Welcome to DBD. Cybercrime is making headlines globally. Attacks on well-known brands and organizations are raising public awareness of the severity, frequency and impact of cyber attacks. Proving cybercrime is growing at an alarming rate, DBD has recorded more ransomware attacks this year than any other, and we continue to provide visibility of these in our 
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 27th October and 2nd November 2025.2nd November
Australia: Victims of IVF provider data breach seek compensation in complaint to national regulator
Hacker Group Reveals Identities of Several Wanted Israeli War Criminals
Hackers Exploit Fake Microsoft Teams Ads to Deploy Rhysida Ransomware
Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns
Voice Phishing Gang Arrested Impersonating Prosecutors, Financial Watchdog
WestJet, Cathay Pacific, Japan Airlines, Air Europa and more joining in Massive Cyber Attack This Year - You Won’t Believe Who’s at Risk
1st November
Akira Ransomware Allegedly Claims Theft of 23GB in Apache OpenOffice Breach
Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data
Australian Signals Directorate (ASD) Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability
Beware of fake Microsoft Teams ads spreading ransomware
China-linked hackers exploited Lanscope as a zero-day flaw in attacks
China-Linked Hacking Group Targets European Diplomatic Entities in Espionage Campaign
CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks
CISA Issues Warning: Hackers Exploit Linux Vulnerability to Spread Ransomware
CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware
City of Columbus warns of email ‘phishing’ scam mentioning planning department
Crooks target luxury brands with 1,330 fake domains
Hackers Claim Major US Bank Data Breach, Allegedly Posting Names, Social Security Numbers, Account Numbers and More for Sale on Dark Web
Hackers send fraudulent mass emails to University of Pennsylvania students
Legacy Linux Flaw CVE-2024-1086 Drives Resurgence of Ransomware Attacks
Marks & Spencer to reveal financial impact of cyber attack and online shutdown
Meduza Infostealer Developers Arrested in Russian Authorities’ Crackdown
Meta, Nigeria to Agree Settlement Terms in $32.8m Data Breach Fine
New Kurdish Hacktivists Hezi Rash Behind 350 DDoS Attacks in 2 Months
‘People have had to move house’: Inside the British Library, two years on from devastating cyber attack
Rising threat of phishing and ransomware in Indian banking sector
Voice Phishing Courier Arrested With 540 Million Won at Seoul Station Locker
Woman charged after Edinburgh patients' records accessed in data breach
Woman charged after patient records accessed in NHS data breach
31st October
After a Cyber Attack: How Investment Managers Should Recover and Prepare
AI chatbots are sliding toward a privacy crisis
Albanese Physical Therapy Data Breach Exposes Patient Records
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
Alleged Meduza Stealer malware admins arrested after hacking Russian org
Australia Makes History: The World’s First Country to Force Disclosure of Ransomware Payments
Australia warns of BadCandy infections on unpatched Cisco devices
Beverly Hills Oncology Reports 5-Day Data Breach
Beware of Tricks: Halloween Scams Are Stealing Credentials, Money
Bitcoin (BTC) bridge flagged for laundering money got hacked
Black Shrantac Hits CyPark, TENAX, Matlusky, and CCI Tax Pros
BNB Chain reveals root cause of $13k X account hack
Cambodian Voice Phishing Gang Members Sentenced
Canadian cybersecurity agency recommends enabling 2FA after cyberattack reports on vital infrastructure
China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats
China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems
Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
Chinese-Linked Hackers Exploit Windows Flaw to Spy on Belgian and Hungarian Diplomats
CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers
CISA and partners take action as Microsoft Exchange security risks mount
CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks
CISA releases security best practices guide for on-site Microsoft Exchange Servers
Colvanes SAS (EnvĂa) Data Breach Exposes Customer Information
Conduent Data Breach: How 10 Million Lives Were Exposed and What Comes Next
Conduent Data Breach Impacts Over 10.5 Million Individuals
Conti Ransomware Suspect Extradited from Ireland to the US to Face Charges
Court Finalizes HCA Healthcare Data Breach Class Action Settlement
DW Data Breach: German News Giant’s Database For Sale
Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery
Ernst & Young (EY) Exposes 4TB SQL Server Backup Publicly on Microsoft Azure
Facial Recognition Firm Clearview AI Hit with Criminal Complaint in Austria
Federal Communications Commission (FCC) plans vote to remove cyber regulations installed after theft of Trump info from telecoms
G-Plans Data Breach Affects Subscriber Privacy
Government data leaks can be a matter of life and death
Government hackers breached telecom giant Ribbon for months before getting caught
Gun Accessory Supply (GAS) Hit by Qilin Ransomware Attack
Hackers Exploit WSUS Flaw to Spread Skuld Stealer Despite Microsoft Patch
Hackers threaten to leak data after breaching University of Pennsylvania to send mass emails
High-severity Linux flaw now exploited by ransomware gangs
How Did Marks & Spencer (M&S) Cyber Attack Cost £300 Million and Help Next?
Hundreds of Australian Devices Compromised with BadCandy Implant
Japanese retailer Askul confirms private info leakage due to cyberattack
Kimsuky and Lazarus Hacker Groups Unveil New Tools That Enable Backdoor and Remote Access
LinkedIn Phishing Scam Targets Executives with Fake Board Offers
LinkedIn phishers target executives with fake board invitations
Marks & Spencer (M&S) to reveal extent of cyber-attack
Meduza Stealer Developers Arrested in Russia
Most organisations struggle to keep pace with AI-powered ransomware
Multilingual ZIP File Used by Threat Actors to Target Financial and Government Organizations
Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack
New LinkedIn phishing scam targets executives with fake board positions
New Tools from Kimsuky and Lazarus Hacker Groups Enable Backdoor and Remote Access
Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks
Over 10 Million patients affected by Conduent data breach
Oxford County cyberattack linked to dark web ransomware group
Passwordless adoption moves from hype to habit
Patient records accessed in NHS Lothian data breach
Personalised internal emails drive sharp rise in phishing risk
Probe On After ‘Offensive’ Mass Emails Sent In Suspected Security Threat At University Of Pennsylvania
RansomHouse group claims responsibility for attack on Askul
Ransomware gang runs ads for Microsoft Teams to pwn victims
Ransomware resilience: It’s time to be ‘more Bruce Lee’
Rhysida OysterLoader malvertising campaign leverages 40+ code-signing certificates
Russia Arrests Meduza Stealer Developers After Government Hack
Scotland: Woman charged after around 100 patient records accessed in data breach
Scottish patient records accessed in major NHS data breach
Shadow AI: New ideas emerge to tackle an old problem in new form
Sling TV settles with California for allegedly violating state consumer privacy law
The Calm Before A Storm: Why 2025’s Cyberattacks Seem ‘Quiet’ And Why It Should Terrify Us
The evil masterminds behind Meduza infostealer malware are...kids in Hello Kitty pants
The Hidden Risks of Third-Party IoT Devices: What Organizations Need to Know
The Phishing Renaissance, How AI Brought Back the Classics
Three Members of Cambodia 'Ma Dongseok Team' Phishing Ring Sentenced to Prison in First Trial
Three suspected developers of Meduza Stealer malware arrested in Russia
Ukrainian allegedly involved in Conti ransomware attacks faces up to 25 years in jail
Ukrainian Conti Ransomware Suspect Extradited to US from Ireland
Ukrainian extradited from Ireland on Conti ransomware charges
University of Pennsylvania investigating offensive email sent through graduate school system
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
Victorian medical centre suffers cyber attack
Vietnam Arrests 60 People in Cambodia's Voice Phishing Organization...Fraud charges of 16 billion won
‘We got hacked’ emails threaten to leak University of Pennsylvania data
Windows 10 users face ransomware nightmare as Microsoft support ends in 2025 worldwide
Windows zero-day actively exploited to spy on European diplomats
Woman charged after NHS patients’ records accessed in data breach
Yale New Haven Health System (YNHHS) reaches preliminary $18 million settlement over data breach
Yas Takaful Dubai Insurance Data Breach Exposes Client Data
30th October
28% of Irish businesses risk closure with one ransomware attack
95% of companies believe they’re ready for ransomware. But only 15% actually are!
180 ransomware attacks plague education sector worldwide in 2025 through Q3
Afghan data breach saw sensitive information left open on train
Akira Ransomware Group Claims Cyberattack on BK Technologies, Says 25GB of Data Stolen
Akira Ransomware Claims It Stole 23GB from Apache OpenOffice
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)
BPO giant Conduent confirms data breach impacts 10.5 million people
CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers
Cisco Talos identifies surge in Qilin ransomware attacks, with manufacturing sector hit hardest in 2025
City of Columbus, Indiana, warns of phishing email scam circulating appearing to come from the ‘planning department’
Class action targets Pacific Seafood over data breach
Conduent admits its data breach may have affected around 10 million people
Confidential information leaked after Ministry of Defence (MoD) official left laptop open on train
Critical Flaws Found in Elementor King Addons Affect 10,000 Sites
Crypto scammers deepfaked Nvidia's CEO during livestream
Cyber-attack on Jaguar Land Rover (JLR) leaves UK September car production at 70-year low
Cyberattack targets Polish municipalities, mayors in phishing campaign
Cybersecurity and energy leaders join forces to protect EU power grids
Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) share tips on securing Microsoft Exchange servers
Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia
Denmark reportedly withdraws Chat Control proposal following controversy
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
Determining the Credibility of Online Threats in a World of Digital Noise
Diplomatic entities in Belgium and Hungary hacked in China-linked spy campaign
Email breaches are the silent killers of business growth
Ernst & Young (EY) subject of whopping 4TB data breach following cloud migration error
Even the most complex and advanced business VPN tools could still leave you at risk of attack - here's how to stay safe
Ex-L3Harris exec guilty of selling cyber exploits to Russian broker
Extortion and Ransomware Drive Over Half of Cyberattacks
Financial Conduct Authority (FCA) prosecutes boiler room data breach
Financial Conduct Authority (FCA) secures first data breach conviction
From Deepfakes to Phishing 2.0: Why Passwords Alone Can't Protect You Anymore
GCash, Department of Information and Communications Technology (DICT) confirm no data breach after dark web claim
Germany publishes checklist on how to act when your online account is hacked
Gmail Passwords Exposed In 183 Million Account Data Breach
Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month
Hacker gang claims raid on Japanese grocery store chain
Hackers Claim Massive Data Theft from Sweden’s Power Grid Operator
Hacktivist Industrial Control Systems (ICS) Attacks Target Canadian Critical Infrastructure
Hacktivists tampered with Canadian industrial systems, cyber agency warns
Handle a data breach quickly to protect your personal information and minimize damage
Hitler Ransomware Revived in Roblox Executors
How AI Phishing Is Putting School Districts at Risk
How Jaguar Land Rover's Category 3 Cyber Attack Caused Production Shutdown
How neighbors could spy on smart homes
Ireland: Cyber Threats Could Force 1 in 4 SMEs to Shut Down After a Ransomware Attack
Jaguar Land Rover (JLR) Cyber Attack Impact on Car Production Revealed
Jaguar Land Rover Cyber-Attack cost UK Economy £1.9 billion
Jaguar Land Rover (JLR) cyberattack reinforces urgent need for stronger cyber safeguards
JFS Wealth Advisors Data Breach Affects 865 Residents
Kenya: Government Responds to Alleged M-Tiba Personal Data Breach
Key Telecom Supplier Ribbon Communications Discloses Nation-State Cyberattack
L3Harris Trenchant Former Executive Pleads Guilty to Selling Zero-Day Exploits to Russian Buyer
La Vergne city offices reopen nearly 2 weeks after suspected cyber attack
LG Uplus Reports Suspected Data Breach Amid Growing Cybersecurity Concerns in South Korea
LinkedIn phishing targets finance execs with fake board invites
Luxury Brands Face Wave of Impersonation via Over 1,300 Suspicious Domains Ahead of Holiday Season
M-Tiba Data Breach Exposes Millions of Kenyans’ Health Records
Major telecom services provider Ribbon breached by state hackers
Marina Bay Sands Fined for Data Breach Affecting 665,000 Customers
Marks & Spencer (M&S) Cyber Attack Boosts Profits of Rival Retailer Next
Massive surge of Near-Field Communication (NFC) relay malware steals Europeans’ credit cards
MedImpact Confirms Ransomware Attack as Qilin Claims Responsibility
MedImpact Hit by Cyberattack, Claims Processing Delayed
Millions Impacted by Conduent Data Breach
Ministry of Defence (MOD) data breach linked to deaths of 49 Afghans, says new academic research
Naruto, Sailor Moon US publisher’s Google Drive breached, attackers claim
Nation-state attackers infiltrate Ribbon Communications, a telecoms networking and cloud services provider used by the US Department of Defense (DoD)
National Informatics Centre (NIC) Kavach App Data Breach
New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL
New York Police Department (NYPD) sued for using Microsoft-powered spy network to track New Yorkers
Northern Montana Health Care (NMHC) Notified of Data Breach
Open-source AdaptixC2 hacking tool has fans in Russian cybercrime underground
Open-Source Red Team Tool Adaptix Framework Exploited by Cybercriminals with Russian Ties, Including Akira
Over 3 billion Chromium users vulnerable to browser crash bug
Pan-American Data Breach Affects PII & PHI
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Developers
Phishing via LinkedIn is on the rise with sophisticated tactics
Profits from ransomware attacks declining
Proton Claims 300 Million Records Compromised So Far This Year
Proton Data Breach Observatory reports as soon as your personal data hits the dark web
Proton Launches Data Breach Observatory to Track Dark Web Activity in Real-Time
Proton launches 'Data Breach Observatory' to track personal info leaks
Proton Launches Free Data Breach Observatory to Track Dark Web Leaks
Proton trains new service to expose corporate infosec cover-ups
Proton Unveils Data Breach Observatory for Dark Web Credential Alerts
Proton Will Discover Online Breaches As Soon As Your Data Is Sold On The Dark Web
Proton’s new Data Breach Observatory shines a light into the dark web
Pruksa Holding Data Breach Exposes Data of 460,000 Members
Push Security Identifies Surge in Sophisticated LinkedIn-based Phishing Campaigns
Qilin ransomware claims cyber attack on Malibu Boats Australia
Ransom payment rates drop to historic low as attackers adapt
Ransomware attacks surge 28% in September as Industrials sector hit hardest
Ransomware gang claims Conduent breach: what you should watch for next
Ransomware hackers upped the game, and it’s personal
Rethinking identity security in the age of autonomous AI agents
Rogers Mechanical Data Breach Affects PII and PHI
Russian cybercrime group hits Pharmacy Benefit Manager (PBM) with ransomware
Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks
Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks
Safaricom Under Fire After Massive M-Tiba Data Breach Exposes Millions of Kenyans’ Health Records
Sandworm-linked attackers continue to target Ukrainian organizations
Shadow AI: One In Four Employees Use Unapproved AI Tools, Research Finds
Spyware-Plugged ChatGPT, DALL·E and WhatsApp Apps Target US Users
Synthetic phishing in the AI era: Is India ready for the next wave of cyber threats?
Tata Consultancy Services (TCS) Refutes Claims of Contract Loss Following M&S Cyber Incident
Tata Motors Breach Exposed 70TB of Sensitive Data Before Fix
Tech Expert Claims Russia Behind Major UK Cyber Attack, Using Gaza Conflict as 'Cover'
Telco provider used by US government and others hit by nation-state hackers
This sucks: developer finds backdoor in his robot vacuum, potentially giving full control to spies
Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery
UK retailers hit by surge in AI-powered phishing & vishing scams
Vinomofo Failed to Protect Customer Data, Australian Privacy Commissioner Rules
VIZ Media Data Breach Exposes 254GB of Sensitive Data
Was Your Data Exposed in the Canadian Tire Breach? Here’s What To Do Next
Year-Long Nation-State Hack Hits US Telecom Ribbon Communications
Your photo could be all AI needs to clone your voice
29th October
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
2026 Data Breach Law Updates - California and Oklahoma
Active Exploits Hit Dassault and XWiki - CISA Confirms Critical Flaws Under Attack
AI agents can leak company data through simple web searches
AI web browsers threaten your privacy and the open web
Amid Shutdown, Cyber Attack Thwarts Georgia Supplemental Nutrition Assistance Program (SNAP) Recipients
Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11
Average Cyber-attack Now Costs Firms £2.8 Million, Report Warns
Banking & payroll details stolen in Merkle data breach, Dentsu warns staff
Beast Ransomware Targets Active SMB Connections to Infect Entire Networks
BlueNoroff reemerges with new campaigns for crypto theft and espionage
British Standards Institution (BSI) Warns of Looming AI Governance Crisis
Canada says hacktivists breached water and energy facilities
Central Intelligence Agency (CIA) launched cyber attack on Venezuela five years ago
Cisco, Citrix VPNs at 7 times higher ransomware risk
ClickOnce leveraged in new SideWinder APT attacks
Cloud Atlas hackers target Russian agriculture sector ahead of industry forum
Conduent Data Breach Hits Thousands of Blue Cross Blue Shield Members in Montana
Cyber Attack Reported Inside Walt Disney World Theme Park
Data breach hits Dentsu subsidiary Merkle
Dentsu warns staff of data breach after Merkle hit by cyber ‘security incident’
Early reporting helps credit unions stop fraudulent transfers faster
Email breaches skyrocket in 2025: 78% of businesses compromised, $217K lost per attack
Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins Challenging SOC Defenses
Employee data from advertising giant Dentsu leaked in hacker attack
Everest Ransomware Group Claims Theft of 1.5 Million Passenger Records from Dublin Airport
Experts Report Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices
False Reports of Gmail Data Breach Alarm Internet
Former L3Harris Trenchant boss pleads guilty to selling zero-day exploits to Russian broker
Former Security Company Official Pleads Guilty to Stealing Trade Secrets to Sell to Russian Buyer
Former Trenchant executive pleads guilty to selling cyber exploits to Russian broker
From Deepfakes To Phishing 2.0: Why Passwords Alone Can't Protect You Anymore
GCash data breach report false
GCash denies dark web data breach, assures customers funds are safe
GCash warns users against fake news on alleged data breach
Gmail-Linked Credentials Exposed in Massive Breach
Goosehead Insurance hit with lawsuit over alleged data breach notification delay
Green Mountain Higher Education Consortium Data Breach
Gunra Ransomware Leveraging Attacking Windows and Linux Systems with Two Encryption Methods
Gunra Ransomware Targeting Windows and Linux Systems Through Two Encryption Techniques
Gunra Ransomware Targets Windows and Linux with Dual Encryption
Hackers Hijack Corporate XWiki Servers for Crypto Mining
Hackers Use Near Field Communication (NFC) Relay Malware to Clone Tap-to-Pay Android Transactions
Halloween scams spike as 63% of festive spam found malicious
How Businesses Should Approach the Post-Quantum Cryptography Transition
HSBC USA caught in data breach controversy after Cyber Attack
If you get an email saying you’re dead...it’s the new LastPass phishing scam
Intensifying Iranian, Russian global cyberattacks expand to target small businesses
Jaguar Land Rover cyber attack 'could take six months to recover from'
Kenya: Data Commissioner probes possible M-Tiba data breach involving users’ health information
Kenya: Office of the Data Protection Commissioner (ODPC) Probes Alleged M-Tiba Personal Data Breach
Korea launches AI-based platform to bolster fight against voice phishing
Korea Telecom (KT) will provide free data and discounts to victims of data breach
LG Uplus joins three major South Korean telecoms hacked this year
'Living off the land' allowed Russia-linked group to breach Ukrainian entities this summer
M-Tiba Under Probe Over Alleged Data Breach Affecting Millions of Users
M-Tiba Under Probe Over Alleged Personal Data Breach
Malicious NPM packages fetch infostealer for Windows, Linux, macOS
Malicious Typosquatted npm Packages Deliver Cross-Platform Credential Stealer, Researchers Warn
Marina Bay Sands fined for data breach affecting over 665,000 patrons
Marina Bay Sands fined more than US$243,000 for 2023 data breach that impacted 665,495 rewards members
Marina Bay Sands Fined US$243,400 For Data Breach Involving Over 665,000 Rewards Members
Marks & Spencer cyberattack leads to profit for other UK retailers
Massive Credential Leak Sparks Google Data Breach Allegations
MedImpact purportedly hacked by Qilin
More than 10 million impacted by breach of government contractor Conduent
Nearly Half of Ransomware Victims Who Pay Ransom Can’t Recover Data
New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts
New Atroposia RAT Surfaces on Dark Web
New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network
New Beast Ransomware Expands Through Network by Scanning Active SMB Ports
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding
New research reveals human cost of Ministry of Defence Afghan data leak
Newk's Data Breach Impacts Thousands
NOYB demands criminal sanctions against Clearview AI for GDPR violations
Npm Malware Uses Invisible Dependencies to Infect Dozens of Packages
On-premises VPNs up odds of ransomware victimization
Only 23% of Ransomware Victims Pay the Ransom
Over 1.5 Million Sensitive Records Targeted in Collins Aerospace Data Breach, Hackers Claim
Paterson & Dowding confirms data breach by ransomware group
PhantomRaven attack floods npm with credential-stealing packages
Phishing Attack Uses Invisible Characters in Email Subject Lines to Bypass Filters
Phishing scams are all trick, no treat
PHP Servers and IoT Devices Face Growing Cyber-Attack Risks
Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc
Qilin Ransomware Exploits Windows Subsystem for Linux (WSL) to Run Linux Encryptors on Windows
Ransomware Attacks Against Critical Industries Surge
Ransomware hackers are now running Linux encryptors in Windows to stay undetected
Ransomware Predictions for the Rest of 2025: Ecosystem in Flux
Ransomware Spotlight: DragonForce
Reacting slowly to a security breach opens up your business to more threats
Reputation.com exposes 120 million logs in major data leak
Rethinking Data Collection in Identity Security
Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics
Safepay ransomware gang claims hack on German surveillance provider Xortec
Sanctions won’t stop cyberattacks, but they can still “bite”
Scammers target international students by threatening their visa status
SideWinder Targets Indian Embassy and South Asian Organizations in Sophisticated Phishing Campaign
South Korea: Financial Authorities Launch AI Platform to Block Voice Phishing
‘Stealer Logs’ & ‘Credential Stuffing Lists’ Data Breach Leaks 183 Million Email Passwords
Survey Surfaces Rise in Email Security Incidents Tied to Ransomware
Tasmanian government agencies hit by cyber attack
Tata Consultancy Services (TCS) slams 'misleading' The Telegraph report on Marks & Spencer (M&S) ending IT contract amid major cyber attack fall out
The US refuses to sign UN’s cybercrime treaty
To stop cybercrime, don't think like a criminal
UK firms confident on ransomware but face rising AI-driven risks
UK taxpayers are under an increased risk of deception
UK watchdog announces rules to stop scammers in their tracks
Were 183 Million Gmail Passwords Stolen? Google Responds to Claims of Data Breach
When Money Moves, Hackers Follow: Europe’s Financial Sector Under Siege
WordPress security plugin exposes private data to site subscribers
28th October
40 Billion Records Exposed From Marketing and Email Data Platform
76% of organizations struggle to combat AI attacks
183 Million Email Passwords Leaked in Global Data Breach
A Quarter of Scam Victims Have Considered Self-Harm
Actively Exploited WSUS Bug Added to CISA Known Exploited Vulnerabilities (KEV) List
Advertising giant Dentsu reports data breach at subsidiary Merkle
Are All Ransomware Gangs Interconnected
At least 49 relatives and colleagues of Afghans affected by the Ministry of Defence's mass data breach 'have been killed'
Australia & New Zealand lag in rapid ransomware recovery rates
Beatings, killings, and lasting fear: The human toll of Ministry of Defence's Afghan data breach
Bengaluru’s Central Crime Branch (CCB) Cyber Crime Wing Busts ₹47 Crore ($5.6 Million) International Cybercrime Racket Linked to Dubai
Booking.com Impersonation Targets Crypto Users in Fake Dubai Summit Scam
Caller ID Spoofing Is a Big Problem. Europol Wants Solutions
CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware
Chain of security weaknesses found in smart air compressor model
Chrome Zero-Day Actively Exploited in Attacks by Mem3nt0 mori
Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware
CISA warns of two more actively exploited Dassault vulnerabilities
CISA Warns that DELMIA Apriso Vulnerabilities Are Under Attack
Clearview AI sued in Europe over alleged privacy violations
Colegio de Abogados de Rosario Data Breach Exposes Attorneys
Copeland Auto Group Data Breach Affects Dealerships
Critical Flaw CVE-2025-55315 Exposes QNAP NetBak PC Agent to Security Bypass Attacks
Critical Microsoft WSUS Security Flaw is Being Actively Exploited
Cyber extortion success rate declining
Cyber Security Must Be a Board Priority – And It Starts With Cyber Essentials
Cybercriminals Use Invisible Characters in Subject Lines for New Phishing Attack
Data breach at Conduent linked to months-old system compromise
Delay responding to email breaches likely to lead to ransomware attacks
Delayed Breach Response Tied to Higher Ransomware Risk
Dentsu warns staff of data breach after Merkle hit by cyber 'security incident'
Email Passwords Confirmed in Major 183 Million Account Data Breach
Europol calls for European response against caller ID spoofing
Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät
Everest Leaks AT&T Records, Demands $1M for Dublin Airport Passenger Data
Everest ransomware group claims breach at Sweden’s Svenska kraftnät
Federal Communications Commission (FCC) adopts new rule targeting robocalls
FIA Data Breach Exposes Sensitive Personal Information of F1 Drivers, Including Max Verstappen’s Passport
Form Energy, Inc. Data Breach Affects 622 in Massachusetts
From phishing to deepfakes: Africa faces next generation of cyber threats
Gamaredon Launches New Phishing Campaign Against Government Entities Exploiting WinRAR Vulnerability
Gamaredon Phishing Campaign Exploits WinRAR Vulnerability to Target Government Agencies
Gmail Passwords Confirmed Within 183 Million Account Infostealer Leak
Gmail security alert: 183 Million credentials exposed - are you at risk?
Gmail users told urgent action needed after millions of passwords stolen in data breach
Gmail-Linked Credentials Exposed in Massive Breach
Google Denies Data Breach Claims, Refutes Rumors of 183 million Accounts Leaked
Google Denies Gmail Data Breach Amid Widespread Misreporting
Google Debunks Gmail Data Breach Reports That Said 183 Million User Account Credentials Leaked
Google pushed to publicly deny false reports of massive Gmail breach
Google says reports of a Gmail breach have been greatly exaggerated
Hackers put 8 Million records of Mexicans’ debt data up for sale
How many companies really shut down after a data breach?
How Threat Intelligence Feeds Help Organizations Quickly Mitigate Malware Attacks
Investment Scams Spread Across Asia With International Reach
Iran-Linked Hacker Group Claims Breach of Israeli Defense Contractor MAYA
Ireland: Cyber Threats Could Force 1 in 4 SMEs to Shut Down After a Ransomware Attack
Italian-made spyware Dante linked to Chrome zero-day exploitation campaign
Jaguar Land Rover (JLR) cyber attack impact 'could last for six months' as small firms hit hard
Jaguar Land Rover (JLR) cyber attack impact 'may last for six months'
Jersey Financial Services Commission (JFSC) avoids fine after data breach impacting nearly 67k people
Kaspersky links spyware attack to Hacking Team successor
LastPass warns of a new phishing campaign involving death certificates and a nefarious email that demands you reply to it if you're not dead
Lawsuit against New York Police Department (NYPD) alleges its surveillance system is unconstitutional
LG Uplus is latest South Korean telco to confirm cybersecurity incident
Managing legacy medical devices that can no longer be patched
Marina Bay Sands fined S$315,000 for 2023 data breach
Marina Bay Sands fined $315,000 over 2023 data breach involving over 600k visitors
Marina Bay Sands fined over major 2023 data breach
Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins
Massive Data Breach at Kenyan Health Platform M-TIBA; Sensitive Medical and Personal Data of 4.8 Million Users Reportedly for Sale
Massive Data Breach Hits M-Tiba: Millions of Kenyan Health Records Allegedly Exposed
Massive Data Breach Hits Safaricom-Backed M-TIBA, Exposing Millions of Kenyan Patients’ Records
Massive risk: 92% of Exchange servers in Germany unprotected after Microsoft support ends
Mexican Bank Debtor Database Leaked on Dark Web
Microsoft Teams will snitch your location in the office to your boss
Millions of Gmail passwords exposed in massive data breach, experts urge users to act immediately
More Than 10 Million Patients Affected by Conduent Business Solutions Data Breach
Multibillion-dollar bitcoin bridge called out for helping North Koreans launder stolen funds
Nation-State Cyber Ecosystems Weakened by Sanctions, Report Reveals
New Android malware mimics human typing to evade detection, steal money
New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human
New Atroposia malware comes with a local vulnerability scanner
New Counter Ransomware Initiative (CRI) guidance calls on organizations to tighten cyber hygiene, risk assessments across supply chains
New Gamaredon Phishing Attack Targeting Govt Entities Exploiting WinRAR Vulnerability
New Herodotus Android malware fakes human typing to avoid detection
New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves
New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding
No one pays ransomware demands anymore - so attackers have a new goal
Oracle EBS zero-day attacks claim Emerson, Schneider Electric as victims
Organizations That Delay Responding to Email Breaches are 79% More Likely to Suffer a Ransomware Hit
Over 183 million Gmail users issued urgent warning after password data breach
People's Postcode Lottery suffers data breach exposing players' personal details
Premera Members’ Personal Information Exposed in Conduent Data Breach
Proof-of-Concept (PoC) code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)
Qilin claims large pharmacy benefit manager MedImpact
Qilin ransomware abuses Windows Subsystem for Linux (WSL) to run Linux encryptors in Windows
Qilin Ransomware Claims Another Health Provider, MedImpact Healthcare Systems Targeted in Cyberattack
Qilin Ransomware Targets Windows with Linux-Based Payload
Qilin uses Linux ransomware to evade Windows defenses
Ransomware attacks jumped 28% in September
Ransomware Hackers Look for New Tactics Amid Falling Profits
Ransomware in the healthcare sector: Extortion at all-time high, ransom demands down, stress among teams
Ransomware payments hit record low: only 23% Pay in Q3 2025
Ransomware Profits Plunge to 23% as Victims Shun Payments in 2025
Ravin Academy confirms data breach
RedTiger Malware Steals Data, Discord Tokens and Even Webcam Images
Researchers Expose GhostCall and GhostHire: BlueNoroff's New Malware Chains
Researchers warn of Qilin ransomware gang after group hit hundreds of orgs this year
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
Sinobi ransomware targets Cavalry Consulting
Surprised, Not Surprised, Ransomware Attacks Have Ticked Up
Svenska kraftnät investigates data breach linked to Everest ransomware group
Sweden power grid confirms cyberattack, ransomware suspected
Swedish Power Grid Operator Confirms Data Breach Following Everest Ransomware Gang Claim
Swedish power grid operator confirms it was hit by hacker attack
SymbolTransport Data Breach Exposes Source Code and Databases
Tata Motors confirms it fixed security flaws, which exposed company and customer data
TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs
The end of ransomware? Report claims the number of firms paying up is plummeting
Treasure Coast Hospice Reports Data Breach Affecting Staff Information
UK: Defense Ministry data breach could have led to the deaths of at least 49 Afghans
UN’s First Global Cybercrime Treaty Sparks Debate Over Privacy and Surveillance
US Cities Halt Automated License Plate Reader (ALPR) Cameras Due to Privacy Concerns as Municipalities Re-evaluate Surveillance Technology
Warning to every Gmail user in Ireland as passwords exposed in massive data breach
Western Australia law firm confirms cyber attack following Anubis ransomware claims
Western Sydney University suffers data breach, again
When Security Is a Matter of Life and Death: The UK Afghan Data Leak
27th October
72 states sign first global UN Convention against Cybercrime
183 Million Email Accounts Breached: Is Yours Affected?
183 Million Gmail accounts leaked in latest online data breach - are you affected?
AI writes code like a junior developer, and security is feeling it
Artificial intelligence fuelling cyber frauds on SMEs
Beware fake credit card account restriction scams
Bristol Student Union data breach saw society instructors' private information accessible
Bug enables researchers to access F1 race drivers’ information via FIA portal
ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands
‘ChatGPT Tainted Memories’ Exploit Enables Command Injection in Atlas Browser
Chiapas Health Secretariat Data Breach Hits State Agency
China-Linked ‘Smishing Triad’ Exploits 194,000 Domains In Global Phishing Campaign
Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group
CISA orders feds to patch Windows Server WSUS flaw used in attacks
CISA releases warning about Windows Server Update Service bug, orders agencies to patch
Cities reverse course on automated license plate reader cameras amid privacy concerns
City of Gloversville hit by ransomware attack
Co-op 'told staff to boost vape promotion' in revelation after cyber attack
Crafted URLs can trick OpenAI Atlas into running dangerous commands
Critical WordPress Plugin Bugs Exploited En Masse
Cross-platform ransomware: Qilin weaponizes Linux binaries against Windows hosts
CrowdStrike warns AI-driven ransomware outpacing legacy defenses
Crypto24 Ransomware Hits Bayu Buana Travel and Meinhardt Group
Cyberattack on Jaguar Land Rover Costs Company £1.9 Billion
Cybersecurity executive charged with stealing and selling trade secrets to Russia
Cybersecurity grapples with acute skill gap as threats increase
Cyble warns of sharp rise in ransomware incidents
DDoS, data theft, and malware are storming the gaming industry
Dimarco Group LLC Data Breach Affects 9 in Massachusetts
DomeWatch Leak Exposed Personal Data of Capitol Hill Applicants
Dozens of Afghans say colleagues, relatives killed after UK data breach
Dublin Airport Data Breach Hits 1.5 Million Passengers
Europol Warns of Rising Threat From Caller ID Spoofing Attacks
ForumTroll APT Campaign Deploys the Dante Next-Gen Commercial Spyware in Russia, Belarus
GCash: No evidence of data breach
GCash assures systems secure amidst alleged data breach
GCash denies 8-million user data breach, even as National Privacy Commission (NPC) launches investigation
GCash denies data breach as privacy commission starts probe
GCash denies data breach claims, assures users of security
GCash finds no evidence of data breach, assures users
GCash says no data breach; Privacy watchdog launches probe, urges vigilance
GCash says no data breach found, systems remain secure
Gerar data breach exposes over 500 GB of youth records
Gloversville hit by ransomware attack, paid ransom
Gmail Data Breach: 183 Million Accounts Compromised - Infostealer Malware Behind Massive Leak
Gmail Data Breach Exposes 183 Million Passwords
Gmail Data Breach Exposes 183 Million Passwords Worldwide
Gmail data breach hits 183 Million Accounts
Gmail Passwords Confirmed As Part Of 183 Million Account Data Leak
Gmail users put on red alert after millions of passwords stolen in huge data breach
Gmail warning as millions of passwords stolen in huge data breach
Gmail warning issued as millions of passwords stolen in data breach
Google disputes false claims of massive Gmail data breach
Google issues statement after reports of Gmail 'data breach' affecting 183 million users
Hackers exploiting Windows updates: Microsoft urges users to patch
HEZI RASH Claims DDoS Attack on Iraqi Electoral Commission Website
HSBC USA data breach exposes client transactions, hackers claim
Investigation launched after Dublin airport passenger data published online in Collins Aerospace data breach
Iran's school for cyberspies could've used a few more lessons in preventing breaches
Iranian Intel-Linked Cybersecurity School Hit by Data Breach
Israeli IT Firm Sensory Hit by Major Data Extortion Attack
Italian spyware vendor linked to Chrome zero-day attacks
Italian-made spyware spotted in breaches of Russian, Belarusian systems
Journalists outline Ministry of Defence (MOD) secrecy in Afghan data breach
Landmark data breach penalty a warning to Australian businesses, with more penalties expected
LastPass ‘digital will’ phishing attack uses fake death certificate emails
Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD
LockBit 5.0 expands targeting amid ransomware escalation
LockBit ransomware reemerges after 2024 takedown
M-TIBA Data Breach Exposes Kenyan Healthcare Platform Data
Major Gmail data breach as 183 million users 'compromised'
Marina Bay Sands fined US$243k over 2023 data breach involving 665,000 clients
Marks & Spencer Cuts Ties With Tata Consultancy Services Amid £300m Cyber Attack Fallout
Marks & Spencer (M&S) ditches IT service desk tie up with Tata Consultancy Services (TCS) following high profile cyber attack on UK retailer
Marks & Spencer ends contract with IT service desk Tata Consultancy Services (TCS) months after cyberattack
Marks & Spencer (M&S) ends IT contract with Tata Consultancy Services (TCS) following £300m cyber-attack
Massive China-Linked Smishing Campaign Leveraged 194,000 Domains
Microsoft Copilot Studio agents exploited in new phishing campaign
Millions of Gmail passwords stolen in massive data breach
Millions of passengers possibly affected by cyber breach at Dublin Airport supplier
Muji Online Stores Taken Offline After Ransomware Attack on Logistics Partner Askul
Netherlands Software Firm Irias Suffers Source Code Data Breach
New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands
New corporate espionage claims emerge, centered on two highly valued 401(k) admin startups
New HyperRat Android Malware Sold as Ready-Made Spy Tool
'Not due to cyber attack': Tata Consultancy Services (TCS) dismisses UK media report; reveals why Marks & Spencer didn't renew contract
Over a million airline records stolen in Everest group hack
PayPal Warns Consumers About Rising Phishing Scams This Cybersecurity Month
Phishing emails target LastPass users
Phishing scam uses fake death notices to trick LastPass users
QBE predicts 40% rise in ransomware incidents by 2026
Qilin Ransomware Combines Linux Payload With Bring Your Own Vulnerable Driver (BYOVD) Exploit in Hybrid Attack
Qilin ransomware escalates rapidly in 2025, targeting critical sectors with 700 attacks amid RansomHub shutdown
Qilin Ransomware Exploits MSPaint and Notepad to Find Sensitive Information
Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files
Qilin Ransomware Gang Claims Attack on City of Sugar Land, 800GB Allegedly Leaked
Qilin Ransomware Group Publishes Over 40 Cases Monthly
Qilin Ransomware Group’s TTPs Examined by Researchers
Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information
Qilin Ransomware’s Evolving Attack Methods Include Leveraging VPN Credentials Exposed on the Dark Web
Qilin Targets Windows Hosts With Linux-Based Ransomware
QNAP warns of critical ASP.NET flaw in its Windows backup software
Ransomware Group Everest Takes Credit for Collins Aerospace Breach
Ransomware Payments Dropped in Q3 2025
Ransomware profits drop as victims stop paying hackers
Ransomware, extortion groups adapt as payment rates reach historic lows
RIBridges Data Breach Affects 650,000 Individuals
Rising brute-force attacks signal looming ransomware threats, experts warn
Royal Thai Army Enlistment Portal Data Breach
Russian hackers claim Dublin airport hack
South Africa Faces Surge in Cyber Attacks, Leads Africa in Reported Incidents
Sweden’s Power Grid Operator Admits Data Breach Linked to Everest Ransomware Gang
Sweden’s power grid operator confirms data breach claimed by ransomware gang
Tata Consultancy Services Refutes Losing Marks & Spencer (M&S) Contract After Cyber-Attack
Thailand’s Department of Agricultural Extension (DOAE) Data Breach
The Philippines: National Privacy Commission (NPC) probes alleged GCash data breach; e-wallet denies leak
The Philippines: National Privacy Commission (NPC) probes alleged GCash data breach; firm says systems remain secure
Three Factors Determine Whether a Ransomware Group is Successful
Travere Therapeutics Data Breach Exposes Social Security Numbers
Turkiye: 6 arrested in Istanbul data breach probe linked to app
UK Fraud Cases Surge 17% Annually
UK issues safeguards against supply chain ransomware attacks
Urgent warning to Gmail users as 183 MILLION passwords are stolen in data breach - here's how to check if your account is affected
US declines to join more than 70 countries in signing UN cybercrime treaty
US Secret Service Cracks Down on Payment Card Fraud, Removes 22 Card Skimmers in Maryland Operation
Vibra Hospital Data Breach: Employee Emails Hacked
Whisper 2FA: The New Phishing Tool That Steals Microsoft 365 Credentials
Why ransomware group names don’t matter for defense
Xortec reportedly targeted by Safepay ransomware group
Your logins could be among 180 Million just added to Have I Been Pwned - how to check for free
