Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC

Monday, 9 June 2025

Data Breaches Digest - Week 24 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 9th June and 15th June 2025.


15th June

700% spike in cyber attacks on Israel since strike on Iran

Bulgaria: Fake phishing emails from National Health Insurance Fund (NHIF) are used to drain bank accounts

Canada's cybersecurity head offers rare insight into Nova Scotia Power breach

Canadian WestJet App Compromised Due To A Cyber Attack, Carrier Assures Passengers Of Safe Flight Operations

Over 8 Million patient records leaked in healthcare data breach

Over 46,000 Grafana instances exposed to account takeover bug

SK Group focuses on rebuilding trust after data breach

SK Telecom to resume new eSIM-based subscriptions following data breach

14th June

Adidas statement after customer details taken in cyber breach

AI ‘ghost students’ are targeting college kids and stealing their financial aid

AI-Driven Phishing Attacks Are Outsmarting Employees

Anubis ransomware adds wiper to destroy files beyond recovery

AT&T Data Breach Exposes Millions: Urgent Action Required to Protect Your Information

CISA Warns of Ransomware Attacks Targeting SimpleHelp RMM Software

CyberVolk Declares Cyberwar Against Europe, Japan and the U.S. Under Operation BlackEye

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

How to delete your 23andMe data

Illinois Department of Healthcare and Family Services (HFS) Warns About Data Breach

India Faces Surge in FakeUpdates Malware and Remote Access Trojans

JPMorgan Chase, Bank of America and TD Bank Issue Data Breach Alerts, Say Critical Information on Several Customers Compromised

Marks & Spencer (M&S) ‘praying for sun’ but full recovery from cyber-attack unlikely this summer

Marks & Spencer (M&S) shoppers given key warning after cyber attack halted website orders for weeks

New healthcare security bill aims to protect Americans' medical data, reduce threats

Ransomware gangs exploiting unpatched SimpleHelp remote software, CISA warns

T-Mobile denies new breach of 64 million records - is your data safe?

Unusual toolset used in recent Fog Ransomware attack

Want to catch Blackpink’s ‘Deadline’ tour? Don’t fall for this scam

WestJet investigates cyberattack disrupting internal systems

13th June

5 password habits that put you at risk

19 ways to build zero trust: National Institute of Standards and Technology (NIST) offers practical implementation guide

40,000 IoT Security Cameras Are Exposed Online

Adtech’s dark side: some commercial firms caught fueling cybercrime

AI-Assisted Cyber Attack Methods That Could Cripple Your Business

Alabama-based addiction recovery firm sued over data breach

Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper

Apple Patches Flaw Exploited in Zero-click Paragon Spyware Attacks

Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware

Australian financial services firm Skeggs Goldstien confirms Qilin ransomware attack

Beware of cybersecurity scams during summer holidays: Check Point warns of travel-related phishing surge

BitFlyer Warns Users About Ongoing Phishing Email Scam Campaign

Bitrue Hacker Launders $23M via Tornado Cash, Nets $9.3M Profit in Ethereum (ETH)

China: Personal data breach made criminal offense

CISA flags exploitation of SimpleHelp RMM vulnerability in ransomware attacks since January

CISA Reveals 'Pattern' of Ransomware Attacks Against SimpleHelp RMM

CISA warns of ransomware exploiting unpatched SimpleHelp Remote Monitoring and Management (RMM)

CISA warns of ransomware gangs exploiting SimpleHelp vulnerability

CISA warns of SimpleHelp ransomware compromises after string of retail attacks

CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws

Continuous Threat Exposure Management (CTEM) is the New SOC: Shifting from Monitoring Alerts to Measuring Risk

Crypto conferences face rising phishing risks

Cryptocurrencies and money laundering, seizure in Milan: digital assets worth over $9 million blocked after hacker attack

Cyber pros spooked by deepfake statistics: fraudsters evolving at warp speed

Data breach purportedly pilfers over 64 Million T-Mobile records

Deakin Medical Centre hit by alleged Global ransomware attack

Debt collector breach exposes over 9 Million Americans, hackers claim

Delhi Hospitals Hit by Cyber Attack

Developers Beware - Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens

Discord flaw lets hackers reuse expired invites in malware campaign

Discord users under attack: trustworthy invite links reanimated by hackers

Epworth HealthCare data allegedly published by Global ransomware

European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms

Everything you need to know about Phishing-as-a-Service

Extorting the afterlife? Hackers breach cemetery, stealing personal data

Fog Ransomware Actors Exploits Pentesting Tools to Exfiltrate Data and Deploy Ransomware

Fog Ransomware Attack in Asia Raises Espionage Fears with Unusual Toolset

Fog Ransomware Attack on Asian Financial Firm Suggests Espionage

Fog ransomware attacks use employee monitoring tool to break into business networks

Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack

Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks

Former CIA Analyst Unlawfully Transmits National Defense Data, Sentenced to Prison

Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names

French insurer’s subsidiary discloses attack after Qilin claims

GCHQ intern jailed over data breach which risked exposing 17 colleagues

GCHQ intern who took secret data home jailed

Global Organizations Targeted in Alleged Access Sale

Government offices in North Carolina, Georgia disrupted by cyberattacks

Greedy cybercriminal defrauds US companies in email compromise scheme

Hacker Strikes Mortgage Firm, Steals Personal Info From 30,453 People, Including Security Numbers, Names and Account Details

Hackers claim attack on New York’s landmark 550 Madison Avenue

How cyber insurers are adapting to the new ransomware playbook

How Forgotten Remote Access Tools Are Putting Organizations at Risk

Indonesian State-Owned Electricity Giant PLN Allegedly Breached

INTERPOL-Led Effort Dismantles Infostealer Malware Network in 26 Countries Across Asia-Pacific Region

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)

Is Your Workplace Software a Spy Tool? Ransomware Gangs Say Yes

Jogging routes, emails: crypto pros reveal how quickly victims can be found

Just 3% of New Zealand domains enforce top anti-phishing policy

Just 3% of New Zealand Email Domains Fully Protected Against Phishing as Government Mandates Strict Authentication

Kettering Health confirms the Interlock ransomware attack

Kettering Health Resumes Normal Operations for Key Services Following Ransomware Attack

LockBit data dump reveals a treasure trove of intel on the notorious hacker group

Major data breach at popular hookup app leaks data on millions of users - see if you're safe

Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft

Microsoft Copilot Flaw Could Have Let Hackers Steal Data with a Single Email

Microsoft Copilot's own default configuration exposed users to the first-ever "zero-click" AI attack, but there was no data breach

Mobile: the endpoint you forgot to secure

New GitHub Device Code Phishing Attacks Targeting Developers to Steal Tokens

New healthcare security bill aims to protect Americans' medical data, reduce threats

NHS recruitment firm had major security bugs which could have exposed entire systems

Over 80,000 Microsoft Entra ID accounts hit by password spraying attacks

Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month

Paraguay Suffered Data Breach: 7.4 Million Citizen Records Leaked on Dark Web

Phishing-as-a-Service drives surge in cybercrime for 2025

Ransomware Actors Exploit Unpatched SimpleHelp RMM to Compromise Billing Software Provider

Ransomware attack compromises South Korean ticketing platform

Ransomware Attacks Up 122% in Q1

Ransomware Gang Exploits SimpleHelp Remote Monitoring and Management (RMM) to Compromise Utility Billing Firm

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Ransomware Group Threatens to Dump Paraguayan Citizens' Data

Security flaws in government apps go unpatched for years

Sensitive Military and Commercial Data from Spanish Defense Contractor GTD Allegedly Leaked

SK Shieldus reports 122% rise in ransomware attacks targeting healthcare, education

Sorry, But Your Personal Information Will Be Exposed in a Data Breach. Here's How to Stay Safe

Tesco lent stock to M&S and Co-op amid cyber attack disruptions

Tycoon 2FA: An Evolving Phishing Kit Powering PhaaS Threats

Unpacking the security complexity of no-code development platforms

Unpatched IT Tool Opens Door – Hackers Breach Billing Software Firm via SimpleHelp RMM

Unusual Toolset Behind Fog Ransomware Prompts Fresh Security Concerns

Utility billing provider customers compromised via SimpleHelp exploit

Victoria’s Secret estimates $10M income hit from cybersecurity breach

Victoria’s Secret restores critical systems after cyberattack

Vietnam energy company hit by $2.5 million ransomware attack

Vodafone Egypt Allegedly Breached - 39 Million Customer Records for Sale Online

What CISOs need to know about agentic AI

Worker Information Provided to MEMIC Indemnity Leaked in OneGroup NY Data Breach

YES24 resumes services, including books, five days after ransomware attack

You’re Probably Ignoring a Vulnerability That Could Cost You Millions in Ransomware Attacks

12th June

$5.48 Million Settlement Approved to Resolve HealthEC Data Breach Litigation

23andMe privacy ombudsman recommends company obtains consent for sale of customer data

44% of mobile users encounter scams every day

Adversary-in-the-Middle (AitM) Phishing Attacks Targeting Microsoft 365 and Google to Steal Login Credentials

AI first, security later: all Fortune 500 companies use AI, but security rules are still under construction

AT&T responds to reports of leaked data

Australia: Pay the Price, Now ‘Fess Up’ - Reporting Obligations for Ransomware Payments Are Live

Behind the Recent Wave of Ransomware Groups Targeting Manufacturing

Belarusian hackers taunt Kaspersky over report detailing their attacks

Beware of this perfidious scam on Booking.com

Bitrue Hacker Buys ETH on the Dip at $2769: A Big Move By the Hacker

Bittrue Hacker Funnels $30M Through Tornado Cash, Made $9.3M by Trading Ether

Bitrue Hacker Resurfaces, Launders $30M Through Tornado Cash

British Horseracing Authority hit by cyberattack, shuts London office

BrowserVenom Malware Targets AI Enthusiasts via DeepSeek Google Ads Malvertising

Brussels Parliament hit by cyber-attack

ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Crypto scam costs adviser a 10-year ban and investors millions

Cyber Security: You do a fire drill – so do a cyber attack drill

Cybercriminals are turning stolen data into a thriving black market

Data breach at Dermatologists of Birmingham exposes personal information of over 80,000 patients

Don’t Click “Unsubscribe” Links Blindly, it May Lead to Loss of Credentials

DragonForce Ransomware Group – The Rise of a Relentless Cyber Threat in 2025

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

Email security risks healthcare IT can’t afford to ignore

Eurojust assists in operation in Romania and Moldova against laundering phishing fraud proceeds

Europol Says Criminal Demand for Data is “Skyrocketing”

Everything we know so far about the United Natural Foods cyber attack

Evoke Wellness employee stole the identities of hundreds of patients

FakeUpdates leads India’s malware threats in May

File Data: The Hidden Ransomware Threat Costing Enterprises Millions

First ever security flaw detected in an AI agent, could allow hacker to attack user via email

Fog ransomware attack on Asia financial organization draws attention over use of employee monitoring software

Fog ransomware attack uses unusual mix of legitimate and open-source tools

Fog ransomware uses legit monitoring software, open-source tools

Getir and BiTaksi data breach: Thousands of users' personal information reportedly leaked

GitLab patches high severity account takeover, missing auth issues

Goship Data Breach Allegedly Exposes 255,000 Vietnamese Customers

Graphite spyware used in Apple iOS zero-click attacks on journalists

HMRC boss ‘regrets’ frustrations over £49m phishing scam disclosure

HMRC's handling of phishing incident 'unacceptable'

How to delete your 23andMe data ASAP - and why you should

How to Rebuild Partner Trust After a Data Breach

Identifying high-risk APIs across thousands of code repositories

Indian Defense Manufacturer AWEIL Allegedly Breached, Sensitive Military Data for Sale

Infinox Customer Data Emerges For Sale on Dark Web After Failed Ransom Negotiation

Interpol takes down 20,000 malicious IPs and domains

K-pop fans caught up in YES24 ransomware attack, ticket platform down, events canceled

Korea imposes fines on Merck for personal data breach negligence

Korea Internet & Security Agency (KISA) disputes YES24's claims of cooperation amid ransomware incident

Korean online bookstore, ticketing platform Yes24 inaccessible for fourth straight day

Leaked ransomware source code likely to lead to more attacks

LexisNexis admits to a breach that compromised the security of more than 360,000 citizens – this massive data breach could lead to a class action lawsuit

LockBit panel data leak shows Chinese orgs among the most targeted

Major new warning for AT&T customers

Marks and Spencer resumes online orders after two-month data breach disruption

Mount Rogers Community Services purportedly hit by INC Ransom gang

National Institute of Standards and Technology (NIST) Publishes New Zero Trust Implementation Guidance

Nepal warns of phishing scams draining digital wallets

Nepal’s insurance company’s information technology at high risk of cyber attack

New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes

North Korean hackers pose as defector support volunteers in phishing campaign

Novel attacks launched by ex-Black Basta members

Nova Scotia Power approved for $1.8M cyber security project weeks after ransomware attack

Over 8 Million patient records leaked in healthcare data breach

Over 64 Million T-Mobile records leaked online, hackers claim

Over 1,000 malicious IPs in Singapore taken down in global cybercrime crackdown

Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool

Palo Alto Networks Patches Series of Vulnerabilities

Paragon spyware activity found on more journalists’ devices

Paraguay Says It Won’t Pay Ransomware Group For Stolen Citizenship Data

Password-spraying attacks target 80,000 Microsoft Entra ID accounts

Patch Tuesday: Microsoft Patches 68 Security Flaws, Including One for Targeted Espionage

Phishing Alert as Erie Insurance Reveals Cyber “Event”

Phishing attacks flood financial services industry

Phishing sites posing as DeepSeek downloads drop a proxy backdoor

Popular Idaho Grocery Store Facing Big Challenges After Huge Cyber Attack

Predator spotted in Mozambique for first time, another sign of spyware’s availability

Qilin Ransomware Gang Claims Breach of Kerrville Independent School District

Ransomware attack on ticketing platform upends South Korean entertainment industry

Ransomware scum disrupted utility services with SimpleHelp attacks

ReliaQuest details Black Basta’s legacy & rise of Teams phishing

Researchers turn Microsoft 365 Copilot against users, leaking extremely sensitive data

Researchers warn of ongoing Entra ID account takeover campaign

Saudi Automotive Platform Karage Allegedly Suffers Full Data Leak After Ignoring Ransom

Scania the Major Truck Manufacturer Allegedly Breached; Insurance Data for Sale

Security Leaders Discuss the Whole Foods Distributor Cyberattack

South Korea: Personal Information Protection Commission (PIPC) launches probe into possible data breach in YES24 ransomware attack

Spanish arm of French insurance giant posted on hacker forum

Spyware scandal deepens: Another Italian journalist hit with Paragon spyware

Sweden says it is under cyber attack

Taiwan Hits Back At China Over Hacker Arrest Bounty

Technical error exposes personal details of top American bank’s customers

Texas Department of Transportation (TxDOT) data breach result of compromised account

The 20 biggest data breaches of the 21st century

This troubling AT&T data breach has put 86 million customers at risk of identity theft

Trend Micro fixes critical vulnerabilities in multiple products

UK public sector IT leaders braced for cyber attacks – phishing biggest threat

UK public sector unprepared for cyber-attacks, survey reveals

US Tops List of Unsecured Cameras Exposing Homes and Offices

Wallet from 2023’s $23 Million Bitrue Hack Becomes Active, Launders Funds via Tornado Cash

Want fewer security fires to fight? Start with threat modeling

Waterford District Court told young man was 'duped' into taking part in €2.47 million international phishing scam

What Is Quishing? How Hackers Use QR Codes to Steal Your Data

WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network

YES24 warns of possible data breach as outage drags on; full recovery by Sunday

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

11th June

23andMe leadership grilled by lawmakers demanding answers about data security amid bankruptcy sale

23andMe says 15% of customers asked to delete their genetic data since bankruptcy

60% of UK Public Sector IT Leaders Expect a Cyber-attack Soon

64% of UK employees found to fall for AI phishing scams - how to spot them

295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager

20,000 Asian IPs and Domains Dismantled in Infostealer Crackdown

40,000 security cameras found streaming without passwords or other protections

AI forces IT leaders to rethink their network strategies

Alleged Chaos ransomware attack hits Optima Tax Relief

Alleged Sale of Access to Kyrgyzstan’s Foreign Ministry

Another scam circulating: Wisconsin Division of Motor Vehicles (DMV) warns consumers of latest phishing scam

Australian Prudential Regulation Authority (APRA) sends hacker warning to all funds: 'shape up or else'

Beware! Unsubscribing emails can lead you to phishing websites: Here’s how to stay safe

Bogota Government Entity Allegedly Breached, Citizen Data Leaked Online

Brute-force attacks target Apache Tomcat management panels

Bulgaria: Police Warns of Phishing Campaign Involving National Health Insurance Fund

CISA Warns of Remote Control Flaws in SinoTrack GPS Trackers

Congress Introduces Bill to Strengthen Healthcare Cybersecurity

Connectwise is rotating code signing certificates. What happened?

Crypto-ransom threat exposes cracks in Sri Lanka’s digital armour

Cyber criminals strike food industry again

Cyber-attack targets local district attorney office

Database Containing 10k virtualmacosx User Accounts Allegedly Shared Online

DDoS now a strategic threat

Dozens arrested across Asia in global infostealer malware crackdown

DragonForce and Scattered Spider: Inside the hacker groups linked to Marks & Spencer (M&S) cyberattack

Erie Insurance confirms cyberattack behind business disruptions

Everything we know about the two hacker groups who carried out M&S cyberattack

EvilProxy & ClickFix attacks pose new challenge for email security

FIN6 attackers target recruiters with fraudulent resumes

FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters

Five Admit Laundering Millions from Cambodia-Based Crypto Investment Scams

Food delivery platform exposes customer names, addresses

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

Google Play Store riddled with phishing apps that steal your cryptocurrency

Green County gives update on data breach

Hacker group Rare Werewolf hijacks Russian devices to mine crypto and steal data

Hackers exploited Windows WebDav zero-day to drop malware

Hackers hit mental health clinic, names and addresses allegedly exposed

Hackers pose as job seekers: opening a resume leads to ransomware

Half of Mobile Users Now Face Daily Scams

Hands-On Skills Now Key to Landing Your First Cyber Role

Honeywell Reports Surge in Industrial Cyber Attacks

Infamous website 4chan to be investigated by UK communications regulator

INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

IT Solutions Provider Beep Systems Allegedly Breached, Over 174,000 User Records for Sale

Librarian Ghouls hacker group targeting Russians to mine crypto

Malaysian Blood Donation Platform MyBloodMiles Allegedly Breached, Donor Data Exposed

Marks & Spencer resumes online orders after cyber attack disruption

Massive S5 Agency World breach alleged by ransomware gang

Mastery Charter High School cyber attack exposed personal data of over 35,000 individuals

Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)

Microsoft Patch Tuesday June 2025: One Zero-Day, Nine High-risk Flaws Fixed

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

Most Americans Choose Convenience Over Password Security

Nova Scotia Power resumes billing customers after ransomware attack

Numerous Minnesota Grocery Stores Impacted By Major Cyber Attack

Ofcom launches investigations into 9 online platforms for failing to protect children

Ogeechee Judicial Circuit District Attorney’s Office Targeted in Cyber Attack - Operations Limited

Operation Secure: INTERPOL Disrupts 20,000 Infostealer Domains, 32 Arrested

Operation Secure disrupts global infostealer malware operations

‘Outstanding parking ticket’: Ohio Bureau of Motor Vehicles (BMV) warns of new phishing text scam

Over 30K hit by Mastery Schools breach

Phishing App on Google Play: the danger that puts Bitcoin at risk

Qilin Ransomware Group Exploiting Critical Fortinet Flaws

Ransomware attacks pile up in disturbing trend

Ransomware group claims attack on global maritime firm S5 Agency World

Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud

Salem Lakes warning of email phishing scam

Salesforce Industry Cloud Hit by 20 Vulnerabilities Including 0days

Saudi Arabia Based Web Development Firm Mooonux Allegedly Breached

Security Firm Targeted by China-Linked Hackers

Singapore leads multinational operation to shutter scam centers tied to $225 million in thefts

SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

SmartAttack uses smartwatches to steal data from air-gapped systems

SNCF Connect Allegedly Breached, Millions of Customer and Worker Records for Sale

Spanish Tech News Giant ADSLZone Defaced in Politically Motivated Attack

Telegram’s potential links to Russia’s FSB agency alarming, investigation claims

Texas Department of Transportation (TxDOT) reports massive data breach exposing nearly 300,000 crash records

Texas government reports 300,000 plus crash records stolen in cyberattack

The 2021 AT&T data breach now affects a new set of data

The path to better cybersecurity isn’t more data, it’s less noise

Toxic trend: Another malware threat targets DeepSeek

Trump Guts Biden-Era Cyber Order, Ends Sanctions for Domestic Hackers

Two Microsoft Zero-Days for Admins to Fix in June Patch Tuesday

United Natural Foods hit by cyber-attack

US Financial Trade Groups Demand Federal Cybersecurity Reforms Following Office of the Comptroller of the Currency (OCC) Data Breach

WhatsApp moves to join Apple’s encryption fight with UK government

Windows Common Log File System Driver Flaw Allows Attackers to Escalate Privileges

Windows Zero-Day Used in Cyberattack on Turkish Defence Firm, Say CISA and Microsoft

YES24 down for third day, as ransomware attack disrupts major ticketing, book retail platform

YES24 experiences three-day service outage due to ransomware attack

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot

10th June

5 plead guilty to laundering nearly $37 million stolen through Cambodian cyber scam centers

6 Google Chrome Extensions Expose User Information

Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps

AI is a data-breach time bomb, reveals new report

AI threats leave SecOps teams burned out and exposed

AI-powered phishing attacks are getting smarter, sneakier, and harder to spot

Alleged Canadian hacker unmasked after threatening cybersecurity researcher

Alleged Sale of Network Access to Saudi Construction Firm

Android Enterprise Rolls Out Security and Productivity Updates

Android Enterprise update puts mobile security first

AT&T: Data breach wrongly characterized as a new incident

Australia: Victorian hospital provider suffers alleged data breach

British Horseracing Authority (BHA): Horse racing's governing body hit by cyber attack

British Horseracing Authority cyber attack: BHA forced to close office

Chinese hackers leak 4 billion personal records, sparking identity theft fears

CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

CISA Releases Updated Guidance on Play Ransomware

CISA, Microsoft warn of Windows zero-day used in attack on ‘major’ Turkish defense organization

City of Abilene ransomware attack costs are expected to keep climbing

Cloud and AI drive efficiency, but open doors for attackers

Coinbase Data Breach: How The Crypto Industry Is Reacting And Adapting

ConnectWise rotating code signing certificates over security concerns

Cyberattack forces grocery wholesale giant United Natural Foods to shut down systems

DanaBot malware operators exposed via C2 bug added in 2022

Data breach victims: Here’s how your personal information is sold to criminals

DDoS Attacks on Financial Sector Surge in Scale and Sophistication

FIN6 hackers pose as job seekers to backdoor recruiters’ devices

FIN6 Uses AWS-Hosted Fake Resumes on LinkedIn to Deliver More_eggs Malware

Five plead guilty to laundering $36 million stolen in investment scams

French Ministry of Education Targeted by Alleged Ransomware Attack, Data of Over 40,000 Individuals Leaked

Ghana Insurance Database Allegedly Leaked Online

Hack on Philadelphia‘s largest school network exposes credit card data

Hackers taunt Marks & Spencer (M&S) CEO with abusive ransom note after cyberattack

Highland Schools report data breach: What to know

Hit by a cyber-attack? Seven ways to protect yourself

HM Revenue and Customs (HMRC) failure to notify MPs sooner about £47m phishing scam ‘unacceptable’

How to Protect Against Cyber Threats Before They Hit

Hundreds of Russian devices hit by Rare Werewolf crypto-mining attacks

Indonesian Polytechnic Politeknik Tonggak Equator Allegedly Breached

Industrial ransomware attacks see 46% quarterly spike

Ivanti Workspace Control hardcoded key flaws expose SQL credentials

Jackson Health System discloses insider data breach affecting over 2,000 patients

Jackson Health System Responds to Patient Data Breach with Immediate Action and Employee Termination

June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day

KAI, Binance, and Bybit: Is One Central Dubai a Hacker Hotspot?

Legal aid lawyers face chaos following cyber attack, says representative body

Librarian Ghouls APT Targets Russian and CIS Data and Deploys Crypto Miners

Maine hospital faces class action lawsuit over cyber-attack, data protection questioned

Major data breach exposes 86 million AT&T customer records, sparking identity theft fears: SSNs among details breached by hackers

Major Windows Secure Boot flaw can be used by hackers to install bootkit malware - update your PC right now

‘Malicious actors’ behind South Carolina school district cyber attack, superintendent says

Marks & Spencer: Online shopping returns after cyber attack

Marks & Spencer (M&S) confirms major online shopping update after crippling cyber attack

Marks & Spencer (M&S) Cyber Attack One of the Costliest in UK Retail History

Marks & Spencer (M&S) Loses US$400m Following Cyber Attack But Resumes Service

Marks & Spencer (M&S) online orders resumed six weeks after cyber-attack that cost them £300,000,000

Marks & Spencer relaunches online shopping following cyber attack

Marks & Spencer (M&S) reopens online orders seven weeks after cyber attack

Marks & Spencer reopens website after major cyber attack

Marks & Spencer reopens website for orders after major cyber attack

Marks & Spencer (M&S) restarts online orders after cyber attack

Marks & Spencer (M&S) restarts online orders following cyber attack

Marks & Spencer (M&S) resumes online orders: High street giant reopens website to customers after halting online shopping amid devastating cyber attack crisis

Marks & Spencer resumes online orders after 46-day cyber attack hiatus

Marks & Spencer resumes online orders after cyber attack

Marks & Spencer (M&S) resumes online orders following £300m cyber attack

Marks & Spencer (M&S) Resumes Online Orders Following Cyber-attack

Marks & Spencer (M&S) resumes online orders six weeks after cyber attack

Marks & Spencer (M&S) resumes online orders six weeks after cyber-attack

Marks & Spencer (M&S) resumes online orders six weeks after devastating cyber attack

Marks & Spencer (M&S) resumes online orders two months after cyber attack

Marks & Spencer resumes website orders weeks after cyber-attack mayhem

Marks & Spencer's online orders are partly back after crippling cyber attack

Marks and Spencer restarts online clothing orders after ransomware attack

Mastery Schools Notifies 37,031 of Major Data Breach

Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws

Microsoft Outlook to block more risky attachments used in attacks

Moroccan Hacker Group “Phantom Atlas” Claims Breach of Algeria’s National Bank System in Escalation of Cyberwarfare with “Jabaroot DZ”

Morocco Opens Investigation into Alleged Cyber Attack on Judiciary Council Website

Network of 4,000+ fake sites found pushing phony deals on Facebook

New Secure Boot flaw lets attackers install bootkit malware, patch now

New SharePoint Phishing Campaigns Employing Deceptive Lick Techniques

NHS urges 1 Million people to donate blood following paralyzing cyberattack

Ohio Bureau of Motor Vehicles (BMV) warns drivers of scammers sending texts posing as the bureau

Ohio Bureau of Motor Vehicles (BMV) warns of latest phishing text scam asking motorists to pay traffic ticket fines

Ongoing cyberattack at US grocery distributor giant United Natural Foods (UNFI) affecting customer orders

OpenAI Shuts Down 10 Malicious AI Ops Linked to China, Russia, Iran, North Korea

OpenAI shutters ChatGPT accounts used by Russian, Chinese, Iranian hacker groups

“Oral pleasure” app potentially leaks millions of messages and GPS locations

Qilin Ransomware Surge: April 2025’s Dangerous Cyber Threat

Ransomware attacks on industrial sector surge 46% in Q1 2025

Ransomware Attacks Targeting Industrial Operators Surge 46% In One Quarter

Ransomware in the Supply Chain: What the DragonForce Attack Means for MSPs

Rare Werewolf APT Uses Legitimate Software in Attacks on Hundreds of Russian Enterprises

Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account

Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud

Rust-based Myth Stealer Malware Spread via Fake Gaming Sites Targets Chrome, Firefox Users

Sensata Technologies Faces Disruption Due to Ransomware Attack

Sensata Technologies reports data breach impacting employee information

Sensitive Information Stolen in Sensata Ransomware Attack

SentinelOne Warns Cybersecurity Vendors of Chinese Attacks

Software Supply Chain Attacks Have Surged in Recent Months

Texas Department of Transportation breached, 300k crash records stolen

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Texas Department of Transportation hacked, 300,000 car crash reports stolen

The Hidden Threat in Your Stack: Why Non-Human Identity Management is the Next Cybersecurity Frontier

The legal questions to ask when your systems go dark

Trove of port agency’s data stolen, hackers claim

Trump Administration Executive Order Changes Cybersecurity Policy

Two Mirai Botnets, Lzrd and Resgod Spotted Exploiting Wazuh Flaw

UK cyber agency pushes for 'strategic policy agenda' as government efforts stall

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)

US citizens lose millions in complex hacking web: what is spearfishing?

USA Credit Control Allegedly Breached, Massive 9.1 Million Record Database Leaked

Wazuh servers targeted by Mirai botnets

Whole Foods tells staff cyberattack at its primary distributor United Natural Foods (UNFI) will affect product availability

Wholesale Food Giant United Natural Foods (UNFI) Admits Security Breach

YES24 admits to ransomware hack with book, ticket platform down for 2 days

YES24 battles ransomware access issues, assures no personal data leak

9th June

84% of Organizations Are Now Using AI in the Cloud

Al Tadawi Specialty Hospital Allegedly Breached by Nightspire Ransomware Group

Arkana Ransomware Group Allegedly Claims Breach of Ticketmaster Databases

BadBox 2.0 Botnet Infects Million-Plus Devices, FBI Says

Balancing cybersecurity and client experience for high-net-worth clients

Bitcoin DeFi protocol loses $8M in exploit, launches compensation program

Brazilian Preparatory Course for Dentists Allegedly Breached

British Horseracing Authority (BHA) believed to be latest organisation to be hit by a cyber attack

British Horseracing Authority is hit by CYBER ATTACK with staff told to stay away from work as governing body is latest to fall victim to hackers

Chaos ransomware gang claims attack on Optima Tax Relief, leaks 69 GB of stolen data

Chinese-Linked Hackers Targeted 70+ Global Organizations

CISOs, are you ready for cyber threats in biotech?

ClickFix phishing surge spoofs Booking.com to target hotels

CookUnity, Origin PC, and OurBus Databases Allegedly for Sale on Hacker Forum

Corporate phishing scam spotting capabilities remain lacking

Cyber attack disrupts natural foods distribution

Cybersecurity Researchers Find 20 Crypto-Phishing Apps on Google Play Store

DarkGaboon Targets Russian Companies with Advanced Tactics, Deploys LockBit Ransomware

Data breach impacts Pennsylvanian law firm Carpenter, McCadden & Lane (CML)

Delete These Android Crypto Apps Now: 20 Phishing Apps Found on Play Store

DragonForce victimization on the rise, report finds

Drug and Alcohol Treatment Services Facing Multiple Class Action Data Breach Lawsuits

Employees repeatedly fall for vendor email compromise attacks

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques

EU launches EU-based, privacy-focused DNS resolution service

Fake Cloudflare CAPTCHA page laden with malware uncovered in the wild - here's how to stay secure and safe

Fake DVLA car tax scams cause major personal data breach impacting thousands of vulnerable road users

FBI Warns Smart Home Users of Badbox 2.0 Botnet Threat

Game cheaters getting hacked: dangerous malware controls computer, spies, and syphons crypto

GDPR Documentation: The Documents Required to comply with the UK and EU GDPR

Google fixes bug that could reveal users’ private phone numbers

Google Issues Urgent Warning on Passwords - Things to do Urgently to Avoid Getting Hacked

Google patched bug leaking phone numbers tied to accounts

Grocery wholesale giant United Natural Foods hit by cyberattack

Hackers Actively Exploiting Fortigate Vulnerabilities to Deploy Qilin Ransomware

Hackers Hate These Email Settings - Turn Them On Now

Harris-Walz Campaign Possibly Targeted in iPhone Cyberattack

Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems

How unsanctioned staff AI use exposes firms to data breach?

Illinois health data stolen in February phishing attack

India: Government Issues Urgent Warning for Google Chrome Users - Critical Security Flaws May Allow Hacker Attack

Interlock breaches Kettering Health, leaks over 900 GB of data

Interlock hack of Kettering Health corroborated

Italy cuts ties with Israeli spyware company after claims of spying on journalists and activists

Jackson Health System Announces Another 5-Year Insider Data Breach

Kazakhstan detains over 140 for allegedly selling citizens’ data via Telegram channels

Kettering Health Confirms Interlock Ransomware Breach and Data Theft

Kettering Health Confirms That Interlock Ransomware Breached Systems to Stole Data

Let them eat junk food: Major organic supplier to Whole Foods, Walmart, hit by cyberattack

Limited Canva Creator Data Exposed Via AI Chatbot Database

Litecoin Security: How to Spot, Avoid, and Recover from Crypto Scams

Major food wholesaler says cyberattack impacting distribution systems

Major US grocery distributor warns of disruption after cyberattack

Marks & Spencer (M&S) resumes limited online sales after ransomware attack

Mexican Football Club Pachuca and Affiliated University Allegedly Hit by Massive 50 GB Data Breach

National Health Service (NHS) calls for 1 million blood donors as UK stocks remain low following cyberattack

Nearly 300,000 crash records stolen from Texas transportation department

New hacker group uses LockBit ransomware variant to target Russian companies

New PathWiper Malware Strikes Ukraine’s Critical Infrastructure

New Qilin ransomware attacks involve Fortinet exploits

New Wiper Malware Targets Ukrainian Infrastructure

Nigerian ‘Tech Queen’ Arrested in $1.3 Million Phishing Scheme

No Lollygagging: Cisco IOS XE Flaw With 10.0 Rating Should be Patched Now

One million blood donors needed as stocks run dangerously low in the wake of NHS cyber attack

OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups

Optima Tax Relief data exposed by Chaos ransomware

Over 20 Malicious Crypto Wallet Apps Found on Google Play

Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group

Over 84,000 Roundcube instances vulnerable to actively exploited flaw

Patient Data from Russian Medical Group Universantal Allegedly Leaked

PayU Plugin Flaw Allows Account Takeover on 5000 WordPress Sites

Pro-Palestinian hackers breach Israeli ISP email system in major attack

Q2 Phishing Report: The Latest Scams Exploiting Human Trust

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)

Scammers steal £47 million from HMRC in sophisticated phishing attack

Sensata Technologies says personal data stolen by ransomware gang

SentinelOne shares new details on China-linked breach attempt

Spyware maker cuts ties with Italy after government refused audit into hack of journalist’s phone

Stolen Ticketmaster data from Snowflake attacks briefly for sale again

The Hyperliquid 1200 Wallet Attack Underscores Phishing’s Enduring Threat In DeFi

Trump Administration Revises Cybersecurity Rules, Replaces Biden and Obama Orders

Trump cyber executive order drops Biden-era provisions

Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks

Ukraine downs Russian railways online resource

Ukrainian cyberattack cripples Russian railways and disrupts Tupolev design bureau systems

Unknown "Cyber Robin Hood" has cracked the Sakura RAT hacking software - instead of victims, it infects hackers and cheaters who try to compile it

US court convicts Nigerian hacker for $2.5m identity theft

US court sentences Nigerian hacker to over five years for $2.5m identity theft scheme

US Tries to Claw Back $7m Taken by North Korean IT Workers

Vietnamese E-commerce Company Allegedly Breached

Vulnerability Impacts Various Cloud Deployments of Cisco Identity Services Engine (ISE)

What would break first if hackers hit US infrastructure?

Whole Foods' distributor United Natural Foods, Inc (UNFI) hit with cyberattack, forcing system shutdowns

Why data breach victims deserve compensation

Posted by at
Labels: