Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 24th March and 30th March 2025.30th March
Growing threat of 'quishing' in the Philippines
Hacker Group Anonymous Claims Cyber Offensive Against Turkish Government
Kink and LGBT dating apps exposed 1.5 million private user images online
New Crocodilus malware steals Android users’ crypto wallet keys
RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
29th March
5 Phone And Email Scams You Should Never Engage With Because They Can Compromise Your Data And Steal Your Info
Alleged Canadian hacker behind 2021 theft of Texas GOP and GiveSendGo user data in custody
BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability
Canadian Hacker Aubrey Cottle Charged with Theft of Texas GOP Data
ClickFix Captcha – A Creative Technique That Allow Attackers Deliver Malware and Ransomware on Windows
FBI investigates cyberattack at Oracle, patient records breached
FBI investigating cyber attack at Oracle
'Foreign actors': Data breach exposes York County tax preparer's customer data
Gamaredon Hacker Group Using Weaponize LNK Files To Drop Remcos Backdoor on Windows
Hacker Aubrey ‘Kirtaner’ Cottle arrested for breaching Texas GOP website
Hackers are now using AI to break AI – and it’s working
Hackers Leveraging DNS MX Records To Dynamically Create Fake Logins Mimic as 100+ Brands
Hellenic Open University Hit by Cyberattack, 813 GB of Personal Data Leaked on Dark Web
Mobile Banking Malware Surges 3.6 Times, Crypto Phishing Up 83%
Morphing Meerkat Phishing Operation Targets Users Worldwide
New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials
Singapore: Police Warn of EZ-Link Scams That Stole S$156,000 from 97 Victims In March 2025
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk
Twitter (X) Hit by Data Leak of 2.8 Billion Users; Allegedly an Insider Job
U.S. seized $8.2 million in crypto linked to 'Romance Baiting' scams
Walmart Owned Sam’s Club Investigates Clop’s Ransomware Claim
Walmart’s Sam’s Club claimed by Cl0p ransomware gang
28th March
7 AI Cybersecurity Trends For The 2025 Cybercrime Landscape
27,000 records in Australian fintech database were exposed
494,000 Americans Affected As Massive Data Breach Exposes Names, Financial Records, Medical Data, Social Security Numbers and More
Addressing the growing complexity of cyber-security
Advanced slapped with almost $4M fine after LockBit hack
After Chrome patches zero-day used to target Russians, Firefox splats similar bug
Android financial threats: What businesses need to know to protect themselves and their customers
Anonymous hacker group ‘co-founder’ arrested, tied to 2021 Texas GOP web hack
Arts Council England (ACE) apologises following ‘huge data breach’
Atlas CPAs & Advisors Experiences Data Breach Affecting SSNs and Financial Info
Australia: New South Wales (NSW) Court Registry Data Breach Threatens to Further Erode Confidence in Justice System
Australian property developer TOGA listed as ransomware victim on Akira leak site
Blacklock Ransomware Infrastructure Intruded to Uncover Their Planned Attacks
Browser-native ransomware may be the next billion-dollar threat
Cardiff's children's chief confirms data leak 2 months after cyber risk was 'escalated'
Challenges Facing the UK Government’s Proposed Ransomware Ban
China-aligned hacker group FamousSparrow resurfaces in cyberattacks
CISA Issues Urgent Security Alerts: Critical Vulnerabilities in Schneider Electric, Chrome, and Sitecore
CoffeeLoader Uses GPU-Based Armoury Packer to Evade EDR and Antivirus Detection
Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
Critical sandbox escape flaw affects Firefox, Tor on Windows
Crooks are reviving the Grandoreiro banking trojan
CSG Consultants Sends Data Breach Letters Following Recent Cybersecurity Incident
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it
Cybersecurity spending set to jump 12.2% in 2025
Darkweb actors claim to have over 100K of Gemini, Binance user info
Data Breach at Three Rivers Hospital Linked to CPS Solutions Email Compromise, Patients Offered Credit Monitoring
Data breach exposes details of vulnerable children in Cardiff
Data Breach Hits Pennsylvania’s Largest Workers and Teachers’ Union PSEA, Impacting over 500,000 People
Falling for this phishing scheme can send you to jail in Russia
Firefox fixes flaw similar to Chrome zero-day used against Russian organizations
Firefox Patch Released as Mozilla Addresses Chrome-Like Security Threat
France’s critical infrastructure under attack, political tensions to blame
French Department of Education sends phishing mail to 2.5 million students
Gemini, Binance Breach Claims Surface: Is Your Crypto Account Data at Risk?
Hackers are after your router and other network devices, Eclypsium warns
Hackers Claim to Sell Over 100,000 Gemini and Binance User Records on Dark Web
Hackers Exploit DNS MX Records to Create Fake Logins Imitating 100+ Brands
Hackers Exploit MailChimp Email Marketing Platform Using Phishing and Social Engineering Tactics
Hackers target Taiwan with malware delivered via fake messaging apps
Hacktivists gear up for coordinated attacks on Israel ahead of April 7
Hanover tax preparer working with IRS after suffering spear phishing breach on tax returns
Healthcare’s alarming cybersecurity reality
Huge business impact from ransomware attacks as downtime hits 24 days on average
Incruit Loses Lawsuit Over Data Breach Fine
Investigative Journalists in Serbia Hit by Advanced Spyware Attack
Kuala Lumpur Airport Hit by Cyberattack, Hackers Demand $10M Ransom
Massive Data Breach? Over 100,000 Gemini Users Allegedly at Risk as Hacker Claims to Sell Personal Info
Morphing Meerkat PhaaS Platform Spoofs 100+ Brands
‘Morphing Meerkat’ spoofs 114 brands via DNS mail exchange records
Most Healthcare Providers Remain Highly Vulnerable to Ransomware Attacks
Mozilla Patches Critical Firefox Bug Similar to Chrome's Recent Zero-Day Vulnerability
Mozilla patches Firefox bug ‘exploited in the wild’, similar to bug attacking Chrome
New Lucid PhAAS Platform Leveraging RCS & iMessage to Bypass Detections
New ‘Lucid’ Phishing Platform Abuses iMessage, Android RCS to Slip Past Defenses
New Morphing Meerkat Phishing Kit Exploits DNS to Spoof 100+ Brands
New South Wales (NSW) Attorney-General Cautions Domestic Violence Victims About Court Data Breach
New Ubuntu Linux security bypasses require manual mitigations
New Zealand: Former Health NZ IT worker 'not surprised' at data breach
NHS contractor fined after ransomware attack
NHS software provider fined £3M over ransomware security failings
Nine in Ten Healthcare Organizations Use the Most Vulnerable IoT Devices
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts
Novel Morphing Meerkat PhaaS platform examined
OpenAI now pays researchers $100,000 for critical vulnerabilities
Oracle Health breach compromises patient data at US hospitals
Pacific Residential Mortgage Confirms Data Breach Following Recent Ransomware Attack
Personal info on federal judges is widely accessible online, leading to safety risks
Phishing Attacks – Anyone Can Get Pwned
Phishing Campaigns Target Anti-Kremlin Informants, Russian Citizens, and Ukraine Sympathizers
Phishing scam; Wisconsin Department of Transportation issues warning
Phishing-as-a-service operation uses DNS-over-HTTPS for evasion
Phishing-as-a-Service Platform ’Morphing Meerkat’ Uses Advanced DNS MX Record Abuse
PJobRAT Malware Campaign Targeted Taiwanese Users via Fake Chat Apps
PlayBoy Locker Ransomware Attacking Windows, NAS and ESXi Operating Systems
RansomHub’s EDRKillShifter Link With Other Well-Established Ransomware Gangs
Redcurl Actors New Ransomware Exclusively Attacking Hyper-V Servers
RedCurl group linked to new ransomware strain in first documented attack
Report warns that browser-native ransomware is a growing threat to enterprise data
Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA
Retail giant Sam’s Club investigates Clop ransomware breach claims
Russian Hackers Mimic as CIA to Steal Ukraine Defense Intelligence Data
Russian Phishing Uses Fake CIA Sites to Target Anti-war, Ukraine Supporters
Singapore: $156k lost to EZ-Link and SimplyGo phishing scams since March 1st
Singapore: Police warn of phishing scams involving fake EZ-Link, SimplyGo deals
Solar Power System Vulnerabilities Could Result in Blackouts
SquareX Discloses Browser-Native Ransomware that Puts Millions at Risk
SquareX highlights browser-native ransomware threat
StreamElements confirms data breach at former third-party provider
T-Mobile Paid $33 Million to Settle SIM-Swap Case After Bitcoin Heist
T-Mobile takes a $33 million hit over crypto theft via SIM swapping
The most “pressing threat” to crypto is state-backed actors, Q1 data shows
The rising tide of ransomware – Essential strategies for cyber resilience, response and preparedness
This new phishing campaign can tailor its messages to target you with your favorite businesses
Thousands of Australians just got their IDs and bank details exposed
Tor Browser 13.5.14 Update Fixes Critical Security Flaw for Windows 7, 8, and 8.1
Trump CISA Cuts Threaten US Election Integrity, Experts Warn
Ukraine state railway says online services partially restored after cyber attack
Ukrainian Railways hit by "Russian terrorists" just hours after announcing partial restoration
Users Face New Phishing Threats From Sophisticated Scam Kit
VanHelsing Ransomware: What You Need To Know
WoW! A Ransomware Gang Just Took Over One of America’s Largest ISPs
27th March
6 million records allegedly stolen from Oracle Cloud
94% of financial services and banking orgs suffer cyber attack in last year as insider threat looms
634 Targets, 6 Million Records at Stake - Inside the UAE’s Cybersecurity Showdown
9,000 Highly Sensitive Court Documents Downloaded In Major New South Wales (NSW) Data Breach
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
Advanced: NHS software provider fined £3m over 2022 ransomware attack that exposed data of 79,000 patients
Advanced Software fined £3m over LockBit attack
AI-enabled phishing and fake worker attacks on the rise
Alleged Data Breach Exposes Over 13M Indian Bank Users
Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection
APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware
Arkana Ransomware Group Claims Compromise of US Telecom Companies
Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)
Australia: At least 9,000 sensitive files leaked in major data breach of New South Wales (NSW) court website, sparking police cybercrime investigation
Australia: Crime victims left in dark after court file data breach
Australia: Thousands of court files accessed in ‘significant’ data breach
Australia: Thousands of New South Wales (NSW) court documents downloaded in "major data breach"
Australia: Up to 9000 sensitive court files leaked in major New South Wales (NSW) data breach
Australian Fintech Vroom Exposes Thousands of Records After AWS Misconfiguration
Australian medical device company Compumedics listed on ransomware leak site
Beware: cybercrooks turning away from malware to abuse your own software
Bitdefender uncovers the mysterious RedCurl ransomware group
BlackLock ransomware gang dismantled
Blacklock Ransomware Infrastructure Breached, Revealing Planned Attacks
British company Advanced fined £3m by privacy regulator over ransomware attack
Cardiff: Vulnerable children's details at risk in data breach
Change Healthcare Seeks Dismissal of Data Breach Lawsuits Brought by Consumers and Medical Providers
Chinese FamousSparrow hackers deploy upgraded malware in attacks
Chinese Hacker Group ‘FamousSparrow’ Resurfaces
Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
Classiscam Operators Use Automated Malicious Sites to Steal Financial Data
Cloud streaming hoster StreamElements confirms data breach following attack
CoffeeLoader Malware Loader Linked to SmokeLoader Operations
CoffeeLoader pretends to be ASUS software to steal your data
Counter-Strike 2 (CS2) players’ Steam accounts targeted by a Browser-in-the-Browser (BitB) phishing campaign
CPS Solutions Data Breach Affects Patients at Various Hospitals Nationwide
CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)
Cyber espionage group RedCurl unexpectedly deploys ransomware
Cyber insurance isn’t always what it seems
Cybercriminals shift focus to mobile banking and crypto in 2024
Cybersecurity Expert Troy Hunt Falls Victim to Phishing Attack, 16,000 Email Records Compromised
Cybersecurity Firm Hacks Ransomware Group, Alerts Potential Victims
Cybersecurity threats in healthcare sector risk patient safety
Data breach: 'Malicious actor' downloaded private information about Health NZ staff
Data Breach Exposes Personal Information of Trump Officials Hegseth, Waltz, and Gabbard
Domestic violence survivors urged to take safety precautions after New South Wales (NSW) justice department data breach
Dozens of solar inverter flaws could be exploited to attack power grids
EDR killer links RansomHub with Play, Medusa, BianLian gangs
Embargo ransomware group claims 300GB data theft from Alabama credit union
Europcar Allegedly Targeted in Dark Web Data Breach 37GB of Data Exposed
Fake Snow White Movie Torrent Infects Devices with Malware
Famous Data Breaches & Phishing Attacks: What We Can Learn
GitHub User Data Allegedly Leaked on Dark Web Forum
Hacker downloaded 9,000 New South Wales (NSW) court documents
Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks
Hijacked Microsoft web domain injects spam into SharePoint servers
How to manage and protect your biometric data
How to protect your site from DDoS attacks - before it's too late
Identity of hacker behind New South Wales (NSW) court website data breach unknown, police say
Information Commissioner’s Office (ICO) fines NHS IT supplier £3m over 2022 ransomware attack
Information Commissioner’s Office (ICO) issues £3m fine to NHS IT provider Advanced over 2022 data breach
Infostealer campaign compromises 10 npm packages, targets developers
Inside the Takedown of BlackLock Ransomware: Here’s How Resecurity Thwarted Their Operations
Kaspersky reports surge in phishing and mobile malware
Large-Scale Phishing Campaign Targets Defense and Aerospace Companies
Lee University Announces Data Breach Following Third-Party Software Vulnerability
Lucid PhAAS Platform Uses RCS and iMessage to Evade Detection
‘Major data breach’ of New South Wales (NSW) court website
‘Malicious actor’ downloads Health NZ staff information in data breach
Massive Data Breach Hits New South Wales (NSW) Online Registry: 9,000+ Files Stolen
More "unclassified" data spills under Mike Waltz watch: US officials who use Venmo exposed
Mozilla warns Windows users of critical Firefox sandbox escape flaw
Multiple CVEs Found in Ingress-NGINX - Patch Now to Prevent Cluster Compromise
National Crime Agency (NCA) Warns of Sadistic Online “Com” Networks
National Cyber Security Centre (NCSC) Urges Domain Registrars to Improve Security
Nationwide cyberattack exposes data of thousands of Minnesota students
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims' DNS Email Records
New Phishing Scam Targets Counter-Strike 2 Players
New Research Links RansomHub’s EDRKillShifter to Established Ransomware Gangs
New South Wales (NSW) Police investigating ‘significant’ Department of Communities and Justice data breach
New York University (NYU) website defaced as hacker leaks info on a million students
NHS IT supplier hit with major fine following ransomware attack
NHS processor fined £3m after ransomware data breach
NHS software provider fined £3m over data breach after ransomware attack
NHS vendor Advanced to pay £3 Million fine following 2022 ransomware attack
No Multi-Factor Authentication (MFA)? Expect Hefty Fines, UK’s Information Commissioner’s Office (ICO) Warns
Novel Hyper-V-targeted ransomware deployed by RedCurl
Oracle Cloud Data Breach: Six Million Records Stolen, 140,000 Clients Potentially Impacted
Pennsylvania Teacher’s Union Faces Class Action over Data Breach
Phishing Attacks – Anyone Can Get Owned
Phishing Remains the Most Prevalent Cyber Threat
PJobRAT Malware Targets Users in Taiwan via Fake Apps
Privacy disaster as LGBTQ+ and BDSM dating apps leak private photos
Ransomware Cartel Emerges as a Major Threat to Cybersecurity Solution Providers
Ransomware Cases Double for Fourth Straight Year in Iceland
Ransomware fine fuels security warning to all UK firms
Ransomware gangs increasingly brandish EDR bypass tools
Ransomware Groups Increasingly Adopting EDR Killer Tools
Ransomware Payloads and AI-Powered Polymorphic Phishing Campaigns Spike
Ransomwared NHS software supplier nabs £3M discount from Information Commissioner’s Office (ICO) for good behavior
RedCurl Unleashes New Ransomware Targeting Hyper-V Servers Exclusively
RedCurl Uses New QWCrypt Ransomware in Hypervisor Attacks
Reduced fine of £3m imposed on Advanced following cyber attack
Remote Control Cybercrime: An RMM Protection Guide for MSPs
Russia arrests three for allegedly creating Mamont malware, tied to over 300 cybercrimes
Russian media, academia targeted in espionage campaign using Google Chrome zero-day exploit
Secrets of the North Korea hacker army: how cryptocurrency geniuses are trained
Security firm hacks ransomware gang, cripples operations
SnapCenter Security Flaw Rated Critical - NetApp Urges Immediate Patch
Software provider fined £3m over ransomware attack that disrupted key NHS services
Software provider fined £3m over ransomware attack that hit NHS services
State of ransomware: Evolving threats and strategies to stay safe
StreamElements confirms third-party data breach
Sunflower Medical Group receives class action lawsuit over cyber security failings
Surge in Gen AI-based Threats Stimulates 140% Increase in Browser-based Phishing Attacks
Surge in Phishing Attacks Hijacking Legitimate Microsoft Communications
Sydney Tools data leak exposes millions of customer and employee records
The 4 WordPress flaws hackers targeted the most in Q1 2025
The hidden costs of security tool bloat and how to fix it
Three Rivers Hospital suffers data breach, patient information compromised
TransUnion Study Finds U.S. Data Breach Severity Reaches New High
Two Serbian journalists reportedly targeted with Pegasus spyware
UK Information Commissioner’s Office (ICO) fines Advanced Computer Software £3m after NHS data breach
UK National Cyber Security Centre (NCSC) offers security guidance for domain and Domain Name System (DNS) registrars
UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach
Ukraine state railway says online services partially restored after cyber attack
Ukraine’s state railway restores online ticket sales after major cyberattack
Ukrainian Railways hit by 'Russian terrorists' in second cyberattack, passengers shelter in place
US government defense contractor fined $4.5M, failed to secure even basic email communications, Department of Justice (DOJ) says
Vampire Cosplay and Brand Revival: Ransomware in 2025
Wales: Data breach affects city council
When Getting Phished Puts You in Mortal Danger
Whitman Hospital & Medical Clinics (WHMC) responds to cyber attack
WideOpenWest purportedly breached by nascent ransomware gang
26th March
23andMe declares bankruptcy, security leaders discuss data concerns
41% of Ransomware Attacks Exploit Vendors
132% surge in ransomware attacks, with AiTM and PlugX RAT increasing as tactics shift
A large-scale hacker attack paralyzed the work of the Russian "Lukoil"
Abracadabra Cyberattack: How Hackers Drained $13M from DeFi Platform
Advanced Fined 3 Million Pounds Over 2022 Ransomware Hack
AI-Powered Productivity or Security Nightmare? The Risks of Enterprise AI
Alleged Oracle Cloud Data Breach: rose87168 Claims to Have Stolen 6 Million Records
Andrii Diuhovskyi: US authorities to fly to Sydney following arrest of alleged Ukrainian hacker
Arete’s annual crimeware report analyzes ransomware and extortion data from 2024
Australia: New South Wales (NSW) court website involved in major data breach, 9,000 documents leaked
Australia: Police investigating major breach on New South Wales (NSW) government website
Australia: Thousands of New South Wales (NSW) court documents exposed in major data breach
Australia: Thousands of New South Wales (NSW) court files downloaded in major data leak
Australia: Thousands of New South Wales (NSW) court files including Apprehended Violence Orders (AVOs) leaked in ‘major data breach’
BlackLock Ransomware Targeted by Cybersecurity Firm
China-linked FamousSparrow APT group resurfaces with enhanced capabilities
Chinese ‘FamousSparrow’ hackers back from the dead and targeting North America, researchers say
Chrome Releases Critical Update to Address CVE-2025-2783 Vulnerability
Chrome users under attack: dangerous zero-day discovered
Cl0p resurgence drives ransomware attacks to new highs in 2025
Cloud collaboration platforms exploited in phishing attacks
Critical Next.js Vulnerability in Hacker Crosshairs
Crossroads Trading Co. Files Official Notice of Data Breach
Crypto Heist Suspect “Wiz” Arrested After $243 Million Theft
Cyberattack Hits Malaysia Airports; Prime Minister Anwar Rejects $10M Ransom
Data Breach Prevention in the Age of Deepfakes: How Businesses Can Safeguard Consumer Information
Decentralized Finance (DeFi) platform loses $13M in an abracadabra hack
Decoding Hellcat: The Latest Nightmare In Ransomware Attackers
Defense Contractor Morse Corp Settles Cybersecurity Fraud Allegations for $4.6 Million
Defense contractor to pay $4.6 million over third-party provider’s security weakness
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool
ENISA Probes Space Threat Landscape in New Report
Even anti-scammers get scammed: security expert Troy Hunt pwned by phishing email
FacePass security lapse exposes users' identification data
Fake DeepSeek ads spotted on Google: all you’ll find are malware infections
FBI Issues new alert over phishing SMS scam targeting highway toll customers
From tariffs to ransomware: the risks keeping insurers up at night
Google confirms cyber ‘espionage’ attacks on Chrome users from ‘highly sophisticated malware’
Google fixes Chrome zero-day security flaw used in hacking campaign targeting journalists
Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)
Google fixes Chrome zero-day exploited in espionage campaign
Hacker Exploits Vulnerability to Steal $13M from Abracadabra
Hackers behind massive broadband provider WOW! breach
Hackers Target Counter-Strike 2 Players With Fake Steam Login Pop-Ups
Hackers Use Atlantis AIO Tool to Automate Account Takeover Attacks
Hackers Using E-Crime Tool Atlantis AIO for Credential Stuffing on 140+ Platforms
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Hezbollah Shifts To A Cyber Attack Strategy - And Puts Lebanon's Truce At Risk
Hong Kong: No sign of data leak following ransomware attack against InvestHK
How does your data end up on the dark web?
How Flow Data Can Help In The Fight Against Ransomware
How Phishing Attacks Target Crypto Holders
How Privileged Access Management (PAM) Mitigates Insider Threats: Preventing Data Breaches, Privilege Misuse, and More
If you think you’re immune to phishing attempts, you’re wrong!
Illinois Tollway warns residents about phishing texts. Here's what to know
IOU Financial Files Notice of Data Breach - SSNs and Financial Info Compromised
Is a hacker logged into your Google account? Here’s how to check
Kaspersky warns of a ransomware gang that blackmails victims after publicly revealing their data
Leaked data exposes a Chinese AI censorship machine
'Lucid' Phishing-as-a-Service Exploits Faults in iMessage, Android RCS
Mailchimp phishing exposes Have I Been Pwned subscribers
Malaysia Braces for Cyberattacks During Hari Raya: Cyber999 Issues Warning
Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks
Malicious npm Packages Deliver Sophisticated Reverse Shells
Manufacturing sector remains top ransomware target in 2024
Massive cyberattack hits Lukoil, banks, payment systems in Russia
Mercenary Hacking Group Appears to Embrace Ransomware
Michigan Attorney General Nessel concerned over potential data breach amid 23andMe bankruptcy
Microsoft Teams Phishing Attacks: What to Know and What to Do
New Atlantis AIO platform automates credential stuffing on 140 services
New npm attack poisons local packages with backdoors
New Ransomware Group Claims Attack on US Telecom Firm WideOpenWest
New Security Flaws Found in VMware Tools and CrushFTP - High Risk, No Workaround
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
Next.js Middleware Flaw Lets Attackers Bypass Authorization
Nigeria: TikTok pledges cooperation in data breach probe
Oracle Cloud data breach: How safe is our data? What can be done to safeguard it?
Oracle Cloud Data Breach Validated by Security Experts, Affecting Over 140,000 Tenants
Oracle Cloud denies breach as hacker offers 6 million records for sale
Oracle customers confirm data stolen in alleged cloud breach is valid
Oracle Customers Throw Cold Water On Company’s Claim It Was Not Hacked
Oracle Denies Allegations of Data Breach Following Hacker’s Claim of Stealing 6 Million Records
Over 20% of commuting Americans say strangers peek at their devices in public
Over 75,000 people impacted in Lafayette Federal Credit Union data breach
Penetration Testing Services: Strengthening Cybersecurity Against Evolving Threats
Pentagon Issues Urgent Warning About Signal App Amid Russian Hacking Threat - Beware of Phishing Links
Phishing Attack Targets Meta Advertisers with Fake Account Suspension Notices
Ransomware incidents increase by 132%, vishing by 1,633%
Ransomware resurgence: Why stealth tactics demand a shift in security priorities
Ransomware spreads through online conversion tools
Ransomware Strike On Malaysia Airports Holdings Bhd (MAHB) Highlights Need For Stronger Cyber Defenses
RedCurl cyberspies create ransomware to encrypt Hyper-V servers
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
Rinehart Dentistry Sends Notice of Data Breach to 25k Patients
Russian Lukoil hit by large-scale cyberattack
Russian Ransomware Gang Exploited Windows Zero-Day Before Patch
Scammers impersonated USPS more than other organizations
Security expert Troy Hunt hit by phishing attack
Security Firms Say Evidence Seems to Confirm Oracle Cloud Hack
SecurityScorecard 2025 Global Third-Party Breach Report Reveals Surge in Vendor-Driven Attacks
SecurityScorecard Observes Surge in Third-Party Breaches
Seqrite unmasks XELERA ransomware targeting Indian tech job seekers
Shocking Cyber Threat at Kuala Lumpur International Airport (KLIA), Malaysia Airports Holdings Bhd (MAHB)
Stay Safe Online: FBI Advises Against Using These Sites on Popular Browsers
StreamElements discloses third-party data breach after hacker leaks data
Sunflower Medical Group Sued Over 221,000-Record Data Breach
Supply chains of critical industries vulnerable to cyber attack
The growing threat of device code phishing and how to defend against it
The Rise of Mobile Phishing and How to Prevent Mobile Phishing
Threat Actor Claims to Breach Endesa, Allegedly Compromising Millions of Customer Records
Threat Actors Abuse Trust in Cloud Collaboration Platforms
Three Rivers Hospital suffers data breach
Troy Hunt Victimized By Phishing Attack Exposing Subscriber Data
Troy Hunt, security expert and creator of HaveIBeenPwned, falls victim to phishing scam
U.S. wheelchair maker Numotion says data breach impacted half a million customers
UK fines software provider £3.07 million for 2022 ransomware breach
UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats
UK Supermarket Morrisons' Sales Growth Slows After Cyber Attack
UK warns of emerging threat from ‘sadistic’ online ‘Com networks’ of teenage boys
Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication
What We Know So Far About The Alleged Oracle Data Breach
Why software security needs a practical approach
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
25th March
3.6 Times Surge in Mobile Banking Malware and 83% Crypto Phishing Spike
23andMe files for bankruptcy: How to delete your data
89% of Enterprises GenAI Usage Is Untracked, Posing Security Risks
Abracadabra offers hacker 20% bounty after $13M breach
Abracadabra.Finance Suffers $13M Crypto Hack
AI Cyberattacks on the Rise: Are Australian Businesses Ready to Defend Themselves?
Aligning Cybersecurity and Third-Party Risk Management with Business Goals
Alleged Data Breach Hits Italian E-Commerce Site Eprice
Alleged Snowflake hacker consents to extradition from Canada after US charges
Alleged StreamElements data breach leads to personal information of 100K users reportedly being sold online
ALN Medical Management Data Breach Affects Patients of at Least Four Healthcare Facilities
Arkana Ransomware Attack on WideOpenWest: What You Need to Know
Broadcom warns of authentication bypass in VMware Windows Tools
Browser-in-the-Browser attacks target Counter Strike 2 (CS2) players' Steam accounts
China-linked cybercriminals backdoor telecom provider in an espionage operation
China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration
Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years
Creator of HaveIBeenPwned Data Breach Site Falls for Phishing Email
CrushFTP warns users to patch unauthenticated access flaw immediately
Cyberattack causes delays for South Africa’s largest chicken producer
Cybercriminals Bypass Security Using Legitimate Tools & Browser Extensions to Deliver Malware
Cybercriminals Use Atlantis AIO to Target 140+ Platforms
Dark Web Mentions of Malicious AI Tools Spike 200%
Data of 34M+ orders exposed in major Sydney Tools data leak
Decentralized Finance (DeFi) platform MIM Spell offers 20% bounty to hacker after $12.9 million ETH heist
EncryptHub linked to Microsoft Management Console (MMC) zero-day attacks on Windows systems
FBI Confirms Chrome, Edge, Safari Warning - Stop Using These Websites
Flurry to pay $3.5 million for harvesting sexual and reproductive health data from period app
Football coach hijacks athletes' accounts and cloud storage to steal intimate images
Hacker attack on Abracadabra.Money: 13 million dollars in ETH stolen
Hacker defaces New York University (NYU) website, exposing admissions data on 1 million students
Hacker Exploits Smart Contracts Vulnerability, Steals $13 Million in Ethereum
Hacker steals $13 million in Abracadabra's 'Magic Internet Money' seemingly using a flash loan attack
Hackers Are Using Microsoft’s .NET MAUI to Spread Android Malware
Hackers stole over 125,000 individuals' data from St. Joseph’s College of Maine
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
Hamilton County data breach has gone unreported
Hong Kong Tightens Cyber Laws - What It Means for Businesses and Tech Investments
How Red Lion Borough, Pennsylvania, lost $65,000 to a phishing scam — and how you can protect yourself
How Security Expert Troy Hunt Got Phished - and Why 2FA Didn’t Save Him
How to tell if your online accounts have been hacked
HTW Dresden’s Cloud Server Allegedly Breached 90GB of Sensitive Data Exposed
Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover
IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
‘Intricate’ phishing email scam appears to be targeting government officials in Fremont County
Jaguar Land Rover hacked, 350 GB data leaked
Lengthy disruption of Russian internet provider claimed by Ukrainian hacker group
Malaysia Airports Hit by Cyberattack: Hackers Demand $10M Ransom
Malaysia Prime Minister says country rejected $10 million ransom demand after airport outages
Massive Cyberattack Hits Ukraine Railways, Disrupting Online Ticket Sales
Massive Surge In Ransomware Attacks - AI And 2FA Bypass To Blame
Medusa Ransomware Disables Anti-Malware Tools with Stolen Certificates
Monro, Inc. Starts Notifying Victims of Late-2024 Data Breach
National Institute of Standards and Technology (NIST) Warns of Significant Limitations in AI/ML Security Mitigations
Nearly $13 million stolen from Abracadabra Finance in crypto heist
NewAgeSys Files Notice of Data Breach Affecting Consumer SSNs
New Android Malware Uses .NET MAUI to Evade Detection
New Android malware uses Microsoft’s .NET MAUI to evade detection
New Phishing Campaign Targets Mac Users to Steal Login Credentials
New Windows zero-day leaks NTLM hashes, gets unofficial patch
Northern Ireland Commission Suffers Email Data Breach
Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals
Over 17,000 impacted in Cross Valley Federal Credit Union data breach
Parking lot dispute ends with Red Lion Borough, Pennsylvania, victimized in elaborate 'phishing' scam
Pentagon warned of Russian Signal hacker infiltration after massive war plans bungle
Ransomware Attack Hits Union County, Exposing Residents’ Personal Data
Ransomware attacks surge despite payments being down
Researchers back claim of Oracle Cloud breach despite company’s denials
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
Rooted mobile devices are 250 times more vulnerable
Russian crypto exchange popular among ransomware gangs is reborn two weeks after its crackdown
Russian hackers shut down major Belgian websites
Satellite Navigation Systems Facing Rising Jamming and Spoofing Attacks
Security leaders discuss new phishing campaign targeting Mac users
Signal head Meredith Whittaker defends messaging app's security after US war plan leak
Staying Safe with In-Game Skins: How to Avoid Scams and Malware
Successful cyberattack would force 20% of businesses to shut down
Tata AIG Allegedly Targeted in Massive Data Breach
Troy Hunt has been pwned: phishers snatched 16,000 email addresses
Ukraine railways say Sunday's cyber attack hit its online freight services
Ukrainian State Railway's Online Services Hit by Disruptive Cyber-Attack
YouTube account of Costa Rica's presidency back online after cyber attack
24th March
5 Unexpected Devices You Didn’t Know Could Spread Malware
$5million worth of HYBE shares stolen from BTS’ Jungkook by hacker
23andMe faces an uncertain future - so does your genetic data
23andMe files for bankruptcy: what does this mean for customers’ DNA data?
23andMe files for bankruptcy and CEO dramatically resigns – months after agreeing $30 million data breach settlement
23andMe files for bankruptcy protection after data breach settlement
23andMe files for bankruptcy, customers advised to delete DNA data
23andMe files for bankruptcy, putting customers’ genetic data at risk
23andMe goes bankrupt following massive data breach & weak demand
56% of security teams say AI is crucial to daily operations
82% of all phishing emails utilized AI
A million Phishing-as-a-Service attacks in two months highlight a fast-evolving threat
ABYSSWORKER: A New EDR-Killer in Medusa Ransomware Attacks
Access Financial Services addresses data breach from cybersecurity incident
After Windows, hackers target Mac users in new Apple ID phishing scam
AI-driven phishing scams exploded last year. The trend continues in 2025
Appeals court rules Capital One hacker's sentence was too light
Astral Foods Hit by Cyberattack, Expects R20 Million Loss in Profits
Astral Foods warns interim profits to plunge even lower on R20 million cyber attack
Attack Update - FBI Warns Email And VPN Users Activate 2FA Now
Authorities Seize 1842 Devices in Africa’s Cybercrime Crackdown
Auto Insurer Root to Pay New York $975K Over Data Breach
Baidu executive's daughter leaked user data following an online spat
BYDFi Official Statement: Beware of Phishing Sites and Online Scam Risks
California Attorney General Reminds 23andMe Customers of Data Deletion Rights Amid Bankruptcy Filing
Canary tokens: threat hunting with digital trip wires
Chinese hackers spent four years inside Asian telco’s networks
Chinese Weaver Ant hackers spied on telco network for 4 years
ClickFix phishing campaign uses SharePoint to launch malware
Cloak Ransomware Hits Virginia Attorney General’s Office, Disrupts IT Systems
Cloud providers aren’t delivering on security promises
CloudSEK Disputes Oracle Over Data Breach Denial with New Evidence
Coinbase was Primary target in GitHub Attack
Company valued at $6 Billion in 2021 comes crashing down, files for bankruptcy amid data breach
Critical flaw in Next.js lets hackers bypass authorization
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)
Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks
Cyber attack on Klickitat Valley Health compromised patients' sensitive information
Cyberattack disrupts train ticket sales in Ukraine
Cyberattack hits Ukrainian state railway, disrupting online ticket sales
Cyberattack takes down Ukrainian state railway’s online services
Cybercriminals advance with MEDUSA ransomware campaign
‘Dangerous’ hacking campaign that affected Windows systems is now targeting Mac users
DNA testing company 23andMe files for bankruptcy protection, CEO resigns
DNA testing firm 23andMe files for bankruptcy, CEO resigns
Enterprises walk a tightrope between AI innovation and security
Fake file converters are stealing info, pushing ransomware, FBI warns
FBI Warning for New York: Ransomware Hits Popular Email Services
Former University of Michigan Football Coach Indicted on Charges of Unauthorized Access and Identity Theft
Four Faces of Hacker Group Behind 90 Data Breaches Worldwide Revealed
Four Members of Hacker Group Behind 90 Worldwide Data Breaches Exposed
Google Account Hijackers Target Victims Via Semrush Ads
Google timeline data loss: privacy win or user betrayal?
Got a suspicious E-ZPass text? Don't click the link (and what to do if you already did)
Hack or no hack? Oracle denies theft of 6 million records
Hacker hits New York University (NYU) website, posts alleged test scores, GPAs based on race
Hackers Exploit Gamma AI to Create Sophisticated Microsoft Themed Phishing Redirectors
Hackers Exploiting Cisco CSLU Backdoor - SANS Calls for Urgent Action
Hackers Shift from Windows to Mac in New Apple ID Phishing Scam
Hackers steal sensitive data from Pennsylvania county during ransomware attack
Hackers targeting ‘weak’ food and beverage industry
Hackers Using Fake Semrush Ads to Steal Google Accounts Login Credentials
How AI, corruption and digital tools fuel Europe’s criminal underworld
How to delete your 23andMe data and why you should do it now
Hybrid Threats and AI: Shaping the Future of EU’s Organized Threat Landscape in 2025
India: Analysis firm in Pune loses Rs 2.34 crore in ‘whale phishing’ attack
Indonesian Police Arrest Two Chinese Nationals in SMS Phishing Scam
Industry leaders urge insurance sector to tackle escalating cyber threats
Intro to Deceptionology: Why Falling for Scams is Human Nature
Italy: Hacker attack on Ama's computer systems
Law enforcement managed to recover millions more from crypto scammers
Mac Users At Risk! Hackers Using Fake Security Warnings To Steal Apple Credentials: How To Stay Safe
Malicious driver tapped by Medusa ransomware to evade EDRs
Medusa ransomware deployed via malicious Windows driver
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Medusa Ransomware Uses Malicious Driver to Disable Security Tools
New Phishing Campaign Targets macOS Users with Fake Security Alerts
New phishing campaign uses scareware to steal Apple credentials
New VanHelsing RaaS hits three victims, demands $500,000 in bitcoin
New VanHelsing ransomware targets Windows, ARM, ESXi systems
New VanHelsingRaaS Attacking Linux, BSD, ARM, and ESXi Systems
New Windows Threat Demands $5,000 In Return For $500,000 Attack
New York Police Department (NYPD) deploys more drones to 911 calls, privacy advocates are worried
Northern Ireland: Legacy body sorry after 25 names disclosed in data breach
Online file converters leveraged for malware distribution
Oracle Cloud breach may impact 140,000 enterprise customers
Oracle Cloud data Breach Claims Repudiated
Oracle denies breach as threat actor claims sale of stolen cloud data
Oracle Denies Cloud Breach After Hacker Offers to Sell Data
Oracle denies data breach after hacker claims to hold six million records
Orthodontic Practice Management Software Provider Announces Data Breach
Over 300 arrested in international crackdown on cyber scams
Pennsylvania State Education Association announces data breach
Pentagon launches leak investigation amid Elon Musk controversy
Phishing-as-a-Service Attacks are on the Rise
Pocket Card Users Under Attack Via Sophisticated Phishing Campaign
Police arrest 300 suspects linked to African cybercrime rings
Pro-Russian hackers attack Belgian government websites
Protecting your personal information from data brokers
Ransomware hackers are desperate lying liars
Ransomware hits Virginia Attorney General’s office: 134GB of data leaked
Ransomware-as-a-Service (RaaS): The new frontier of cybercrime
Russian hackers attack Belgian government
South Africa’s Astral Foods flags sharp profit fall, reports cyber attack
Teen Boys at Risk of Sextortion as 74% Lack Basic Awareness
Thailand officers intercept Starlink transmitters allegedly headed for Myanmar scam centers
The role of advanced technologies in ransomware recovery
UK organisations face significant rise in phishing threats
Ukraine: Due to a cyber attack on "Ukrzaliznytsia", large queues have formed at the capital's railway station
Ukraine Railway Systems Hit by Targeted Cyber-Attack
Ukrainian Railways hit with ambitious cyberattack, traffic unscathed
Unitree Go1 robot dogs can spy on you: secret backdoor discovered
University of Notre Dame Fremantle faces backlash following cyber attack
Unmasking Quishing: The rising threat of QR code-based phishing attacks
US lifts sanctions on Tornado Cash, a crypto mixer linked to North Korean money laundering
VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics
VanHelsing Ransomware-as-a-Service Emerges as a Significant Cybersecurity Threat
VanHelsingRaaS Emerges, Targeting Linux, BSD, ARM, and ESXi Systems
VanHelsingRaaS Expands Rapidly in Cybercrime Market
Virginia Attorney General’s Office purportedly breached by Cloak ransomware
VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware
Why cyber resilience matters now more than ever
Widespread Keenetic Router Data Breach Uncovered
'You just need bad intentions and a bit of money' - Cybercrime on the rise