Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 21st April and 27th April 2025.27th April
4chan is back online, says it’s been ‘starved of money’
A Hidden Crisis on the Roads: Automotive Cyberattacks Soar 50% in 2025
Anger grows as Marks & Spencer (M&S) forced to halt online sales for second day after cyber attack
Employee downloaded data to private email, Barnstable Sheriff's Office says
FBI Confirms $10 Million Chinese Hacker Bounty
FBI Puts Rs 84 Crore Reward on Chinese Hacker Group ‘Salt Typhoon’
Fear, anger and confusion reign in wake of SK Telecom's historic data breach
Ghana: Data Protection Commission investigating a potential data breach on MTN
Hackers Abuse OAuth to Seize Microsoft 365 Accounts
Just 60 Seconds From Attacked To Hacked - The Speed Of Cybercrime
Korea: This year, the total amount of damage from voice phishing has more than doubled from the same period last year
MTN Suffers Cyber Attack, Customers Data Exposed
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
The 5,365 Ransomware Attack Rampage - What You Need To Know
U.S. Department of Health and Human Services (HHS) Settles with PIH Health Over HIPAA Violations Following Phishing Attack
26th April
88,848 Americans Exposed As Massive Medical Data Breach Leaks Names, Addresses, Social Security Numbers, Financial Account Details and More
Belgium: Cyber attack investigation on Wallonia handed over to Federal Prosecutor's Office
Cape Cod sheriff’s office employee on leave after data breach
CEO of cybersecurity firm charged with installing malware on hospital systems
Cyberwar in the Sahara: How Morocco’s data breach exposes US vulnerabilities
DragonForce and Anubis Ransomware Operators Unveils New Affiliate Models
DragonForce expands ransomware model with white-label branding scheme
FBI offers $10 Million for info on China's Salt Typhoon hackers
Gmail users warned after convincing Google phishing scam
If we want a passwordless future, let's get our passkey story straight
Illinois Tollway issues statement after phishing attempts target customers
Marks & Spencer (M&S) customers could face delays to orders after cyber attack
MTN Cyber Attack: A Looming Biometric Nightmare for Millions of Ghanaians
New Power Parasites Phishing Attack Targeting Energy Companies and Major Brands
Oregon Department of Environmental Quality (DEQ) won’t say if ransomware group took employee data in cyberattack
Planet Technology Industrial Switch Flaws Risk Full Takeover – Patch Now
SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells
Teach young people about ransomware risks before they enter work
ToyMaker Uses LAGTOY to Sell Access to CACTUS Ransomware Gangs for Double Extortion
Veeam Report finds close to 70% of organizations still under cyber-attack despite improved defenses
WooCommerce admins targeted by fake security patches that hijack sites
25th April
5 Most Common Security Attack Methods in 2024: Mandiant’s M-Trends Report
13 core principles to strengthen AI cybersecurity
7,605 Bank Customers Receive Urgent Data Breach Alerts After ‘Administrative Error’ Exposes Social Security Numbers, Names and Account Details
AI-fuelled ransomware attacks hit record high in early 2025
Almost a million patients hit by Frederick Health data breach
Attacks with new Mimic ransomware variant target healthcare
Baltimore City Public Schools data breach affects over 31,000 people
BreachForums being sold for $2K? Latest owner gives up after site "seized" by FBI, yet again
Britain's M&S stops taking online orders after cyber attack
Cloud Infrastructure Security: Threats, Challenges & How to Protect Your Data
Cobb County, Georgia, Notifies 10 in Wake of Data Breach
Craft CMS RCE exploit chain used in zero-day attacks to steal data
Critical Commvault Flaw Allows Full System Takeover – Update NOW
Critical Commvault Flaw Rated 10/10: Cyber Security Agency of Singapore (CSA) Urges Immediate Patching
Cyber Attack sees Marks & Spencer pause online orders
Cybercriminals switch up their top initial access vectors of choice
Darcula adds AI to its DIY phishing kits to help would-be vampires bleed victims dry
Darcula is now AI-enabled, draining the life from victims everywhere
Darcula phishing toolkit gets AI boost, democratizing cybercrime
Data breach at Connecticut’s Yale New Haven Health affects over 5 million
Data breach at Western Sydney University hits 10,000 students
DOGE-Trolling Ransomware Hackers Demand $1 Trillion In Chilling Attack
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
ELENOR-Corp Ransomware Group Targets Healthcare with New Mimic Ransomware Variant
Exposure validation emerges as critical cyber defense component
FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches
Flexible working models fuel surge in device theft
Florida Class Action Targets Litigation Funding Firm Over Data Breach
Hacker Accepts 10% Bounty and Returns Nearly $5M Stolen from ZKsync Airdrop Exploit
Hackers claim TikTok breach, 927,000 passwords might hit the internet
Healthcare organizations are turning a blind eye to phishing attacks
Hertz data breach exposes customer information
Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita
Interlock Ransomware Say It Stole 20TB of DaVita Healthcare Data
Largest telecom in Africa warns of cyber incident exposing customer data
Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes
Major AI vulnerability discovered: single prompt grants researchers complete control
Major data breach at healthcare giant Yale Health affects 5.5 million people - here's what we know
Malta: St James Hospital Targeted By Sophisticated Cyber-Attack
Marks & Spencer: M&S stops online orders including Click & Collect after cyber attack fallout
Marks & Spencer (M&S) halts online orders amid cyber-attack fallout
Marks & Spencer (M&S) Halts Online Orders as Cyber Attack Disrupts Operations
Marks & Spencer (M&S) Halts Online Orders Following Cyber Attack
Marks & Spencer (M&S) issues major cyber attack update with all online orders SUSPENDED
Marks & Spencer (M&S) issues major update on online orders as cyber attack incident continues
Marks & Spencer (M&S) issues major update to customers after cyber attack
Marks & Spencer (M&S) pauses all online orders after cyber attack
Marks & Spencer (M&S) pauses online and app orders following cyber attack
Marks & Spencer (M&S) shares fall as cyber attack forces it to stop accepting cash in some stores
Marks & Spencer (M&S) Shuts Down Online Orders Amid Ongoing Cyber Incident
Marks & Spencer (M&S) still struggling to get back to normal after cyber attack
Marks & Spencer (M&S) stops online orders and issues refunds after cyber attack
Marks & Spencer (M&S) stops taking online orders as cyber attack rages on
Marks & Spencer (M&S) suspends all online orders after cyber attack triggers payment meltdown
Marks & Spencer (M&S) suspends all online orders following cyber attack
Marks & Spencer (M&S) suspends all online sales as cyber attack worsens
Marks & Spencer call in spooks to probe if foreign crooks were behind cyber attack hitting shoppers
Marks & Spencer CANCELS all online and app orders amid cyber-attack fallout
Marks & Spencer imploding in wake of cyberattack, shuts down app, online sales
Marks & Spencer pauses online orders after cyberattack
Marks & Spencer pauses online orders as firm struggles with cyber-attack fallout
Marks & Spencer pauses online shopping following cyberattack
Marks & Spencer suspends online shopping after cyber attack hits systems
Marks & Spencer suspends online shopping after cyber attack that crippled contactless payments
Marks & Spencer Warns Customers as Cyber Attack Disrupts Contactless Card Payments
Microsoft Defender misfire leads to users posting over 1,700 sensitive documents online
Microsoft Office 365 MFA targeted by ‘SessionShark’ phishing kit
Mobile provider MTN says cyberattack compromised customer data
More than 5 million Americans just had their personal information exposed in the Yale New Haven Health data breach – and lawsuits are already rolling in
More than 20,000 sensitive medical records exposed
MTN confirms cyber attack
MTN confirms cyber attack, assures customers local operations unaffected
MTN Confirms Cyber Attack, Says Core Systems Unaffected
MTN confirms data breach: customer data exposed across regions
MTN Confirms Data Breach, Assures Core Systems Remain Secure
Nearly 500,000 impacted by 2023 cyberattack on Long Beach, California
New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
New Report Reveals How AI is Boosting the Phishing Attack Rapidly With More Accuracy
North Korea’s Lazarus Group Launches Cyber Attack on South Korean Industries
North Korean cyber spies created U.S. firms to dupe crypto developers
North Korean Group Creates Fake Crypto Firms in Job Complex Scam
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
North Korean Hackers Use Fake Crypto Firms in Job Malware Scam
North Korean IT Workers Using AI to Trick Firms into Remote Jobs
Oregon Department of Environmental Quality (DEQ) won’t say if ransomware group took employee data in cyberattack
Organisations increasingly refuse ransom demands, says Data Breach Investigations Report (DBIR) report
Phishing Kit Darcula Gets Lethal AI Upgrade
Pope Francis’ Passing Triggers Surge of Phishing, SEO Poisoning, and Fake Images
Popular LLMs Found to Produce Vulnerable Code by Default
“Power Parasites” Phishing Campaign Targets Energy Firms and Major Brands
Pro-Russian hackers NoName hit Germany with DDoS Attacks
Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
Researchers Identify Rack::Static Vulnerability Enabling Data Breaches in Ruby Servers
Salt Typhoon Cyberattack: FBI Investigates People’s Republic of China (PRC)-linked Breach of US Telecom
Samsung directs affiliates to replace USIMs following SK Telecom data breach
SAP Fixes Critical Vulnerability After Evidence of Exploitation
SAP fixes suspected Netweaver zero-day exploited in attacks
Security at Arm’s Length: Why the Lag Between Detection and Action Keeps Growing
Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input
SessionShark - New Toolkit Attacking Microsoft Office 365 Users’ Bypassing MFA Protections
SK Telecom’s Data Breach Is a Wake-Up Call for CISOs Across Asia
South Korea says DeepSeek transferred user data, prompts without consent
Sri Lanka faced rising threats of financial phishing attacks in 2024
This Cyber Attack Targets Microsoft 365 Accounts
This Healthcare Data Breach Compromised 5.5 Million Patients' Information
Threat Actors Attacking Organization in Thailand to Deploy Ransomware
Threat Actors Target Organizations in Thailand with Ransomware Attacks
Two Ransomware Hacks Affect 1.1 Million Patients
US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures
Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks
Verizon DBIR Report – Small Businesses Emerges as Prime Targets for Ransomware Attacks
Verizon’s 2025 Data Breach Investigations Report: Third Party Attacks Surge
Why hack when you can snatch: hackers stealing laptops to gain initial access
Why the road from passwords to passkeys is long, bumpy, and worth it - probably
Yale New Haven Health data breach affects 5 million people
Yale New Haven Health Data Breach Exposes Personal Information of Over 5.5 Million Patients
Yale New Haven Health System Reports Data Breach Affecting 5.5 Million Patients
Yale New Haven Health System reports data breach affecting over 5.5 million patients
Yodogawa Steel Reports Ransomware Attack on Taiwanese Subsidiary
You googled about Pope, hackers got your password
24th April
3 ways to build a ransomware Incident Response (IR) strategy that works
5.5 Million Patients Affected by Data Breach at Yale New Haven Health
55% of threat groups active in 2024 were financially motivated
159 CVEs Exploited in Q1 2025 - 28.3% Within 24 Hours of Disclosure
A new era of cyber threats is approaching for the energy sector
AI-Powered Polymorphic Phishing Is Changing the Threat Landscape
Alleged hacker who allegedly accessed thousands of sensitive court documents cops phone ban - as his identity is revealed
Assassin’s Creed maker Ubisoft gobbles too much user data, privacy advocates claim
Australia: Man Charged Over Major Data Breach Of Sensitive NSW Courts Documents
Australia: Sleep study patients' personal data accessed in ransomware attack, SA Health says
Australia: Sleep study patients' records leaked in ransomware hack
Australia: Smartphone ban for alleged hacker after massive breach on nation's largest online court-filing system
Backdoor Found in Official XRP Ledger NPM Package
Baltimore City Public Schools (BCPS) Cyberattack Confirmed: Employee and Student Data Potentially Compromised
Blue Shield Data Breach: Medical Info of 4.7M Members Leaked
Blue Shield Leaked Millions of Patient Info to Google for Years
Blue Shield of California Data Breach Affects 4.7 Million Members
Carrefour raises alarm over breach involving personal data of Carrefour Mobile customers
Casino hackers say they've got maps to slot machine vault and server room
Chain and perception: A player data breach can impact every part of a business
Chattanooga notifies 836 individuals affected by Nationwide Recovery Services (NRS) data breach
Chattanooga Notifies Individuals Affected By Nationwide Recovery Services (NRS) Data Breach
Chinese APT group linked to cyber attack on US defence firm
City of Abilene files Catastrophe Notice due to cyber attack
Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)
Crypto drainer-as-a-service crime model on the rise
Cyber Attack in Long Beach, California, May Have Included Sensitive Info
Cyberattack hits drinking water supplier in Spanish town near Barcelona
Cybercrime Losses Jump 33% in 2024, FBI Report Shows
Cybercriminals flood internet with over thousand malicious domains daily
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
‘Dark web’: Major data breach for Aussie sleep study patients
Data breach at Yale New Haven Health impacts 5.6 Million people
Data breach class action costs mount up
Data breach exposes 21 Million employee screenshots from a workplace surveillance tool
Data breach victimization in the US escalates
DDoS Attack Hits Adyen, Causing Transaction Failures in EU
DeFi Platform KiloEx Announces User Repayments After $7.5M Exploit
Dialysis company DaVita reviewing data leaked by ransomware gang
DOGE-themed malware mocks Elon Musk, demands $1 trillion in ransom
DOGE-Trolling Ransomware Hackers Demand $1 Trillion
DslogdRAT Malware Deployed in Ivanti Connect Secure Zero-Day Campaign
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
ELENOR-corp Ransomware Targets Healthcare Sector
Elusive Comet Attack: Hackers Use Zoom Remote-Control to Steal Crypto
Exposed and unaware: The state of enterprise security in 2025
FBI’s Internet Crime Report 2024 records $16.6 billion in cybercrime losses amid rising ransomware threats
Former Malone student-athlete files federal lawsuit over Matt Weiss-related hacking
Frederick Health data breach impacts nearly 1 million patients
Google Chrome Keeps Third-Party Cookies Settings, Lets Users ‘Make an Informed Choice’
Hacker Accepts 10% Reward and ZKsync Reclaims $5M in Stolen Tokens
Hacker Returns 90% of Funds After ZKsync Security Breach
Hacker Returns Stolen $5M to ZKsync After Bounty Agreement
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Hackers exploit Japanese securities accounts in rising phishing scam
Hackers skimmed online donations to Caritas Catholic charities for over a year
Health insurance giant confirms largest data breach of 2025
Healthcare remains top target for cybercriminals with an uptick in hacking attacks in 2024
Highest-Risk Security Flaw Found in Commvault Backup Solutions
How Polymorphic Phishing Campaigns Leverage AI to Evade Detection
Industrials Most Targeted Sector for Ransomware Attacks in March
Interlock ransomware claims DaVita attack, leaks stolen data
Investment firm Nth Degree says cyber attack affected over 25,000 customers
Korea Land and Housing Corporation (LH) Faces Backlash Over Major Data Breach Incident
Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Flaws and ThreatNeedle Malware
Lazarus hackers breach six companies in watering hole attacks
Lesson from huge Blue Shield California data breach: Read the manual
Linux has a major weakness: invisible rootkit abuses security systems’ blind spot
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
Linux 'io_uring' security blindspot allows stealthy rootkit attacks
Malaysia: Ex-exec ordered to pay company nearly RM120,000 for contract, data breach
Malta: Saint James Hospital targeted in cyber-attack
Malta: Saint James Hospital targeted in 'sophisticated cyber attack'
Malta: St James Hospital targeted by ‘sophisticated’ cyber attack
Man charged in connection with court document data breach
Marks & Spencer (M&S) issues contactless payment warning after cyber attack
Marks & Spencer (M&S) says contactless payments still down after cyber attack
Marks & Spencer (M&S) shares lower amid reports of a cyber-attack
Marks & Spencer (M&S) takes systems offline as 'cyber incident' lingers
Marks & Spencer cyber attack latest: Contactless payments at M&S stores still down as disruption continues
Marks & Spencer payment down: Contactless payments still unavailable days after cyber attack
Marks & Spencer warns customers as business battles cyber attack
Medusa ransomware attack on Bell Ambulance impacted 114,000 individuals
Microsoft tops list of most imitated brands in phishing attacks
Moroccan watchdog condemns government’s handling of massive CNSS data leak
New data breach report reveals alarming global cyber threat trends
New SessionShark Phishing Kit Bypasses MFA to Steal Office 365 Logins
Normal operations restored at Town of Orangeville following cyber-attack
North Korean IT workers seen using AI tools to scam firms into hiring them
Novel affiliate models unveiled by ransomware operations
Novel ToyMaker Initial Access Broker Collaborates with Cactus Ransomware Group
One in three security teams trust AI to act autonomously
Phishing Attack and Late Breach Notifications Lead to $600K HIPAA Fine for PIH Health
Phishing attacks thrive on human behaviour, not lack of skill
Phishing-as-a-service threats get creative to evade detection
Ransomware attacks are rising - but quiet payouts could mean there's more than actually reported
Ransomware Attacks Fall Sharply in March
Ransomware cost US victims $16.6 billion in 2024, FBI warns
Ransomware decline masks growing threat
Ransomware now plays a role in nearly half of all breaches, new research finds
Ransomware scum and other criminals bilked victims out of a 'staggering' $16.6B last year, says FBI
Ransomware still rife, despite improved defenses
Record Hospital Data Breach Hits Rhode Island
Reports of ransomware attacks on US infrastructure rise nine percent
Scammers using new enhanced phishing emails with malicious links, security experts warn
Secret comms in danger as Second Phone Number iOS app leaks user texts
Securing Fintech Operations Through Smarter Controls and Automation
SK Telecom Hit by Cyber Attack
South Korea Accuses DeepSeek of Unlawful Data Transfers Amid AI Expansion
Southeast Asian businesses face 400 ransomware attacks daily
Spear Phishing: A targeted approach to cyberattack
Stolen Boulanger customer database from 2024 ransomware attack now offered for free online
The email seems to be from a verified business with authentic logos - but use caution
This Ruby middleware could hand hackers your password
Top prayer apps could be a hotbed for cybercriminals
Understanding 2024 cyber attack trends
Understanding the Cryptocurrency Recovery Landscape in 2025
Unrest among Albert Heijn employees after massive data breach at Ahold Delhaize
US Data Breach Impact Grows in 2025
US Prosecutors Seek 6.5-Year Sentence for Mango Markets Hacker Avi Eisenberg
US Ransomware Attacks Up 9%, Crypto Fraud up 66%
Veeam report finds 69% of firms hit by ransomware in past year
Veeam Report Finds Close to 70% of Organizations Still Under Cyber-Attack Despite Improved Defenses
Verizon Data Breach Investigations Report (DBIR): Small Businesses Bearing the Brunt of Ransomware Attacks
Verizon Data Breach Investigations Report (DBIR) Flags Major Patch Delays on VPNs, Edge Appliances
What the Brydens Lawyers data breach reveals about data protection in law firms
When data becomes the target: Solutions for businesses in the age of ransomware
Why Healthcare Is the Perfect Target for Ransomware
XP discloses client data breach exposing balances but ensures account security
XP Investimentos Confirms Data Breach Affecting Clients
Yale New Haven Health data breach affects 5.5 million patients
Yale New Haven Health data breach impacted 5.5 million patients
Your Boss Isn’t the Only One Watching: How Office Spying Became a Massive Data Breach
ZKsync Hacker Accepts Bounty, Returns Nearly $5M in Stolen Crypto
ZKSync hacker gives back $5M in tokens after taking 10% bounty
ZKSync Hacker Returns $5M in Stolen Tokens After Accepting 10% Bounty
Zksync Hacker Returns Stolen Funds, Keeps 10% Reward
ZKsync Price Falters Despite 90% of Stolen Funds Returned Within Safe Harbor Deadline
ZKsync Recovers $5M in Stolen Tokens After Hacker Cooperates, Declares Case Resolved
ZKsync recovers $5M of stolen tokens after hacker accepts bounty offer
ZKSync recovers funds stolen in $5M exploit after hacker claims bounty
Zscaler 2025 Phishing Report: Shift to Targeted AI-Driven Attacks Despite 20% Global Decline in Phishing Incidents
Zscaler reveals trends in AI-driven phishing attacks targeting business departments
23rd April
2025 Data Breach Investigations Report: Third-party breaches double
After Data Breach, Chattanooga, Tennessee, Will Not Renew Contract
AI impact on data breach outcomes remains ‘limited’
Alabama Ophthalmology Associates confirms data breach affecting over 130,000 patients
Almost 70% of organizations still fall victim to cyber attacks
Android Spyware Disguised as Alpine Quest App Targets Russian Military Devices
Another blow to XRP Ledger as “crypto stealing backdoor” found
ASUS releases fix for AMI bug that lets hackers brick servers
Attackers phish OAuth codes, take over Microsoft 365 accounts
Attempted hacker attack on the XRP Ledger ecosystem: security averts the catastrophe
Australia: New South Wales man charged over ‘serious data breach’ that exposed thousands of sensitive court documents
Baltimore Schools Ransomware Attack Exposes Data of Thousands
Blue Shield of California leaked health data of 4.7 million members to Google
Blue Shield of California shared the private health data of millions with Google for years
Breaking the Stigma: 90% of Employees Agree that Phishing Simulations Improve their Security Awareness
Businesses Unprepared for Incoming Ransomware Attacks
California-based PIH Health to pay $600,000 for 2019 phishing attack
Chrome will not ask users if they agree to be tracked by third-party cookies
Complaints about ransomware attacks on US infrastructure rise 9%, FBI says
Cyber attack also affects Dutch employees of Ahold Delhaize
Cyber attack on U.S. drug rehab service Behavioral Health Resources (BHR) exposed more than 50,000 patients
Cyber-Attack Exposes SK Telecom Customers' USIM Data
Cybercrime Hits Record High as FBI Reports $16.6 Billion in Losses
Cybercrime losses soar to $16.6 billion in 2024, crypto dominates
DOGE-Trolling Ransomware Hackers Demand $1 Trillion
Dutch Warn of “Whole of Society” Russian Cyber-Threat
Employee monitoring app leaks 21 million screenshots in real time
Event management giant Legends says November cyber attack compromised customers' personal data
Extortion and Ransomware Trends January-March 2025
FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024
Financial malware on the rise as espionage attacks decline
Global firms succumb to ransomware: 86% pay up despite having advanced backup tools
Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito
Hacker Compromises Ripple’s XRPL JavaScript Library in Major Supply Chain Attack
Hertz Confirms Data Breach from Cleo Managed File Sharing Platform Zero-Day Vulnerabilities
Iran-Linked Hackers Target Israel with MURKYTOUR Malware via Fake Job Campaign
Key Trends in Vulnerability Exploitation and Ransomware: Insights from the 2025 Verizon Data Breach Investigations Report (DBIR)
March 2025 Healthcare Data Breach Report
Marks & Spencer (M&S) customers could face delays to orders after cyber attack
Marks & Spencer (M&S) cyber attack impacts click and collect and contactless payments
Marks & Spencer (M&S) Cyberattack Disrupts Contactless Payments and Click & Collect Services
Marks & Spencer (M&S) Grapples with Cyber Incident Affecting In-Store Services
Marks & Spencer Confirms a Cyberattack Hits Payments & Online Orders
Marks & Spencer Confirms Cybersecurity Incident After Days of Service Disruptions
Marks and Spencer has suffered a cyberattack - here’s what we know so far
Massive botnet bigger than some countries discovered as DDoS attacks soar
Mercer University finalizes settlement after data breach. Here are the terms
Millions impacted by data breaches at Blue Shield of California, mammography service and more
New SMS Phishing Attack Weaponizes Google AMP Links to Evade Detection
North Korean Hackers Steal $137M from TRON Users in Single-Day Phishing Attack
Over $16 billion in losses reported to FBI in 2024 tied to computer crime
Over 200K affected by separate ransomware-related health data breaches
Phishing emails delivering infostealers surge 84%
Ransomware Actors Ramp Up Attacks Organizations with Emerging Extortion Trends
Ransomware Gang Claims Attack on Manchester Credit Union
Ransomware Gangs Innovate With New Affiliate Models
Ransomware groups test new business models to hit more victims, increase profits
Ransomware hackers demand victims justify their jobs, or pay up
Ransomware Surge Hits US Healthcare: AOA, DaVita and Bell Ambulance Breached
Research reveals mass scanning and exploitation campaigns
Responsibility declines as attacks continue: UK cybersecurity survey
Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack
Russian army targeted by new Android malware hidden in mapping app
Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp
Russian hackers ramp up cyberattacks to obstruct European societies
SK Telecom investigates data breach involving SIM-related information
SK Telecom under the spotlight after damaging data breach
Tennessee: Federal lawsuit filed in response to debt collection agency’s data breach
The dark side of YouTube: Malicious links, phishing, and deepfakes
The Ransomware Business Model: The State of Cybercrime
Thousands of Baltimore students, teachers affected by data breach following February ransomware attack
Three Reasons Why the Browser is Best for Stopping Phishing Attacks
Transparency Maroc: CNSS Data Breach Exposes Critical Flaws in Morocco’s Cybersecurity
UK government ransom ban – what does this mean for insurance?
UK Romance Scams Spike 20% as Online Dating Grows
UK utility cyberattacks rose 586% from 2022 to 2023
US Garmin users question the actual reason behind data collection: more reasons to revoke your insurance?
US Data Breach Victim Count Surges 26% Annually
US lost record $16.6 billion to cybercrime in 2024
Verizon Data Breach Investigations Report (DBIR): Cyberattacks Surge, Ransom Payments Down
Verizon Data Breach Investigations Report (DBIR): System intrusion is top healthcare breach cause
Verizon report reveals ‘dramatic surge’ in data breaches
Verizon's Data Breach Investigations Report (DBIR) Reveals 34% Jump in Vulnerability Exploitation
Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors
Warning: Ransomware Remains a Top Threat for SMBs
When confusion becomes a weapon: How cybercriminals exploit economic turmoil
Which? warns Gmail users to watch out for this convincing phishing email
Who needs phishing when your login's already in the wild?
Why K-12 schools are ripe for cyberattacks, in light of Baltimore City Public Schools (BCPS) data breach
Your cat’s microchip could carry malware
ZKSync reclaims stolen $5 million tokens after hacker claims bounty offer
22nd April
5 Major Concerns With Employees Using The Browser
$40 Billion Southeast Asian Scam Sector Growing “Like a Cancer”
80% of ransomware-hit Indian organisations had to pay off attackers to recover data
900,000 Roblox accounts may be on sale. Here’s what we know
Active! Mail RCE flaw exploited in attacks on Japanese organizations
AI Ethics, Cybersecurity and Finance: Navigating the Intersection
Beware of video call links that are attempts to steal Microsoft 365 access, researchers tell NGOs
Billbug Espionage Group Deploys New Tools in Southeast Asia
Biometrics vs. passcodes: What lawyers say if you're worried about warrantless phone searches
Border-crossing records between Ukraine and Moldova left open
BreachForums will rise from the dead Thursday - or will it? Not if Dark Storm has its way
British retailer Marks & Spencer (M&S) confirms being hit by ‘cyber incident’ amid store delays
Charleston Fire Department warns neighbors about email scam, possible data breach
Check Point Research report highlights surge in phishing tactics using trusted digital platforms
Check Point Research Unveils Q1 2025 Brand Phishing Trends: Microsoft Dominates as Top Target, Mastercard Makes a Comeback
China-linked Billbug hackers breached multiple entities in Southeast Asian country
Compliance weighs heavily on security and Governance, Risk and Compliance (GRC) teams
Cookie-Bite attack Proof-of-Concept (PoC) uses Chrome extension to steal session tokens
Critical Security Vulnerability Found in WordPress Plugin InstaWP Connect
Cyber attack on collection agency compromised Vitruvian Health’s patient data
Cyber attack on Marks and Spencer (M&S) leads to click and collect delays
Cybercriminals Exploit Network Edge Devices to Infiltrate SMBs
Cybercrooks spreading malware and trolling victims using Department of Government Efficiency (DOGE) jargon
Cybersecurity firm CEO arrested for installing malware on hospital’s computer
Data breach prompts increased cybersecurity measures at Baltimore City Public Schools
Deepfake-enabled fraud caused more than $200 million in losses
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Dutch intelligence reports Russian cyber attack
Dutch payment processor Adyen hit by cyber attack
Email pretending it’s a Google subpoena alert is a phishing scam
Fake Alpine Quest Mapping App Spotted Spying on Russian Military
Fake Google Security Alert Hides a Phishing Scam
Fog ransomware channels Musk with demands for work recaps or a trillion bucks
GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages
Google does about turn on OAuth issue behind ‘extremely sophisticated phishing attack’
Google spoofed in sophisticated phishing attack
Hacker infects Ripple’s XRP Ledger software with crypto stealing ‘backdoor’
Hacker Tricked SSL.com To Get Certificate Issued for Alibaba Cloud Domain
Hackers abuse Zoom remote control feature for crypto-theft attacks
Here's how Bybit hackers moved stolen billions – 28% of the funds have “gone dark”
High Court rules landlord entitled to additional £6m indemnity from insurance broker after data breach
IBM Asks: How is the Cybersecurity Landscape Evolving?
Information Commissioner’s Office (ICO) fines law firm DPP £60,000 over a major client data breach
Insurance data breach exposes sensitive info of 1.6 million people
Korea forms emergency response team after SK Telecom customer data breach
Law firm fined £60,000 following cyber attack
Legacy Google Service Abused in Phishing Attacks
Lotus Panda Hacks Southeast Asian Governments With Browser Stealers and Sideloaded Malware
Marks & Spencer (M&S): FTSE 100 giant battling cyber attack
Marks & Spencer (M&S) customers could face delays to orders after cyber attack
Marks & Spencer (M&S) launches investigation into cyber attack as CEO apologises for disruptions
Marks & Spencer confirms a cyberattack as customers face delayed orders
Marks & Spencer confirms cybersecurity incident amid ongoing disruption
Marks & Spencer suffers retail chaos, ongoing ‘cyber incident’ forces payment systems offline
Marks and Spencer cyber attack: M&S warns of delays after incident disrupts store operations
Medical Express Ambulance Inc. announces data breach
Microsoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among Corporate Users
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Morphing Meerkat Phishing Kit: A Deep Dive into Its Threats & Tactics
New Cryptojacking Malware Targets Docker with Novel Mining Technique
New Google email scams are alarmingly convincing - how to spot them
Next-Gen Phishing: The Rise of AI Vishing Scams
OCH Regional Medical Center Notifies 51,000 Patients About September 2023 Data Breach
Ofcom Bans Global Titles Leasing to Thwart Criminal Abuse of UK Mobile Networks
Over 135,000 ransomware attacks detected in Southeast Asia in 2024
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
Phishing scams are everywhere in Spain - here’s how to spot them and stay safe
Proof-of-Concept (PoC) exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
Ransomware Gang Takes Page From Elon's 'What Did You Do This Week' DOGE Emails
Ripple’s recommended XRP library xrpl.js hacked to steal wallets
Russia attempting cyber sabotage attacks against Dutch critical infrastructure
Russian Host Proton66 Tied to SuperBlack and WeaXor Ransomware
Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily
Singapore businesses record lowest ransomware attacks in Southeast Asia in 2024
SK Telecom warns customer USIM data exposed in malware attack
Sophisticated Phishing Attack Targets Gmail Users: What To Know
SSL.com Vulnerability Allowed Fraudulent SSL Certificates for Major Domains
SuperCard X Enables Contactless ATM Fraud in Real-Time
Teach young people about ransomware risks before they enter work, expert urges
The C-suite gap that’s putting your company at risk
The legal blind spot of shadow IT
The State of Ransomware in the First Quarter of 2025: Record-Breaking 126% Spike in Public Extortion Cases
The Verizon 2025 Data Breach Investigations Report (DBIR): Six Trends You Can’t Ignore
This “indie game” is actually password-stealing malware
This new Android malware can drain your bank account with a single card tap
Transparency Maroc raises alarm over data breach at Moroccan Employment Ministry, National Social Security Fund (CNSS)
Two Healthcare Orgs Hit by Ransomware Confirm Data Breaches Impacting Over 100,000
University of Michigan faces lawsuit due hacking and privacy breach
What school IT admins are up against, and how to help them win
Why Phishing Demands a People-First, Trust-Centric Response
21st April
5 Reasons Device Management Isn't Device Trust
20 Trillion Operations Per Second - But One Hacker Can Still Ground the F-35 Fighter Jet
66% of CISOs are worried cybersecurity threats surpass their defenses
Ahold Delhaize USA Confirms Data Stolen in 2024 Cyberattack
Akira Ransomware Launches New Cyberattacks Using Stolen Credentials and Public Tools
Akira Ransomware Using Compromised Credentials and Public Tools in New Wave of Cyberattacks
Attacks Via Infostealers Increased by 84% Via Phishing Emails Per Week
Beware of Fake Google Emails: How to Protect Your Gmail from Scammers
Beware of This Gmail Scam Masquerading as a Google Security Alert
Beware of this sneaky Google phishing scam
Beware, hackers can apparently now send phishing emails from “no-reply@google.com”
Booking.com Phishing Scam Uses Fake CAPTCHA to Install AsyncRAT
Careful Gmail Users: This Phishing Email Using Google Branding Can Trick You, Steal Personal Data
Clever New Scam Targets Gmail Users: How to Stay Safe
Credential theft outpaces ransomware as cyber threat landscape evolves, report claims
Cryptocurrency Recovery in 2025: Essential Steps and Professional Services to Reclaim Your Assets
Cyber threats now a daily reality for one in three businesses
Cybercriminals blend AI and social engineering to bypass detection
Cybercriminals Deploy FOG Ransomware Disguised as DOGE via Malicious Emails
Devices exposed to remote hacking via Erlang/OTP SSH vulnerability
DOGE is a national security threat, a giant data breach, and theft of your personal information
Emails delivering infostealers rose by 84% year-over-year
Fake Google Emails Are Fooling Gmail Users: Here’s How to Stay Safe
'Fog' Hackers Troll Victims With DOGE Ransom Notes
Fog ransomware notes troll with DOGE references, bait insider attacks
FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE
Fraud expert issues warning to prevent spear phishing scams
Gmail users be warned: New phishing scam uses THIS trick to steal your data
Gmail Users warned to stay cautious as New Phishing Attack bypasses Google’s Defense
Google Issues Urgent Warning: How To Spot The Latest Gmail Scam
Google OAuth vulnerability exploited in advanced phishing attack
Got This Email from Google? It’s a Scam! Here’s What You Must Do Immediately
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Hackers Can Now Exploit AI Models via PyTorch - Critical Bug Found
Hackers using new phishing technique to bypass Google's security in Gmail
How to Send DKIM-Signed, 100% Legit Phishing Emails - Straight from Google That Bypass Everything
IBM X-Force reports evolving threat landscape amid shifting tactics, marking rise in stealth and identity exploits
Indian businesses face nearly 700 ransomware attacks per day
Infostealer Attacks Surge 84% Weekly Through Phishing Emails
Israeli social security warns of phishing scam using fake messages, spoofed website
It’s Time to Stop Accepting Losses in Cybersecurity
Japan Warns of Hacked Trading Accounts and Unauthorized Trades
Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts
Kaspersky warns of rising SVG-based phishing attacks
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Long-Term Cyber Attack Reaches 35 Percent Of Total Incidents In 2024
Massive ongoing US toll fraud underpinned by Chinese smishing kit
Moscow Court Finds Google Guilty Of Data Breach
Multi-billion-dollar cyberscam industry spreading worldwide
Native Language Phishing Spreads ResolverRAT to Healthcare
New FOG Ransomware Attack Mimics DOGE Attacking Organization Via Weaponized Email
New Gmail phishing attack uses Google's garb: How to avoid it
New Gmail Phishing Attack Uses Real Google Email to Trick Users
New Gmail Phishing Scam Exposed: How Hackers Are Fooling Users With Official-Looking Emails
New Phishing Attack Appending Weaponized HTML Files Inside SVG Files
New Phishing Technique Hides Weaponized HTML Files Within SVG Images
NightSpire Stole 30GB Data from France’s Municipality of Ardon, Set to Leak it on 30th April
Nintendo is going after the leaker behind major Pokémon ‘Teraleak’
Nintendo is Trying to Find the Pokemon Teraleak Hacker
Nintendo Requests Subpoena of Discord to Track Down User Behind Last Year's Pokemon "TeraLeak"
Nintendo's On A Mission To Unmask The Pokémon 'Teraleak' Hacker
Nippon India MF solves cyber attack issue
North Korea, Iran, Russia-Backed Hackers Deploy ClickFix in New Attacks
Novel Advanced Malware-as-a-Service (MaaS) Platform for Android Used in Phishing Campaign Impersonating Banks
Outdated network devices are the hidden backdoors for Cyberattacks
Phishing attacks leveraging HTML code inside SVG files
Phishing scheme costs Jefferson Parish Sheriff’s Office more than $1 million, audit finds
Ransomware Attacks Cost Banks $6.08 Million on Average, Triggering Downtime and Reputation Damage
Ransomware Attacks on Banks Cost an Average of $6.08 Million Along With Downtime & Reputation Loss
Ransomware Snitches Wanted - $250,000 Bounty Offered
RedGolf Hackers Linked to Fortinet Zero-Day Exploits and Cyber Attack Tools
Russian bulletproof hosting system targeted by hackers to spread malware
Russian Hackers Target European Diplomats with ‘Wine-Tasting’ Phishing Scams
Security Tools: First, They’re Good, Then They’re Bad
Southeast Asian cyber fraud industry at ‘inflection point’ as it expands globally
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
Texas city takes systems offline after cyberattack
Urgent warning to all 1.8 billion Gmail users over 'sophisticated' attack stealing personal information
VibeScamming: Hackers Leverage AI to Craft Phishing Schemes and Functional Attack Models
VibeScamming – Hackers Using AI Tools to Generate Phishing Ideas & Working Models
VPNs Driving 25% of Incident Response Cases, Sophos Finds
Wan Hai website shut down in cyber attack
Warning for Gmail users! Google’s own tools used in major phishing scam
Watch Out for This Sophisticated Phishing Email That Looks Like It's From Google
Watch out for ultra-convincing phishing emails from Google & PayPal
Why CISOs are watching the GenAI supply chain shift closely
WordPress ad-fraud plugins generated 1.4 billion ad requests per day
Yokogawa Recorder Vulnerability Could Let Attackers Hijack Critical Industrial Systems