Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organizations have raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks are at their highest ever recorded, and 2026 has the potential to be even worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. On a lighter note, I'd like to take this opportunity to wish you all a very Merry Christmas and all the best for the New Year. Thanks again for all your support. Stay safe. :)
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th December and 14th December 2025.10th December
Healthcare’s Data Breach Victory Lap Gets Crashed by Quantum Computing
Seoul Police Raid Coupang Headquarters in Data Breach Probe
9th December
3 Ukrainian Hackers Arrested in Warsaw Amid Heightened Security Alert on Charges of National Defense Threats
40,000 Phishing Emails Disguised as SharePoint and and e-Signing Services: A New Wave of Finance-Themed Scams
AI-driven threats are heading straight for the factory floor
Akira Group Exploits Vulnerabilities, Triggering Surge in Ransomware Attacks on Hyper-V and VMware ESXi
Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities
Apache Tika Vulnerability Widens Across Multiple Modules, Severity Now 10.0
Australia experienced highest ransomware rate globally, second highest in ransom payments
Australia leads world in costly, rising ransomware toll
Badr Airlines Allegedly Breached: 2.2 GB of Confidential Flight & Security Manuals Leaked
California man pleads guilty to Racketeer Influenced and Corrupt Organizations Act (RICO) charges as Department of Justice (DOJ) indicts crypto theft gang
ChatGPT flags crypto romance scam after widow loses $1 Million
Check Point links US cyberattacks to global crises in new clash warning
CNHI Data Breach Exposes SSNs & Financial Info
Coinbase Cartel Targets Multiple UAE Real Estate Firms and Acu Trans Solutions
Coupang Faces U.S. Punitive Damages Lawsuit Over Data Breach
Coupang founder to be summoned over data breach
Coupang to face class action suit in U.S. over data breach
Coupang to face class action suit in U.S. over data breach
Cursor vulnerable to “catastrophic budget drain:” vibe coder finds a way to spend $1 million
Cyber Talent Shortage Pushes EU Firms Toward Tech and Outsourced Security
DeadLock Ransomware Uses Bring Your Own Vulnerable Driver (BYOVD) to Evade Security Measures
DragonForce Ransomware Hits VoiceTeam Call and City of La Vergne
Energy Operations: Managing Password Security and Continuity
Exploitation Efforts Against Critical React2Shell Flaw Accelerate
FinCEN data shows $4.5B in ransomware payments, record spike in 2023
Fortinet warns of critical FortiCloud SSO login auth bypass flaws
GOLD BLADE Exploiting Custom QWCrypt Locker for Data Exfiltration and Ransomware Deployment
GOLD BLADE Using Custom QWCrypt Locker that Allows Data Exfiltration and Ransomware Deployment
GrayBravo Expands CastleLoader Malware Operations with Distinct Activity Clusters, Impersonates ‘Booking.com’ and ‘DAT Freight’
Hackers say Volkswagen dealership’s client list is now for sale
Hackers switch tactics as manufacturers tighten defences
Hypervisors Become “Force Multiplier” for Ransomware Operators
Indirect Malicious Prompt Technique Targets Google Gemini Enterprise
Infostealers on the rise: time to take action, Australia recommends
Iran has attacked every Israeli citizen multiple times
Ireland: Health Service Executive (HSE) begins offering €750 compensation to victims of cyberattack
Ivanti warns of critical Endpoint Manager code execution flaw
Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware
Major Ransomware Attack Cripples Hospital Systems Across Four States
Makop Ransomware Exploits RDP Systems with AV Killer and Other Exploits
Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits
Malicious VS Code Extensions Deploy Advanced Infostealer
Manufacturing fares better against ransomware - with room for improvement
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
Millcreek Pediatrics Data Breach Affects 14,095 Patients
NCSC Warns Prompt Injection Could Become the Next Major AI Security Crisis
New AI-Native Threat: Vulnerability in Google Gemini Enterprise and Vertex AI Search Allowed Stealing Gmail, Docs, and Calendar Data
New Bring Your Own Vulnerable Driver (BYOVD) loader behind DeadLock ransomware attack
New image signature can survive cropping, stop deepfakes from hijacking trust
New GeminiJack 0-Click Flaw in Gemini AI Exposed Users to Data Leaks
New ‘Spiderman’ phishing kit targets European bank customers
Non-mobile IT threats evolve into industrial-scale attacks in Q3 2025
North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks
Outsmart risk: A 5-point plan to survive a data
Over 300,000 Individuals Impacted by Vitas Hospice Data Breach
Packer-as-a-Service Shanya Hides Ransomware, Kills EDR
Patient and staff data stolen in Barts Health cyber attack
Petco data breach - SSNs, credit card info and drivers' licenses exposed
Petco Data Breach Exposes Customer Data, Including SSNs, Credit Card Info
Petco Data Breach Exposes Customer Social Security Numbers
Pharmaceutical Firm Inotiv Discloses Ransomware Attack and Data Breach
Phishing attack targets 18 US universities, bypassing MFA
Phishing-resistant authentication is taking off
Pixel tracking can significantly increase data breach risk on hospital websites
Police Dismantle EUR 700 Million Crypto Scam That Used Deepfakes
Police raid Coupang HQ amid 34 million account data breach
Police raid Coupang over massive data breach
Police raid Coupang to seize evidence related to major data breach
Police raid e-commerce giant Coupang's Seoul offices in data breach probe
Ransomware Attack at Fintech Software Solutions Firm Marquis Impacts Dozens of Banks and Credit Unions
Ransomware Attacks Decline in 2024, But Threat Remains High with $734 Million in Ransom Paid
Ransomware Attacks on Healthcare Organizations Spike During Holidays, Weekends
Ransomware increasingly targeting hypervisors
Ransomware Initial Access Broker (IAB) abuses EDR for stealthy malware execution
Ransomware Targeting Hyper-V and VMware ESXi Surges as Akira Group Exploits System Vulnerabilities
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Researchers spot 700 percent increase in hypervisor ransomware attacks
Rise in Extortion Attacks Targeting Manufacturers
Royal Cornwall Hospital staff's sick days exposed in data leak
Russian Calisto Hackers Launch ClickFix Attack on French NGO Reporters
Russian Hackers Target French NGO Reporters with ClickFix Attack Technique
Safepay Ransomware Group Breaches US Engineering Firm Chemstress
Scammers are poisoning AI search results to steer you straight into their traps
Seoul cyber investigators seize data, devices from ‘South Korea’s Amazon’ following data breach
SimpleX Chat X Account Hacked, Fake Site Promotes Crypto Wallet Scam
Sophos finds that manufacturing faces growing ransomware threat due to security gaps, lack of expertise
Sophos’s State of Ransomware in Healthcare 2025 report reveals 58% of providers recover within a week
South Korea police raid Coupang HQ over historic data breach
South Korea's Data Breach Compensation: Calls to Match EU, U.S. Levels
South Korea’s largest online retailer apologises for data breach
Spain: A young man has been arrested in Igualada for stealing and selling 64 million personal data records online
Spain arrests teen who stole 64 million personal data records
Spiderman Phishing Kit Targets European Banks with Real-Time Credential Theft
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
Surge In Cyberattacks Across Various Sectors In South Africa
Taiwan blocks RedNote over fraud risks, as downloads surge through VPNs, despite ban
The Rise of Phishing Scams Targeting Streamers and Gamers
This new phishing trick fools even careful users - but staying safe is shockingly simple
Three Ukrainian Nationals Detained in Warsaw with Hacking and Spy Equipment
Trial begins for 46 suspects accused of involvement in online scams in Cambodia
UK National Cyber Security Centre (NCSC) Raises Alarms Over Prompt Injection Attacks
US Treasury offers cautious optimism as ransomware payments decline
Volkswagen Mandi Data Breach Exposes 2.5 Million User Records
What is Ransomware-as-a-Service (RaaS)? How Cybercrime Became a Business Model
8th December
58% of healthcare providers now recover within a week amid declining ransom payments across the sector
AI drives cybercrime to execute ransomware in minutes
AI Hackers Spark 4,151% Phishing Surge
AI-powered social engineering to more dangerous ransomware: Key cybersecurity threats to businesses in 2026
Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features
Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces
Barts Health Confirms Cl0p Ransomware Behind Data Breach Linked to Oracle Vulnerability
Barts Health Seeks High Court Ban After Oracle EBS Breach
Beware of crypto wallet-draining 'support channels' on Telegram
Cadman Power Equipment Targeted by Securotrop Ransomware Group
Can employees sue victimized companies over data breach
ChrimeraWire Trojan Fakes Chrome Activity to Manipulate Search Rankings
CISA Releases New AI-in-OT Security Guidance: Key Principles & Risks
CISOs are spending big and still losing ground
ClayRat Android Spyware Expands Capabilities
Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity Vulnerability in React2Shell
Compromised Next.js devices weaponized by attackers: thousands remain vulnerable
Coupang issues revised notice citing 'data breach,' says no signs of secondary damage
Coupang Sees Sharp User Decline Following Massive Data Breach
Coupang updates notice after data breach affecting 33.7 million users
Coupang Users Decline 1.81 Million Amid Data Breach Concerns
Coupang's 1 Billion Won Insurance Falls Short After 33.7 Million Data Breach
Coupang’s US HQ faces class-action lawsuit over data breach
CRRC MA America Data Breach Exposes Critical Transit Schematics
Cybersecurity in 2026: The 10 Biggest Digital Threats on the Horizon
Czech Republic: TAJMAC-ZPS Allegedly Breached
Data breach hits MAG Aerospace employees
Employee of Washington Post takes legal path over Oracle EBS Data Breach
Ex-Employee Sues Washington Post Over Oracle EBS-Related Data Breach
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT
Fake police investigation email circulating across Israel
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024
Former Washington Post worker files class action lawsuit over data breach affecting nearly 10,000 people
GhostFrame: New Stealth Phishing Kit Targeting Millions Worldwide
Google Confirms Rising ‘Account Takeovers’ - Users Told to Check Chrome Settings
Google, Apple Warn of State-Linked Surveillance Threats
Harvard hit by new breach after phone phishing attack
HESCO Foodservice Targeted in DragonForce Ransomware Attack
INC Ransom Claims Attack on Major Automotive Supplier Yazaki Group, Potentially Impacting BMW, Nissan
India: Central government research facility in Pune targeted in whale phishing attempt, probe on
India: Government confirms Indian airports were hit by cyber attack involving GPS spoofing
India: Income Tax Department warns citizens against fake e-PAN phishing emails
Invisible IT is becoming the next workplace priority
Ireland: Suspended sentence for student who took part in phishing scam
Is ransomware finally on the decline? Treasury data offers cautious hope
K3G Solutions LTDA Data Breach Exposes 192GB of Internal Files
Law firm to sue Coupang in both Korea, U.S. over data breach
LockBit 5.0 Infrastructure Details Exposed by Researchers in Major Security Failure, Including a Key IP Address and Domain
Makop ransomware: GuLoader and privilege escalation in attacks against Indian businesses
Malicious Document Reader App in Google Play With 50K Downloads Installs Anatsa Malware
Malicious VSCode extensions on Microsoft's registry drop infostealers
Manufacturing Blocks More Ransomware As Attackers Pivot To Data Theft
Marquis Software Breach Affects Over 780,000 Nationwide
Massive Ukrainian Data Breach Sparks Fears of Russian Penetration Into Drone Industry
Meritz Fire & Marine faces US$682m exposure to Coupang data breach
Meta proposal for less data sharing is approved by European Commission
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
New GhostFrame Super Stealthy Phishing Kit Attacks Millions of Users Worldwide
New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites
New Splunk Windows Flaw Enables Privilege Escalation Attacks
NVIDIA research shows how agentic AI fails under attack
OceanLotus Hacker Group Targeting Xinchuang IT Ecosystems to Launch Supply Chain Attacks
OpenAI API User Data Exposed in Third-Party Mixpanel Breach
Oracle EBS zero-day used by Clop to breach Barts Health NHS
Over 70 Domains Used in Months-Long Phishing Spree Against US Universities
Patient and staff data impacted by Cl0p ransomware attack on Barts Health NHS
Petco data breach exposes customer information
Petco Data Breach Exposes SSNs, Driver's Licenses in Major Leak
Petco’s security lapse affected customers’ SSNs, drivers’ licenses and more
Pharma Firm Inotiv Confirms Data Breach Following Ransomware Attack
Phishing Campaign Uses Split QR Codes to Evade Filters
Physicians to Children Data Breach Affects 9,536 Patients
Poland arrests Ukrainians utilizing 'advanced' hacking equipment
Police confirm identity of Chinese mastermind behind Korea Telecom (KT) payment breach
Portugal Revises Cybercrime Law to Protect Security Researchers
Qilin Ransomware Breaches AMH Philippines, David M. Schwarz, Sanko
Ransomware Gangs Deploy “Shanya” to Cripple EDR Defenses Before Strikes
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Ransomware Payments Fell After Law Enforcement Actions, But Still High
Ransomware Payments Jump 77% in Latest FinCEN Report
Ransomware payments surge past $2.1 Billion, says FinCEN
Ransomware Payments Surpassed $4.5 Billion
Ransomware peaked in 2023 prior to law enforcement actions
React2Shell Under Active Exploitation by China-Nexus Hackers
Researchers track dozens of organizations affected by React2Shell compromises tied to China’s Ministry of State Security (MSS)
Russian hackers claim looting of secret big tech hardware designs
Russian police bust bank-account hacking gang that used NFCGate-based malware
Securing AI for Cyber Resilience: Building Trustworthy and Secure AI Systems
Shanya crypter emerges as new threat in ransomware toolkits
Shanya EDR Killer: The New Favorite Tool for Ransomware Operators
Shanya EDR Killer Leveraged by Hackers to Clear the Way for Ransomware Infection
Shanya Packer-as-a-Service (VX Crypt) Fuels Modern Akira, Qilin, Medusa Ransomware Cyberattacks
Sinobi Ransomware Group Breaches Multiple US Firms Including Quality
Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks
South Korea: Firms stick to bare-minimum data breach insurance despite major leaks
South Korea: Weak cybersecurity leaves hospitals vulnerable to ransomware attack, data leaks
Space Bears Ransomware Claims Comcast Data Theft Through Quasar Breach
Space Bears Ransomware Group Claims Attack on Comcast
SpyCloud Data Shows Corporate Users 3x More Likely To Be Targeted by Phishing Than By Malware
State-Sponsored Actors Leverage Backdoor Malware, CISA Warns
Three hacking groups, two vulnerabilities and all eyes on China
Total ransomware payments surpass $4.5 billion since 2013
Tri-Century Eye Care Data Breach Impacts 200,000 Individuals
Triada Malware Strikes Android Users Through Multiple Ad Networks in Sophisticated Hacker Scheme
UK Hospital Asks Court to Stymie Ransomware Data Leak
UK intelligence warns AI 'prompt injection' attacks might never go away
UK launches Proactive Notifications Service to warn businesses of security vulnerabilities
Ukrainian intelligence hit Russia's transit company assisting sanctioned goods
Ukrainians with equipment for hacker attacks detained in Warsaw: what the police seized
US Contributes to 44% of Cyber Attacks; Public Administration Targeted for Financial Gains
US Treasury Tracks $4.5B in Ransom Payments since 2013
Why Operational Technology (OT) security now needs phishing-resistant authentication
WorldLeaks Hits Big Lar, Ernest Käslin, Granjas 4 Irmãos
