Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organizations have raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks are at their highest ever recorded, and 2026 has the potential to be even worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. On a lighter note, I'd like to take this opportunity to wish you all a very Merry Christmas and all the best for the New Year. Thanks again for all your support. Stay safe. :)
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 3rd November and 9th November 2025.9th November
10 million people had their data leaked. Here's how Texans were hit
Antigo Construction Data Breach Affects PII & PHI
Dangerous runC flaws could allow hackers to escape Docker containers
Data breach at Chinese infosec firm reveals cyber-weapons and target list
Denmark investigates security issue in Chinese electric buses
Eleven Drainer: Analyzing the New Phishing Gang Targeting Crypto Wallet Users
Hyundai AutoEver America Data Breach Exposes Sensitive Customer Information
LGAA LLC Data Breach Affects 18 U.S. Residents
New Crypto Phishing Gang Is Targeting Wallet Users and Stealing Millions
Philippine retailers among most targeted by ransomware
Someone in UK has their identity stolen every two minutes, new report warns
The UK’s digital frontier under siege
Washington Post Falls Victim to Oracle-Linked Data Breach
8th November
AI is accelerating ransomware attacks across Europe
Android built-in security features won’t protect from stalkerware, Electronic Frontier Foundation (EFF) warns
Cybercrime Evolves, Defenders Adapt: AI, Insider Threats, and Cross-Border Raids Redraw the Arena
Data Breach Affects Wisconsin Department Of Corrections
GlassWorm malware returns on OpenVSX with 3 new VSCode extensions
Historic West Point hotel hack exposed over 33K individuals
Microsoft Teams “Chat with Anyone” Feature Raises Security Concerns Over Phishing Risks
Microsoft Uncovers 'Whisper Leak' Attack That Identifies AI Chat Topics in Encrypted Traffic
Microsoft’s “Chat with Anyone” Tool Raises Malware Risk, Analysts Say
Most common passwords of 2025
National Cyber Crime Investigation Agency (NCCIA) arrests man over massive data breach involving millions of Pakistanis
New Microsoft Teams Feature Exposes Users to Phishing and Malware Risks
Radware: Bad Actors Spoofing AI Agents to Bypass Malicious Bot Defenses
Ransomware plea puts Russian at risk of 53 years, $9.2M restitution
Threat Actors Leveraging RDP Credentials to Deploy Cephalus Ransomware
Wakefield & Associates Data Breach Exposes Social Security Numbers
7th November
17 Trojanized NPM Packages Deliver Vidar Infostealer Malware in New Campaign
AI Accelerating Ransomware Attacks Across Europe
AI Malware Detected in the Wild as Threats Evolve
AI takes the call: UK launches major crackdown on phone spoofing scams
Are You Safe From Phishing Scams? Understanding The Hidden Threat Behind Crypto Scams
Attackers upgrade ClickFix with tricks used by online stores
Auckland City FC plagued by social media cyber attack
Auckland City FC social pages compromised in cyberattack
Australians Lag In Cybersecurity As Phishing Surges
Australians warned over AI-driven scams ahead of Christmas sales
Beware the 'Hi, how are you?' text. It's a scam - here's how it works
Bridging the Divide: Actionable Strategies to Secure Your SaaS Environments
Casino cybersecurity in the UK: How online gambling operators can stay protected
Cavalry Werewolf attack targets Russian government organization
Cavalry Werewolf Targets Government Networks, Deploys Backdoor for Access
Central Jersey Medical Center (CJMC) Data Breach Affects Thousands: Full Details Revealed
Chase Affiliated Companies Data Breach Affects 979 in Texas Alone
Cisco: Actively exploited firewall flaws now abused for DoS attacks
Cisco Issues Critical Warning Over New Unified Contact Center Express Vulnerabilities
Congressional Budget Office confirms it was hacked
Congressional Budget Office implementing new security controls following cyberattack
Critical CVE-2025-12779 Vulnerability Exposes Amazon WorkSpaces for Linux Users to Token Theft
Cyber Breach Exposes U.S. Congress Financial Research Agency
Data breach at the Congressional Budget Office after Cyber Attack
Data Breach Exposes Massachusetts Prisoners’ Legal Services (PLS)
Dealmed Medical Supplies Data Breach: 105.89 GB of Data Compromised
Doctor Alliance Hit by Ransomware Attack and Data Breach
Double-dealing: employees of a company that resolved ransomware attacks were launching them themselves
Dutch broadcaster RTV Noord hacked: Rhysida ransomware suspected after media attacks
Ed-Tech Company Reaches Settlement Over Data Breach
Education technology company to pay $5.1 Million after massive student data breach
Enterprise Credentials at Risk - Same Old, Same Old?
ESET Brand Exploited in Phishing Campaign Against Ukrainian Entities
Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code
Fleet Landing Data Breach Affects 7,509 Individuals
From Log4j to IIS, China's Hackers Turn Legacy Bugs into Global Espionage Tools
Google Launches New Maps Feature to Help Businesses Report Review-Based Extortion Attempts
Hackers invade University of Pennsylvania servers to expose wealthy donor info
Hidden Logic Bombs in Malware-Laced NuGet Packages Set to Detonate Years After Installation
Hospitals are running out of excuses for weak cyber hygiene
Hotel’s Compromised Booking.com Account Sparks Phishing Campaign Against Travelers
How the Tech Industry Got Identity Wrong
How to trade your $214,000 cybersecurity job for a jail cell
Hyundai’s Cyber Siege: 2.7 Million Kia Owners Caught in Data Breach Crossfire
“I Paid Twice” Scam Infects Booking.com Users with PureRAT via ClickFix
ID verification laws are fueling the next wave of breaches
Illuminate Education fined $5.1 million over security failures that exposed student data
Influence of Chinese Hacker Organizations on U.S. Foreign Policy
Iranian Payment System Shaparak Suffers Major Data Breach
Italian Political Consultant Francesco Nicodemo Targeted with Paragon Spyware
Lack of scrutiny exposed as fake Hyperliquid app pops up on Google Play Store
‘Landfall’ spyware abused zero-day to hack Samsung Galaxy phones
Lawsuits Mount Over 10.5 Million-Record Conduent Data Breach
Luxury Escapes Data Breach Exposes User and Payment Data
Mack Energy Discloses Data Breach Following Ransomware Attack
Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so developers beware
Malicious NuGet packages drop disruptive 'time bombs'
Meritage Hospitality Data Breach Exposes SSNs
Meta is making a fortune on fraudulent ads, internal documents show
Mountain West Data Breach Impacts Extensive Client Info
Nevada ransomware attack traced back to malware download by employee
New Analysis Reveals LockBit 5.0’s Core Features and Dual-Stage Attack Model
New ClickFix Campaign Uses Malicious Videos to Make Users Infect Themselves
New LandFall spyware exploited Samsung zero-day via WhatsApp messages
New Phishing Campaign Targeting Ukrainian Entities Uses ESET Brand as Cover
New Phishing Campaign Targets Travelers via Compromised Hotel Booking.com Accounts
Newly identified Android spyware appears to be from a commercial vendor
Nitrogen ransomware: From staged loader to full-scale extortion
Old privacy laws create new risks for businesses
Oracle Breach Storm: Clop’s Hack Hits Washington Post
Phishing Attacks on Ukraine: Trojanized ESET Installers Deploy Kalambur Backdoor
Phishing Threats Prompt Call for Wider Adoption of Passkeys
Police arrest nine suspects for running money laundering operation
Privacy tech on trial: Samourai Wallet founder hit with max prison term
QBE Insurance Group warns of escalating ransomware risk and pressure on cyber insurance portfolios
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
'Ransomvibing' Infests Visual Studio Extension Market
Ransomware forces majority of retailers to settle with attackers
Rex-Hide Inc. Manufacturing Hit by Qilin Ransomware
Rhysida ransomware gang leaks nearly 2TB of data from U.S. manufacturer Gemini Group
Rhysida spills purportedly stolen Gemini Group data
Rockstar lays off dozens of employees due to leaking corporate information, or so it claims
Russian Hacking Group Sandworm Deploys New Wiper Malware in Ukraine
Russian national pleads guilty to breaking into networks for Yanluowang ransomware attacks
Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp
Scammers to get a minimum of six lashings in Singapore
Simulating Cyberattacks to Strengthen Defenses for Smart Buildings
Software supply chain attacks surge, as ransomware groups escalate and industrial sectors face more exposure
Some patients of OB-GYN Associates affected by data breach
Travelers hit with phishing attacks from compromised hotel accounts
Trojanized ESET Installers Launch Kalambur Backdoor in Ukraine Phishing Attacks
Trucking Cybersecurity: Protecting Fleets from Ransomware & Data Breaches
University of Pennsylvania Confirms Cyberattack and Data Theft Following Social Engineering Breach
University of Pennsylvania Data Breach Exposes 1.2 Million Records of Personal Information of Students, Alumni and Donors
Up to 2.7 million Hyundai and Kia owners at risk after massive data breach - drivers licenses, SSNs and more exposed
Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Vibe-coded ransomware proof-of-concept ended up on Microsoft’s marketplace
Washington Post Confirms Oracle E-Business Suite Data Breach, Cl0p Ransomware Claims the Attack
Washington Post says it is among victims of cyber breach tied to Oracle software
What keeps phishing training from fading over time
Why the removal of MIT's "jaw-droppingly bad" AI paper is a lesson for us all
6th November
7 Low-Cost Strategies for Ransomware Prevention in Healthcare
58% of retailers hit by ransomware end up paying
Account Takeover: What Is It and How to Fight It
AI-Enabled Malware Now Actively Deployed, Says Google
AI-Slop ransomware test sneaks on to VS Code marketplace
Apache OpenOffice under ransomware attack, but the foundation disputes
Armed Forces of the Philippines (AFP) denies cyber attack claims
Attackers drop terrabytes of US manufacturing giant’s data
Australia sanctions North Korean hacking groups over $1.9 billion crypto theft
Automotive IT Firm Hyundai AutoEver Discloses Data Breach
Cambodian Phishing Gang Embezzles 19.4 Billion Won, 54 Arrested
Cavalry Werewolf Hit Russian Government with New ShellNET Backdoor
Chrome Emergency Update to Patch Multiple Vulnerabilities that Enable Remote Code Execution
Cisco fixes critical UCCX flaws, patch ASAP! (CVE-2025-20358, CVE-2025-20354)
Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362
Claude Desktop users in danger: any question can lead to complete compromise
ClickFix malware attacks evolve with multi-OS support, video tutorials
Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild
Cl0p Ransomware Claims Data Breach of Swiss Tech Giant Logitech
Clop Ransomware group claims the breach of The Washington Post
Comparitech reports ransomware surges 25% in October, hitting manufacturers, healthcare, transportation
Critical Bug in Midnight Ransomware Tool Unlocks File Recovery
Critical Cisco UCCX flaw lets attackers run commands as root
Crypto Heist: Balancers Lost $128 Million in 2025’s Biggest Cyber Attack
Cyberattacks against public applications are increasing
Data breach blows cover on Iran’s elite hacker academy
Data breach disclosed by University of Pennsylvania
DragonForce reemerges as Conti-linked ransomware cartel, aligning with Scattered Spider in global attacks
Educational technology company fined $5.1 million for poor data security practices leading to hack
Employee info compromised after Nikkei data breach
Enterprises are losing track of the devices inside their networks
EU Parliament committee votes to advance controversial Europol data sharing proposal
Everest Ransomware Group Interview on Collins Aerospace Breach
Federally Qualified Health Center Reports Ransomware Breach
Germany says 18 arrested after probe of online fraud involving payment providers
Google Forecasts Rise of Cyber-Physical Attacks Targeting Europe in 2026
Google Issues Emergency Chrome 142 Update to Fix Multiple High-Risk Vulnerabilities
Google spots malware in the wild that morphs mid-attack, thanks to AI
Google Warns of New PROMPTFLUX Malware Using Gemini API to Rewrite Its Own Source Code
Gootloader malware back for the attack, serves up ransomware
Gootloader malware returns with fake NDA scam - here's what we know
Hackers breach Russia’s Radon nuclear waste plant, claim to steal entire database
Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection
Hacktivist-Driven DDoS Dominates Attacks on Public Sector
How a Hacker Group Spread Dangerous Malware Through 3,000+ YouTube Videos
How a ransomware gang encrypted Nevada government's systems
How the channel weakened ransomware’s grip
Humans built the problem, AI just scaled it
Hyundai AutoEver America data breach exposes social security numbers and driver’s licenses
Hyundai AutoEver Confirms Data Breach Exposing Personal Data, Including SSNs and License Info
Hyundai AutoEver Confirms Data Breach Exposing Users’ Personal Information and SSNs
Hyundai AutoEver Confirms Data Breach Exposing Users’ SSNs and Driver’s License Details
Hyundai IT services breach potentially impacts 2.7 million Hyundai, Kia owners
“I Paid Twice” Phishing Campaign Targets Booking.com
IBEW Local 697 Data Breach Exposes Social Security Numbers
ING Bank Data Breach Allegedly Impacts 21,000 Records, Company Attributes It to External Source
iPhone thieves are using this trick to unlock devices: beware of fake “Find My” messages
Is your business ready for a deepfake attack? 4 steps to take before it's too late
Italian communications executive reveals he was targeted with Paragon spyware
Italian political consultant says he was targeted with Paragon spyware
JFrog Uncovers Severe React Vulnerability Threat to Software Supply Chains
Korean Telecom (KT) accused of concealing major malware infection, faces probe over customer data breach
List of AI Tools Promoted by Threat Actors in Underground Forums and Their Capabilities
LockBit 5.0 Resurfaces: Faster Encryption and Randomized Extensions, Hackers Say in Interview They See Themselves as Penetration Testers
Marks & Spencer (M&S) reveals massive financial hit from cyber attack
Meta estimates that it earns 10% of its revenue from scams, report says
Midnight Ransomware Decrypter Flaws Opens the Door to File Recovery
More than 50% of retailers hit by ransomware pay the ransom
Multi-Turn Attacks Expose Weaknesses in Open-Weight LLM Models
Nearly 40% of 2024 ransomware payouts may have gone to Russia, China, North Korea
Nevada breached months before ransomware attack discovery
Nevada government declined to pay ransom, says cyberattack traced to breach in May
Nevada state employee installed ‘malware-laced’ sys admin tool, spurring ransomware attack
New ChatGPT Vulnerabilities Let Hackers Steal Data, Hijack Memory
New Gootloader attacks drop Supper SOCKS5 backdoor
New York Fiber Laser Expert Convicted of Stealing Trade Secrets for China in Economic Espionage Case
NightSpire Ransomware Hits Brihta, Vrata Tech, and Speedmais
Nikkei data breach exposes information of 17,000 staff and partners
Novel Midnight ransomware decrypted
OB-GYN Associates warns of data breach
Qilin claims massive Habib Bank AG Zurich breach
Qilin Ransomware gang steals 2.5TB data from Swiss Bank
Ransomware negotiators accused of pulling off ransomware attacks
Researchers Find Midnight Ransomware Decrypter Flaws That Allow File Retrieval
Researchers warn freelancers and recruiters about rising North Korea IT worker scams
Retailers are learning to say no to ransom demands
Retailers hit by ransomware face higher USD $2 million demands
Retailers succumb to ransomware demands
Russia-linked hackers intensify attacks as global APT activity shifts
Russia’s Sandworm hackers deploying wipers against Ukraine’s grain industry
Sandworm hackers use data wipers to disrupt Ukraine's grain sector
Scattered Spider, LAPSUS$, and ShinyHunters form extortion alliance
Shiba Inu Warns Hacker: Final 25 Ethereum (ETH) Bounty or Lose Everything Forever
SonicWall blames state hackers for damaging data breach
SonicWall cloud backup hack was the work of a state actor
SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach
State-sponsored hackers named as culprits in SonicWall cyber hit
Sydney Centre for Ear, Nose & Throat warns patients of potential email data breach
The Silent Insider Threat: When Employees Undermine Cybersecurity Messaging
Threat Actors Exploit VS Code Extensions for Ransomware via GitHub C2
Threat actors manipulating AI to “enhance all stages” of malicious attacks
Threat Actors May Abuse VS Code Extensions to Deploy Ransomware and Use GitHub as C2 Server
Trial of two Greek Cypriots continues in occupied north over data breach claims
Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
U.S. Congressional Budget Office hit by suspected foreign cyberattack
VS Code Extensions Hijacked to Spread Ransomware, Use GitHub for Command-and-Control
Washington Post is latest victim of Oracle-hacking Cl0p gang
“We will sell your data:” Spanish top radio station held hostage by Russian hackers
5th November
10 Things We Learned from the Sophos State of Ransomware in Retail 2025
18 arrested in €300 million global credit card fraud scheme
$690 Million Crypto Scam Network Dismantled in Multi-Country Operation, Nine Suspects Arrested
AI can flag the risk, but only humans can close the loop
Apache OpenOffice Rejects Akira Ransomware Data Breach Claims
Apache Software Foundation denies Akira ransomware breach claims
Attack Techniques of Tycoon 2FA Phishing Kit Targeting Microsoft 365 and Gmail Accounts Detailed
Attackers breach nuclear waste plant, allegedly stealing its entire database
Balancer Hack Exposes $116 Million Smart Contract Vulnerability
California tightens data breach notification timelines, imposes 30-day notice requirement
China sentences 5 Myanmar scam kingpins to death
CISA Adds Gladinet and Control Web Panel (CWP) Flaws to Known Exploited Vulnerabilities (KEV) Catalog Amid Active Exploitation Evidence
CISA warns of critical CentOS Web Panel bug exploited in attacks
Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection
Connected homes: Is bystander privacy anyone’s responsibility?
Credentials and Misconfigurations Behind Most Cloud Breaches
Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
Crooks now using AI to generate convincing pharmaceutical scams
Curly COMrades Hacker Group Deploys New Tools for Stealthy Remote Access on Compromised Windows 10 Systems
Cyber attack HALVED Marks & Spencers’ profits causing a whopping £324million in lost sales
Cyber attack more than halved Marks & Spencer (M&S) first half profits
Cyber attack update: Nevada officials refused ransom, says 90% of data recovered
Cyberattack ate up profits for first half of year, retailer Marks & Spencer (M&S) says
Cybercriminals collect ransom from 58% of retailers hit by ransomware
Cybersecurity experts warn of rising AI-generated phishing scams targeting all ages
Cybersecurity Leaders Much More Concerned About AI Generated Code
Cybersecurity Professionals Charged for Deploying ALPHV BlackCat Ransomware Against US Companies
Data Broker Report Finds EU Officials’ Location Data for Sale, Characterized as a ‘Priority Security Threat’
Did your logins just get leaked? How to check online for free (and what to do next)
‘Dirty little secret:’ many anti-fraud apps fall short
DragonForce Cartel Surfaces from Leaked Conti v3 Ransomware Source Code
Europe police bust global fraud ring that used German payment firms to launder millions
Former Security Professionals Charged for Using ALPHV Ransomware in Attacks Against U.S. Companies
Full brunt of Marks & Spencer (M&S) cyber-attack becomes clear
Google says 2026 will be the year AI supercharges cybercrime
Google uncovers malware using LLMs to operate and evade detection
Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
Google warns of new AI-powered malware families deployed in the wild
Gootloader malware is back with new tricks after 7-month break
Guess who’s getting rich off ransomware? The usual suspects
Hackers Steal Personal Data and 17K Slack Messages in Nikkei Data Breach
Hackers Targeting Freight Operators to Steal Cargo
How Does Ransomware Work? The Complete Attack Chain Explained
Hundreds of Malware-Laden Apps Downloaded 41 Million Times From Google Play
Hyundai AutoEver America data breach exposes SSNs, drivers licenses
Il Manifesto data leak exposes readers’ activity and email addresses
IMY Probes Miljödata Cyber Attack Affecting 1.5 Million People
In an AI World, Every Attack is a Social Engineering Attack
India and Israel Sign Memorandum of Understanding (MoU) to Strengthen Defense and Cybersecurity Cooperation
Iran-linked Threat Group Claims Breach of Israeli Defense Contractor’s Security Cameras
Japanese media giant Nikkei reports Slack breach exposing employee and partner records
Marks & Spencer (M&S): Astonishing cost of cyber attack is revealed in half-year report
Marks & Spencer confirms cyber attack hit to profits
Marks & Spencer (M&S) cyberattack cost £136m but retailer ‘regaining momentum’
Marks & Spencer (M&S) cyberattack post-mortem: low half-year profits continue to haunt the business
Marks & Spencer (M&S) ‘getting back on track’ after cyber attack impacts profit
Marks & Spencer (M&S) interim profits drop 55% as it takes £136m hit from cyber attack
Marks & Spencer (M&S) profits cut by more than half as cyber attack impact revealed
Marks & Spencer (M&S) profits dive after cyber attack but cost is LESS than forecast
Marks & Spencer (M&S) profits halved after cyber-attack
Marks & Spencer profits more than halve after cyber-attack
Marks & Spencer (M&S) profits plunge after costly cyber attack
Marks & Spencer (M&S) profits plunge by more than half after major cyber attack
Marks & Spencer (M&S) profits tank as supermarket reveals cost of its cyber attack
Marks & Spencer (M&S) reveals cost of cyber attack as profit almost wiped out
Marks & Spencer (M&S) reveals huge cost of cyber attack
Marks & Spencer (M&S) reveals real cost of cyber attack that left supermarket giant's shelves empty
Marks & Spencer steadies the ship after cyber attack. But questions linger over recovery pace
Marks & Spencer (M&S) takes €154m profit hit from cyber attack
Microsoft Teams Flaws Allowed Attackers to Fake Identities, Rewrite Chats
Microsoft Teams Flaws Allowed Message Editing and Caller ID Spoofing
Microsoft Teams Flaws Let Hackers Impersonate Executives
Mt. Baker Imaging notifies patients of data breach 10 months after incident
Mysterious 'SmudgedSerpent' Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions
Nevada: State says no ransom paid in cyber attack
Nevada ransomware attack started months before it was discovered
New malware uses AI to adapt during attacks
Nikkei hackers gain access via employee Slack account, 17K+ chat histories leaked
‘No ransom was paid’ during Nevada state cyber attack, systems infiltrated as early as May
Norton Crack Midnight Ransomware, Release Free Decryptor
Organizations Are Too Confident in Their Cyber Resiliency
Poland’s SuperGrosz loan platform hacked: Massive data breach exposes sensitive personal information
Police bust massive stolen card network worth $340 million
Police busts credit card fraud rings with 4.3 million victims
Profits tumble at Marks & Spencer (M&S) in wake of cyber attack - firm now getting back on track “after extraordinary moment in time”
Report IDs Source of Nevada Cyber Attack, Looks Ahead
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Russia-linked 'Curly COMrades' turn to malicious virtual machines for digital spy campaigns
Russian hackers sneak a full Linux virtual machine inside Windows to run undetected
Scattered LAPSUS$ Hunters Emerges as New Extortion-as-a-Service Cybercriminal Alliance
Security Experts Charged with Launching BlackCat Ransomware Attacks
Security Professionals Charged for Using BlackCat Ransomware Against American Businesses
Severe React Native Flaw Exposes Developer Systems to Remote Attacks
SMS Fraud Losses Set to Decline 11% in 2026
SonicWall says state-sponsored hackers behind September security breach
South Korea: Aspiring Actor Sentenced for Voice Phishing Cash Collection Role
Swedish IT Company Data Breach Exposes Personal Details of 1.5 Million Users
Swiss bank’s data stolen in cyberattack, hackers claim
Thayer Hotel Data Breach Affected Over 30,000 Individuals
The password for the Louvre’s video surveillance system was “Louvre”
The Serpent in the System: How Threat Actors Turn Legitimate Tools into Weapons
Third-party leak exposes Stanford Health Care staff details, passwords
U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud
UK carriers to block spoofed phone numbers in fraud crackdown
University of Pennsylvania Confirms Data Breach Following Mass Emailing
University of Pennsylvania confirms data stolen in cyberattack
University of Pennsylvania confirms hacker stole data during cyberattack
UNK_SmudgedSerpent Targets Academics With Political Lures
US sanctions North Korean bankers linked to cybercrime, IT worker fraud
Victorian Chemical Company hit by alleged ransomware attack
Vinomofo data breach prompts Office of the Australian Information Commissioner (OAIC) action on privacy safeguards
Well, that is awkward - MIT Sloan forced to withdraw "absolutely ridiculous" paper claiming AI played "significant role" in most ransomware attacks
Why Data Security Is the Key to Transparency in Private Markets
4th November
1.2 Million Individuals’ Data Stolen In University of Pennsylvania Hacking
9 arrested in Europe in operation against fake platforms for crypto investments
11 ways to delete or hide yourself from the internet - and protect your privacy
71% of Data Breaches Impact Small Businesses
2025 Insider Risk Report - The Shift to Predictive Whole-Person Insider Risk Management
68,000 Australians caught up in Discord data breach
A Cybercrime Merger Like No Other - Scattered Spider, LAPSUS$, and ShinyHunters Join Forces
A notorious ransomware group is spreading fake Microsoft Teams ads to snare victims
Akira Ransomware Hits General Micro Systems (GMS) and Palacios Marine Industrial (PMI)
Alleged University of Pennsylvania hackers release donor records, confidential memos following data breach
Allegedly stolen Super Quik data exposed by Play ransomware
ALPHV BlackCat-linked American trio in legal trouble for extorting US businesses
Anatomy of Tycoon 2FA Phishing: Tactics Targeting M365 and Gmail
Apache OpenOffice disputes data breach claims by ransomware gang
Australian businesses are overconfident when it comes to ransomware preparedness
Balancer Hacker Converts Stolen Funds to Ethereum as Stakewise Recovers $21 Million
Balancer Hacker Exposed: AI Debug Logs Reveal $116 Million DeFi Breach
Balancer hacker loses $20 million after StakeWise uses loophole to take back funds
Beverly Hills Oncology Medical Group reports data breach exposing patient information
BlueEast Data Breach Exposes Company Source Code
Breach of Trust: Former Employees of Cybersecurity Companies Indicted for Links to ALPHV BlackCat Ransomware
China Updates Cybersecurity Law to Address AI and Infrastructure Risks
China-Linked Hackers Target Cisco Firewalls in Global Campaign
City of Ottawa says data breach affected some My ServiceOttawa users
Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks
Cyber Defenders Turned Attackers: Inside the BlackCat Indictments
Cyber threats continue to rise: why UK businesses must prioritise cyber resilience
Cybercriminals exploit Remote Monitoring and Management (RMM) tools to steal real-world cargo
Cybercriminals have built a business on YouTube’s blind spots
Cybersecurity experts accused of carrying out their own attacks using dangerous ransomware
Cybersecurity experts charged with running BlackCat ransomware operation
Data breach at major Swedish software supplier impacts 1.5 million
Data breach disclosed by Askul after RansomHouse claims
Data breach for My ServiceOttawa impacts 2,500 users
Data brokers selling location info that can be used to track EU officials, report finds
Data disasters and human error
DeFi Protocol Balancer Loses Over $120 Million in Cyber Heist
Department of Justice (DOJ) indicts DigitalMint and Sygnia employees for orchestrating ransomware attacks
Department of Justice (DOJ) Ransomware Indictment: $1.2 Million Insider Betrayal
Dr. David A. Nover Data Breach Exposes Medical Info & Social Security Numbers
DragonForce Cartel Emerges as Conti-Derived Ransomware Threat
Europe Sees Increase in Ransomware, Extortion Attacks
European authorities dismantle €600 million crypto scam network
Europol and Eurojust Dismantle €600 Million Crypto Fraud Network in Global Sweep
Ex-cybersecurity staffers charged with moonlighting as hackers
Ex‑Incident Response Consultants Indicted in BlackCat Ransomware Attacks
Family-Led Voice Phishing Gang Arrested in Cambodia
Financial services can’t shake security debt
Florida residents lost $118 million to data breach scams in 2024
Former Cyber-Security Employees Accused Of Hacks
Former ransomware negotiators allegedly targeted US firms with ALPHV/BlackCat ransomware
French Police Seize €1.6m Amid Crypto Scam Network Crackdown
Gaps in cyber policy leaving transport and storage firms at risk, new research warns
Genea faces representative complaint over data breach impacting hundreds of IVF patients
Google's AI 'Big Sleep' Finds 5 New Vulnerabilities in Apple's Safari WebKit
Hackers caught hiding malware instructions and data in OpenAI accounts
Hackers exploit critical auth bypass flaw in JobMonster WordPress theme
Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
Health privacy bill seeks protections for data collected by apps, smartwatches
HeiTech Padu Berhad Hit by Devman Ransomware Attack
Houston data breach exposes firefighters’ personal info, union says they’re being blamed
How Phishing Kits Are Evading Detection & Ways to Beat Them
How to prep your company for a passwordless future - in 5 steps
How to protect your information after a data breach
Hyundai AutoEver America Data Breach Exposes Social Security Numbers
Iconic Italian newspaper accidentally exposes its own readers
Identity Is Now the Top Source of Cloud Risk
India: 28-year-old cyber offender arrested from Noida
India: Hackers steal 50,000 CCTV clips from schools, hospitals, sell on porn sites
India: Income Tax Department Warns Taxpayers Against Fake Messages and Phishing Scams
Is spyware hiding on your phone? How to find and remove it - fast
Is your business prepared for these growing phishing scams?
Is your business ransomware ready?
LinkedIn Phishing Scam: Scammers Using This New Trick To Steal Your Credentials, Here's How To Stay Safe
LinkedIn Phishing Scam Targets Finance Leaders with Fake Board Invites
Louvre Heist Exposes Significant Security Flaws, Including an Obvious Surveillance Server Password
Malicious Android apps on Google Play downloaded 42 million times
Media giant Nikkei reports data breach impacting 17,000 people
Microsoft Detects "SesameOp" Backdoor Using OpenAI's API as a Stealth Command Channel
Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed
MIT’s study on AI ransomware shows how fast research can be misleading
More than Half (58%) of Retailers hit by Ransomware Pay the Ransom
More than half of retailers pay up when hit by ransomware
Nation-State Hackers Breach Ribbon Communications’ Network, Company Confirms
New LinkedIn Phishing Campaign Targets Finance Leaders to Steal Microsoft Credentials
NHS National Services Scotland acquires AI anti-ransomware platform
NHS Scotland Invests £3 Million in AI Anti-ransomware Software
North Korean hackers deploy new HttpTroy malware disguised as VPN invoice in targeted South Korea attack
Oglethorpe, Inc. Confirms Data Breach Affecting Over 90,000 Individuals
Open-Source Security Tool AdaptixC2 Fueling Ransomware Attacks
OpenAI Assistants API Exploited in 'SesameOp' Backdoor
Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors
Phone location data of top EU officials for sale, report finds
Police arrest suspects linked to €600 million crypto fraud ring
Polish loan platform hacked; mobile payment system and other businesses disrupted
Pregnant Police Service of Northern Ireland (PSNI) officer feared dissident republicans would attack home after data breach
Qilin Group Takes Credit for Malibu Boats Australia Cyber Breach
Ransomware and state threats surge in Europe
Ransomware attack exposes personal and health data at Sedgebrook senior living community
Ransomware Scandal Unfolds - Cyber Experts Accused Of Hacking Firms Across Four States, Demanding Crypto Payouts
Ransomware Surge and AI-Driven Threats Reshape Europe’s Cybersecurity Landscape
Report on AI-driven ransomware gave misleading picture
Retailers trace ransomware incidents to unknown security gaps as demands and payments rise
Rhysida gang now malvertising to people on Teams, Zoom, and PuTTy
Russia: FSUE RADON Database Leaked
Russian hackers abuse Hyper-V to hide malware in Linux VMs
Scattered Spider, ShinyHunters and LAPSUS$ Form Unified Collective
SesameOp Backdoor Abused OpenAI Assistants API for Remote Access
Software Supply Chain Attacks Set Records in October
Sophos Report Finds More than Half (58%) of Retailers hit by Ransomware Pay the Ransom
South Gloucestershire Council accidentally publishes hundreds of residents' personal details
South Korea: State mediation panel advises SK Telecom pay $208 per complainant over data breach
Space Bears Ransomware Hits DOVERN Import and Rios Espinosa
Stolen Police Logins Raise Flock Safety Surveillance Camera Security Concerns, 35 Customer Passwords Leaked
Swedish data protection authority launches investigation into massive data breach affecting 1.5 Million people
The DragonForce Cartel: Scattered Spider at the gate
The Future of Ransomware Defense: Why AI and Prevention-First Cybersecurity Are Critical for Insurers and Cyber Policyholders
The Real Cost of Cryptojacking
Therapeutic Health Services Pays $790K to Resolve Class Action Data Breach Litigation
Three US Security Software employees indicted for spreading BlackCat Ransomware
Top 10 Countries that have payment card info spilled onto the dark web in 2025
Toys “R” Us Canada Data Breach Leaks Customer Information on the Dark Web
Treasury sanctions 8 for laundering North Korea earnings from cybercrime, IT worker scheme
U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks
U.S. Prosecutors Indict Cybersecurity Insiders in BlackCat Ransomware Attacks
UK Cyber Resilience Advice ‘Too Bland’, Says Northdoor
UK sponsor licence holders warned of phishing scams
Ukrainian Extradited to the US Over Alleged Role in Conti Ransomware
Uncovering the risks of unmanaged identities
Union to ballot Police Service of Northern Ireland (PSNI) workers for strike action over data breach
University of Pennsylvania data breach included info about Joe Biden and ex-university president Liz Magill, hackers claim
University of Pennsylvania Investigates Alleged Data Breach Affecting 1.2 Million Records
University of Pennsylvania Reports Data Breach Involving 'Highly Offensive' Emails
University of Pennsylvania says data breach is ‘contained’ as extent of stolen data remains unclear
University of Pennsylvania says it has called FBI over data breach
US charges cybersecurity pros over ALPHV/BlackCat ransomware involvement
US Cybersecurity Professionals Indicted in Ransomware Scheme
US Justice Department charges former cybersecurity employees in ransomware attack conspiracy
US prosecutors say cybersecurity pros ran cybercrime operation
US Prosecutors Say Cybersecurity Pros Ran Ransomware Operation
Visibility is not enough
Weaponized PuTTY and Teams Ads Deliver Malware Allowing Hackers to Access Network
When Security Professionals Turn to the Dark Side
Why Europe is Second Biggest Ransomware Target
3rd November
10.5 million people are affected by a massive data breach on the Internet
A new way to think about zero trust for workloads
AI ransomware panic - exposing the inflated “80%” claim
Alphalocker Hits Indian Auto Dealer AMPL & Austrian Bakery Unterkofler
Android users urged to delete hundreds of apps immediately in cyber attack warning
Android warning as hundreds of apps should be deleted after cyber attack
Beverly Hills Oncology Medical Group Data Breach Under Investigation
Beware - ransomware gang is tricking victims with fake Microsoft Teams ads
Beware of New Phishing Attack that Abuses Cloudflare and ZenDesk Pages to Steal Logins
Brazil: Phishing scams fall 20% after record high, but the reduction may mask criminal planning
Cargo theft gets a boost from hackers using remote monitoring tools
CEVA Logistics Hit by Coinbase Cartel Data Breach
CISA Alerts on CVE-2024-1086 Linux Kernel Exploit by Ransomware
CISA and NSA Outline Best Practices to Secure Exchange Servers
Conduent Confirms Massive Data Breach Exposing Personal Data of Over 15 Million
Conti Group Member Responsible for Deploying Ransomware Extradited to USA
Conti Ransomware Operator Extradited to the United States
Conti Suspect in Court After Extradition From Ireland
CrowdStrike report shows ransomware surging across Europe
Cyber scare: How India became top target for AI phishing scams
Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military
Cybercriminals Exploit Remote Monitoring Tools to Infiltrate Logistics and Freight Networks
Cybercriminals Use Cloudflare and ZenDesk Pages in Sophisticated Phishing Attack
Cybersecurity reinsurers feel the strain of ransomware's rise
Cyble Detects Advanced Backdoor Targeting Defense Systems via Belarus Military Lure
Data breach claims hit HMRC after benefit suspensions
Data breach costs lead to 90% drop in operating profit at South Korean telecom giant
Department of Justice (DOJ) accuses US ransomware negotiators of launching their own ransomware attacks
Emerging Cyber Risks That Could Rival Ransomware In Impact
Employees keep finding new ways around company access controls
Enterprises are not prepared for a world of malicious AI agents
Europe’s phone networks are drowning in fake calls
Europe’s Ransomware Attacks Surge to Record Highs in 2024
European diplomats attacked via Windows zero-day vulnerability
Fake Solidity VSCode extension on Open VSX backdoors developers
Fallen Defenders: Ex-Cybersecurity Experts Charged in $10M Ransomware Scheme
Firms at risk as Japan struggles to keep up with cybercrime amid rise of ransomware
First test cases against Police Service of Northern Ireland (PSNI) over data breach to get under way
G. Hauswirth Architects Hit by DragonForce Data Breach
Gateworks Corporation Data Breach Exposes Partner Documents
Gerson & Schwartz Law Firm Hit by Pear Ransomware Attack
Global law enforcement plays catch-up with crypto criminals as gaps remain
Gmail update as account holders told to 'reset password' after huge data breach
Hacker claiming responsibility for scam University of Pennsylvania emails stole data from 1.2 million people
Hacker steals over $120 million from Balancer DeFi crypto protocol
Hackers are attacking Britain’s drinking water suppliers
Hackers Exploiting LinkedIn DMs in Major Phishing Campaign
Hackers Help Organized Crime Groups in Cargo Freight Heists, Researchers Find
Hackers leak alleged US gas station memos threatening staff
Hackers use Remote Monitoring and Management (RMM) tools to breach freighters and steal cargo shipments
Hacktivist Attacks on Critical Infrastructure Soar
Healthcare Data Breach Targets Medline Europe and Treasure Coast Cardiology
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia
How Ransomware Attacks Leverage Cyber Insurance Policies
How Safe is AI for your Company? India’s Ransomware Reality
How this millionaire crypto hacker continues to freely cash out a year later
Hungary: Yet Another TISZA Party Data Breach Scandal - Blame the Russians and Orbán
Hypervisor Ransomware: The Hidden Board-Level Attack Vector
Infostealers have transformed cybercrime – here’s how CISOs can stop them
Is Not Paying a Ransom in Ransomware Attacks Self-Harm to Companies?
Jabber Zeus Developer ‘MrICQ’ in US Custody After Extradition from Italy
Japanese retailer Askul confirms data leak after cyberattack claimed by Russia-linked group
Kaspersky Flags Coinbase Phishing Scam Targeting Windows Users
Lawmakers ask Federal Trade Commission (FTC) to probe Flock Safety’s cybersecurity practices
Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers
Lawyers seek compensation for patients impacted by Genea fertility clinic data breach
Leak Site Ransomware Victims Spike 13% in a Year
LinkedIn Users Hit by Phishing Scam Offering Fake Executive Roles
Major Data Breach Affects Over 10 Million People Using Conduent Services
Malibu Boats Australia suffers ransomware data breach
Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive
Manufacturing production increases after Jaguar Land Rover (JLR) factory restart following cyber attack
Marks & Spencer (M&S) to share update on cyber attack recovery
Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching
MIT Sloan quietly shelves AI ransomware study after researcher criticism
More than $100 million stolen in exploit of Balancer DeFi protocol
Nation-State Attacks Surging Across Europe, Warns CrowdStrike
Nearly half of Indian firms faced ransomware in 2024
New Dante Spyware Linked to Rebranded Hacking Team, Now Memento Labs
New Graphics Device Interface (GDI) Flaws Could Enable Remote Code Execution in Windows
New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
NHS Scotland buys £3 million AI-powered anti-ransomware system
North Korean Hackers Caught on Video Using AI Filters in Fake Job Interviews
North Korean Kimsuky Deploys HttpTroy Backdoor in VPN Phishing Attacks
Nova Ransomware Group Lists University of Gävle and Castilla as Victims
OB-GYN Associates Confirms Data Breach Affecting Over 60,000 People
Oglethorpe, Inc. Data Breach Affects 92,332 Individuals
Ongoing Ransomware Attacks Exploit Critical Linux Kernel Vulnerability (CVE-2024-1086)
Philippine National Police (PNP) Strengthens Cybersecurity Ahead of Possible DDoS Attacks
Poland hit by major cyberattack as hackers steal loan customers' data
Poland probes major data breach targeting clients of online loan platform SuperGrosz
Police Service of Northern Ireland (PSNI) data breach cases begin at Belfast High Court
Police Service of Northern Ireland (PSNI) data breach cases to begin at Belfast High Court
Prepared for a cyber attack? The three questions that businesses must ask themselves
Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks
Proton Data Breach Exposes 300 Million Credentials on Dark Web Markets
Proton Warns of 300 Million Stolen Login Details Circulating on Dark Web
Purported hacker behind University of Pennsylvania’s fraudulent email claims to have grabbed donor data in attack
Ransomware attacks are hitting European enterprises at record pace
Ransomware Attacks Rise for the First Time in Six Months
Ransomware gang cracks the whip on US horse gear giant
Ransomware intrusions with old Linux kernel bug reemerge
Ransomware Negotiation Firm Rocked by Insider Cybercrime Scandal
Researchers Uncover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Data
Rhysida ransomware exploits Microsoft certificate to slip malware past defenses
Rogue ransomware negotiators accused of extortion attacks
Securing real-time payments without slowing them down
SEO Poisoning: How Microsoft’s Reputation is Under Attack from Rhysida Ransomware
SesameOp malware abuses OpenAI Assistants API in attacks
SIM farms expose weaknesses in telecom and authentication ecosystems
South Korea: Gangwon Police Arrest 114 in Cambodia Voice Phishing Gang
Study finds smarter way to train employees to thwart phishing scams
The cost of complacency: How India’s ransomware payments are funding the next attack
The Evolution of SOC Operations: How Continuous Exposure Management Transforms Security Operations
Think tank finds infrastructure ‘inadequately protected against sabotage and cyber threats’
Thousands fall victim to ransomware as European attacks reach record highs - here's why they're so at risk
Two men accused of hacking and extorting US companies previously worked for cybersecurity firms
U.S. Cybersecurity Professionals Charged With Running Ransomware Extortion Scheme
U.S.-based Sling TV to Pay $530,000 Settlement for Violating California Privacy Law
University of Pennsylvania says it has called FBI over data breach
US Appeals Court lowers burden of proof for data breach lawsuits
US cybersecurity experts indicted for BlackCat (ALPHV) ransomware attacks
US government warns Linux flaw is now being exploited for ransomware attacks
US Traces Ransomware Attacks to 2 People Working for Cybersecurity Firms
Vexels Data Breach Exposes 820K Users
Vibra Hospital of Southeastern Massachusetts Data Breach: SSNs Exposed
Victorian Chemical Hit by RansomHouse Ransomware Attack
Warning As Google And Microsoft Calendar Hack Surge Confirmed
Western Australia law firm confirms cyber attack following ransomware claims
Windows Graphics Device Interface (GDI) Flaws Expose Systems to Critical Threats, Including RCE and Data Leaks
YouTube ‘Ghost Network’ Spreads Infostealer via 3,000 Fake Videos
