Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th May and 25th May 2025.24th May
$24M in crypto, 30 Bitcoins, and $700K seized as FBI takes down Russian hacker behind 700,000 computer ransomware army in Operation Endgame
184 Million Google, Microsoft, Apple and Instagram accounts leaked in data breach
437,329 Americans Hit by Massive Data Breach – Customer’s Names, Addresses, Social Security Numbers, Medical Records and More at Risk
Adidas warns of consumer data breach
After $220M Breach, Cetus Offers Hacker Deal as Sui Debates Control
Apple ID Data Breach Exposes Millions of Unencrypted Logins
British Columbia health authority faces class-action lawsuit over 2009 data breach
Department of Justice (DOJ) Seizes $24M in Crypto From Russian Qakbot Hacker in Global Crackdown
Europol takes down 100s of servers as part of ransomware hunt
Evaly hacked. Hacker demands contact from employees
FBI Seeks Information on the Silent Ransom Group Stealing Data from Legal Professionals in Social Engineering Campaign
Global crackdown targets ransomware supply chain
Global Operation Uncovers Russian Hacker Network Using Qakbot and Conti Malware
Indian IT giant Tata Consultancy Services (TCS) investigates link to M&S cyber attack
Kalamazoo Public Schools District Cyber Attack Claimed by the Interlock Ransomware Group
Massive Data Breach Exposes 184 Million Accounts: What To Know
Ransomware gang leaks French government emails
Russian Cybercriminal Charged in $24 Million Qakbot Ransomware Scheme
Silent Ransom Group targeting law firms, the FBI warns
SK Telecom Uncovers Two-Year Malware Attack, Leaking 26 Million IMSI Records
Teen Hacker Admits to Breaching Data of 70 Million Pupils and Teachers in Shocking US Cyberattack
Thousands of routers globally are now hacker honeypots
23rd May
3 Critical Pillars of Cyber-Resilience
3AM Ransomware Attackers Pose as IT Support to Compromise Networks
3AM Ransomware Gang Hacks Networks With Spoofed IT Calls And Email Bombing
3.6 times surge in mobile banking malware and 83% crypto phishing spike, reports Kaspersky
184 Million Records Database Leak: Microsoft, Apple, Google, Facebook, PayPal Logins Found
$223 Million Exploit Halts Cetus Protocol: Here’s What We Know So Far
$223 Million Sui-based Cetus exploit reminds of DeFi centralization
300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide
Adidas confirms data breach, customer contact details accessed via third-party vendor
Adidas warns of consumer data breach
AI Finds What Humans Missed: OpenAI’s o3 Spots Linux Zero-Day
Alabama State Government Experiences Cyber Incident
Australia must prepare for Hollywood-style cyber attack
Authorities claim to have broken key links in the ‘ransomware kill chain’...for now at least
Authorities paralyze cybercrime operations, hitting threat actors where it hurts
BadSuccessor Exploits Windows Server 2025 Flaw for Full AD Takeover
Cetus Crypto Exchange Drained of $223 Million in Latest Major DeFi Breach
Cetus Offers $6M Bounty to Hacker for Return of $56M in Stolen ETH
Cetus offers $6 million white hat deal to recover stolen ETH after hacker’s activity is blocked on Sui
Cetus Protocol Offers $6M Bounty to Hacker After Exploit
Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
Chinese hacker group TA-ShadowCricket infects 457 systems in South Korea
Chinese-Speaking Hackers Breach U.S. Local Governments via Critical Infrastructure Software Flaw
Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity
CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
Class action filed in British Columbia healthcare data breach potentially impacting over 28,000
Class-action lawsuit filed in British Columbia over 2009 Interior Health data breach
Cloudflare Closes Security Gap That Could Leak Visitor URLs
Co-op members quiz bosses on resilience after cyber attack
Coca-Cola’s largest distributor hit with hacker attack, Salesforce data exposed
Commvault clients should beware of campaign targeting cloud applications, CISA says
Commvault Nation-State Campaign Could Be Part of Broader SaaS Threat
ConnectWise ScreenConnect Tops List of Abused RATs in 2025 Attacks
Cyber Attack: Coinbase Data Breach Impacted over 69,000 Users
Cybercriminals Take Advantage of ChatGPT and Other Generative AI Models
Cybersecurity researcher points to massive data breach, complete with Apple ID logins
DanaBot botnet disrupted, QakBot leader indicted
Data breach at Adidas exposes customer information
Data breach disrupts operations at Kettering Health
Digital trust is cracking under the pressure of deepfakes, cybercrime
Dozens of malicious packages on NPM collect host and network data
DragonForce Engages in "Turf War" for Ransomware Dominance
Dragos reports surge in ransomware attacks as AI-powered tactics drive sharp rise in industrial targeting
Evaly E-commerce Platform Allegedly Breached
FBI warns of Luna Moth extortion attacks targeting law firms
Federal Trade Commission (FTC) finalizes security order against GoDaddy over data breach failures
Few Vietnamese firms ready for cyber threats
Former employees apply for class-action lawsuit against Interior Health over stolen identities
From Rockstar2FA to FlowerStorm: Investigating a Blooming Phishing-as-a-Service Platform
GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
Hacker network dismantled, Europol seizes 3.5 million euros in cryptocurrencies
Hacker Plunders $223,000,000 Worth of Crypto from Sui-Based Decentralized Exchange
Hacker steals $223 million in Cetus Protocol cryptocurrency heist
Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware
Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique
Impersonating Meta, Powered by AppSheet: A Rising Phishing Campaign Exploits Trusted Platforms to Evade Detection
INC Ransom claims recent attack on South African Airways
Indian IT giant investigates link to M&S cyber-attack
Inside LockBit: Data Leak Reveals Leading Affiliates and How They Operate
Interlock Ransomware target another healthcare provider
International Operation Targets Qakbot Hacker, $24M in Crypto Seized
Investigation into Tata Consultancy Services: Were they the gateway for a cyberattack on M&S?
Is it over 9,000? Report claims hackers are increasingly disguising malware as anime
Is privacy becoming a luxury? A candid look at consumer data use
It's been a bad week for ransomware operators
JPMorgan Chase, TD Bank Issue Data Breach Alerts After Rogue Workers Steal Sensitive Info, Triggering Fraudulent Transactions for Several Customers
Kettering hospitals scramble after ransomware attack, thousands of patient procedures canceled
Large-scale sting tied to Operation Endgame disrupts ransomware infrastructure
Law Enforcement Busts Initial Access Malware Used to Launch Ransomware
Leader of Qakbot Malware Scheme Indicted as U.S. Seizes $24M in Crypto
Legal Aid Agency (LAA) cyber attack: firms risk doing unpaid work
LockBit Data Leak Unveils Most Active Affiliates & Their Innerworkings
Login and password details for Apple, Google and Meta accounts found in huge data breach of 184 million accounts
London council reprimanded for data breach
Major police operation against ransomware: €3.5 million in crypto seized
Manufacturing most impacted by ransomware in Q1 2025
Marks & Spencer (M&S) shoppers urged to do this email check 'immediately' after cyber attack
Marks & Spencer (M&S) tech provider launches probe following cyber attack
Massive data breach: 184M+ credentials from Apple, Google, banks, & more exposed in alarming leak
Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more
Meta and PayPal users targeted in new phishing scam
Multiple Coca-Cola bottlers compromised by data breaches
Multiple French government institutions’ emails, passwords exposed, hackers claim
Mysterious hacking group Careto was run by the Spanish government, sources say
Naukri exposed recruiter email addresses, researcher says
New York: FBI Sounds Alarm on AI-Powered Phishing Scam
New York Department of Motor Vehicles (DMV) Warns Customers of Threat From New Phishing Scam
New York State Department of Motor Vehicles (DMV) issues alert on fraudulent text message scam
Nomad Bridge Hacker Arrested in Israel Over $190M Crypto Exploit
Nova Scotia Power confirms server breach was ‘sophisticated’ ransomware attack
Nova Scotia Power says ransomware hackers have published stolen data
One of the world's most dangerous hacker networks, linked to Russia, is dismantled
Operation Endgame 2.0: Europe’s Cyber Dragnet Just Crippled the Ransomware Economy at Its Source
Operation Endgame claims 300 domains in mass takedown effort
Operation ENDGAME strikes again: the ransomware kill chain broken at its source
Operation Endgame Takes Down DanaBot Malware, Neutralizes 300 Servers
Operation Endgame’s ransomware takedown continues
Outsourcing cybersecurity: How SMBs can make smart moves
Pakistan Among Least-Affected Countries by Web Threats in the Region
Phishing scam: Miami-Dade officials warn of fake texts claiming to be from Department of Highway Safety and Motor Vehicles
Police takes down 300 servers in ransomware supply-chain crackdown
Ransomware Attack Shuts Down 14 Ohio Medical Centers
Ransomware hackers charged, infrastructure dismantled in international law enforcement operation
Ransomware scum leaked Nova Scotia Power customers' info
Russia-Aligned TAG-110 Evolves Spear-Phishing Tactics in Tajikistan
Russian developer of Qakbot malware indicted by US for global ransomware campaign
Russian Fashion Retailer Prizmoda Allegedly Hit by Massive Data Leak
Russian hackers target US and allies to disrupt Ukraine aid, warns National Security Agency (NSA)
Russian Qakbot Gang Leader Indicted in US
Separate ransomware attacks purportedly hit Coca-Cola, bottling partner
Shields Health Care Agrees to $15.35 Million Settlement to Resolve Data Breach Litigation
Stolen data published as part of Nova Scotia Power cyber attack
Stormous Ransomware Group Allegedly Leaks French Government Data
Sui-based Cetus Protocol offers $6M bounty to hacker after $223M exploit
Survey Surfaces Limited Amount of Post Quantum Cryptography Progress
Sweet Peas Play Cafe in Fareham attacked by hacker
The Internet’s New Nightmare: Aisuru Botnet Sends Internet’s Largest Ever Cyber Attack
Threat Actors Using Copyright Phishing Lures to Deliver Rhadamanthys Stealer
TikTok videos + ClickFix tactic = Malware infection
TikTok videos now push infostealer malware in ClickFix attacks
Twice lucky? Cetus’ recovery plan on Sui mirrors a Solana blueprint
U.S. Authorities Seize DanaBot Malware Operation, Indict 16
U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
US healthcare firm postponed procedures after cyber attack knocked systems offline
US Indicts 16 Russian Nationals in DanaBot Case as Part of Global Operation Endgame
Versa Patches 3 Concerto SD-WAN Vulnerabilities, Including a Perfect 10.0
ViciousTrap Hacker Compromised 5,500+ Edge Devices From 50+ Brands & Turned Them Into Honeypots
ViciousTrap Hackers Breaches 5,500+ Edge Devices from 50+ Brands, Turns Them into Honeypots
ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices
What are the most common attacks that web hosting environments are suffering from?
Why Email Security Still Matters in 2025
Yale New Haven Health announces massive data breach affecting 5.5M patients
YOU are the best line of defense against phishing scams
22nd May
3AM Ransomware Adopts Email Bombing, Vishing Combo Attack
19-Year-Old Admits to PowerSchool Data Breach Extortion
69,461 People Impacted by Coinbase Data Breach, Exposing Addresses, Account Balances, Government IDs and Partial Social Security Numbers
A Whole Practice Approach to Cybersecurity
AI Service Provider Faces Class Actions Over Catholic Health Data Breach
AI-Generated TikTok Videos Used to Distribute Infostealer Malware
Alleged Data Breach Impacts Prominent Chinese Q&A Platform Zhihu
Another 'blockchain' bust: Crypto founder charged in $1m fraud scheme
Apple iCloud Accounts Exposed in Massive Data Breach
Average ransomware demand dropped by 22% in 2024
Be careful what you share with GenAI tools at work
Belgium: Twenty-one suspects face up to 5 years in prison for phishing and money laundering
BlackLock ransomware lays claim on Toho hack but proof lacking
Chinese hackers breach US local governments using Cityworks zero-day
Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
Chinese-speaking hackers targeting US municipalities with Cityworks bug
Coastal Orthopedics Agrees to Pay $1.4 Million to Settle Data Breach Litigation
Coca-Cola data breach exposes company employees
Coca-Cola Europacific Partners Allegedly Suffers Major Salesforce Data Breach
Coca-Cola, Bottling Partner Named in Separate Ransomware and Data Breach Claims
Coinbase admits data breach affected 69,000 customers - here's what you need to know
Coinbase Breach Affected Almost 70,000 Customers
Coinbase Data Breach Affects 69,000 Customers
Coinbase Data Breach Affects Nearly 70,000 Users, Discovered Months Later
Coinbase data breach affected nearly 70,000 customers
Coinbase Data Breach Exposes 69,461 Users, Sparks Regulatory Backlash
Coinbase Hacker Launders $45 Million In Stolen ETH, Openly Mocks Sleuth ZachXBT
Coinbase Hacker Launders Millions, Mocks Investigators with Meme
Coinbase Hacker Mocks Blockchain Investigator ZachXBT After Transferring $42M in Bitcoin
Coinbase Hacker Taunts ZachXBT After Laundering $42.5M In Bitcoin
Coinbase Hacker Trolls Crypto Sleuth ZachXBT After Moving $42 Million in Bitcoin
Coinbase hacker trolls ZachXBT onchain after $42.5 Million THORChain swap
Coinbase Hacker Turns Troll, Drops Taunts While Laundering Funds
Coinbase hit by cyber-attack with up to $400m losses
Coinbase says over 69,000 customers affected by data breach
Coinbase Hacker Taunts ZachXBT, Swaps $42.5M BTC to ETH
Co-op cyber attack: What happened and when will shops be back to normal?
Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
Critical Zero-Days Found in Versa Networks SD-WAN/SASE Platform
CTM360 report: Ransomware exploits trust more than tech
Cyber Attack Hits Largest U.S. Steel Manufacturer Nucor Corporation Amid Trump Tariffs
Cyberattack Hits Cellcom: Voice, Text Services Down; FBI Notified
Data breach at Asheville medical provider prompts class action lawsuit
Data breach at Harris Center exposes personal information of over 445,000 individuals
Database Leak Reveals 184 Million Infostealer-Harvested Emails and Passwords
Deadline approaching for over 35,000 affected by data breach in Northwest Territories
Decentralized crypto platform Cetus hit with $223 million hack
Deepfake Scam or Inside Job? Rethinking the Business Email Compromise (BEC) Threat
Department of Justice (DOJ) charges man allegedly behind Qakbot malware
Email bombing, other techniques leveraged by 3AM ransomware gang
Europe is to sanction Putin's pals over 'hybrid' threats
Everest Hacking Group Claims Coca-Cola Data Breach, Exfiltrates 23 Million Records
FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections
FBI Seizes Key Domains Behind LummaC2 Malware Used in Global Credential Theft
Federal Trade Commission (FTC) finalizes order requiring GoDaddy to secure hosting services
Feds finger Russian 'behind Qakbot malware' that hit 700K computers
Following Data Breach, Multiple Stalkerware Apps Go Offline
Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
Hacker behind U.S communication breach stole data from across government
Hacker roamed Eindhoven University of Technology (TU/e) network for five days
Hacker steals more than $300K from City of Santa Fe pay portal
Hacker who breached communications app used by Trump aide stole data from across US government
Hackers use fake Ledger apps to steal Mac users’ seed phrases
How attacker used fake tokens to swipe $220m from Sui DeFi exchange Cetus
Identity Security Has an Automation Problem - And It's Bigger Than You Think
In malware-ransomware extortion scheme, feds in Los Angeles charge man believed to be in Russia
iOS sleep management app leaked personal user details online
Ivanti EPMM flaw exploited by Chinese hackers to breach government agencies
JavaScript Crypto Library OpenPGP.js Hit by High-Risk Spoofing Vulnerability
Kettering Health Cyber-Attack Disrupts Services
Kettering Health works to restore systems after cyber-attack
Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer
Lessons Learned from the Legal Aid Agency Data Breach
Lumma malware threat disrupted as Department of Justice (DoJ) and Microsoft takedown over 2300 malicious domains
Major data leak exposed 184 Million Facebook, Snapchat, Roblox logins and passwords
'Major Wake-Up Call': How $400M Coinbase Breach Exposes Crypto's Dark Side
Majority of oil and gas companies suffered a data breach in past month
Many rush into GenAI deployments, frequently without a security net
Marks & Spencer (M&S) confirms month-long breach result of Tata Consulting Services (TCS) third-party vendor phishing attack
Marks & Spencer (M&S) cyber-attack: how to protect yourself from sim-swap fraud
Marks & Spencer (M&S) online disruption to last until July after cyber-attack
Marks & Spencer (M&S) shoppers told to look out for these two emails
Marks & Spencer (M&S) shoppers urged to be on 'high alert' after cyber attack
Marks & Spencer cyber attack 'won't impact new flagship stores'
Marks & Spencer Expects Ransomware Attack to Cost $400 Million
Marlboro-Chesterfield Pathology Data Breach Impacts 235,000 People
Massachusetts college student accused of 2024 PowerSchool data breach gets plea deal
Massachusetts college student to plead guilty in massive PowerSchool data breach and extortion scheme
Massive data breach exposes 184 million online accounts
Massive data breach exposes swath of unencrypted Apple ID logins
Massive Landmark Properties breach alleged by Morpheus ransomware gang
Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains
Microsoft says Lumma password stealer malware found on 394,000 Windows PCs
Microsoft, DOJ Take Actions Against ‘Favored Info-Stealing Malware’ Lumma
North Carolina Pathology Laboratory Suffers 235K-Record Data Breach
‘Personal and sensitive’ data stolen in West Lothian Council cyber-attack
Phishing Campaign Targets International Students in the US
Ransom demanded, emergency care diverted as Kettering Health reels from cyberattack
Ransomware Attack Disrupts Kettering Health, Cancels Procedures Across 14 Medical Centers
Ransomware attack hits US healthcare firm Ketting Health
Ransomware Attack Hits West Lothian Schools, Data Theft Confirmed
Ransomware Still Reigns as #1 Threat to Healthcare
Ransomware Threat as High for Insurers As it is For Their Clients
Ransomware threat evolves with deceptive PDFs
Russia-aligned hackers target Tajikistan in new espionage campaign
Russian hacker group Killnet returns with new identity
Russian national and leader of Qakbot malware conspiracy indicted in long-running global ransomware scheme
Russian Threat Actor TAG-110 Goes Phishing in Tajikistan
Scottish council admits ransomware crooks stole school data
Sensitive Personal Data Stolen in West Lothian Ransomware Attack
Signal blocks Microsoft Recall from screenshotting conversations
Signal’s new Windows update prevents the system from capturing screenshots of chats
Stalkerware apps go dark after data breach
Surge in extortion phishing emails reported in the UK
Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough
Tech expert reveals five urgent actions Marks & Spencer (M&S) shoppers must take after major data breach
Teen Hacker Stole 60 Million Kids’ Data and Tried to Ransom It for Bitcoin
Tees, Esk and Wear Valleys (TEWV) NHS Trust in data breach after email addresses shared
The craftiest phishing techniques and how to defend against them
The Ransomware Threat: Still Alive and Kicking
Troy Hunt launches Have I Been Pwned (HIBP) 2.0 data breach search engine
Two emails Marks & Spencer (M&S) shoppers should look out for on back of cyber attack
Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE
Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host
Unpatched Windows Server vulnerability allows full domain compromise
US indicts leader of Qakbot botnet linked to ransomware attacks
US indicts Russian accused of running major global cybercrime ring
Wallet tied to Coinbase phishing campaigns launders funds, taunts ZachXBT after $42.5M Thorchain swap
West Lothian Council Confirms Data Stolen in Cyber-attack
West Lothian Falls Victim to Ransomware Attack
West Lothian schools hit by ransomware attack
Western Logistics and Tech Firms Targeted by Russia’s APT28
Which Industrial Sectors Are Most Targeted by Ransomware?
Will cyber-attack threaten M&S’s hard-won return to fashion relevance?
21st May
3AM ransomware uses spoofed IT calls, email bombing to breach networks
62 million iPhone users’ records leaked online, attackers claim
Active Directory delegated Managed Service Account (dMSA) Privilege Escalation Attack Detailed by Researchers
Adidas Investigates Customer Data Breaches in Turkey and Korea
AI Chatbot Jailbreaking Security Threat is ‘Immediate, Tangible, and Deeply Concerning’
Alleged Data Breach Exposes 1.02 TB of Sensitive Property Information
American student housing developer breached, hackers claim
Anne Arundel County Department of Health Confirms February Ransomware Attack
April 2025 Healthcare Data Breach Report
Arla Foods targeted by hackers, product operations disrupted
Ascension faces fresh data breach fallout
Australian Taxation Office (ATO) Tax Refund Data Breach Update: Urgent Warning Issued As Hackers Hijack myGov Accounts, Pocket Funds
Cause of Marks & Spencer (M&S) cyber attack confirmed as disruption could carry on until July
Cellcom confirms cyber attack to blame for outage
Chrome will auto-change your compromised password - if you want
Coinbase breach hit almost 70k users
Coinbase reveals almost 70K customers affected in data breach
Coinbase says its data breach affects at least 69,000 customers
Coinbase says recent data breach impacts 69,461 customers
College student to plead guilty to PowerSchool hack
Consumer Reports: Kroger using loyalty program to package, sell customer data
Critical Condition: The Growing Threat of Healthcare Data Breaches
Critical Samlify SSO flaw lets attackers log in as admin
Cyber attack costs Marks & Spencer 300 million pounds
Cyber-attack on the Legal Aid Agency’s online digital services
Cybercriminals Mimic Kling AI to Distribute Infostealer Malware
Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs
Data-stealing VS Code extensions removed from official Marketplace
‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential refuge addresses
Despite Huione darknet shutdown, enablers of crime remain intact
Dutch Espionage Law Update 2025: Cyber Offenses Now Punishable by Up to 12 Years
European Union sanctions Stark Industries for enabling cyberattacks
Everything we know about the Peter Green Chilled cyber attack
Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims
Five reasons you should be more worried than you probably are about the Legal Aid data breach
Flaw in Google Cloud Functions Sparks Broader Security Concerns
Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager
Guilty plea entered by PowerSchool hacker
Hacker who breached communication service used by Waltz also targeted tens of other US government officials
Hacker who breached Trump aide’s app, uncovers widespread US government data
Hackers advertise fake AI video generator on Facebook - users get malware
Hackers claim Godzilla creator breach, researchers think otherwise
Harbin Clinic: 210,000 Individuals Affected by Nationwide Recovery Services Data Breach
Hong Kong Regulator Bans Broker Text Links After Phishing Scams Hit Traders
How Private Investigators Handle Digital Forensics?
Hundreds of passport applications exposed at diplomatic institution
Kenya: National Social Security Fund (NSSF) Denies Allegations of Massive 2.5TB Data Breach
Kenya: National Social Security Fund (NSSF) Suffers Ransomware Attack, 1.2 Million Members' Savings at Risk
Kettering Health Hit by Cyberattack: Network Outage and Scam Calls Reported
Kettering Health hit by system-wide outage after ransomware attack
Kettering Health Suffers System Wide Outage Following Ransomware Attack
Kettering Health working 'around the clock' to restore tech systems after cyber attack
KrebsOnSecurity Hit with 6.3 Tbps DDoS Attack via Aisuru Botnet
Legal aid data breach affects UK applicants
Lumma infostealer malware operation disrupted, 2,300 domains seized
Lumma infostealer’s infrastructure seized during US, EU, Microsoft operation
Lumma Stealer Malware-as-a-Service operation disrupted
Major crypto platform hit by ‘$400m’ cyber attack with customers issued danger warning
Major Facebook data leak reveals 1.2 billion user records, hacker claims
Marks & Spencer (M&S) admits ‘human error’ caused major cyber attack set to cost £300 million
Marks & Spencer blames ‘human error’ as cyber attack disruption to last until July
Marks & Spencer blames ‘human error’ as cyber attack set to cost £300m
Marks & Spencer (M&S) boss reveals exact cause of cyber attack and says chain was 'unlucky'
Marks & Spencer (M&S) Braces for £300 Million Cyber-Attack Costs
Marks & Spencer (M&S) Confirms £300 Million Profit Loss from Cyber-attack As National Crime Agency (NCA) Eyes Scattered Spider
Marks & Spencer (M&S) cyber attack: How long will disruption last and what will happen to my orders?
Marks & Spencer (M&S) cyber-attack cuts retailer’s profit by £300m
Marks & Spencer (M&S) cyber-attack disruption to last until July
Marks & Spencer (M&S) cyber-attack expected to wipe out £300 million from profits
Marks & Spencer expects £300m impact from cyber attack as recovery continues
Marks & Spencer expects £300m profit hit from cyber attack
Marks & Spencer (M&S) expects cyber attack to have £300 million hit
Marks & Spencer (M&S) expects cyber-attack to last into July and cost £300m in lost profits
Marks & Spencer (M&S) faces £300m hit as cyber attack fall-out continues
Marks & Spencer Faces £300 Million Profit Hit Following Ransomware Attack
Marks & Spencer faces $402 million profit hit after cyberattack
Marks & Spencer reveals impact of serious cyber attack
Marks & Spencer (M&S) says cyberattack will hit profits by £300 million, disruption to last until July
Marks & Spencer (M&S) says cyber-attack disruption to last until July and is likely to cost £300 million
Marks & Spencer Says Cyber-Attack To Cost Company £300m
Marks & Spencer (M&S) to face disruption from massive cyber attack for another two months
Marks & Spencer (M&S) warns of £300m profit hit from cyber attack
Marks and Spencer (M&S) cyber attack disruption to last until July and cost £300 million
Marks and Spencer (M&S) warns cyber attack disruption will last until July and hit profits by £300m
Marks and Spencer (M&S) warns of £300m hacking crisis hit - and disruption could last months
Marks and Spencer warns of £300 MILLION profit hit and says cyber attack crisis will disrupt customers until July
Massachusetts College Student Behind Child Data Breach Set to Plead Guilty: ‘It’s Textbook Cyber Crime’
Massachusetts college student charged with hacking PowerSchool's system, 2024 North Carolina data breach
Massachusetts college student pleads guilty to PowerSchool cyberattack
Massive Leak: Hacker Claims to Have Unveiled 1.2 Billion Facebook User Records
Midwestern telco Cellcom confirms cyber incident after days of service outages
Millions of Node.js Apps at Risk Due to Critical Multer Vulnerabilities
Nation-state APTs ramp up attacks on Ukraine and the EU
National Cyber Security Centre (NCSC) Helps Firms Securely Dispose of Old IT Assets
Near record DDoS attack hits KrebsOnSecurity - blog withstands it
Nearly 70,000 impacted by Coinbase breach involving $20 million ransom demand
PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
Ransomware Attack Forces Kettering Health to Cancel Procedures
Ransomware attacks dropped by a third last month
Ransomware suspected in Kettering Health cyberattack disrupting patient services, canceling elective procedures
Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
Retail hackers believed to be young and from US and UK, detectives say
Russian GRU Is Hacking IP Cameras and Logistics Firms to Spy on Aid Deliveries from Western Allies to Ukraine
Russian hackers breach orgs to track aid routes to Ukraine
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
Russia to enforce location tracking app on all foreigners in Moscow
Scammers Use Fake Kling AI Ads to Spread Malware
Scattered Spider is focus of National Crime Agency (NCA) inquiry into cyber-attacks against UK retailers
School districts nationwide sue PowerSchool amid data breach extortion attempts
Sensitive data stolen in West Lothian cyber attack
Serviceaide data breach affected over 480,000 Catholic Health patients
Slow recovery ‘appropriate’ to ensure Marks & Spencer (M&S) is secure after cyber attack
South Korea: Highlight fan club suffers data breach, personal information of 897 fans leaked
Supplier for Aldi, Tesco and Sainsbury's 'held to ransom' in cyber attack
Teen Hacker Admits Guilt in Major Cyberattack on PowerSchool
The £300m cyber attack: Marks and Spencer (M&S) warns of huge hit to profits after hack halted orders on website and caused empty shelves
This is how much money you should keep in your pocket in case of a cyberattack
Thousands hit by Legal Aid data breach, Ministry of Justice (MoJ) reveals
Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up
Too Much Time Being Spent on Managing Cybersecurity Tools
Two-Fifths of Americans Want to Ban Biometric Use
UK police looking at 'range' of potential perpetrators behind retail cyberattacks
UK retailer Marks & Spencer (M&S) estimates $400 million loss from cyberattack
Urgent warning to billions of Gmail users over dangerous 'no-reply' attack
US student agrees to plead guilty to hack affecting tens of millions of students
US Teen to Plead Guilty in PowerSchool Extortion Campaign
VanHelsing ransomware source code leaked on hacker forum
Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms
What good threat intelligence looks like in practice
What It Costs to Hire a Hacker on the Dark Web
20th May
19-year-old accused of largest child data breach in U.S. agrees to plead guilty to federal charges
100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
A familiar playbook with a twist: 3AM ransomware actors dropped virtual machine with vishing and Quick Assist
Adidas Data Breach - Customers’ Personal Information Exposed
Adidas Türkiye unveils data breach affecting customer information
After Bankruptcy, 23andMe Finds a Buyer in Regeneron - But What Happens to Your Data?
AI agent adoption is driving increases in opportunities, threats, and IT budgets
AI voice hijacking: How well can you trust your ears?
Allegations Emerge of a Massive 1.2 Billion Facebook Data Leak on the Dark Web
Alleged Data Breach Exposes Millions of Social Security Administration Records
Alleged Leak of 62 Million Chinese Apple iOS User Records Surfaces
Ascension healthcare data breach exposes 430,000 patient records
Broadcom confirms employee data exposed in supply chain ransomware breach
Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
Coinbase changed lawsuit rules a day before disclosing data breach
Coinbase Data Breach Will ‘Lead to People Dying,’ TechCrunch Founder Says
Coinbase Under Federal Investigation After Massive Data Breach
Companies are increasingly limiting access to AI tools: millions of DNS queries blocked
Compromised RVTools Installer Spreading Bumblebee Malware
Containers are just processes: The illusion of namespace security
Critical Software Vulnerabilities Rose 37% in 2024
Cyber Attack Hits Supplier to Major UK Supermarkets
Cyber attack on Indian media Zee News, experts foil nefarious attempt
Cyber attack threat keeps me awake at night, HSBC bank boss says
Cybersecurity firm says more people in Japan being targeted by phishing emails
Cyberthreat to Alabama state government ‘neutralized’
Data breach on Coinbase: risk to user security
DDoSecrets publishes 410 GB of messages from hacked Signal clone used by Mike Waltz
Debt Collector Data Breach Affects 200,000 Harbin Clinic Patients
Department of Justice (DOJ) Launches Criminal Probe into Coinbase Insider Data Breach
Dutch government passes law to criminalize cyber-espionage
Food distributor for supermarkets hit by ransomware attack
Food distributor the latest to fall foul of cyber attack
Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse
Google Warns Hackers That Victimized UK Retailers Now Targeting US Firms With Cyber Attacks
Government Organizations Lose Nearly a Month in Downtime for Every Ransomware Attack
Hack.gov: TeleMessage data breach published by DDoSecrets
Hackers are distributing a cracked password manager that steals data, deploys ransomware
Hackers are spreading fake password manager ransomware via Bing ads
Hacking, ransomware driving more healthcare data breaches
Half of Consumers Targeted by Social Media Fraud Ads
Half of Firms Hit by Months-Long Cyber-attack Disruption
Hazy Hawk Attack Spotted Targeting Abandoned Cloud Assets Since 2023
Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
Hazy Hawk gang exploits DNS misconfigs to hijack trusted domains
How Schools Can Use Strategic Communication to Tackle Rising Cyber Threats
HSBC boss says cyber attack threat keeps him ‘awake at night’
India: Gujarat Anti-Terrorism Squad (ATS) Nabs Teen Hacker Behind Attacks On Indian Government Websites During Operation Sindoor
India: Gujarat Teen Arrested, Minor Booked for Launching Cyber Attack on Government Websites
Large Retailers Land in Scattered Spider's Ransomware Web
Legal Aid Agency (LAA) offline to deal with cyber attack after unconfirmed reports of 2.1 million records affected
Legal Aid Agency suffers data breach
LockBit Leak Shows Affiliates Use Pressure Tactics, Rarely Get Paid
Low Effort, High Reward: How Nailing Basic Cyber Hygiene Makes an Organization Stronger in the Age of the ‘Novel’ Attack Vector
Major Russian state services disrupted, reportedly due to cyberattack
Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts
Marks & Spencer (M&S) faces lawsuit following cyber attack data leak
Marks & Spencer (M&S) hackers used employee logins from third-party consulting firm Tata Consultancy Services (TCS), sources say
Marks and Spencer (M&S) hit with class action lawsuit over cyber attack
Million-dollar lawsuit threatens Marks & Spencer after cyber attack
Ministry of Justice (MoJ) Confirms Massive Data Breach in Legal Aid System Affecting Applicants Since 2010
Mobile carrier Cellcom confirms cyberattack behind extended outages
Morgan County 911 Cyber attack leaves systems down for days
Mounting GenAI Cyber Risks Spur Investment in AI Security
MPs grill Barclays on outages as HSBC raises cyber attack concerns
New DBatLoader campaign sets sights on Turkey
New Nitrogen Ransomware Targets Financial Firms in the US, UK and Canada
Nobody safe from cyber attacks, says Gloucester City Council boss
Novel Phishing Attack Combines AES With Poisoned npm Packages
Ohio: Ransomware attack triggers ‘system-wide’ tech outage at large network of medical centers
Ohio’s Kettering Health system facing widespread outages after cyberattack
Over 50% of the top oil and gas companies suffered data breaches in the past 30 days
Pakistan: Higher Education Commission (HEC) alerts public of increasing cyber attacks
Peter Green Chilled cyber attack: Major supermarket distributor to Tesco and Sainsbury's 'held to ransom'
Peter Green Chilled Cyberattack Disrupts Supermarket Supply Chain Across the UK
Phishing Attack Prevention - Best Practices for 2025
Phishing, online scams dominate global cybercrime landscape, says Interpol
Post Office agrees to compensate hundreds of sub-postmasters following data breach
Post Office agrees to pay compensation over subpostmaster data breach
Post Office data breach victims to get compensation
Post Office to compensate hundreds of data breach victims
PowerSchool hacker pleads guilty to student data extortion scheme
Premium WordPress 'Motors' theme vulnerable to admin takeover attacks
Ransomware attack hits supplier of refrigerated groceries to British supermarkets
Ransomware attack on food distributor spells more pain for UK supermarkets
Ransomware deployed via Atlassian Confluence exploit
Real Estate Giant Landmark Properties Allegedly Hit by Morpheus Ransomware
Retailer Tesco, Aldi’s supplier, hit with ransomware
Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers
Russian group 'Qilin' claims City of Abilene data breach, demands ransom by May 27th
RVTools hit in supply chain attack to deliver Bumblebee malware
Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang
Second Adidas location confirms data breach
Service desks are under attack: What can you do about it?
Serviceaide Cyber Attack Exposes 480,000 Catholic Health Patients’ Data
SK Telecom says malware breach lasted 3 years, impacted 27 million numbers
Skitnet malware: The new ransomware favorite
Somerset distributor to supermarkets hit by cyber attack
Somerset-based Peter Green Chilled hit by cyber attack
South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
Supplier for Tesco, Aldi and Sainsbury's hit by cyber attack
Supplier to major UK supermarkets Aldi, Tesco & Sainsbury’s hit by cyber attack with hackers ‘demanding payment’
Supplier to Sainsbury’s, Tesco, and Aldi hit by new cyber attack
Supplier to Tesco, Aldi and Lidl hit with ransomware
Surveillance apps Cocospy, Spyic, and Spyzie shut down following massive data breach
Tesco and Sainsbury's supplier hit in cyber attack with 'products wasting away'
Tesco and Sainsbury’s supplier hit in latest cyber attack
Tesco, Aldi, Lidl, Sainsbury's supplier hit by cyber attack after M&S and Co-op
Tesco, Sainsbury's and Aldi supplier 'held to ransom' in latest cyber attack
The Changing Landscape of Ransomware: Why Healthcare Organizations Are Paying Less
The Philippines: ‘Scam hub’ shut down after hacker’s exposure
The Truth Is Always in the Code: Why Security Starts With Visibility
Trojanized KeePass app versions facilitate ransomware compromise
Trojanized KeePass opens doors for ransomware attackers
Tycoon2FA Linked Phishing Attack Targeting Microsoft 365 Users to Steal Logins
U.S. college student pleads guilty in data breach that affected North American schools
UK: Supplier to major supermarkets hit by cyber attack
Uncensored AI Tool Raises Cybersecurity Alarms
Unrestricted chatbot Venice.ai empowers hackers to wreak havoc online
US Department of Justice (DoJ) Said to Open Probe Into Coinbase Data Breach, Firm Claims Involvement of Indian Employees
US mental health clinic hack exposes tens of thousands
VanHelsing ransomware builder leaked on hacking forum
W3LL Phishing Kit Actively Attacking Users to Steal Outlook Login Credentials
W3LL Phishing Kit Launches Active Campaign to Steal Outlook Login Credentials
Your AI isn’t safe: How LLM hijacking and prompt leaks are fueling a new wave of data breaches
19th May
23andMe sold for $256 million as buyer pledges to comply with existing privacy policies
67% of Organizations Faced Cyber Attacks in The Past 12 Months
200,000 Harbin Clinic Patients Impacted by Nationwide Recovery Services (NRS) Data Breach
210,000 American clinics‘ patients had their financial data leaked
A drug developer is buying 23andMe - what does that mean for your DNA data?
AI hallucinations and their risk to cybersecurity operations
Arla Foods confirms cyberattack disrupts production, causes delays
Australian Police Seize Hacker’s Bitcoin, Mansion and Luxury Car
Binance and Kraken Thwart Coinbase-Style Phishing Attacks
Bitcoin trail leads police to $2.6m asset seizure in Australia
Breaches at Serviceaide, Nationwide Recovery Services expose medical info of more than 500,000 people
BreachForums Admin to Pay $700,000 in Health Care Data Breach
Brussels Court Slams Tracking-Based Ads, Upholds GDPR Privacy Standards
Cocospy stalkerware apps go offline after data breach
Coinbase Crypto Exchange Reports Losses of Up to $400 Million After Data Breach
Coinbase Faces Legal Storm Amid S&P 500 Inclusion and Data Breach
Coinbase Faces Multiple Lawsuits After User Data Breach
Coinbase Faces Wave of Lawsuits Over Customer Data Breach
Coinbase hit by multiple data breach lawsuits
Coinbase Slammed With Face Scan, Data Breach Lawsuits as User Fury Grows
Communications Data Group reports data breach affecting over 40,000 individuals
Criminal history stolen in Legal Aid Agency hack
Criminal records stolen in 'significant' cyber attack on Legal Aid Agency
Criminal records, financial data exposed in cyber attack on Legal Aid Agency
Crypto Heist Aftermath: Australian Hacker Loses Mansion and Bitcoin Fortune
CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide
Cyber attack on legal aid agency
Cyber attack on Legal Aid Agency exposed 'significant' personal data
Cyber attack on UK legal aid agency exposes private data, including criminal records
Cyberattacks a severe hit on brand reputation, industry report founds
Data breach at Effortel exposes personal information of 70,000 Belgian mobile users
Data breach at Nationwide Recovery Services (NRS) affects over 210,000 Harbin Clinic patients
DDoSecrets Adds 410GB of TeleMessage Breach Data to Index
Department of Justice (DOJ) is investigating Coinbase data breach
Domestic abuse victim data stolen in Legal Aid hack
Eindhoven University of Technology: ‘TU/e acted well in cyber attack, but there are also learning points’
ELPACO-Team Ransomware Targets Confluence Servers Through Flaw CVE-2023-22527
EU Stakes Out Digital Sovereignty With Vulnerability Database
Excelsior Springs School District Details Cybersecurity Response After $253K Phishing Theft
Fake clinics used in healthcare phishing scam
Fake KeePass password manager leads to ESXi ransomware attack
Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards
GDPR Changes Risk Undermining its Principles, Civil Society Groups Warn
Hacker Arrested for Taking Over SEC Social Media to Spread False Bitcoin News
Hacker Charged for Hijacking SEC Account to Promote Fake Bitcoin News
Hacker had broad access to Eindhoven University's network for days in January
Health Care Data Breach Costs BreachForums Admin $700,000 Fine
Hacker of Securities and Exchange Commission's X account gets 14 month jail time
How CISOs Can Stay Ahead of Evolving Cloud Threats
How to protect your data after a cyber-attack
Huge cyber attack targets Legal Aid as names and personal details at risk
Inside the LockBit Leak: Rare Insights Into Their Operations
Legal Aid Agency Admits Major Breach of Applicant Data
Legal Aid Agency Cyber Attack Exposes ‘Significant’ Personal Data in Major Breach
Legal Aid Agency data breach
Legal Aid Agency hit by cyber attack
Legal Aid Agency Loses ‘Significant’ Amount of Data to Cyber-Attack
Legal Aid Agency suffers serious data breach
Legal Aid cyber attack: Huge amount of personal data stolen
Legal aid cyber attack: 'Significant amount of personal data' stolen in latest major hack to hit UK
Legal aid hack: data from hundreds of thousands of people accessed, says Ministry of Justice (MoJ)
Legal aid hack: Names, financial details and criminal histories compromised in cyberattack, Ministry of Justice says
Malicious RVTools installer found on official site, researcher warns
Man Behind SEC Bitcoin Hoax Tweet Sentenced in SIM Swap Hack
Marks & Spencer (M&S) CEO faces multimillion-pound pay hit after cyber attack
Marks & Spencer (M&S) confirms staff data stolen in cyber attack
Marks & Spencer (M&S) hack: attackers gained access via compromised third-party
Marks & Spencer (M&S) Hong Kong not responding to Privacy Commissioner’s Office after online customer data breach
Marks & Spencer (M&S) staff data stolen in cyber attack
Ministry of Justice hit by brazen cyberattack as hackers steal ‘significant amount’ of personal data
More Than 100 Groups and Individuals Oppose GDPR Changes
Mozilla fixes Firefox zero-days exploited at hacking contest
Nearly 27 million mobile fingerprints leaked in SK Telecom data breach
New Malware on PyPI Poses Threat to Open-Source Developers
NHS Charter Urges Vendors to Improve Cybersecurity to Prevent Ransomware
NHS England launches cyber charter to shore up vendor security practices
Northumbria Police report rise of extortion and phishing
O2 UK patches bug leaking mobile user location from call metadata
O2 was leaking user geolocation to anyone who was initiating a call
Official UK records confirm cyberattacks put NHS patients at risk of clinical harm
Over 40,000 iOS Apps Found Exploiting Private Entitlements
Personal data accessed in legal aid cyber attack
Personal data taken in UK legal aid cyber attack
Personal data taken in UK legal aid cyber attack, government says
Queensland hacker Shane Duffy loses $4.5M in cybercrime asset seizure, including Bitcoins
Ransomware attacks on agriculture industry now twice as high compared to year prior
Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access
RCE Vulnerability Found in RomethemeKit For Elementor Plugin
Redcar and Cleveland: The inside story of a council held to ransom in cyber-attack
Research Tracked 1 Malicious Email Every 42 Seconds in 2024
RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer
Securities and Exchange Commission (SEC) hacker gets jail time
Securities and Exchange Commission (SEC) SIM Swapper Gets 14 Months for X Account Hijack
Security Leaders Discuss the New EU Vulnerability Database
Serviceaide Leak Exposes Records of 500,000 Catholic Health Patients
Serviceaide leak impacts over 480K Catholic Health patients
'Significant amount' of data taken in cyber attack on Legal Aid Agency
'Significant' amount of personal data accessed in Legal Aid Agency (LAA) cyber attack
'Significant' personal data exposed in cyber attack on Legal Aid Agency
SIM Swap Hacker Jailed for Hijacking SEC’s X Account and Faking Bitcoin ETF News
SK Telecom data breach exposes 27 million user records
SK Telecom data breach larger than initially reported
SK Telecom USIM Data Compromise: Millions of Customers at Risk
Solicitors criticise ‘antiquated’ Legal Aid Agency IT system after cyber attack
Suspect sentenced to 14 months in prison for SIM swapping the SEC’s X account
The Ransomware Threat: How to respond and protect your organisation
Thousands of WordPress Sites at Risk Due to Critical Crawlomatic Plugin Vulnerability
Tracking Accusations May Have Roblox Back in Court
UK government confirms massive data breach following hack of Legal Aid Agency
UK Legal Aid Agency confirms applicant data stolen in data breach
UK Legal Aid Agency Finds Data Breach Following Cyberattack
UK Legal Aid Agency Hit by Cyberattack, Sensitive Data Stolen
US President Donald Trump to sign bill criminalizing revenge porn and explicit deepfakes
What it’s like to negotiate with ransomware gangs
When it Comes to AI Cybersecurity Tools, We’re Always Buying Vibes