Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th October and 19th October 2025.19th October
American Airlines’ Largest Regional Subsidiary Suffers Data Breach
Australia: Fourth largest telco confirms cybersecurity breach impacting 1,600 Aussies
Australia: More than 1,600 customers of Dodo and iPrimus impacted by cybersecurity breach
China accuses US of cyber attack on national time centre
China accuses US of cyber attack on National Time Service Center
China confirms US cyber-attack on its national time centre
College student sentenced to four years for PowerSchool cyberattack
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
Experian fined $3.2 million for mass-collecting personal data
Hacker leaks database of 46.2 Million MAX messenger users on DarkForums
Handala hacker group exposes 17 “architects of destruction” in Israeli military
Kaspersky detects 'Mysterious Elephant' hacker group targeting Bangladesh, other countries in Asia-Pacific
Oklahoma: $30 Million settlement reached in data breach affecting 2.4 Million patients
‘Phantom Hacker’ Scam: ₹8,350 Crore Stolen from Elderly Victims in Just 12 Months
Phishing in Israel: The digital threat targeting citizens post-war
Pro-Russia hackers declare war on Britain
RAF Lakenheath and RAF Mildenhall suffer Russian hack attack
TikTok videos continue to push infostealers in ClickFix attacks
Volkswagen Allegedly Hacked in Ransomware Attack as 8Base Claims Data Leak
Volkswagen Allegedly Hit by Ransomware Attack as 8Base Claims Sensitive Data Theft
18th October
52% of cyberattacks fueled by ransomware, extortion
64 South Koreans Repatriated from Cambodia for Voice Phishing, Romance Scams
AI boosts phishing “conversion” 4.5-fold, Microsoft data shows
AI-Generated Phishing Emails Now 4.5x More Effective, Microsoft Report Reveals
AI-powered phishing threats outpace business defences & SOC teams
Another Las Vegas Casino Suffered Major Cyberattack - Back in January
Collins Aerospace attack claimed by Everest, linking ransomware group to last month's European airport chaos
Cyber Attack on European Airports: Everest Ransomware Claims Claim
Envoy Air Confirms Data Breach Linked to Oracle E-Business Suite Exploit by CL0P Hackers
From Job Offers to Crypto Theft: Latest North Korean Hacker Campaigns Exposed
'Great Hackers, Terrible Traders': How Exploiters Panic Sold and Lost $13 Million During Market Chaos
Microsoft Revokes Over 200 Fraudulent Certificates Used in Ransomware Attacks by Vanilla Tempest
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
New Phishing Attack Leverages Azure Blob Storage to Impersonate Microsoft
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
South Korea: Cambodian Deportees Face Phishing, Kidnapping Probes
South Korea: Members of voice phishing organization based in Cambodia sentenced to prison in first trial
South Korea Repatriates 64 Voice Phishing Suspects from Cambodia
South Korea to Deport 60 Scam Suspects from Cambodia Despite Resistance
Spain’s latest phishing scam: Endesa customers targeted
Spyware maker NSO Group blocked from WhatsApp
US court bars Israeli spyware company from targeting WhatsApp users
Vietnam Airlines Customer Data Breach
17th October
5CA Denies Involvement in Discord Data Breach, Clarifies It Doesn’t Handle Government IDs
A Stealthy New Phishing Kit Targeting Microsoft 365, Barracuda uncovers
AI Agents and Holiday Travel: A New Fraud Frontier
AI Driven Automation of Vulnerability Discovery and Malware Generation Reported by Microsoft
AI Is Supercharging Phishing Scams - Are Hospitals Ready?
Alarms maker Verisure flags data breach at partner
American Airlines largest carrier breached in Cl0p Oracle attack spree
American Airlines subsidiary Envoy confirms Oracle data theft attack
Artistica Rubens Suffers Customer Data Breach
Auction house Sotheby’s disclosed a July data breach
Australia ranks high in cyberattacks as AI fuels new risks
Australian customers potentially impacted by Mango retailer data breach
Avoid ‘GetSupport.Apple.com’ Text Scam: How to Spot a Phishing Attack
California's San Benito County investigates suspected phishing over $697K payment
Cambodian Phishing Group Manager Jailed Six Years
Canadian Tire Confirms Major Data Breach Exposing Customers’ Personal and Financial Information
Capita hit with £14 million fine after major data breach
Cl0p Ransomware Group Claims American Airlines Breach
ConnectWise fixes Automate bug allowing AiTM update attacks
Critical AEM Vulnerability (CVE-2025-54253) Actively Exploited, Says CISA
Cross-Border Phishing Attacks Spreads Across Asia
Cyber-security policy in the UK: execution will define success
Cybersecurity Firm Reports 36% Year-on-Year Increase in Ransomware Attacks
Data Theft Drives 80% of 2025 Cyber-Attacks
Deceptive Microsoft Login Page Targets Users in Tech Support Scam
Discord Data Breach: 5CA Named as Vendor Behind Leak of 70,000 IDs - But Denies Wrongdoing
DMARC: The Frontline Defense Against Phishing and Domain Spoofing
Eastern Radiologists Agrees to $3.35 Million Data Breach Settlement
European Authorities Shutter Cybercrime Service Fueling Thousands of Online Scams
European police bust network selling thousands of phone numbers to scammers
Europol dismantles SIM box operation renting numbers for cybercrime
Everyone’s adopting AI, few are managing the risk
Evolving Phishing Campaigns Deliver HoldingHands Malware across China, Taiwan, Japan, and Malaysia
F5 confirms breach linked to nation-state hackers who stole BIG-IP source code and vulnerability data
Final Jaguar Land Rover factory restarts after cyber attack
Google Patches Critical Chrome Vulnerability (CVE-2025-11756) in Safe Browsing Component
Hacker Breaches Airport Loudspeakers in Canada and the U.S. to Praise ‘Hamas’ and Criticize Trump
Hackers Dox Hundreds Of Federal Agents In Suspected Cyberattack
Hackers Steal Sensitive Data From Auction House Sotheby’s
Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
Hackers using AI to scam more people, faster
Higher phishing success, profitability seen with AI emails
How Organizations Can Stay Ahead of Modern Ransomware
How Ransomware’s Data Theft Evolution is Rewriting Cyber Insurance Risk Models
How SMBs Can Stay Ahead of Evolving Ransomware Threats
Human-first AI is essential for cyber-defence
Hundreds of thousands of F5 systems exposed, potentially vulnerable to “catastrophic” compromise
Identity Security: Your First and Last Line of Defense
Inside healthcare’s quiet cybersecurity breakdown
Interlock ransomware just keeps getting more powerful - here's how to stay safe
Jaguar Land Rover (JLR) Halewood production lines operating again as cyber attack recovery continues
Kearney Public Schools (KPS) Data Breach: Hackers steal sensitive information including staff banking info, student medical records and more
Kettering Health Confirmed Patient Data Compromised in May 2025 Ransomware Attack
London police look for thousands of victims as suspected crypto fraudsters caught
Lüks Artvin Seyahat Database Leak Exposes 20,000 Customers
Malicious Perplexity Comet Browser Download Ads Push Malware Via Google
Mango warns Australian customers after third-party data breach
Microsoft blocks Vanilla Tempest: Fake Teams installers spread Rhysida ransomware
Microsoft confirms North Korea joins ransomware-as-a-service, boosting attack sophistication
Microsoft Disrupts Ransomware Campaign Abusing Azure Certificates
Microsoft Disrupts Vanilla Tempest Ransomware Campaign Using Fake Teams Installers
Microsoft fixes highest-severity ASP.NET Core flaw ever
Microsoft pulls certificates for fake Teams installers dropping ransomware
Microsoft Report Warns of AI-Powered Automation in Cyberattacks and Malware Creation
Microsoft revokes 200 certificates used to sign malicious Teams installers
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign
Microsoft Warns: Ransomware Powers Most Cyberattacks
Microsoft warns of a surge in ransomware and extortion incidents
Microsoft’s Patch Tuesday: 172 Flaws Fixed
Middle East: Extortion and ransomware drive over half of cyberattacks
Most cyberattacks are financially motivated, Microsoft study says
Nevada: $7 million insurance policy will cover ‘direct expenses’ of cyber attack, state official tells lawmakers
New FBI warning issued over ‘phantom hackers’ draining retirement accounts
Nintendo Admits Server Tampering Incident, Denies Data Breach
North Carolina: New Bern warns contractors of phishing scam using fake invoices with city logo
North Carolina: Phishing scam email targets New Bern contractors and businesses
North Korean Hackers Combine BeaverTail and OtterCookie into Advanced JS Malware
North Korean Hackers Use EtherHiding to Steal Crypto
Notorious hacker group doxxes ICE and FBI officials in new leak, report says
Number of victims of Korea Telecom (KT) data breach far larger than first reported, says telecom giant
Over 266,000 F5 BIG-IP instances exposed to remote attacks
People are falling for AI phishing attempts 4.5x more often than human ones but the solutions are the same as ever
‘Phantom hacker’ scam that targets the elderly has stolen over $1 Billion in the past 12 months
PowerSchool hacker got four years in prison
PowerSchool hacker sentenced. What can schools take away from the incident?
Prosper Data Breach Exposes 17 Million Customers' Personal Info
Prosper Data Breach Impacts 17.6 Million Accounts
Prosper data breach puts 17 million people at risk of identity theft
Prosper disclosed a data breach impacting 17.6 million accounts
Prosper Market Data Breach Affects 17.6 Million Individuals
Q3 Ransomware Attacks Increase 36% Year-on-Year, BlackFog Report Reveals
Qantas Data Breach Exposes Personal Information Of Over 5 Million Customers
Ransomware attacks continue to rise in 2025
Ransomware Attacks Surge 36% in Q3 2025 to Record High
Ransomware Attacks Surge 47% in 2025, Hitting U.S. Firms Hardest
Ransomware hits record highs: Healthcare, government, tech sectors top targets
Ransomware-related breach confimed by Dairy Farmers of America
Regional airline Envoy Air confirms Oracle E-Business Suite compromise
Researchers Uncover WatchGuard VPN Bug That Could Let Attackers Take Over Devices
School districts fend off rising phishing attempts
Security Leaders Share Why 77% Organizations Lose Data Due to Insider Risks
Security Teams Must Deploy Anti-Infostealer Defenses Now
Several PA systems in the U.S. and Canada hacked to praise Hamas and condemn Trump
Siemens ProductCERT Issues Multiple Security Advisories Highlighting Critical Vulnerabilities
SimonMed Imaging Data Breach Leaks Sensitive Patient Information of Over 1.2 Million People
SMS blaster jailed for targeting London commuters with phishing texts
Sotheby’s confirms data breach after hackers accessed sensitive client information
Sotheby’s Confirms Data Breach, Client Information Exposed
South Korea: Personal Information Protection Commission receives third KT data breach report involving 22,227 users
Survey finds phishing reporting lapses among IT leaders
Teen Tied to Russian Hackers in Dutch Cyber Espionage Probe
The Invisible Hacker: LinkPro Rootkit Turns Linux’s Own Power Against Itself
The Voice of Disruption: Hackers Hijack Harrisburg Airport’s Public System in Coordinated Cyber Attack
They were trying to steal data for extortion: Microsoft on stopping hackers from targeting Teams users
This new cyberattack tricks you into hacking yourself. Here's how to spot it
Turkish Delivery Giant Getir Suffers Intranet Data Breach
Turkish group claims pro-Hamas hack of four North American airports
UK Fines Capita ₹150 Crore for Massive Data Breach
UK Information Commissioner’s Office (ICO) Fines Capita £14 Million Following Data Breach
Vanilla Tempest’s Rhysida ransomware attacks foiled
Verisure Confirms Data Breach at External Billing Partner
What Is Phishing?
Why Airline Data Breaches Matter - And Why Qantas Could Have Been Worse
Wits University Addresses Global Oracle E-Business Suite Cyberattack, Probes Potential Data Breach
Wits University confirms cyber attack on Oracle E-Business system
Wits University hit by cyber attack
16th October
77% of security leaders say they'd fire staff who fall for phishing scams, even though they've done the same thing
AI Attacks Surge as Microsoft Process 100 Trillion Signals Daily
AI e-fooling us all? Most can’t tell real email from fake
AI makes phishing 4.5 times more effective, Microsoft says
Almost 40 per cent of cyber attacks in Italy involve AI tools
American man sentenced for Cyber Attack targeting Canadian schools
Apparent Hacker Airs Pro-Hamas Messages Across Airports
Asahi hackers Qilin’s domination fueled by network of bulletproof hosting
Attacks with Whisper 2FA PhaaS kit escalate, report finds
Auction giant Sotheby’s says data breach exposed financial information
Been offered a job at Google? Think again. This new phishing scam is duping tech workers looking for a career change
Benefitelect Data Breach Exposes Social Security Numbers
Beware of Fake ‘LastPass Hack’ Emails Trying to Trick Users Into Installing Malware
Bicing Data Breach Exposes 353k Barcelona Client Records
Bitvavo management had access to customer data for years
BlackFog Report Reveals 36% Increase in Q3 Ransomware Attacks Year-on-Year
Capita Fined £14 Million After Data Breach Exposes 6.6 Million Users
Capita fined £14 million for data breach affecting millions
Capita fined $18.8 Million over massive UK cyber data breach in 2023
Capita handed huge £14m fine over security failings which lead to data breach
Capita Ransomware Fine: Information Commissioner’s Office (ICO) Hits UK Outsourcing Giant with Record £14 Million Penalty
Capita To Pay £14 Million For Data Breach Exposes 6.6 Million Users Personal Data
'Categorically untrue' that China hacked UK intelligence systems, say officials
China Accused Of Massive UK Data Breach Coverup
Chinese crime rings made over $1 billion spamming American phones with text scams
Chinese Criminals Earn $1 Billion via Toll Phishing Scams
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score - Already Under Active Attack
CISA Instructs Agencies to Mitigate F5 Device Vulnerabilities Following Hacker Exploitation
Cyber Attack at Kelowna International Airport: What We Know
Dairy Farmers of America confirms June cyberattack leaked personal data
Dulcich Confirms Data Breach Affecting Over 40,000 Individuals
Everyone wants AI, but few are ready to defend it
Extortion and ransomware drive over half of cyberattacks
F5 Discloses Major Breach by Nation-State Actor, Source Code Stolen
F5 Hit by ‘Nation-State’ Cyberattack
F5 Reveals Nation State Breach and Urges Immediate Patching
Fashion Giant Mango Confirms Data Breach: Customer Information Exposed in Cyber-Attack
Florida accuses Roku of selling kids’ data to advertisers and brokers
Four airports, including Windsor International Airport, hit by pro-Hamas hacker messages
Four-Year Prison Sentence for PowerSchool Hacker
German parliamentarian urges officials to investigate Hungary for spyware abuse
Gladinet fixes actively exploited zero-day in file-sharing software
Hacked VPN credentials facilitate disruptive BlackSuit ransomware intrusion
Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in "Zero Disco' Attacks
Hackers exploit Cisco SNMP flaw to deploy rootkit on switches
Hackers extort firms after massive Salesforce data breach
Harvard University Confirms Data Breach Linked to Oracle Zero-Day Exploit
Hong Kong: Cheung Sha Wan’s wholesale vegetable market suffers ransomware attack affecting data of 7,000 users
How a 15 year-old autistic boy tinkering in his bedroom triggered Western Australia's biggest ever data breach
Humanoid robot found vulnerable to Bluetooth hack, data leaks to China
Identifying risky candidates: Practical steps for security leaders
If you’re using these password managers, watch out for scam emails
Indonesia's Bank DKI Faces Cyber Attack, Irregular Transactions Reach Over US$15 Million
Kasmawi.net Data Breach Exposes User Database Information
Key to Qilin's Ransomware Success: Bulletproof Hosting
KnowBe4 warns of new PayPal invoice phishing scam
LastPass Warns Customers It Has Not Been Hacked Amid Phishing Email Scam
LastPass, Bitwarden spoofed in ongoing phishing campaign
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets
Lubian hacker moves billion in BTC as US government looks to forfeit funds
Machine learning meets malware: how AI-powered ransomware could destroy your business
Major companies, including Google and Dior, hit by massive Salesforce data breach
Major data breach at Vietnam Airlines and Qantas: millions of customers affected
Man jailed for spamming commuters with phishing attempts
Mango confirms data breach
Mango Data Breach Exposes Limited Customer Details After Third-Party Cyberattack
Mango discloses data breach at third-party provider
MANGO Faces Major Data Breach at Third-Party Vendor, Customer Data Exposed
Mango hit by data breach as fashion cyberattacks continue to rise
Mango reports customer contact details exposed in data breach
Mango shopper data stolen in cyber-attack
Many IT leaders click phishing links, and some don’t report them
Maximum-severity Adobe flaw now exploited in attacks
Microsoft blocks around 4.5 million new malware attempts every day
Microsoft disrupts ransomware attacks targeting Teams users
Microsoft Disrupts Vanilla Tempest Campaign Using Fraudulent Code-Signing Certificates
Microsoft Dominates Phishing Impersonations in Q3 2025
Microsoft Halts Vanilla Tempest Attack by Revoking Malicious Teams Certificates
Microsoft remains the most imitated brand in phishing scams
Microsoft Revokes Over 200 Certificates to Disrupt Ransomware Campaign
Microsoft warns of a 32% surge in identity hacks, mainly driven by stolen passwords
Misconfigured NetcoreCloud Server Exposed 40B Records in 13.4TB of Data
More Qilin ransomware-hit organizations disclosed
Mysterious Elephant: The Stealthy Hacker Group Targeting Asia’s Diplomatic Circles
Nearly a Million Microsoft 365 Accounts Targeted by New Whisper 2FA Phishing Kit
New Phishing Attack Uses Basic Auth URLs to Trick Users and Steal Login Credentials
New Phishing Technique Targets Users via Basic Auth URLs
New Rootkit Campaign Exploits Cisco Simple Network Management Protocol (SNMP) Flaw to Gain Persistence
New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock, Steal Data
Nintendo Denies Data Leak After Alleged Cyberattack Claim by Hacker Group
North Korea's Famous Chollima Use BeaverTail and OtterCookie Malware in Job Scam
North Korean hackers seen using blockchain to hide crypto-stealing malware
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
North Korean hackers use EtherHiding to hide malware on the blockchain
Ortho Rhode Island Reaches Class Action Settlement In Cyber Attack
Over 23 Million Victims Hit by Data Breaches in Q3
Palomar Health Medical Group Data Breach Exposes Social Security Numbers & PHI
Pennsylvania airport speakers hijacked by hacker who aired anti-Trump message
PeopleGuru Data Breach Exposes Social Security Numbers & Medical Information
“Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)
Personal customer details accessed in data breach at rail operator
Personal data potentially exposed in Asahi ransomware attack
Phishing Alert: Fake ‘LastPass Hack’ Emails Spreading Malware
Phishing Campaign Leverages Basic Authentication URLs to Harvest User Credentials
Phishing Campaign Masquerades as ‘LastPass Hack’ Alert to Spread Malware
Phishing training needs a new hook - here’s how to rethink your approach
PowerSchool hacker jailed for four years
Prestigious auction Sotheby’s reports user data theft
Production at all Jaguar Land Rover (JLR) plants now back online following cyber attack
Prosper data breach impacts 17.6 million accounts
Q3 ransomware attacks up 36 percent year-on-year
Qantas May Face Fine of $7 Billion, Data Breach Exposes 5.7 Million Records
Qilin claims cyber attack on Volkswagen Group France
Qilin Ransomware Expands Worldwide Operations Through Ghost Bulletproof Hosting
Qilin Ransomware Leverages Ghost Bulletproof Hosting for Global Attacks
Qilin Ransomware Using Ghost Bulletproof Hosting to Attack Organizations Worldwide
Ransomware against Thai businesses: targeted and precise
Ring to partner with Flock, giving law enforcement easier access to home security camera footage
Sensitive customer info exposed in Mango data breach - here's what we know
Sensitive personal information for 29K+ patients exposed during data breach at Fort Wayne clinic
Sky-High Hack: How $600 Unlocked Global Secrets Streaming from Space
Sotheby’s Confirms Data Breach Exposing Financial Information
Sotheby's Data Breach Exposes Personal Info
South Korea: Data breach scandals drag down telecoms’ Q3 earnings
Spanish fashion retailer MANGO disclosed a data breach
Spanish Retail Giant Mango Suffers Data Breach: Customer Marketing Data Compromised
Surviving and Thriving Following a Data Breach
The business case for microsegmentation: Lower insurance costs, 33% faster ransomware response
The password problem we keep pretending to fix
The Phia Group Data Breach Affects PII & PHI
Thousands of companies fall victim to this particular cyberattack. Act now
Threat Actor Website ‘shinyhunte.rs’ Defaced in Apparent Feud
UK train line with 26 million journeys a year warns customers of data breach
Unencrypted Satellite IP Traffic is a Widespread Problem
University of Cádiz (UCA) Data Breach Exposes Student Info
Up to 200 Swiss companies targeted by ransomware hacker group
US and UK Lead Record Cybercrime Operation in Southeast Asia
US warns F5 technology service users about potential data breach via state funded cyber attack
Vendor says ‘not hacked’ after Discord’s data breach claim
Volkswagen France hit by ransomware, Qilin gang claims
Watsonville Hospital Data Breach Affects Entire Patient Database
Weak and Exposed: US Water Utilities a Chinese Hacker Target
When trusted AI connections turn hostile
Whisper 2FA phishing kit targets Microsoft 365 users in Australia
Workers Compensation Insurance Rating Bureau of California (WCIRB) Data Breach Exposes Personal Names & More
15th October
‘A Call to Arms’ as UK Faces 50% Surge in Major Cyberattacks
Adobe Issues Urgent Security Updates for Connect, Commerce, and Creative Cloud Apps
Asahi Group Cyberattack Forces Delay in Financial Reporting
Australia calls on businesses to replace legacy IT
Banking Scams Up 65% Globally in Past Year
Cambodia's Luxury Hotel Hides Voice Phishing Rings, U.S. Sanctions Show
Canadian Tire Data Breach Exposes Customer Info: What Shoppers Need to Know
Canadian Tire reports data breach affecting ecommerce customers
Canadian Tire reports e-commerce data breach
Capita Fined £14m After 2023 Breach that Hit 6.6 Million People
Capita fined £14m after hackers stole pension savers’ personal data
Capita fined £14m for data breach affecting over 6 million people
Capita fined £14m for data breach impacting 6.6 million people
Capita fined £14m for data protection failings in 2023 cyber-attack
Capita fined £14m over 2023 cyber attack that exposed millions of people’s personal data
Capita fined after millions of people’s personal data stolen in cyber attack
Capita given record £14 million fine over ransomware attack security failings
Capita reaches settlement with Information Commissioner’s Office (ICO) regarding 2023 cyber attack
Capita secures 70% cut in data breach fine to pay £14m
Capita settles cyber-attack case with Information Commissioner’s Office (ICO) for £14m, revises cash flow
Capita to pay £14 million for data breach impacting 6.6 million people
Capita to pay £14 million penalty as part of settlement with Information Commissioner’s Office (ICO) regarding 2023 cyber attack
Chinese Threat Group 'Jewelbug' Quietly Infiltrated Russian IT Network for Months
CISA warns of ‘significant’ threat to federal networks after nation-state hackers stole F5 source code, undisclosed bug info
Cisco must share more information about effects of severe bugs on businesses, senator says
Clothing giant MANGO discloses data breach exposing customer info
Cyber giant F5 Networks says government hackers had ‘long-term’ access to its systems, stole code and customer data
Data breach exposes personal details of over 2,000 linked to NSW Resilient Homes Program
Discord's data breach drama is now turning into a blame game
‘Earn $8,900 a month’: Overseas job scams lure young Koreans into phishing crimes
Elasticsearch Leak Exposes 6 Billion Records from Scraping, Old and New Breaches
Europe and UK Face Relentless Ransomware Onslaught in Q3 2025, Qilin Leads the Charge
F5 Breach Exposes BIG-IP Source Code - Nation-State Hackers Behind Massive Intrusion
F5 Confirms Nation-State Breach, Source Code and Vulnerability Data Stolen
F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info
F5 releases BIG-IP patches for stolen security vulnerabilities
F5 Reveals Nation-State Breach as CISA Orders Agencies to Secure F5 Environments
F5 says hackers stole undisclosed BIG-IP flaws, source code
Fake Google Job Offer Email Scam Targets Workspace and Microsoft 365 Users
Fake LastPass, Bitwarden breach alerts lead to PC hijacks
Flaw in Slider Revolution Plugin Exposed 4 Million WordPress Sites
Fresh Phishing Kit Innovation: Automated ClickFix Attacks
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
Google Chrome Users In India At A High Risk Of Cyber Attack, Here's How To Stay Safe
Hacker hijacks airport speakers, blasts anti-Trump and other political messages
Hackers are using a new phishing kit to steal Microsoft 365 credentials and MFA tokens - Whisper 2FA is evolving rapidly and has been used in nearly one million attacks since July
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access
Harvard Investigates Data Breach After Clop Ransomware Exploits Oracle Vulnerability
Hong Kong: Ransomware hits Cheung Sha Wan Vegetable Market, 7,000 users’ data at risk
Human Risk Report Reveals Overconfidence in Phishing Defenses
"Imminent" nation-state threat to F5 devices, CISA urges deployment of critical updates
Indonesian Broadcaster Trans7 Hit by Data Breach
Information Commissioner’s Office (ICO) fines Capita £14m after millions affected by data breach
Information Commissioner’s Office (ICO) fines Capita £14 million for data breach
Information Commissioner’s Office (ICO) fines Capita £14m for data breach and shares key findings around security failings
Is Your Data Safe? Vietnam Airlines Data Breach Revealed With The Airline’s Plan to Regain Trust: How Can You Protect Yourself
Largest bitcoin seizure leaves Asian scam network victims in limbo
Last Windows 10 Patch Tuesday Features Six Zero Days
LNER confirms passenger details accessed in data breach
LNER customers warned of major data breach as key details 'exposed'
Mango customers’ data hit in cyber attack as shoppers warned personal data has been stolen in latest IT breach
Mango Discloses Data Breach Affecting Customer Information
Mango fashion chain suffers third party breach, customer data impacted
Mango says some customer information exposed in cyber incident
Mango warns of data breach after cyberattack
Medusa Ransomware Attack Exposes Data of Over 1.2 Million SimonMed Imaging Patients
Microsoft Patch Tuesday October 2025 Fixs 175 Vulnerabilities including 3 Zero-Days
Microsoft patches three zero-days actively exploited by attackers
Millions of Qantas customers hit by cyberattack as hackers leak data online
Morocco: Casablanca Court Sentences Africa Cup of Nations (AFCON) Billboards Hacker to One Year in Prison
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
New York secures $14 million in fines from 8 car insurance companies after data breaches
North Wales Police paid £46,000 for GDPR and data breaches over past six years
Not so Secure Boot: 200K Framework computers found to include a bypass
Nueces County officials recover remainder of funds lost in phishing scam
Outsourcing firm Capita fined £14m after millions had data stolen
Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks
Peruvian Motorcycle Financier Global Go Hit by Killsec Ransomware
Police investigating after hacker plays 'political' message on Harrisburg International Airport (HIA) Public Address (PA) system
PowerSchool hacker gets sentenced to four years in prison
PowerSchool hacker sentenced to 4 years in prison
PowerSchool hacker sentenced to four years for data theft, extortion
Pro-Hamas screed blasted through airport speakers in US, Canada after hack
Qantas data breach: How to safeguard yourself against scams
Qantas Data Breach Exposes Millions, Tied to Wider Salesforce Campaign
Qilin Ransomware and the Ghost Bulletproof Hosting Conglomerate
Qilin Ransomware announced new victims
Qilin Ransomware Group Lists 54 New Victims in Global Attack Spree
Researchers report rare intrusion by suspected Chinese hackers into Russian tech firm
Roku Accused of Exploiting Children’s Data in Florida Privacy Lawsuit
Teknobuilt Source Code Leaked in Data Breach
Telecom operator KT accused of concealing evidence in South Korea’s data breach investigation
The diagnosis is in: Mobile health apps are bad for your privacy
The power grid is getting old, and so is the cybersecurity protecting it
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
Two New Windows Zero-Days Exploited in the Wild - One Affects Every Version Ever Shipped
U.S. man going to prison over PowerSchool data breach that included Canadian student info
U.S. man sentenced to prison over data breach that included Canadian students' info
U.S. seizes $15 billion in Bitcoin linked to massive forced-labor crypto scam
UK regulator throws the book at Capita for huge 2023 data breach
UK, US Sanction Southeast Asia-Based Online Scam Network
UK's Capita fined $19 million for 2023 cyber breach
University of St. Thomas releases little information after massive data breach
Video meetings app Huddle01 leaking user data: emails, wallet addresses exposed
Vietnam Airlines confirms data breach
Vietnam Airlines hit by customer data breach
Vietnam Airlines investigates major data breach: What customers need to know
Whisper 2FA Behind One Million Phishing Attempts Since July
Windows 10's final update is a big one - with a record 173 bug fixes
14th October
5CA denies third-party Zendesk platform was cause of Discord breach
23 million records leaked in Vietnam Airlines–linked data breach
$30 Million Settlement Agreed to Resolve Integris Health Class Action Data Breach Lawsuit
180,000 Records of PII and Payment Information Exposed
Anatomy of a Service Desk Social Engineering Attack
Anatomy of an Active Directory Attack: Targeting the NTDS.dit File
Ansell reports data breach
Asahi Cyberattack is the Problem of Every Business
Asahi fears ‘possibility’ of personal data leaked during cyber-attack
Astaroth Trojan Uses GitHub Images to Stay Active After Takedowns
Australia: Businesses bear the cost of soaring cyber threats
Australia: Information from 2,031 people compromised by flood authority data breach
Australia: Prime Minister Anthony Albanese’s private phone number leaked online amid huge data breach
Australian Healthcare Giant Ansell Reports Major Security Breach Through Third-Party Software
BK Technologies Reports Major Cyber Security Breach Exposing Employee Data
Building a Cyber-Savvy Team: Training Your Workforce To Guard Against Online Scammers
Campbell Lutyens Data Breach Affects Personal Info
Canadian Tire Reports Customer Data Breach Affecting SportChek, Mark’s and Other Brands
Canadian Tire says customer info caught in data breach on e-commerce platform
Canadian Tire says passwords, credit card info impacted in recent data breach
Canadian Tire says recent breach of e-commerce database involved customer info
Canadian Tire says recent data breach may have hit online shoppers’ info
China’s Flax Typhoon Exploits ArcGIS App for Year-Long Persistence
Chinese hackers abuse geo-mapping tool for year-long persistence
Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year
Chinese Hackers Use Trusted ArcGIS App For Year-Long Persistence
Cl0p releases data nabbed from Harvard thanks to Oracle exploit
Compound Solutions Data Breach Exposes PII Details
Credential Attacks Detected on SonicWall SSLVPN Devices
Crimson Collective breaches Colombia lottery, leaks winner data
Cyber attack contingency plans should be put on paper, firms told
Cyber attack forces The Daily Sentinel to adapt
Cyber Resilience Now: Why 2025 Demands a Shift from Defense to Readiness
Data breach at senior living provider potentially affects 26,000
Decisely Insurance Reports Data Breach Affecting Over 110,000 Nationwide
Deschutes County issues warning about email scam
Discord blamed a vendor for its data breach - now the vendor says it was ‘not hacked’
Discord Third-Party Data Breach Leaks Personal Information, Including Government IDs
DSV targeted by new logistics-focused hacking group
“Empty shelves and stalled production lines:” UK suffering four major cyberattacks a week
Feds sanction Cambodian conglomerate over cyber scams, seize $15 billion from chairman
Florida sues Roku for illegally selling children’s data, including precise geolocation
Global cyber attacks decline, but ransomware jumps 46% as GenAI threats hit education, telecom, government
Guernsey: Government 'holds hands up' after warning its own emails were phishing scams
Guernsey: States apology over 'phishing attack' email error
Hacker Group TA585 Emerges With Advanced Attack Infrastructure
Hackers can snoop on Android screens and steal sensitive data with zero permissions
Happy DOM Security Flaw (CVE-2025-61927) Enables VM Context Escape and Remote Code Execution
Harvard Confirms Cl0p Data Breach Tied to Oracle EBS Vulnerability
Harvard University hit in Oracle EBS cyberattack, 1.3 TB of data leaked by Cl0p group
Hong Kong privacy watchdog opens probe into Qantas Airways' data breach
India: Kolkata real estate firm reports cyberattack, data breach
Indiana city confirms ransomware hackers behind September incident
Insurers set tougher terms as ransomware containment improves 33%
Jaguar Land Rover Cyber Attack: Russia Suspected in Major Factory Shutdown
Kearney Public Schools operations fully restored after cyber attack
Kearney Public Schools restores technology systems following cyber attack
Legacy Windows Protocols Still Expose Networks to Credential Theft
Major retailers hit by data breach in Canada, customer information impacted
Malicious crypto-stealing VSCode extensions resurface on OpenVSX
Mango Targeted in Recent Cyber Attack: Unauthorised Access to Client Information
Massive NPM Supply-Chain Attack Infects Developers During Package Installs
MI5, sleuths chase clues from China to Iran after shutdown devastates Tata’s Jaguar Land Rover
Michigan City announces that September’s network disruption was due to ransomware
Microsoft Limits IE Mode in Edge After Chakra Zero-Day Activity Detected
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws
MyCardiologist Data Breach Affects Patient PII and PHI
Nebraska: York business targeted in email phishing scam for prescription drugs
New Android Pixnapping attack steals MFA codes pixel-by-pixel
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels
NSW Reconstruction Authority: Data breach analyses reveals no shared files
Ofcom issues £20K fine to 4chan for ignoring information requests
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Patch Tuesday October 2025: Three Zero-days Under Attack
Phishing Scam on Booking.com Costs UK Traveler Over One Thousand Eight Hundred Euros - How to Protect Yourself
Police Bust GXC Team, One of the Most Active Cybercrime Networks
Qantas confirms cybercriminals released stolen customer data
Qantas customers enraged after their personal data hits dark web
‘Quishing’ Fuels a New Wave of Stealthy Phishing Attacks
Ransomware losses rise despite fewer insurance claims
Région Hauts-de-France Suffers Massive 1.1TB Data Breach
Researchers Expose TA585's MonsterV2 Malware Capabilities and Attack Chain
RMPocalypse: Single 8-Byte Write Shatters AMD's SEV-SNP Confidential Computing
Russia suspected in Jaguar Land Rover (JLR) cyber attack
Russia-linked hackers attack Texas electric cooperatives
Satellites found exposing unencrypted data, including phone calls and some military communications
Secure Boot bypass risk threatens nearly 200,000 Linux Framework laptops
Security validation: The key to maximizing ROI from security investments
Senior Executives Falling Short on Cyber-Attack Preparedness, National Cyber Security Centre (NCSC) Warns
SimonMed Data Breach Exposes Sensitive Information of 1.2 Million Patients
SimonMed discloses 1.27 million-record healthcare data breach
Taiwan People’s Party (TPP) chair accused of leading hacker network, denies allegations
Taiwan reports surge in Chinese cyber activity and disinformation efforts
The Endpoint Has Moved to the Browser - Your Security Tools Haven’t
The solar power boom opened a backdoor for cybercriminals
This new Android exploit can steal everything on your screen - even 2FA codes
UK: National Cyber Security Centre (NCSC) Reports 130% Spike in "Nationally Significant" Cyber Incidents
UK Cyberattacks Increase Nearly 50% as National Cyber Security Centre (NCSC) Reports Third Consecutive Year of Growth
UK Firms Lose Average of £2.9 million to AI Risk
UK hit by record number of ‘nationally significant’ cyberattacks
UK sees 50% surge in “Highly Significant” cyber incidents
US Authorities Move to Seize $14B in Bitcoin Linked to Chinese Hacker
US seizes $15 billion in crypto from 'pig butchering' kingpin
Valparaiso University Alum Files Lawsuit Over Data Breach
Vietnam Airlines: Information Regarding Customer Data Breach
Vietnam Airlines reassures customers after data breach incident
Vietnam Airlines reports data breach
Vietnam Airlines responds to customer data breach
Voice Phishing: You Are Also Prey
'We need to hold our hands up': Guernsey States mistakenly flags its own email as a scammer
“We were shocked:” Gear ordered online can intercept secret satellite data
Wellborn & Company reports data breach following ransomware attack on third-party IT provider
What if your privacy tools could learn as they go?
Windows 10 Hits End of Life: 200 Million PCs Face Mounting Security Risks
York Police Department investigating email phishing scam toward local business
13th October
175 npm packages, unpkg CDN abused for phishing infrastructure
AI deepfake chaos disrupts South Korea’s National Assembly audit
AI-generated images have a problem of credibility, not creativity
Almost 100 brands spoofed by Chinese phishing kit
Ansell says personal information accessed in data breach
Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns
Attackers don’t linger, they strike and move on
Australia: Government refuses to negotiate with hackers after Qantas data leak
Australia: Ransomware hackers stealing medical records as online attacks surge, spy agency’s annual report reveals
Australia Steps Up Cybersecurity for Critical Infrastructure with ‘CI Fortify’
Australian government to use all available laws to deal with Qantas data breach
Brotherhood ransomware group claims cyber attack on Western Australia trade supplier
California strengthens its data breach notification requirements
“ChaosBot” malware turns Discord into a hacker command center
Credential Stuffing Attack Exposes DraftKings Customer Data
Crenshaw Community Hospital Data Breach Exposes Protected Health Information
Crimson Collective Breaches Loteria de Medellin, Leaks Winner Data
Critical Oracle EBS Flaw Could Expose Sensitive Data
Crypto-targeting criminals reach “new level” with another GitHub campaign
Customer payment data stolen in Unity Technologies’s SpeedTree website compromise
Cyberattack hits Houston suburb
Data breach impacts UK trade union
Extortion Group Leaks Millions of Records From Salesforce Hacks
Fast Track issues response following cyber attack
FBI and French Police Shutter BreachForums Domain Again
FBI Cracks Down on Key Dark Web Portals Used By Hacker Groups Who Sold 1 BIllion Salesforce Customer Database
Frustration mounts among Qantas customers as personal data released on dark web
Generali Central Life Insurance Targeted By Medusa Ransomware
Gladinet, TrioFox flaw under active exploitation
Goosehead Insurance Confirms Data Breach Exposes SSNs Following Ransomware Attack
Hacker group claims to have hacked Nintendo and stolen data
Hackers leak data of 23 million Vietnam Airlines passengers
Hackers Target ScreenConnect Features For Network Intrusions
Harvard investigating breach linked to Oracle zero-day exploit
Harvard says ‘limited number of parties’ impacted by breach linked to Oracle zero-day
Harvard University investigates data breach allegations
Healthcare ransomware attacks are on the increase
Healthcare ransomware attacks surge 30% in 2025, as cybercriminals shift focus to vendors and service partners
How to spot and stop AI phishing scams
“Inflation Refund” scam texts spread among thousands of New Yorkers
Invoicely Database Leak Exposes 180,000 Sensitive Records
Kearney Public Schools Hit by Cyberattack, Network and Phones Down Ahead of Monday Classes
Kearney Public Schools, Nebraska, Stay Open After Cyber Attack
Lawrence Berkeley National Laboratory Data Breach Exposes Source Code
Major airline says customer data leaked after cyberattack
Malicious Code on Unity Website Skims Information From Hundreds of Customers
Massive Data Breach: 6 Million Qantas Passengers Affected
Massive multi-country botnet targets RDP services in the US
Massive SonicWall SSL VPN compromise underway
Medusa Ransomware Adds Cemtrex, EcoPetróleo, Design To Print, & LA VOIE EXPRESS to Victim List
Michigan City, Indiana Confirms Ransomware Attack by Obscura
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Microsoft may not track school children, Austrian Data Protection Authority (DPA) says
Mission City Community Network Data Breach Exposes Protected Health Information
Multitaskers, beware: You’re significantly more likely to fall for phishing, researchers say
Multitasking Workers More Likely To Fall For Phishing Emails, Study Suggests
New Rust-Based ChaosBot Backdoor and Aggressive Chaos-C++ Ransomware Threaten Enterprises
New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs
New Stealit Malware Campaign Spreads via VPN and Game Installer Apps
New Yorkers targeted by new ‘Inflation Refund’ smishing campaign
Nintendo Reportedly Hacked by Crimson Collective - Same Group Behind Red Hat Data Breach
Novel Stealit malware ensures stealth with Node.js feature abuse
NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms
OpenAI: Foreign Adversaries Using Multiple AI Tools to Optimize Existing Hacking Approaches
OpenAI’s Guardrails Can Be Bypassed by Simple Prompt Injection Attack
Open Source DFIR Tool Velociraptor Exploited In Multi-Ransomware Attack
Operation Heracles is a success: German police take down 1,400 scam websites used for cybertrading fraud
Oracle E-Business Suite Bug Enables Hacker Data Access Without Login
Oracle releases emergency patch for new E-Business Suite flaw
Oracle Warns of New EBS Vulnerability That Allows Remote Access
Over 1 Million KFC Venezuela customer records purportedly stolen
Phishing scams exploit New York’s inflation refund program
Phishing scams use fake urgent documents to fool victims. Here's what to know
Pro-Russian hacktivists successfully lured to attack fake target
Prosecutors: Sterling teen who held PowerSchool ransom was 'sophisticated' cybercriminal
Qantas admits 5 million customers have data leaked following ransomware attack - here's what you need to know
Qantas Airways Cyberattack Update: Customer Data Released, Security Measures Enhanced
Qantas customer data leaked on dark web after cyber attack. What to do if you’ve been affected
Qantas Customer Data Was Published After the July Cyber Breach, Impacting 5 Million People
Qantas Data Breach: Court Injunction Issued Against Hackers, But Enforcement Remains Elusive
Qantas Data Breach: How To Know If Your Data Was Exposed - Steps To Protect Yourself
Qantas Data Breach Escalates - Stolen Customer Data Released Online
Qantas Data Breach Exposes Millions as Experts Warn of Rising Scam Threats
Qantas data stolen in Salesforce hack exposed
Qantas Shares Dip After Data Breach
Qilin Ransomware Group Claims Breach of Asahi Group, Steals Over 25GB of Data
Ransomware attackers claim hit on Methodist Church of Southern Africa
Ransomware Attackers Hit Methodist Church Of Southern Africa
Ransomware In SaaS: Addressing The Core Vulnerabilities To Build Resilient Enterprises
Redis Critical Vulnerability Exposes over 60,000 Instances to RCE and Host Take Over
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors
Roobet Says Users Not Impacted After External Partner Suffers Cyber Attack
Russia considered a suspect in Jaguar Land Rover (JLR) cyber attack investigation
Scam Alert: Phishing scams target Mississippi taxpayers via text message
Security Misconfigurations: The Future Disaster That’s Staring You in the Face
ShinyHunters Leak Alleged Data from Qantas, Vietnam Airlines and Other Major Firms
SimonMed Imaging Data Breach Impacts 1.2 Million
SimonMed Imaging discloses a data breach impacting over 1.2 million people
SimonMed says 1.2 million patients impacted in January data breach
SimonMed Says Medusa Ransomware Breach Exposed Data of 1.2 Million Patients
SonicWall VPN accounts breached using stolen credentials in widespread attacks
Sophisticated phishing scams targeting overseas Koreans rising as criminals impersonate embassy, consular staff
South Korea: Government seeks police probe of Korea Telecom (KT) for allegedly obstructing data breach investigation
Spain Arrests Alleged Leader of GXC Team Cybercrime Network
Spain dismantles criminal group GXC Team
Spanish Authorities Dismantle Advanced AI Phishing Operation GoogleXcoder
Spanish Authorities Dismantle ‘GXC Team’ Crime-as-a-Service Operation
Teen faces 7-year sentence over PowerSchool hack
Thousands of Users’ Identities Unveiled after Discord Data Breach
UK fines 4chan over noncompliance with Online Safety Act
Ukraine takes steps to launch dedicated cyber force for offensive strikes
Ukrainian lawyer loses appeal against extradition to US over ransomware conspiracy charges
Under Pressure, Even Trained Users Miss the Signs of Phishing
Wait, what? WiFi signals can be used to ID you even if you carry no device
Waveny LifeCare Data Breach Exposes Sensitive Patient Info & SSNs
Wellborn & Company Data Breach Affecting Clients' Personal Information
What to do if you’re a Phishing victim?
When hackers hit, patient safety takes the fall