Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC

Monday, 15 September 2025

Data Breaches Digest - Week 38 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th September and 21st September 2025.


15th September

6 Browser-Based Attacks Security Teams Need to Prepare For Right Now

2025 Cybersecurity Challenges: AI Threats, Ransomware, and Strategies

AI forgeries create military IDs, fake receipts

AI-Forged Military IDs Used in North Korean Phishing Attack

AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns

Australia: New South Wales (NSW) man charged over mobile phishing scheme

Australia: Tomakin man charged over mobile phishing scam

BlackNevas Ransomware Encrypts Files, Exfiltrates Corporate Data

Bragg confirms cyber attack resolved as new credit facility secured

Cayetano Heredia National Hospital of Peru Allegedly Breached, 2 Million Records Leaked

CISA at Risk After Office of Inspector General (OIG) Accuses it of Wasting Federal Funds

Data breach exposes 600K luxury skincare firm users, hackers claim

Double check your Microsoft 365 and Google accounts - this VoidProxy phishing service is hitting them hard

Emerging Threat - DarkCloud Stealer Leveraging Malicious RAR Archives to Attack Financial Sector

ESET Research discovers UEFI-compatible HybridPetya ransomware capable of Secure Boot bypass

Everest Ransomware Claims Attacks on Professional Trust Company, Studio Legale Tisot Iuris, Key 4 Energy, and MFO ITALIA

Ex-WhatsApp Security Chief Sues Meta Over Data Breach Risks

Fairmont Federal Credit Union Data Breach Hits 187,000 in West Virginia

Fake military IDs, bogus résumés: How North Korean and Chinese hackers use AI tools to infiltrate companies and other targets

Fifteen Ransomware Groups Announce Sudden Retirement

Former FinWise employee may have accessed nearly 700K customer records

Hacker Deceives 18,000 Script Kiddies with Fake Malware Builder

Hacker ransomware groups announce retirement to enjoy their "golden parachutes" - no further attacks planned, future attributed activities will relate to undisclosed past breaches

Hackers Hide RMM Installs as Fake Chrome Updates and Teams Invites

Hackers Steal Confidential Data in Jaguar Land Rover Cybersecurity Breach

Hackers using generative AI “ChatGPT” to evade anti-virus defenses

HeyFood Africa Data Breach Allegedly Exposes 139,000 User Records

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Hong Kong Telecom Provider Allegedly Breached; Root Access Sold on Dark Web

How Cyber Threats Are Evolving - And What Businesses Can Do

INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance

INC Ransomware Allegedly Breaches US Firms Heritage Growth Partners, H.I.E.C., and Rosco Vision Systems

Indian Web Host Ready2Host Suffers Data Breach, 23.4k Customer Records Allegedly Leaked

Jaguar Land Rover (JLR): How Can Companies Avoid a Major Cyber Attack?

Jaguar Land Rover (JLR) still unable to restart production as MPs call for government help

LIC India, Bouygues, IMSS Data for Sale; Paris Phishing Toolkit Unveiled

Lovesac Admits Data Breach Compromising Sensitive Personal Data

Massive “Great Firewall of China” data leak reveals surveillance tech Silk Road

Most enterprise AI use is invisible to security teams

Mustang Panda, New SnakeDisk Cyber Attack Targeting Thailand

New Evite phishing scam uses emotional event invitations to target victims

New Ransomware HybridPetya Can Bypass UEFI Secure Boot and Encrypt EFI Boot Partition

New ransomware Yurei adopts open-source tools for double-extortion campaigns

New Research Reveals One-Third of Cloud Assets Harbor Easily Exploitable Vulnerabilities

New VoidProxy PhaaS Service Attacking Microsoft 365 and Google Accounts

New Yurei Ransomware Group Emerges with Double-Extortion Tactics in Asia, Africa

New Yurei Ransomware Variant Discovered Utilizing PowerShell Automation and ChaCha20 Cipher

New Yurei Ransomware With PowerShell Commands Encrypts Files With ChaCha20 Algorithm

North Korea uses AI deepfakes to forge South Korean military IDs and get hired for malware campaigns

North Korea-linked hackers use AI to forge South Korean military ID in phishing attack

North Korean hacker group Kimsuky caught using AI to forge military ID cards

North Korean Hackers Exploit ChatGPT to Boost Phishing Attacks

North Korean hackers use AI deepfakes in spear-phishing attack on South Korea

North Korean Hackers Use AI to Forge Deepfake Military IDs in Spear-Phishing Attack

North Korean hackers used ChatGPT for phishing attack

Philippine Department of Education Division for Masbate Allegedly Breached - Data of Over 115,000 Students and Faculty for Sale

Phishing Campaigns Drop RMM Tools for Remote Access

Russian Chemical Exporter Promchimexport Allegedly Breached, Database Leaked

Russian-American News Outlet Kstati.net Allegedly Breached, User Data Leaked

Scams: crucial phishing email and text warnings for UK students heading to university - what to look out for

Scattered Spider Hacker Group Announces Retirement Amid Doubts and Arrests

Security researchers warn VoidProxy phishing platform can bypass MFA

Shibarium and Monero attacked, highlighting network vulnerabilities

Shibarium Team Offers Bounty to Hacker for the Return of Stolen Assets

Source Code of American Telecom Firm Airspan Networks Allegedly Leaked Online

Sri Lanka’s Ministry of Finance Allegedly Breached; Full Database and Server Access for Sale

Static feeds leave intelligence teams reacting to irrelevant or late data

Suffolk-based Orwell Housing Association in data breach

Taming AI's Threat Vectors: Why CISOs Must Adopt a Secure Enterprise Browser (SEB)

Teenager Arrested for Spanish Socialist Workers’ Party Hack Advertising 10GB of Data on the Dark Web

The Science Fiction Forum Suffers Alleged Data Breach, 16.2K Users Exposed

Threat notification campaign by Apple should be taken seriously

Ukraine claims cyber attack on Russian election systems

Union County town government hacked in recent cyber attack

US national charged in Finnish psychotherapy center extortion

US Offers $11 Million Bounty for Major Ukranian Hacker

VoidProxy PhaaS Emerges as Major Threat to Microsoft 365 and Google Accounts

VoidProxy PhaaS Targets Microsoft 365 and Google Accounts in New Campaign

Why Banning Ransom Payments Might Not Be A Silver Bullet Solution

Why hackers are targeting the world's shipping

Yurei Ransomware Uses PowerShell to Deploy ChaCha20 File Encryption

Posted by at
Labels: