Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 24 February 2025

Data Breaches Digest - Week 9 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 24th February and 2nd March 2025.


2nd March

24,041 Americans Affected As Billion-Dollar Bank Suffers Data Breach

Bybit hacker moves 62,200 ETH, full amount could be cleared in 3 days

Cyber attack cost Krispy Kreme over $11 million in lost revenue

“Every organization is vulnerable” - ransomware dominates security threats in 2024, so how can your business stay safe?

Gone phishing: How to resist the bombardment of cyberattacks

Hacker Access To Your Small Business Costs $600 On The Dark Web

Hackers stole confidential data from Indian stock broker Angel One's AWS resources

In February, damage from hacker attacks reached a record $1.51 billion

Info accessed in Rainbow board data breach ‘deleted and has not been shared’

Medusa ransomware group claims a major attack on Laurens County School District

Nearly 12,000 API keys and passwords found in AI training dataset

Organisations battle with AI-driven phishing threat rise

Ransomware 2025: Lessons from the Past Year and What Lies Ahead

Ransomware Ambush: Qilin Says It Was Behind Lee Enterprises Cyber Attack

Ransomware Gang Leak Shows Stolen Passwords And 2FA Codes Driving Attacks

Risk To MSPs From Data Breach Lawsuits Is On The Rise

Southern Water spent £4.5 million to respond to a Black Basta ransomware attack

The Rise of QR Phishing: How Scammers Exploit QR Codes and How to Stay Safe

Toronto Zoo says credit card info ‘leaked on the dark web’ in cyber attack

Tramp Ransomware Emerges with Black Basta’s Attack Strategies

Ukraine: Cyberpolice warn about phishing QR codes in public places

1st March

$350,000,000 Payment To T-Mobile Customers Incoming After Massive Hack and Data Breach Settlement

Angel One Data Breach: 8 Million Users Personal Records at Risk

AT&T Hacker Tried to Sell Stolen Data to Foreign Government

Canada: Info accessed in Rainbow District School Board data breach ‘deleted and has not been shared’

Crime Records and Bank Accounts Allegedly from Wayne County Hacked by the Interlock Ransomware Group

Houston Symphony allegedy hacked by Qilin ransomware group

Iceland’s Tax Authority Warns of Phishing Scam

Investment research data breach exposes 12 million customers

North Korean Hackers Behind Largest Ever Financial Theft

Ransomware: from REvil to Black Basta, what do we know about Tramp?

Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day

Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks

Ransomware payments drop 35% in 2024 as fewer victims give in

28th February

$1.5 Billion Bybit Hack is Linked to North Korea, FBI Says, in Potentially the Largest Crypto Heist Ever

7 Tools to Prevent Breaches in E-Wallets and Crypto Wallets

260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users to Steal Credit Card Data

5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training

Alleged Data Breach: Threat Actor Claims to Sell 25 Million Truecaller Contacts from the USA

Alleged Data Breach Exposes Sensitive Information from Jakarta Health Department

Amnesty Finds Cellebrite's Zero-Day Used to Unlock Serbian Activist's Android Phone

Angel One reports data breach, assures no impact on client funds

Angel One Share Price Hits Six-Month Low After Data Breach

Angel One Suffers Data Breach, Says Client Accounts Secure

Belgium investigating alleged cyberattack on intelligence agency by China-linked hackers

Black Basta leak exposes critical ransomware tactics and internal strife, revealing attack patterns

Bybit Hacker Has Laundered Over 50% of Stolen Funds...Remaining Funds Could Be Laundered Within 5 Days

Bybit Hacker Launders 270K ETH Via THORChain, Still Holds $514 Million

Bybit hacker launders $605M ETH, over 50% of stolen funds

Bybit hacker launders more than 50% of the $1.4B stolen Ethereum in less than a week

Bybit Hacker’s Money Laundering Boosts THORChain with $2.91 Billion in Transaction Volume and $3 Million in Fees

Cafe Zupas Data Breach Exposes Social Security Numbers

California shuts down data broker for failing to register

Canada watchdog probing X's use of personal data in AI models' training

Cleveland Municipal Court Remains Closed Due to Ongoing Cybersecurity Incident

Critical condition: The rising threat of ransomware in healthcare

Cyber Attack Keeps Cleveland Municipal Court Offline

Cybercrime report reveals 58% surge in APT activity

DISA Global Solutions Faces Major Data Breach Impacting Millions

DISA reveals major data breach impacting over 3 million people

'Do not respond': Illinois Tollway issues warning amid spike in scam texts

Duolingo post mortem: scammers use Duo’s death to swindle victims

Employment screening provider data breach affects 3.3M people

Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains

France's 'backdoor for the good guys' could put your data at risk

Fred Hutchinson Cancer Center settles data breach lawsuit for $11.5 million

From Legacy Systems to 5G: Enterprise Security Threats in 2025

Global Cybercriminal ‘Altdos’ Busted After 90+ Data Breaches

Google Chrome users issued hacker warning as millions at risk of fraud

Hacker behind over 90 high-profile data leaks worldwide arrested in Thailand

Hackers can turn any Bluetooth device into an AirTag and track its location

HighWire Press Allegedly Breached 26 Million Records Exposed

Iceland Revenue And Customs Authority Warns Against Phishing Scam

Illinois: That text saying you owe unpaid tolls? It’s a phishing scam, authorities warn

Investment research data breach exposes 12 million customers

IRS contractor leaked the tax returns of over 400k Americans and businesses

JavaGhost’s Persistent Phishing Attacks From the Cloud

Las Cruces organization reports data breach of health information

Lynx Ransomware Attacking Organizations to Exfiltrate Sensitive Data

Microsoft Disrupts Storm-2139 for LLMjacking and Azure AI Exploitation

Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme

MITRE Caldera Hit by Critical RCE Flaw (CVE-2025-27364) – Here’s What You Need to Know

MITRE Caldera RCE vulnerability with public Proof-of-Concept (PoC) fixed, patch ASAP! (CVE-2025–27364)

Old Vulnerabilities Among the Most Widely Exploited

Ongoing Astaroth Phishing Campaign Targeting Gmail, Microsoft and Third-Party Authentication Services

OT/ICS cyber threats escalate as geopolitical conflicts intensify

Over 350 High-Profile Websites Hit by 360XSS Attack

Prolific Data Extortion Actor Arrested in Thailand

Protect Your Devices: Mobile Phishing Attacks Bypass Desktop Security Measures

Qilin ransomware claims attack at Lee Enterprises, leaks stolen data

Rainbow District School Board says all critical systems back up and running

Ransomware attacks reach record levels in January 2025

Ransomware criminals love CISA's Known Exploited Vulnerability (KEV) list – and that's a bug, not a feature

Ransomware Group Takes Credit for Lee Enterprises Attack

Ransomware incidents reached record levels in 2024

ReliaQuest report reveals rapid evolution in cyber threats

Remote Desktop Protocol (RDP): a Double-Edged Sword for IT Teams – Essential Yet Exploitable

Remove These Extensions Now! Hackers Hijack Google Chrome Add-ons for Fraud

Researchers uncover unknown Android flaws used to hack into a student’s phone

Roblox Support Team Warns of Password Phishing Scam

Sault Tribe Chairman says tribe will not pay hacker’s ransom request

Serbian police used Cellebrite zero-day hack to unlock Android phones

Shetland Islands: Council confirms Hill data breach but says financial information not leaked

Shetland Islands Council (SIC) report data breach involving Stuart Hill to Information Commissioners Office

Silver Fox APT Hijacks WeChat & Online Banking Data

Somnia Data Breach Exposes Patients’ Health & SSNs

Southern Water reports £4.5M cost from ransomware attack

State, Local, and Education (SLED) Cybersecurity Threats in 2025: What You Need to Know to Stay Ahead

Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

Suspected international hacker apprehended

Targeted by Ransomware, Middle East Banks Shore Up Security

Thai cops arrest Singaporean suspected of global cyber attacks; man said to be notorious hacker, say authorities

Thai police shut down notorious Singaporean hacker

The biggest data breaches of 2025 - so far

The hacker of Bybit launders over 600 million dollars in ETH: more than half of the stolen funds

The Top 5 Phishing Trends Businesses Need to Know in 2025

These job offers are not what they seem

Third-Party Attacks Drive Major Financial Losses in 2024

THORChain Faces Backlash as Bybit Hacker Moves 50% of Stolen Funds

Thousands Rescued from Myanmar Scam Compounds Stranded at Thai Border

U.S. recovers $31 million stolen in 2021 Uranium Finance hack

UK silence over Apple ‘back door’ is unsustainable and unjustifiable, say experts

27th February

1.7 Billion U.S. Data Breach Victims - Cybersecurity Crisis Deepens

5 things to know about ransomware threats in 2025

8 Worrying Cybersecurity Statistics You Need to Know in 2025

39% of vulnerabilities could cause both a loss of view and control

89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks

2024 phishing trends tell us what to expect in 2025

AI-generated code is serving up serious security risks, say researchers

Alleged notorious Singaporean hacker arrested in Bangkok

Angry Likho APT Resurfaces with Lumma Stealer Attacks Against Russia

Anne Arundel County officials continue investigating cyber attack; No details yet

Bank of Papua New Guinea (BPNG) Thwarts Cyber Attack: Financial Systems Remain Untouched Amid Rising Digital Threats

Belgium probes if Chinese hackers breached its intelligence service

Belgium probes suspected Chinese hack of state security service

Cafe Zupas Provides Notice of Data Breach Impacting Victims’ Social Security Numbers

Central New York Cardiology Experiences Data Breach Affecting Patients’ SSNS and Medical Info

Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds

Criminals now using GitHub to spread crypto-stealing malware

Current Trends in Data Breach Notification Laws: Safe Harbors and Reinforcing the Case for Cybersecurity

Cyberattack on Australia’s Genea: Stolen Patient Data Hits the Dark Web

Cyber resilience redefined: holding the C-suite accountable to cybersecurity breaches

Cyber's biggest threat - revealed

Data Breaches Strike Indiana Credit Unions & Members

DOGE’s ‘god-tier’ access to Consumer Financial Protection Bureau (CFPB) data opens door to market manipulation, experts say

DragonForce Ransomware Hits Saudi Firm, 6TB Data Stolen

Exposing And Defending Against The 2025 Threat Landscape

FBI confirms Lazarus hackers were behind $1.5B Bybit crypto heist

FBI Confirms North Korea’s Lazarus Group as Bybit Crypto Hackers

FBI says North Korea ‘responsible’ for $1.4 billion Bybit heist

FBI urges crypto community to avoid laundering funds from Bybit hack

Former Disney employee files wrongful termination complaint after cyber attack

Fort St. John expects emails will deliver eventually as it ‘works to realize full impacts’ of cyber incident

Fort St. John mayor provides update on cyber attack; still no word if personal information was breached

Generative AI Powers Social Engineering Attacks

GHOSTR Hacker Linked to 90+ Data Breaches Arrested

GS Retail Faces Major Data Breach Incident Affecting Millions

Hacker Behind Over 90 Data Leaks Arrested in Thailand

Hackers Exploit RDP Tools to Breach Ukraine’s Notarial Offices, CERT-UA Reports

Hackers Impersonate Taiwan’s Tax Authority to Deploy Winos 4.0 Malware

Hackers stole this engineer's 1Password database. Could it happen to you?

Halifax court approves settlement in Dell class action over data breach

Home routers under constant barrage: who's scanning them 6,000 times a day?

How Scalping Bots Exploited a Vulnerable API to Disrupt Online Retail Sales

IRS Data Breach Exposes 400,000+ Taxpayer Records – How Did This Happen?

Israel ranks second in list of countries targeted by cyberattacks in 2024

Leaked ransomware chat logs reveal Black Basta’s targeted CVEs

Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications

Medusa ransom gang claims City of Aurora, Colorado - uhm, we meant Nebraska

Meta fires around 20 employees for leaking confidential information

Microsoft names cybercriminals behind AI deepfake network

Microsoft names developers behind illicit AI tools used in celebrity deepfake scheme

MITRE Caldera security advisory warns of maximum severity flaw

New Backdoor Auto-color Linux Targets Systems in US and Asia

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades

New Threat on the Prowl: Investigating Lynx Ransomware

North Korea’s Digital Heist: How a Bold Cyber-Attack Shook the Crypto World

NorthWest Arkansas Community College mailing letters to those affected by cyber attack

Open Source Security Foundation (OpenSSF) Publishes Security Framework for Open Source Software

Orange Group confirms data breach, hacker claims he stole over 12,000 files

Orange investigates cyberattack after hacker leaks stolen data

Over 49,000 misconfigured building access systems exposed online

Philippine army confirms attack on its networks

Phishing Attack Leads to Lateral Movement in Just 48 Minutes

Phishing Links in Browsers: Identifying Red Flags and Staying Safe

PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices

Privacy tech firms warn France’s encryption and VPN laws threaten privacy

Ransomware Attacks Demand Swift Response, Remediation

Ransomware Attacks Reach Record-Breaking Levels In 2024

Ransomware Report Reveals Record-Breaking Year

Ransomware threats against operational tech surged in 2024

RestorixHealth Sends Data Breach Letters Following Unauthorized Access to an Employee’s Email Account

Security leaders discuss botnet attack against Microsoft 365 accounts

Shetland Islands: Suspected data breach puts list of council tax debtors in hands of Stuart Hill

Should ransomware payments be illegal?

Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363)

Signal threatens to leave Sweden if encrypted comms are compromised

Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations

Smart bed Eight Sleep tracks sleepers and has a secret backdoor allowing for remote connections

Software Vulnerabilities Take Almost Nine Months to Patch

Somnia Files Notice of Data Breach After Unauthorized Party Gains Access to Email System

Southern Water hit for £4.5m after ransomware attack

Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware

St. Clair Orthopaedics and Sports Medicine Announces Data Breach

Students experience CalFresh delays en masse, county data breach results in canceled benefits

Suspected Data Breach Extortion Hacker Busted in Thailand

Suspected Desorden hacker arrested for breaching 90 organizations

Swedbank accused of violating law by claiming client’s mortgage was “trade secret”

Swinging into trouble – leak exposes personal data of 60,000 golfers

Termite ransomware group claims massive data theft from Genea's systems

The Ransomware Epidemic: Why SMEs Are The New Primary Target

Thousands rescued from scam compounds in Myanmar now stuck at Thai border

Threat Actors Attack Job Seekers of Fortune 500 Companies to Steal Personal Details

Town of Kiawah Island Warns Residents of Phishing Emails

Via Credit Union data breach compromised over 60,000 customers

Vo1d malware botnet grows to 1.6 million Android TVs worldwide

Why Cybercriminals Steal First, Extort Second

Winos 4.0 Malware Targets Taiwan With Email Impersonation

You can delete personal info directly from Google Search now - and it's shockingly fast

26th February

3.3 Million People Impacted by DISA Data Breach

3.3 million people were exposed in the DISA data breach – it took the firm 10 months to disclose the incident

10 cyber security insights from ex-hacker and FBI agent who arrested him

96 Percent of Ransomware Cases Included Data Theft as Cybercriminals Double Down on Extortion

99% of Organizations Report API-Related Security Issues

2024 broke records for ransomware attacks

AI is helping hackers get access to systems quicker than ever before

Alleged classified FBI data stolen by LockBit

Alleged Data Breach Targeting Indonesian Government Agency

Amazon Prime members targeted by a new phishing scam

Anne Arundel County: Pittman’s Cyber Attack Update Lacks Key Details, Offers Little New Information

Arctic Wolf Threat Report: Ransomware As A Service On the Rise

Arkansas sues General Motors (GM) over data collection and sharing practices

Armed Forces of the Philippines (AFP): No data breach in Army, Navy ‘intrusion’

Asia-Pacific subjected to FatalRAT phishing campaign

August Data Breach Impacts Some City Of Roseburg Residents

Australian IT leaders struggle to identify scam emails

Australian IVF giant Genea breached by Termite ransomware gang

Australian IVF provider Genea confirms hackers accessed patients' healthcare data

Belgian prosecutor probes alleged Chinese hacking of intelligence service

Binance to introduce new security feature to combat crypto SMS phishing scams

Binance Warns Users of Rising SMS Phishing Scams, Promises New Security Measures

Black Basta Chat Logs Reveal Ransomware Group’s TTPs, IoCs

BlackFog’s 2024 State of Ransomware Report Reveals Record-Breaking Year for Attacks

Bybit hacker launders $335M as funds continue to move

Bybit opens hunting season for North Korea's Lazarus hackers

Cellebrite cuts off Serbia over abuse of phone-cracking software against civil society

Cellebrite suspends Serbia as customer after claims police used firm’s tech to plant spyware

CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries

Charleston Area Medical Center (CAMC) sued after data breach may have impacted more than 67,000 people

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation

‘Cyber incident’ shuts down Cleveland Municipal Court for third straight day

Cyber-attack ‘Breakout Time’ Now Less Than 30 Minutes

Cyberattack Disrupts Siberian Dairy Giant with LockBit Ransomware

Data breach potentially puts information of 15,000 Mainers at risk

Data Theft Drove 94% of Global Cyberattacks in 2024 & Ransomware Defenses are “Increasingly Complex”

Data Theft Is The New Ransomware Normal As Demands Average $600,000

Dating site’s DMs, user details stolen and leaked, hackers claim

DeepSeek fame hijacked to empty wallets

Delaware Division of Motor Vehicles (DMV) warns of ongoing E-ZPass phishing scam

Detroit PBS confirms cyberattack as Qilin ransomware claims responsibility for data breach

DISA Global Solutions Confirms Data Breach Affecting 3.3M People

Dragos report reveals rise in industrial cyber threats

Drug screening firm discloses data breach affecting over 3.3 million individuals

EncryptHub breaches 618 orgs to deploy infostealers, ransomware

EncryptHub Targets 618 Organizations with Phishing and Ransomware Attacks

Everything You Need to Know about Cyber Extortion in 2025

Four Steps to Farm Cyber Security

Genea Fertility cyber attack: Trove of sensitive patient data leaked to dark web after IVF provider hacked

Geopolitical Tension Fuels APT and Hacktivism Surge

Gone in a Flash: Amazon, PayPal, and Small Players Suffer from Phishing

Grand Forks Schools Recovered Half of Loss to Phishing Scam

GrassCall malware campaign drains crypto wallets via fake job interviews

GRUB2 Vulnerabilities Exposes Millions of Linux Systems to Cyber Attack

Hackers Are Using Fake GitHub Code to Steal Your Bitcoin

Hackers blast tribe for not negotiating after ransomware attack that closed 5 Michigan casinos

Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites

Hackers publish sensitive patient data allegedly stolen from Australian IVF provider Genea

Hackers-for-hire target Ukrainian notaries to manipulate state registries

Hatolna Allegedly Breached

Have I Been Pwned Adds ALIEN TXTBASE Data 280 Million Emails & Passwords

HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers

Home Depot refutes Clop ransomware attack claims

How to tell if your USB cable is hiding malicious hacker hardware

Huge phishing scam on Booking.com: Hungarian users lost immense amounts of money

Hundreds of GitHub repos served up malware for years

I Got a Suspicious Link in a Text Message: Here’s How I Checked It Safely

Is your email or password among the 240+ million compromised by infostealers?

Lawsuit filed against Charleston Area Medical Center (CAMC) alleges phishing attack exposed data of 67,000 people

Lazarus hacked Bybit via breached Safe{Wallet} developer machine

LCRYX Ransomware Attacks Windows Machines by Blocking Registry Editor and Task Manager

Leaked Black Basta Chat Logs Reveal $107M Ransom Earnings and Internal Power Struggles

Lessons from cyberattacks

LockBit ransomware gang sends ‘friendly advice’ to new FBI Director Kash Patel

Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads

Massive Data Breach Affects 3.3 Million US Individuals: What Was Exposed?

Massive Password Spray Attack Campaign Targets Microsoft 365 Accounts

More Prevalent, Intrusive Ransomware Attacks Hit OT/ICS

NCC Group tracks alarming ransomware surge in January

New Anubis Ransomware Could Pose Major Threat to Organizations

New Linux Malware 'Auto-Color' Grants Hackers Full Remote Access to Compromised Systems

New Phishing Attack Targeting Amazon Prime Users To Steal Login Credentials

Orange Communication Breached – Hackers Allegedly Claim 380,000 Email Records Exposed

Orange Communication Breached – Hackers Allegedly Claim Leak of 380,000 Emails

Orange confirms it suffered breach after hacker leaks company documents

Orange Group hack confirmed following leak by HellCat ransomware member

Orange Group investigates cyberattack as hacker releases compromised data

Over 3.3 million individuals impacted in background verification service breach

Pakistan witnesses 18% increase in phishing attempts in 2024 compared to 2023

Patient information posted on dark web after cyber attack on IVF company Genea

Phishing Accounts for 69% of Fraud in Germany, Consumers Lose Over €200 Billion

Phishing was still wildly effective in 2024: Consider 4 things

Pump.fun X account hacked to promote scam governance token

PyPi package with 100K installs pirated music from Deezer for years

Ransomware attack on Southern Water cost £4.5 million

Ransomware Gang Publishes Stolen Genea IVF Patient Data

Ransomware Group Data-Leak Sites Increasing as Six New Groups Emerge

Report highlights phishing campaigns that exploit trusted platforms

Rising cybercrime groups pose greater threat than state-sponsored attackers

Sault Tribe Hackers Demand Answer as Cyberattack Aftermath Unfolds

Sensitive details of Australian IVF patients posted to dark web after Genea data breach

Signal May Exit Sweden If Government Imposes Encryption Backdoor

Signal Threatens to Exit Sweden Over Government’s Backdoor Proposal

Southern Water denies claims it offered $750,000 ransom to ransomware hackers

Southern Water says Black Basta ransomware attack cost £4.5M in expenses

SunPass scam alert: Floridians urged to remain vigilant as fake toll messages resurface

Targeted Policy Action Against Ransomware Attacks Emerging as a Key Global Cybersecurity Trend

Telecom giant Orange confirms data breach from its Romanian division

Termite Ransomware Gang Breaches Australian IVF Giant Genea

The Alarming Rise of Infostealers and Ransomware & Predictions for 2025

The compliance illusion: Why your company might be at risk despite passing audits

This Data Could Destroy The FBI - Russian Crime Gang Warns Kash Patel

Thousands of exposed GitHub repos, now private, can still be accessed through Copilot

Threat Actor Allegedly Selling VMware ESXi 0-Day Exploit on Hacker Forum

Threat Actors are Moving at Unprecedented Speeds

Three Password Cracking Techniques and How to Defend Against Them

U.S. Authorities Warn About Ghost Ransomware Attacks On Organizations Across More Than 70 Countries

University of North Texas Police Warn of New Phishing Scam Impersonating TxTag Toll System

US Background Check Firm Data Breach Exposes 3.3M Records

US hit with over 1.9 billion malware threats last year - here's how to stay safe

VectraRx Mail Pharmacy Services discloses major data breach affecting over 109,000 individuals

Verona: Hacker attack on the Municipality website, no violation of sensitive data

VSCode extensions with 9 million installs pulled over security risks

Watch Out for the Latest PayPal Phishing Scam

What was leaked in the US personal data breach which affected 3 million people?

25th February

3 ransomware trends to watch for in 2025

7-year-old vulnerability exploited in Salt Typhoon attack

61% of Hackers Use New Exploit Code Within 48 Hours of Attack

88% of Top Organisations in Asia Pacific Still Put Their Customers and Stakeholders at Risk of Email Fraud as Businesses Face Record-High Email Attacks

2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT

Akira claims ransomware attack on Australian engineering firm

Alleged Data Breach Targets IT Company

Australia bans Kaspersky antivirus software on all government systems

Australian IVF giant Genea confirms a significant healthcare data breach

Australian IVF group Genea sees data breach, what should customers do

Background check and drug testing provider DISA Global Solutions reports data breach

Background check provider data breach affects 3 million people who may not have heard of the company

Background check, drug testing provider DISA suffers data breach

Be careful! That legit PayPal email might be a phishing scam

Belarus-Linked Ghostwriter Uses Macropack-Obfuscated Excel Macros to Deploy Malware

Bergen County town's data breach left thousands of people exposed, lawsuit claims

Bogus Counter-Strike 2 tournament streams leveraged to pilfer cryptocurrency

Boys and Girls Clubs of the Tennessee Valley experiences data breach

Bybit hacker launders $250M in ETH - Still holds more than Vitalik

Bybit Hacker Launders $250 Million via THORChain

Bybit Hacker Moves $250M in ETH, Cross-Chain Swaps Involving Bitcoin and Dai

Bybit Hacker’s Insane Pattern: 2-3 Moves Per Minute

Bybit swiftly repays 40,000 Ethereum loan as hacker launders $250 million

Canada: Cyber attack ‘severely impacts’ City of Fort St. John services

Cardiology of Virginia Files Notice of Recent Data Breach with Federal Regulators

Chainflip locks out Bybit hacker with protocol upgrade

Chainflip to prevent the illegal flow of Bybit hacker funds through protocol upgrades

China-based Silver Fox spoofs healthcare app to deliver malware

China's Silver Fox spoofs medical imaging apps to hijack patients' computers

Chinese Botnet Bypasses MFA in Microsoft 365 Attacks

Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks

CISA Warns of Actively Exploited Adobe ColdFusion and Oracle Agile PLM Vulnerabilities

Crypto and Cybersecurity: The Rising Threats and Why Reliable Wallets Matter

Crypto Neobank Infini hit by $49.5 million hack, offers 20% to hacker if returned

Cyber-attack lateral movement averages 27 minutes in 2024

Dark Web Post Alleges Sale of Spanish Bank and Crypto Accounts

Data breach hits US firm DISA - 3.3 million affected as hackers steal personal info

Data Breach of DISA Global Solutions Impacts Three Million Individuals

DISA breach exposes 3.3M employee background check records, many from Fortune 500 companies

DISA data breach: Everything you need to know and steps to take

DISA Global Data Breach Exposes Personal Information Of 3.3 Million US Citizens

Dragos finds ransomware attacks on industrial sector surge 87%, manufacturing hit hardest as Operational Technology targeting rises

Dragos Reports OT/ICS Cyber Threats Escalate Amid Geopolitical Conflicts and Increasing Ransomware Attacks

Escalating OT/ICS cyber threats emerge with ransomware activity

FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services

FBI & CISA warn of Ghost ransomware threats worldwide

Forget phishing, now "mishing" is the new security threat to worry about

Genea says patient information may have been stolen during cyber attack on fertility IVF specialist

Ghostwriter Cyber-Attack Targets Ukrainian, Belarusian Opposition

GitVenom attacks abuse hundreds of GitHub repos to steal crypto

GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets

Got a ‘storage full’ email for your Gmail account? Kerala Police warns of phishing scam

Hackers Exploit Fake GitHub Repositories to Spread GitVenom Malware

Have I Been Pwned adds 284M accounts stolen by infostealer malware

Home Depot denies rumors that it was hacked

How schools can fight growing ransomware attacks

India: Telangana Faces Rising Cyber Threats Including Ransomware Attacks, Digital Frauds

India: Telangana records 62.5 lakh cyber threats in a year

Infini bank attack: hacker steals USDC 49.5 million and launders it on Tornado Cash

Infini Hack: $49.5M Stolen, Neobank Offers Hacker 20% to Return Funds

Intelligence mined from exposed Black Basta internal chats

Kaspersky reports nearly 900 million phishing attempts in 2024 as cyber threats increase

Kewadin announces plans to reopen casinos weeks after ransomware attack

LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile

LockBit ransom gang claims to have stolen information that could "destroy" FBI

Michigan Casino Chain To Reopen Following Ransomware Attack

Michigan casinos, hackers are locked in a cybersecurity showdown

New Auto-Color Linux backdoor targets North American governments, universities

New EU Sanctions Blacklist Russian and North Korean Cyber Operatives

New Phishing Attack Targets Amazon Prime Users to Steal Login Credentials

No password, no protection – Movistar security lapse leaves customers at risk

One wrong SMS can wipe your savings, thanks to this Android Trojan

One year later, UnitedHealth still sending breach notices from massive hack at Change Healthcare

Only a Fifth of Ransomware Attacks Now Encrypt Data

Open source software vulnerabilities found in 86% of codebases

Orange confirms data breach: company documents on the street

Orange Group confirms breach after hacker leaks company documents

Orange Group Confirms Data Breach After Leak

Orange Group Suffers Data Breach: Hacker Claims Theft of Thousands of Internal Documents

Over 67,000 patients impacted in Charleston Area Medical Centre email breach

PowerSchool data breach: What does it mean for the educational sector?

Quarter of Brits Report Deepfake Phone Scams

Ransomware: on the murky trail of one of the leaders of Black Basta

Ransomware attacks against industrial orgs up 87%

Russian officials warn of potential compromise of major tech services provider

RxSight Files Notice of Data Breach Following Compromised Employee Email Account

SafePay ransomware group claims a major data theft from Conduent's systems

Sensitive data of 3 million exposed in massive breach at US screening company

Siberia's largest dairy plant reportedly disrupted with LockBit variant

Silver Fox APT Hides ValleyRAT in Trojanized Medical Imaging Software

SimonMed Imaging failed to protect patient information before ransomware attack, class action lawsuit claims

South Africa is the top target for ransomware and infostealer attacks

Swedish authorities seek backdoor to encrypted messaging apps

Television station Detroit PBS hacked, Qilin ransomware takes responsibility

The Bybit hack: how North Korean hackers managed to steal $1.4 billion

The Infamous Hacker Behind the $1.5 Billion Theft from Bybit

The Sneaky New Phishing Scam Consumers Need to Watch For

The Threat From a Hacker Group to CCOO With Revealing Their Financial Data

There is a new PayPal Phishing Scam that you need to know about (using real PayPal emails)

Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA

UK Home Office’s new vulnerability reporting mechanism leaves researchers open to prosecution

US drug testing firm DISA says data breach impacts 3.3 million people

US employee screening firm DISA hit with data breach affecting over 3.3 million people

US employee screening giant DISA says hackers accessed data of more than 3 Million people

VectraRx Mail Pharmacy Services Notifies 109K Individuals About Data Breach

Via Credit Union Notifies Over 60k People of Recent Data Breach

Why Apple's disabling of iCloud encryption in the UK is bad news for everyone

With AI and automation, hackers are stealing data at unprecedented speeds

24th February

$1.5B Hack of Bybit Might Be the Largest Crypto Heist Ever

1.7 Billion U.S. Data Breach Victims - Cybersecurity Crisis Deepens

68% of people are worried about misinformation due to deepfakes

$1,000 Data Breach: Healthcare Hackers Undermine $5 Billion Finance Sector

A single default password exposes access to dozens of apartment buildings

Account takeover detection: There’s no single tell

Ally Financial class action claims data breach exposed 4.2M customers’ PII

Anne Arundel County likely experiencing ransomware attack

Are you in the know? New York amends data breach law

Australia bans all Kaspersky products on government systems

Australia bans government use of Kaspersky software due to ‘unacceptable security risk’

Australia bans government use of Kaspersky software over Russian espionage concerns

Australia Bans Kaspersky Software Over National Security and Espionage Concerns

Australian National University confirms no ‘active ransomware threat’

Bangladesh Navy Allegedly Targeted in Data Breach

Botnet looks for quiet ways to try stolen logins in Microsoft 365 environments

Botnet of 130K Devices Targets Microsoft 365 in Password-Spraying Attack

Botnet targets Basic Auth in Microsoft 365 password spray attacks

Boys & Girls Clubs of the Tennessee Valley Notice of Data Breach

Bybit ETH Cold Wallet Compromised in Complex Cyberattack, Platform Secures Funds

'Bybit Hacker' Launders Money Through Meme Coins...Over $26M in Transactions

Bybit hacker swaps $3.64M to DAI via decentralized exchanges

Bybit hackers move to meme coins to launder funds and scam people

Bybit Offers $140m Bounty to Recover Funds After Mega Crypto-Heist

Bybit’s $1.5 Billion hack linked to North Korea’s Lazarus group

Bybit’s Phantom Hacker Becomes Ethereum’s Shadow Whale by Fragmenting Fortune Across 54 Wallets

Cricadda data breach exposes user information of 111,000 users

Charleston Area Medica Center (CAMC) posts notice of data breach from recent phishing attack

Cryptocurrency Exchange Bybit announces full recovery from $1.4 billion hacker attack

Cyber expert reveals how to avoid new scam targeting 1.8 billion Gmail accounts

Cyber insurance gains traction in Canada’s business community

Cyberattack closes Anne Arundel County government Monday

Cyberattack shuts down Northern Caribbean University (NCU) systems, students warned of data breach

Cybercrooks Exploit URL Manipulation in Sophisticated Phishing Scam

DNS Insights on a Free Form Builder Service Phishing Campaign

Essential Addons for Elementor XSS Vulnerability Discovered

EU sanctions North Korean tied to Lazarus group over involvement in Ukraine war

Experts Slam Government After “Disastrous” Apple Encryption Move

Exploits for unpatched Parallels Desktop flaw give root on Macs

Fake ChatGPT Premium Phishing Scam Spreads to Steal User Credentials

FBI issues security warning on ransomware attack that targets mobile devices

FBI Issues Warning of Ongoing ‘Ghost’ Ransomware Attack

FBI warns of Chinese hacker group named ‘Ghost’: See full details and how to protect yourself

FBI's Ghost Cyber Warning: All You Need to Know

FM Logistic France Allegedly Suffers Data Breach, Employee Information Exposed

Ghost Ransomware Attacks Target Outdated Systems

Grubhub Data Breach

Hacker drains $49.5 Million from Infini stablecoin bank

Hacker Hijacks Screens at Department of Housing and Urban Development (HUD) HQ to Play Disturbing AI Video of Trump, Musk

Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware

Hackers Hijack YouTube Channels to Target Counter-Strike 2 (CS2) Fans with Fake Giveaways

Hackers pilfer cryptocurrency exchange Bybit for $1.4 Billion

Hackers pose as e-sports gamers online to steal cryptocurrency from Counter-Strike fans

Hackers Score $1,000 Per Healthcare Data Breach Vs. $5 Per Credit Card Theft

Hackers Use Google Docs and Steam to Spread ACRStealer Infostealer

Home Office investigates potential data breach involving British citizens

Hong Kong: InvestHK checks for data leaks following ransomware attack

Hong Kong: InvestHK opens probe into potential data leak following ransomware attack

Hong Kong’s investment promotion arm probes ransomware attack

Hunterdon County Sheriff Warns Against New E-ZPass Phishing Scheme

INTERLINK Health Services Provides Notice of Data Breach Following Compromised Email Account

IT/OT Convergence Fuels Manufacturing Cyber Incidents

Kept in the Dark: Inside the St. Landry Parish Schools Ransomware Attack

Leaked Black Basta Chats Expose Ransomware Secrets & Infighting

Leaked Black Basta Chats Reveal Cybercriminal Infighting

Lithuanian fintech Paysera restores services after cyber-attack

LockBit Ransomware Strikes: Exploiting a Confluence Vulnerability

Man vs. machine: Striking the perfect balance in threat intelligence

Massive botnet hits Microsoft 365 accounts

Massive Data Breach Allegedly Exposes Sensitive User Information from MeetNChill

Michigan Man Indicted for Dark Web Credential Fraud

Microsoft 365 at risk: massive botnet targeting users in password spraying attacks

New ChatGPT’s Premium Features Subscription Phishing Attack Steals Logins

New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer

New ‘Phishing Kit’ Targets Email Accounts

Niva Bupa shares drop 4.3% amid potential data breach

North Korea’s Lazarus hackers behind $1.4 billion crypto theft from Bybit, researchers say

North Korean hackers linked to $1.5 billion Bybit crypto heist

NTrust Infotech Announces Data Breach, Offers 24 Months of Credit Monitoring to Victims

Nuna Baby Essentials Sends Data Breach Following Recent Cybersecurity Incident

OpenAI bans ChatGPT accounts used by North Korean hackers

PayPal addresses abused to send phishing emails

PayPal Phishing Scam Exploits “New Address” Feature

PowerSchool faces more scrutiny following widespread data breach

Proof-of-Concept (PoC) exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)

Protecting the Manufacturing Sector from Ransomware

RansomHub claims breach of BC Jindal Group, alleges theft of 140 GB of data

Record $1.5B stolen in Lazarus Group’s ByBit crypto heist

Researchers accuse North Korea of $1.4 billion Bybit crypto heist

Russia warns financial sector of major IT service provider hack

Scammers pretend to support PayPal in phishing emails: “Confirm your address for MacBook M4 Max delivery.” How this scheme works

South African Weather back online after cyberattack, but you still won’t be able to get these services

South African Weather Service aviation website back online after cyber attack

South African Weather Service aviation website online again after cyber attack

South African Weather Service restores aviation website 4 weeks after cyber attack

Spearphishing, ransomware remain top cybersecurity threats to manufacturing

Spylend malware downloaded from Google Play over 100,000 times

This PayPal scam exploits new address feature to send out phishing scam emails

Top ransomware gang's internal chat logs leaked online

Turning Point of Central California Announces Data Breach Following Suspicious Activity on IT Network

Warby Parker slapped with $1.5M penalty over data breach

Warning issued over prolific 'Ghost' ransomware group

What defenders are learning from Black Basta’s leaked chat logs

What you need to know about the 'Ghost' cyberattacks and why the FBI is concerned

Why Gmail is replacing SMS codes with QR codes - and what it means for you