raids accounts

Xactus Data Breach Letter Confirms 2024 Incident Compromised Individuals’ Social Security Numbers