Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organizations have raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks are at their highest ever recorded, and 2026 has the potential to be even worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. On a lighter note, I'd like to take this opportunity to wish you all a very Merry Christmas and all the best for the New Year. Thanks again for all your support. Stay safe. :)
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th December and 14th December 2025.13th December
Coupang Data Breach Mirrors Japan's Line Yahoo Incident
12th December
Adversary-in-the-Middle (AiTM) Attack Campaign Bypasses MFA and Targets Microsoft 365 and Okta Users
AI reshapes cyber threats as experts warn on automation
Ashen Lepus Hacker Group Attacks Eastern Diplomatic Entities With New AshTag Malware
Ashen Lepus Hacker Group Targets Eastern Diplomatic Entities with AshTag Malware Attack
BarNet hit in alleged cyber attack
BlackForce Launches New Phishing Kit Enabling Man-in-the-Browser (MitB) Attacks to Steal Credentials and Bypass MFA
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated Known Exploited Vulnerabilities (KEV) Catalog
CISA orders feds to patch actively exploited Geoserver flaw
City of Cambridge Advises Password Reset After Nationwide CodeRED Data Breach
ConsentFix Attack Lets Hackers Take Over Microsoft Accounts via Azure CLI
CyberVolk Hackers Group With New VolkLocker Payloads Attacks both Linux and Windows Systems
CyberVolk Hackers Target Linux and Windows with New VolkLocker Payloads
Cyble Reports Surge in Ransomware and Data Breaches in 2025
Cyprus: Oncology data breach under investigation as authorities assess failings
Eastern Diplomatic Entities Targeted by New AshTag Malware in Ashen Lepus Hacker Group Attack
Federal Trade Commission (FTC), State AGs Crack Down on Ed Tech Company After Massive Student Data Breach
Feds charge former Accenture employee for misleading them on cloud security
Fieldtex Data Breach Impacts 238,000
Former Cloud Platform Manager Charged for Concealing Noncompliance to Secure Army Sponsorship, Raising Federal Security Risks
French interior ministry email servers hit by cyber attack
French Interior Ministry hit by cyber attack
French Interior Ministry's e-mail servers hit by cyber attack
Germany accuses Russia of 2024 cyber-attack and disinformation
Global cyberattacks rise as GenAI introduces new data exposure risks
Guernsey: Dental practice sanctioned for phishing attack breach
Hired to Hack: Protecting Your Business from Remote Recruitment Scams
How Long Does It Take to Detect a Cyber Attack?
India emerges as APAC’s ransomware ground zero as Qilin leads a new wave of cyber assaults
Information Commissioner’s Office (ICO) Fines LastPass £1.2m After 2022 Breach
Iroquois Memorial Hospital Targeted in Alleged Pear Ransomware Attack
Kenyan court halts 1.6-billion-USD health deal with U.S. amid data breach fears
LastPass hit with Information Commissioner's Office (ICO) fine after 2022 data breach exposed 1.6 million users – here’s how the incident unfolded
Legal IT provider listed on ransomware group’s dark web site
LLM privacy policies keep getting longer, denser, and nearly impossible to decode
Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat
Mikord Data Breach: Claims of Russia’s Military Draft Systems Hack Shared via ‘Idite Lesom’
MITRE shares 2025's top 25 most dangerous software weaknesses
Montana: Benefis patients notified of data breach involving third-party vendor
National Cyber Security Centre (NCSC) Plugs Gap in Cyber-Deception Guidance
New Adversary-in-the-Middle (AiTM) Attack Campaign That Bypasses MFA Targeting Microsoft 365 and Okta Users
New BlackForce Phishing Kit Lets Attackers Steal Credentials Using Man-in-the-Browser (MitB) Attacks and Bypass MFA
New ConsentFix Attack Let Attackers Hijack Microsoft Accounts by Leveraging Azure CLI
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
New Research Explores the Fate of Data Stolen During Phishing Attacks and Its Consequences
New Windows RasMan zero-day flaw gets free, unofficial patches
Password Manager LastPass Penalized £1.2m by Information Commissioner’s Office (ICO) for Security Failures
Qilin Ransomware Hits Nepes, Spitzer Auto Group & Others
Queensland healthcare centre Hyperdome suffers alleged cyber attack
Rain Bird Data Breach Exposes Financial Info of 24,862 Customers
Ransomware keeps widening its reach
React, Next.js disclose follow-up vulnerabilities, again urge users to patch immediately
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
Russia’s Digital Military Draft System Hit by Cyberattack, Source Code Leaked
Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work
South Africa’s ransomware reckoning: six trends that demand urgent action
South Korea: Personal Data Breach Companies to Face Punitive Fines of 10% of Revenue
South Korean Police Raid Coupang Over Data Breach as CEO Resigns
Space Bears Ransomware Hits Right Power Technology
UK Parliamentarians hit by Spear Phishing Attacks
Uneven regulatory demands expose gaps in mobile security
Was Your Info Leaked in Petco's Data Breach? Here's How to Find Out
What 35 years of privacy law say about the state of data protection
11th December
5 Cybersecurity Predictions for 2026: An Industry Insider’s Analysis
A.S.A.P. Restoration Corp. Hit by DragonForce Ransomware Attack
AI data leaks fuel surge in global cyber attacks
AI prompt injection attacks are inevitable, but we can mitigate the risks
Algerian authorities break up phishing ring accused of 140,000 cyberattacks
Amazon Scams Surge as Holiday Shoppers Face Wave of Phishing Texts and Fake Refund Notices
Android users at risk of DroidLock ransomware that threatens to 'permanently destroy' files
Android warning as new 'ransomware' attack locks phones and threatens to 'delete' files
Android warning issued as fake apps spread DroidLock ransomware demanding payment
Attackers Worldwide are Zeroing In on React2Shell Vulnerability
Bank of Cyprus Oncology Centre confirms patient and staff data breach
Bell Lifestyle Products Hit by Akira Ransomware
British hacker who swindled £2 million in crypto from US businessman to buy his mother a diamond necklace is jailed
CastleLoader Malware Now Uses Python Loader to Bypass Security
CEO of South Korean e-commerce platform resigns over massive data breach
Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw
Conduent cyberattack: 10.5 million hit in 8th largest healthcare data breach in US - what affected people can do
Conduent data breach exposes 10.5 million people
Coupang CEO resigns after data breach furore
Coupang CEO Resigns Following Major Data Breach Exposing 34 Million Customers
Coupang CEO steps down following nearly 34 million-user data breach
Courier Services Company Data Breach Exposes Customer Info
“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach
Cyberattacks force small firms to raise prices
Cyble Global Cybersecurity Report 2025: 6,000 Ransomware Attacks Mark a 50% Surge
Cyprus: Cancer centre data breach sparks urgent security concerns
DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass
DroidLock: Malware Build for Extortion, Device Takeover, and Insider Risk in Spain
DroidLock malware locks you out of your Android device and demands ransom
Ex-Chinese employee named suspect in Coupang data breach as chairman resigns
Federal agencies now only have one more day to patch React2Shell bug
Fortinet, Ivanti, SAP release urgent patches for critical security vulnerabilities
Free spy tool can track 3 billion WhatsApp users, drain batteries and data limits
Global cyberattacks surge in November 2025 as ransomware and GenAI risks spike
GOLD SALEM tradecraft for deploying Warlock ransomware
Google fixes eighth Chrome zero-day exploited in attacks in 2025
Google Fixes GeminiJack Zero-Click Flaw in Gemini Enterprise
Google Releases Critical Chrome Security Update to Address Three Zero-Days
Google rushes Chrome updates after new vulnerability found exploited in wild
Got an Amazon Refund Text? It’s Likely a Scam - Here’s What You Need to Know
Hackers distribute thousands of phishing attacks through Mimecast's secure-link feature
Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks
Hackers exploit unpatched Gogs zero-day to breach 700 servers
Hackers reportedly breach developer involved with Russia’s military draft database
Harbour Town Doctors Data Breach: Rhysida Ransomware Attack
How data-theft ransomware is disrupting fleet operations and customer trust
How do LLMs help cybercriminals create personalized phishing messages?
Human-linked cyber incidents surge as AI use grows
India: Central Bureau of Investigation (CBI) Files Charges Against 13 in Digital Arrest Fraud Case Linked to Myanmar Cyber Slave Compounds
India: Phishing scam targets Bengalureans as traffic fine rebate ends
India Becomes Top Target in APAC for Ransomware Attacks as Qilin Leads Regional Threat Activity
Information Commissioners Office (ICO) Fines LastPass UK £1.2M For 2022 Data Breach
Information Commissioners Office (ICO) levies £1.2 million fine against LastPass - data breach compromised info on 1.6 million users
Intecro Robotics Data Breach: 11.5 GB of Defense Blueprints and CAD Files Leaked
Irish Health Service offers compensation for 2021 Conti ransomware attack
Korea to expand cardholder payback for phishing losses
LLM vulnerability patching skills remain limited
MAG Aerospace Confirms Data Breach Impacting Over 4,000 Employees
Makop Ransomware Attacks on Indian Businesses: GuLoader Delivery and Privilege Escalation
Malicious Visual Studio Code Extensions Hide Trojan in Fake PNG Files
Malicious VSCode Marketplace extensions hid trojan in fake PNG file
Malware Discovered in 19 Visual Studio Code Extensions
Massive phishing scheme fueled by Mimecast link exploitation
Meet ConsentFix, a new twist on the ClickFix phishing attack
Michigan Attorney General Dana Nessell Advises Vigilance After 700Credit LLC Data Breach Impacts 6 Million Nationwide
Microsoft urges users to change passwords, as the Dune-inspired worm hits again
Midnight Ransomware Surge 2025: Stellar Experts Urge CIOs & CISOs to Strengthen Defences
Millcreek Pediatrics reports data breach affecting more than 14,000 individuals
NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems
Nevada ransomware attack offers lessons in statewide cyber resilience
New 01Flip Ransomware Targets Both Windows and Linux Systems
New 24-Hour Warning For Android Users—‘Your Files Will Be Permanently Destroyed’
New ConsentFix attack hijacks Microsoft accounts via Azure CLI
New ‘DroidLock’ Android Malware Locks Users Out, Spies via Front Camera
New 'DroidLock' malware demands a ransom, locks user out of device
New DroidLock Malware Locks Android Devices and Demands Ransom Payment
New Multi-Platform 01flip Ransomware Supports Multi-platform Architecture, Including Windows and Linux
New ransomware locks Android devices and can also erase data – how to avoid this malware
New “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages Instantly
New Spiderman phishing kit lets hackers instantly spoof banking sites to steal passwords and take over accounts - how to stay safe
Newly identified ransomware can execute total takeover of compromised devices
Notepad++ fixes flaw that let attackers push malicious update files
OpenAI Enhances Defensive Models to Mitigate Cyber-Threats
OpenAI Flags Rising Cyber Risks as AI Capabilities Advance
OpenAI warns its next-gen AI models could become hacker tools
Password manager provider fined £1.2m by Information Commissioner's Office (ICO) for data breach affecting up to 1.6 million people in the UK
Pierce County Library Data Breach Impacts 340,000
Ransomware surge intensifies across industrial sectors, with manufacturing accounting for 72% of Q3 cases
Report Surfaces Multiple Novel Social Engineering Tactics and Techniques
Russian hackers debut simple ransomware service, but store keys in plain text
Scam-Busting Financial Conduct Authority (FCA) Firm Checker Tool Given Cautious Welcome
Scammers Sent 40,000 E-Signature Phishing Emails to 6,000 Firms in Just 2 Weeks
Security flaws in Freedom Chat app exposed users’ phone numbers and PINs
Service Provider Breach Hits Vitas Hospice, Nearly 320,000 Individuals Affected
Shanya Emerges As Top EDR-Killing Tool For Ransomware Gangs
Sinobi Ransomware Hits Seward County and Erie Molded Plastics
Spiderman, Spiderman - Does Whatever A Hacker Can
The Most Dangerous 6 Weeks of the Year
The rise of email attacks: why cyber insurance matters
The Shady Emails Keep Coming. It's Time to Fight Back Against Spear Phishing
Think That Party Invite Is Real? Fake E-Vite Scams Are the New Phishing Trap
Top crypto execs targeted in China's WeChat account hacks
UK fines LastPass £1.2 million for data breach affecting 1.6 million people
UK fines LastPass £1.2 million over 2022 data breach impacting 1.6 million users
UK fines LastPass over 2022 data breach impacting 1.6 million users
UK Information Commissioner's Office (ICO) Fines LastPass Over 2022 Data Breach
UK MPs face rise in phishing attacks on messaging apps
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks
Wabasha County Reports User Data Exposed in Alert System Cyber Attack
Wadena County among multiple law enforcement agencies to decommission CodeRed after cyber attack
WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor
10th December
4 Billion+ records, including numerous LinkedIn profiles, exposed in one of the largest lead-generation datasets ever found open
Aeroflot hack explained: report says infrastructure was nearly destroyed
Alert Long Beach emergency notification system taken offline after data breach
ASUS Hacked: Everest Ransomware Group Claims Data Breach
Attackers exploit React2Shell vulnerability to target home CCTV, smart plugs, and TVs
Australian organisations the most targeted by ransomware in 2025
Barts Health Confirms Major Data Breach After Clop Exploits Oracle Zero-Day
Bring Your Own Vulnerable Driver (BYOVD) enhances DeadLock ransomware’s stealth
British government sanctions Russian and Chinese groups over information warfare
BroadBand Tower Breach Exposes Customer Data and Source Code
CEO of South Korean online retailer Coupang resigns over data breach
CEO of South Korean retail giant Coupang resigns after massive data breach
Cheap devices from China may come with hidden sensors and hacking tools
ClickFix Social Engineering Sparks Rise of CastleLoader Attacks
Coolmod Allegedly Breached Exposing Support Ticket Database
Coupang CEO Replaced After Data Breach; U.S. Executive Takes Over
Coupang CEO Resigns After Massive Data Breach Exposes Millions of Users
Coupang CEO resigns after online retailer hit by massive data breach
Coupang CEO resigns amidst massive data breach exposing 33.7 million South Koreans
Coupang CEO resigns in wake of major data leak; CAO named interim chief
Coupang CEO resigns over historic South Korean data breach
Coupang CEO Steps Down 11 Days after Data Breach
Coupang Founder to be Summoned Over Data Breach
Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSS
Cyberattacks force small firms to raise prices
Cybercriminals Hijack Trust in Itch.io and Patreon with Bogus Game Updates Delivering Lumma Stealer
Data breach at Royal Cornwall Hospitals NHS Trust
DeadLock Ransomware Uses New BYOVD Loader Exploiting Driver Vulnerability to Disable EDR
Department of Justice (DOJ) Announces Actions Against Alleged Key Member of Russian Cybercriminal Groups NoName057(16) and CARR (Z-Pentest)
Department of Justice (DOJ), CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure
Emerging DeadLock Ransomware Variant Employs BYOVD to Bypass EDR
Fears are growing that Chinese-made electronics could leave the US in the dark during a cyber attack
Flock cameras remained active in two cities where officials had asked for them to be turned off
Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws
Four years later, Irish health service offers €750 to victims of ransomware attack
Gartner urges businesses to 'block all AI browsers' - what's behind the dire warning
Gemini Zero-Click Vulnerability Allowed Attackers to Access Gmail, Calendar, and Docs
GhostFrame iframe phishing kit powers 1 million attacks
GhostFrame phishing kit fuels widespread attacks against millions
Google ads for shared ChatGPT, Grok guides push macOS infostealer malware
Google fixes GeminiJack zero-click exposing corporate Gmail, Calendar invites, shared Docs
Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data
Hackers abuse Mimecast links to push out 40,000 fake SharePoint and DocuSign emails
Healthcare’s Data Breach Victory Lap Gets Crashed by Quantum Computing
How ransomware crime is evolving into a smart business crime
Hyper Me Data Breach: 140k Customer Records Leaked
Hypervisor-targeted ransomware incidents surge
IFLUSAC Data Breach: 22GB of Project Files and Payroll Leaked
Inbox full of promo emails? 80% are tracking you, new report warns
Infoblox Uncovers MFA-Bypassing “Evilginx” Phishing Operation Targeting U.S. Universities
Inotiv Confirms Data Breach Exposing Sensitive Employee Information
Investigators raid Coupanq HQ following data breach affecting 34 million
Ireland: €750 Payout Proposed for 90,000 Victims as Health Service Executive (HSE) Acknowledges Cyberattack Damage
Ireland: Health Service Executive (HSE) confirms second ransomware attack but 'no evidence' patient data was stolen
Japanese Firms Suffer Long Tail of Ransomware Damage
Lawmaker calls facial recognition on doorbell cameras a ‘privacy nightmare’
LLMs are everywhere in your stack and every layer brings new risk
LockBit Reborn: Inside the Group’s Post-Takedown Evolution
Log4Shell Downloaded 40 Million Times in 2025
Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025
Microsoft Issues Defense Blueprint for Organizations Targeted by Shai-Hulud 2.0 Supply-Chain Attacks
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Microsoft Outlook Vulnerability Lets Attackers Execute Malicious Code Remotely
Mobile Users Less Likely to Fall for Phishing Scams
myQNAPcloud Internal Access Allegedly For Sale on Dark Web
.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL
New DroidLock malware locks Android devices and demands a ransom
New malware on Microsoft Marketplace steals passwords and screenshots of desktops
New Portuguese Law Shields Ethical Hackers from Prosecution
New Semperis Ransomware Risk Report reveals common patterns that cybercriminals exploit
New Spiderman phishing service targets dozens of European banks
North Korean Hackers Deploy EtherRAT Malware in React2Shell Exploits
Notepad++ releases emergency patch as hackers exploit updater to deploy malware
Online trading broker ThinkMarkets suffers alleged data breach
Over 10,000 Docker Hub images found leaking credentials, auth keys
Petco takes down Vetco website after exposing customers’ personal information
Police Conduct Second Coupang Raid in Mass Data Breach Probe
Police Continue Raid at Coupang's Seoul Headquarters over Data Breach for 2nd Day
Police raid Coupang headquarters for 2nd day over massive data breach
Phishing report highlights rise of AI and legitimate platform hijacking
Pro-Russia Hackers Target US Critical Infrastructure in New Wave
Ransomware attacks on Hypervisors increase by 700 percent
Ransomware Attacks Rise 50% In 2025; Microsoft, Apple, Oracle Among Affected Tech Vendors
Ransomware Victim Warning: The Streisand Effect May Apply
React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors
Reporters Without Borders (RSF) Cyberattack Linked to Russian FSB Foiled by Staff Vigilance
Rewardy Data Breach: 2.2 Million User Records Allegedly Stolen
Rise in Device-Driven Cybercrime and Expanding Ransomware Threats Put India on Alert
Russia’s flagship airline hacked through little-known tech vendor
Russian State-Supported Hacktivist Groups Targeted in Dual Department of Justice (DOJ) Indictments
Senators return to effort to boost cybersecurity for commercial satellite industry
Seoul Police Raid Coupang Headquarters in Data Breach Probe
Services Australia may get powers to rein in data breach exposure
Should Organizations Block AI Browsers?
Spiderman Phishing Kit Lets Attackers Clone European Banks in Seconds
Spiderman phishing kit targets European banks
Sticker Japan Data Breach: 110,000 User Records Allegedly for Sale
Storm-0249 Abuses EDR Processes in Stealthy Attacks
Teen who allegedly stole millions of personal data records arrested in Spain
Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling
Toppersexam Data Breach Exposes 1.9 Million User Records
Torrent for DiCaprio’s “One Battle After Another” Movie Drops Agent Tesla
Trump prioritizing trade with China over cyber war, Salt Typhoon goes unpunished
Ukrainian faces 27 years in prison in the US for involvement in Russian cyberattacks on American critical infrastructure
Ukrainian hacker charged with helping Russian hacktivist groups
Ukrainian Woman in US Custody for Aiding Russian NoName057 Hacker Group
Updated Makop ransomware emerges
US extradites member of Russian hacktivist group involved in critical infrastructure attacks
US indicts hacker involved in cyberattacks on critical infrastructure
VITAS Healthcare Breach Exposes 319K Patient Records
Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups
Why a secure software development life cycle is critical for manufacturers
Windows Defender Firewall Service Vulnerability Lets Attackers Disclose Sensitive Data
9th December
3 Ukrainian Hackers Arrested in Warsaw Amid Heightened Security Alert on Charges of National Defense Threats
40,000 Phishing Emails Disguised as SharePoint and and e-Signing Services: A New Wave of Finance-Themed Scams
AI-driven threats are heading straight for the factory floor
Akira Group Exploits Vulnerabilities, Triggering Surge in Ransomware Attacks on Hyper-V and VMware ESXi
Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities
Algerian Hacker Launches 140,000 Cyber Attacks Using Only a Laptop
Apache Tika Vulnerability Widens Across Multiple Modules, Severity Now 10.0
Australia experienced highest ransomware rate globally, second highest in ransom payments
Australia leads world in costly, rising ransomware toll
Badr Airlines Allegedly Breached: 2.2 GB of Confidential Flight & Security Manuals Leaked
California man pleads guilty to Racketeer Influenced and Corrupt Organizations Act (RICO) charges as Department of Justice (DOJ) indicts crypto theft gang
ChatGPT flags crypto romance scam after widow loses $1 Million
Check Point links US cyberattacks to global crises in new clash warning
CNHI Data Breach Exposes SSNs & Financial Info
Coinbase Cartel Targets Multiple UAE Real Estate Firms and Acu Trans Solutions
Coupang Faces U.S. Punitive Damages Lawsuit Over Data Breach
Coupang founder to be summoned over data breach
Coupang to face class action suit in U.S. over data breach
Cursor vulnerable to “catastrophic budget drain:” vibe coder finds a way to spend $1 million
Cyber Talent Shortage Pushes EU Firms Toward Tech and Outsourced Security
Cyberattack on Freedom Mobile Compromises Personal Data of Thousands
Cyberattack on Reporters Without Borders Linked to Russian Security Services
Cybersecurity ‘incident’ leads to potential data breach for Tigard CodeRED subscribers
DeadLock Ransomware Uses Bring Your Own Vulnerable Driver (BYOVD) to Evade Security Measures
DragonForce Ransomware Hits VoiceTeam Call and City of La Vergne
Energy Operations: Managing Password Security and Continuity
Exploitation Efforts Against Critical React2Shell Flaw Accelerate
FinCEN data shows $4.5B in ransomware payments, record spike in 2023
Fortinet warns of critical FortiCloud SSO login auth bypass flaws
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
GOLD BLADE Exploiting Custom QWCrypt Locker for Data Exfiltration and Ransomware Deployment
GOLD BLADE Using Custom QWCrypt Locker that Allows Data Exfiltration and Ransomware Deployment
GrayBravo Expands CastleLoader Malware Operations with Distinct Activity Clusters, Impersonates ‘Booking.com’ and ‘DAT Freight’
Hackers say Volkswagen dealership’s client list is now for sale
Hackers switch tactics as manufacturers tighten defences
Hypervisors Become “Force Multiplier” for Ransomware Operators
Indirect Malicious Prompt Technique Targets Google Gemini Enterprise
Infostealers on the rise: time to take action, Australia recommends
Iran has attacked every Israeli citizen multiple times
Ireland: Health Service Executive (HSE) begins offering €750 compensation to victims of cyberattack
Ivanti warns of critical Endpoint Manager code execution flaw
Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware
Major Data Exposure at Marquis Ripples Across U.S. Financial Institutions
Major Ransomware Attack Cripples Hospital Systems Across Four States
Makop Ransomware Exploits RDP Systems with AV Killer and Other Exploits
Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits
Malicious VS Code Extensions Deploy Advanced Infostealer
Manufacturing fares better against ransomware - with room for improvement
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
Millcreek Pediatrics Data Breach Affects 14,095 Patients
NCSC Warns Prompt Injection Could Become the Next Major AI Security Crisis
New AI-Native Threat: Vulnerability in Google Gemini Enterprise and Vertex AI Search Allowed Stealing Gmail, Docs, and Calendar Data
New Bring Your Own Vulnerable Driver (BYOVD) loader behind DeadLock ransomware attack
New image signature can survive cropping, stop deepfakes from hijacking trust
New GeminiJack 0-Click Flaw in Gemini AI Exposed Users to Data Leaks
New ‘Spiderman’ phishing kit targets European bank customers
Non-mobile IT threats evolve into industrial-scale attacks in Q3 2025
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks
Outsmart risk: A 5-point plan to survive a data
Over 300,000 Individuals Impacted by Vitas Hospice Data Breach
Packer-as-a-Service Shanya Hides Ransomware, Kills EDR
Patient and staff data stolen in Barts Health cyber attack
Petco data breach - SSNs, credit card info and drivers' licenses exposed
Petco Data Breach Exposes Customer Data, Including SSNs, Credit Card Info
Petco Data Breach Exposes Customer Social Security Numbers
Pharmaceutical Firm Inotiv Discloses Ransomware Attack and Data Breach
Phishing attack targets 18 US universities, bypassing MFA
Phishing-resistant authentication is taking off
Pixel tracking can significantly increase data breach risk on hospital websites
Police Dismantle EUR 700 Million Crypto Scam That Used Deepfakes
Police raid Coupang HQ amid 34 million account data breach
Police raid Coupang over massive data breach
Police raid Coupang to seize evidence related to major data breach
Police raid e-commerce giant Coupang's Seoul offices in data breach probe
Ransomware Attack at Fintech Software Solutions Firm Marquis Impacts Dozens of Banks and Credit Unions
Ransomware Attacks Decline in 2024, But Threat Remains High with $734 Million in Ransom Paid
Ransomware Attacks on Healthcare Organizations Spike During Holidays, Weekends
Ransomware increasingly targeting hypervisors
Ransomware Initial Access Broker (IAB) abuses EDR for stealthy malware execution
Ransomware Targeting Hyper-V and VMware ESXi Surges as Akira Group Exploits System Vulnerabilities
React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
Researchers spot 700 percent increase in hypervisor ransomware attacks
Rise in Extortion Attacks Targeting Manufacturers
Royal Cornwall Hospital staff's sick days exposed in data leak
Russian Calisto Hackers Launch ClickFix Attack on French NGO Reporters
Russian Hackers Target French NGO Reporters with ClickFix Attack Technique
Safepay Ransomware Group Breaches US Engineering Firm Chemstress
SAP fixes three critical vulnerabilities across multiple products
Scammers are poisoning AI search results to steer you straight into their traps
Seoul cyber investigators seize data, devices from ‘South Korea’s Amazon’ following data breach
SimpleX Chat X Account Hacked, Fake Site Promotes Crypto Wallet Scam
Sophos finds that manufacturing faces growing ransomware threat due to security gaps, lack of expertise
Sophos’s State of Ransomware in Healthcare 2025 report reveals 58% of providers recover within a week
South Korea police raid Coupang HQ over historic data breach
South Korea's Data Breach Compensation: Calls to Match EU, U.S. Levels
South Korea’s largest online retailer apologises for data breach
Space Bears ransomware claims Comcast data breach via contractor Quasar Inc
Spain: A young man has been arrested in Igualada for stealing and selling 64 million personal data records online
Spain arrests teen who stole 64 million personal data records
Spiderman Phishing Kit Targets European Banks with Real-Time Credential Theft
SpyCloud data shows 400% surge in corporate phishing
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading
Surge In Cyberattacks Across Various Sectors In South Africa
Taiwan blocks RedNote over fraud risks, as downloads surge through VPNs, despite ban
The Rise of Phishing Scams Targeting Streamers and Gamers
This new phishing trick fools even careful users - but staying safe is shockingly simple
Three Ukrainian Nationals Detained in Warsaw with Hacking and Spy Equipment
Trial begins for 46 suspects accused of involvement in online scams in Cambodia
UK National Cyber Security Centre (NCSC) Raises Alarms Over Prompt Injection Attacks
US Treasury offers cautious optimism as ransomware payments decline
Volkswagen Mandi Data Breach Exposes 2.5 Million User Records
What is Ransomware-as-a-Service (RaaS)? How Cybercrime Became a Business Model
8th December
58% of healthcare providers now recover within a week amid declining ransom payments across the sector
AI drives cybercrime to execute ransomware in minutes
AI Hackers Spark 4,151% Phishing Surge
AI-powered social engineering to more dangerous ransomware: Key cybersecurity threats to businesses in 2026
Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features
Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces
Barts Health Confirms Cl0p Ransomware Behind Data Breach Linked to Oracle Vulnerability
Barts Health Seeks High Court Ban After Oracle EBS Breach
Beware of crypto wallet-draining 'support channels' on Telegram
Cadman Power Equipment Targeted by Securotrop Ransomware Group
Can employees sue victimized companies over data breach
ChrimeraWire Trojan Fakes Chrome Activity to Manipulate Search Rankings
CISA Releases New AI-in-OT Security Guidance: Key Principles & Risks
CISOs are spending big and still losing ground
ClayRat Android Spyware Expands Capabilities
Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity Vulnerability in React2Shell
Compromised Next.js devices weaponized by attackers: thousands remain vulnerable
Coupang issues revised notice citing 'data breach,' says no signs of secondary damage
Coupang Sees Sharp User Decline Following Massive Data Breach
Coupang updates notice after data breach affecting 33.7 million users
Coupang Users Decline 1.81 Million Amid Data Breach Concerns
Coupang's 1 Billion Won Insurance Falls Short After 33.7 Million Data Breach
Coupang’s US HQ faces class-action lawsuit over data breach
CRRC MA America Data Breach Exposes Critical Transit Schematics
Cybersecurity in 2026: The 10 Biggest Digital Threats on the Horizon
Czech Republic: TAJMAC-ZPS Allegedly Breached
Data breach hits MAG Aerospace employees
Employee of Washington Post takes legal path over Oracle EBS Data Breach
Ex-Employee Sues Washington Post Over Oracle EBS-Related Data Breach
Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT
Fake police investigation email circulating across Israel
FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024
Former Washington Post worker files class action lawsuit over data breach affecting nearly 10,000 people
GhostFrame: New Stealth Phishing Kit Targeting Millions Worldwide
Google Confirms Rising ‘Account Takeovers’ - Users Told to Check Chrome Settings
Google, Apple Warn of State-Linked Surveillance Threats
Harvard hit by new breach after phone phishing attack
HESCO Foodservice Targeted in DragonForce Ransomware Attack
INC Ransom Claims Attack on Major Automotive Supplier Yazaki Group, Potentially Impacting BMW, Nissan
India: Central government research facility in Pune targeted in whale phishing attempt, probe on
India: Government confirms Indian airports were hit by cyber attack involving GPS spoofing
India: Income Tax Department warns citizens against fake e-PAN phishing emails
Invisible IT is becoming the next workplace priority
Ireland: Suspended sentence for student who took part in phishing scam
Is ransomware finally on the decline? Treasury data offers cautious hope
K3G Solutions LTDA Data Breach Exposes 192GB of Internal Files
Law firm to sue Coupang in both Korea, U.S. over data breach
LockBit 5.0 Infrastructure Details Exposed by Researchers in Major Security Failure, Including a Key IP Address and Domain
Makop ransomware: GuLoader and privilege escalation in attacks against Indian businesses
Malicious Document Reader App in Google Play With 50K Downloads Installs Anatsa Malware
Malicious VSCode extensions on Microsoft's registry drop infostealers
Manufacturing Blocks More Ransomware As Attackers Pivot To Data Theft
Marquis Software Breach Affects Over 780,000 Nationwide
Massive Ukrainian Data Breach Sparks Fears of Russian Penetration Into Drone Industry
Meritz Fire & Marine faces US$682m exposure to Coupang data breach
Meta proposal for less data sharing is approved by European Commission
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign
New GhostFrame Super Stealthy Phishing Kit Attacks Millions of Users Worldwide
New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites
New Splunk Windows Flaw Enables Privilege Escalation Attacks
NVIDIA research shows how agentic AI fails under attack
OceanLotus Hacker Group Targeting Xinchuang IT Ecosystems to Launch Supply Chain Attacks
OpenAI API User Data Exposed in Third-Party Mixpanel Breach
Oracle EBS zero-day used by Clop to breach Barts Health NHS
Over 70 Domains Used in Months-Long Phishing Spree Against US Universities
Patient and staff data impacted by Cl0p ransomware attack on Barts Health NHS
Petco data breach exposes customer information
Petco Data Breach Exposes SSNs, Driver's Licenses in Major Leak
Petco’s security lapse affected customers’ SSNs, drivers’ licenses and more
Pharma Firm Inotiv Confirms Data Breach Following Ransomware Attack
Phishing Campaign Uses Split QR Codes to Evade Filters
Physicians to Children Data Breach Affects 9,536 Patients
Poland arrests Ukrainians utilizing 'advanced' hacking equipment
Police confirm identity of Chinese mastermind behind Korea Telecom (KT) payment breach
Portugal Revises Cybercrime Law to Protect Security Researchers
Qilin Ransomware Breaches AMH Philippines, David M. Schwarz, Sanko
Ransomware Gangs Deploy “Shanya” to Cripple EDR Defenses Before Strikes
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Ransomware Payments Fell After Law Enforcement Actions, But Still High
Ransomware Payments Jump 77% in Latest FinCEN Report
Ransomware payments surge past $2.1 Billion, says FinCEN
Ransomware Payments Surpassed $4.5 Billion
Ransomware peaked in 2023 prior to law enforcement actions
React2Shell Under Active Exploitation by China-Nexus Hackers
Researchers track dozens of organizations affected by React2Shell compromises tied to China’s Ministry of State Security (MSS)
Russian hackers claim looting of secret big tech hardware designs
Russian police bust bank-account hacking gang that used NFCGate-based malware
Securing AI for Cyber Resilience: Building Trustworthy and Secure AI Systems
Shanya crypter emerges as new threat in ransomware toolkits
Shanya EDR Killer: The New Favorite Tool for Ransomware Operators
Shanya EDR Killer Leveraged by Hackers to Clear the Way for Ransomware Infection
Shanya Packer-as-a-Service (VX Crypt) Fuels Modern Akira, Qilin, Medusa Ransomware Cyberattacks
Sinobi Ransomware Group Breaches Multiple US Firms Including Quality
Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks
South Korea: Firms stick to bare-minimum data breach insurance despite major leaks
South Korea: Weak cybersecurity leaves hospitals vulnerable to ransomware attack, data leaks
Space Bears Ransomware Claims Comcast Data Theft Through Quasar Breach
Space Bears Ransomware Group Claims Attack on Comcast
SpyCloud Data Shows Corporate Users 3x More Likely To Be Targeted by Phishing Than By Malware
State-Sponsored Actors Leverage Backdoor Malware, CISA Warns
Three hacking groups, two vulnerabilities and all eyes on China
Total ransomware payments surpass $4.5 billion since 2013
Tri-Century Eye Care Data Breach Impacts 200,000 Individuals
Triada Malware Strikes Android Users Through Multiple Ad Networks in Sophisticated Hacker Scheme
UK Hospital Asks Court to Stymie Ransomware Data Leak
UK intelligence warns AI 'prompt injection' attacks might never go away
UK launches Proactive Notifications Service to warn businesses of security vulnerabilities
Ukrainian intelligence hit Russia's transit company assisting sanctioned goods
Ukrainians with equipment for hacker attacks detained in Warsaw: what the police seized
US Contributes to 44% of Cyber Attacks; Public Administration Targeted for Financial Gains
US Treasury Tracks $4.5B in Ransom Payments since 2013
Why Operational Technology (OT) security now needs phishing-resistant authentication
WorldLeaks Hits Big Lar, Ernest Käslin, Granjas 4 Irmãos
