Ransomware Operator Claims - Week 50 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 8th December and 14th December 2025, kindly assisted by our partners.

DBD discovered and researched 189 Ransomware Victims over 39 Countries and Islands claimed by 34 Data-Leaking Ransomware Operators, including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 51 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th December and 21st December 2025.

18th December

113,000 Impacted by Data Breach at Virginia Mental Health Authority

630 Million Passwords Stolen, FBI Reveals: What This Says About Credential Value

A critical Cisco vulnerability is letting China spy on email systems

AI-driven shopping and privacy. What the retail and e-commerce sector should expect in 2026

AI-fuelled cyber-attacks set to surge against UK firms

Askul corporation restores operations after ransomware attack and data breach

Askul Restarts Logistics as Ransomware Attack Exposes 740,000 Records

Auto giant LKQ says it's the latest firm to be hit by Oracle EBS data breach

Bad news, as industrial ransomware attacks rise sharply in Q3

Beyond Phishing: How LLM-Powered Social Engineering Threatens Crypto

Breaking the ransomware kill chain: Why distributed lateral security is no longer optional

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

Chinese attackers exploiting zero-day to target Cisco email security products

Chinese Hackers Breach Cisco’s Email Security Systems

Church’s Chicken Data Breach: 21,200 Customer Records Leaked

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

Cisco Reveals New Cyber Attack on Customers Using Zero-Day Vulnerability

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

Cisco Warns of Active Cyberattack Exploiting Critical AsyncOS Vulnerability

Cisco Zero-Day Vulnerability in Secure Email Gateways Exploited in Chinese Hacking Campaign

Class Action Data Breach Settlements Agreed with Three Healthcare Providers

Clipping Scripted Sparrow’s wings: Tracking a global phishing ring

Coding vulnerability may cost a crypto company $100M

Crypto theft in 2025: North Korean hackers continue to dominate

Cybercrime: Police Arrest Suspects Behind Microsoft 365 Phishing Attacks in Nigeria

Cybersecurity in 2026: phishing surges, shadow AI grows

Denmark blames cyberattacks on hacker groups linked to Russian state

Dutch university hit with €175,000 fine after 2021 data breach

FBI dismantles alleged $70M crypto laundering operation

FBI Dismantles Cryptocurrency Exchange Used by Threat Actors for Money Laundering

FBI Seizes Crypto Exchange Allegedly Used to Launder $70M From Ransomware Attacks

FBI Seizes Crypto Laundering Hub E-Note Linked to Russian Admin

FBI Seizes E-Note Crypto Exchange Linked to Ransomware Money Laundering

France Alleges ‘Foreign Interference’ After RAT Malware Found on Ferry

France Arrests 22 Year Old After Hack of Interior Ministry Systems

France Arrests 22-Year-Old Suspect in Ministry of the Interior Cyberattack

France arrests Latvian for installing malware on Italian ferry

France Authorities Arrest Interior Ministry Cyberattack Suspect, Possible 10-Year Prison Sentence

France Launches Foreign Interference Probe After Malware Discovered on Mediterranean Ferry

French police arrest suspect over interior ministry cyber attack

From Mass Phishing to Precision Targeting: AI's Role in Crypto Scams

Google sues another Chinese scam group over large phishing scheme

Google Sues Chinese ‘Darcula’ Group Over Alleged Phishing Scheme

Grandes Vinos Hit by Qilin Ransomware Attack

Group Policy abuse reveals China-aligned espionage group targeting governments

Hacker arrested over ties to France Interior Ministry data breach

Hackers breach internal servers of tech provider for Britain’s health service

Hackers find a simple trick to access WhatsApp accounts: linking a new device

Hackers list Western Australian mining company Avenira on darknet leak site

Heart of Texas Behavioral Health Network reports data breach affecting patient records

Hewlett Packard Enterprise (HPE) OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

Hewlett Packard Enterprise (HPE) warns of maximum severity RCE flaw in OneView software

HMRC Warns of Over 135,000 Scam Reports

Hospital Ransomware Really is The Pitt

How CISOs Can Beat the Ransomware Blame Game

India: Fake Guwahati Jal Board Bill Scam Raises Data Breach Concerns

Information Commissioner’s Office (ICO) to investigate Prospect data breach with Guernsey, Jersey and Isle of Man counterparts

Iranian APT ‘Prince of Persia’ Resurfaces With New Tools and Targets

Ireland: 'No evidence' data taken in Ombudsman cyber attack

Ireland: Ombudsman's office hit by 'financially motivated' ransomware attack

Isle of Man: Island part of union data breach investigation

Isle of Man: Joint investigation launched into cyber attack on union

Jersey: Joint investigation launched into trade union data breach

Jersey: Probe Launched After Data Breach Impacts Thousands

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

Korea launches government-wide probe into Coupang data breach

Korean firms' excessive collection of data led to Coupang data breach

Lazarus Group Embed New BeaverTail Variant in Developer Tools

Major Australian university targeted in cyberattack

Major Data Breach Announced by Richmond Behavioral Health Authority

Microsoft 365 users targeted in device code phishing attacks

Millions impacted by PornHub, SoundCloud data breaches

More than half of public vulnerabilities bypass leading Web Application Firewalls (WAFs)

MS13-089 Ransomware Hits Virginia Urology and DGP Commercialisti

New BeaverTail Malware Variant Linked to Lazarus Group

New password spraying attacks target Cisco, PAN VPN gateways

New Zealand: Property developer Hopper Developments listed on dark web by ransomware group

Nigeria: 2 Suspects Arrested As Police Probe Fraudsters Targeting Microsoft 365 Software Users

Nigerian police arrest suspect in Microsoft 365 phishing attacks

North Korea Steals Over $2 billion in Crypto in 2025

North Korea-Linked Hackers Steal $2.02 Billion in 2025, Leading Global Crypto Theft

OAuth Device Code Phishing Campaigns Surge Targets Microsoft 365

Operation ForumTroll resurfaces with new phishing campaign targeting Russian academics

Over $3.4 billion in crypto stolen throughout 2025, with North Korea again the top culprit

Paizo GPS Solutions Allegedly Breached Exposing GPS Telemetry Data

Partido Revolucionario Institucional (PRI) Data Breach Exposes Voter IDs and Sonora Government Cyberattack Halts Financial Operations in Mexico

Pennsylvania high court rules that police can access Google searches without a warrant

Personal data breach affects thousands across Channel Islands

Police arrest suspected Nigerian hacker over Microsoft 365 cyberattack

Police, US secret service, FBI arrest suspects in Nigeria over fraud

Pornhub rocked by massive data breach as hackers steal 200 million users’ search histories

Pornhub User Data Reportedly Stolen by Hacker Group ShinyHunters, Threaten to Expose

Privacy risks sit inside the ads that fill your social media feed

Ransomware activity stabilizes in November, attackers refine tactics

Seafarer arrested after remote-control malware found on Mediterranean Shipping Company (MSC) ferry

SoundCloud Cyberattack Leaves 28 Million Users Exposed

South Korea: Government to form task force to handle Coupang data breach case

South Korea’s Ruling Party Seeks Joint Parliamentary Hearing Over Coupang Data Breach

SudamericaData Breach Exposes Over 1TB of Argentine Records

Tech provider for NHS England confirms data breach

The Araneta Group Targeted by Osiris Ransomware Group

The Botting Network Historical Data Breach Exposes Over 96,000 User Records

The University of Sydney: Notification of cyber and data breach

UK Information Commissioner Launches Probe Into Major Film & TV Worker Data Breach

US seizes E-Note crypto exchange for laundering ransomware payments

Watch Out for Weaponized PDF Purchase Orders Containing Hidden Malicious Scripts

Westminster Council says potentially sensitive information ‘copied and taken’ in cyber attack

Who are ‘ShinyHunters’? Hacker group threatens to expose Pornhub premium users

Why Organizations Need to Modify Their Cybersecurity Strategy for 2026

Your Credit Info Might Have Been Leaked in This Massive Data Breach

17th December

1.5 Million Dutch Pornhub accounts compromised in cyber attack

$3.5M Settlement Agreed to Resolve Group Health Cooperative of South Central Wisconsin Data Breach Lawsuit

8 Million VPN users just got their AI chats wiped and sold

14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data

55% of victims of Makop ransomware group were based in India

200 Million Pornhub Users Exposed After Data Breach

200 million records exposed in massive Pornhub data breach - here’s what we know so far

700Credit data breach raises compliance questions for powersports dealers

Advancing Ransomware Investigation and Cybercrime response in Africa

AI breaks the old security playbook

Al-Ahli Saudi Football Club Data Breach Exposes Player Contracts and Passports

Albemarle County: Summer ransomware attack impacted residents and employees

Amazon EC2 and ECS Targeted in Cryptomining Campaign Using Compromised IAM Credentials

Amazon exposes Russian cyber saboteurs targeting Western critical infrastructure

APT28 Targets Ukrainian UKR-net Users in Long-Running Credential Phishing Campaign

Askul data breach exposed over 700,000 records after ransomware attack

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)

Banks built rules for yesterday’s crime and Regulatory Technology (RegTech) is trying to fix that

Biggest Cyber Attacks of the Year 2025: A Wake-Up Call for Cybersecurity

Blind Eagle Hackers Exploit Trust to Bypass Email Security Controls

BlindEagle Campaign Abuses Trust Relationships to Circumvent Organizational Email Defenses

California Amends Data Breach Notification Requirements

Canary Benefits Data Breach Exposes Names and SSNs

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

Chinese Ink Dragon Group Hides in European Government Networks

Chinese spy group Ink Dragon is turning victims into infrastructure

Cisco email security appliances rooted and backdoored via still unpatched zero-day

Cisco says Chinese hackers are exploiting its customers with a new zero-day

Cisco warns of unpatched AsyncOS zero-day exploited in attacks

Coupang CEO Bom Kim Under Fire for Data Breach Absence

Coupang CEO faces legal action for skipping South Korean hearing on data breach

Coupang CEO fails to appear at South Korean parliamentary hearing on data breach

Coupang CEO's No-Show Sparks Outrage Amid Massive Data Breach Scandal

Coupang discloses 33 million-user data breach to US regulators

Coupang executives face Korean lawmakers over data breach

Coupang executives grilled by Korean lawmakers over data breach

Coupang founder faces legal action for skipping South Korean hearing on data breach

Coupang interim CEO apologizes over 33 million users data breach

Coupang rebuked over founder's absence at data breach hearing

Coupang reports data breach affecting 33 million customers to US Securities and Exchange Commission (SEC)

Coupang reports data leak affecting 33.7 million, warns of financial risks

Coupang's Data Breach Drama: CEO Bom Kim Faces Legal Action

Coupang's Data Breach Drama: Legal Actions and Market Implications

Crewmember Arrested for Planting "Foreign" Malware on Italian Ferry

Critical React2Shell flaw exploited in ransomware attacks

Cyber attack on Rainbow District School Board may have compromised personal info

Cyberattack of Nunavik health centre results in data breach

Cybersecurity in 2026: phishing surges, shadow AI grows

CyberVolk Ransomware Flawed: Free File Recovery Possible

'Deeply upset': Mental health clients' personal data compromised in phishing attack

Department of Justice (DOJ) announces takedown of alleged laundering platform used by cybercriminal groups

DragonForce Hits Edward J Kone, Leger & Shaw, GPC Industries

Dutch Data Protection Authority (DPA) warns users: TikTok continues to send personal data to China

European Investigators Disrupt $12m Call Center Fraud Ring

European police bust Ukraine-based call center network behind $11 million in scams

Exploited SonicWall zero-day patched (CVE-2025-40602)

Fake IKEA, Zalando, Dr. Martens, Mango Online Stores Campaign Targets Global Retail Sector

FBI takes down alleged money laundering service for ransomware groups

Federal Trade Commission (FTC) orders crypto platform Nomad to distribute $37.5 million after 2022 theft

Fortinet firewalls under active attack, users urged to update now

France arrests suspect tied to cyberattack on Interior Ministry

France confirms cyberattack on Ministry of Interior, hackers claim 16 Million individuals exposed

France investigates Interior Ministry email breach and access to confidential files

France probes 'foreign interference' after malware found on ferry

France probes 'foreign interference' after passenger ship hit by remote-control malware

From Fake Deals to Phishing: The Most Effective Christmas Scams of 2025

GhostPoster malware campaign exploits live Firefox extensions

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

GNV ferry Fantastic under cyberattack probe amid remote hijack fears

Google Chrome Extension is Intercepting Millions of Users’ AI Chats

Google sues alleged Chinese scam group behind massive U.S. text message phishing ring

Hacker attack on GNV ship, second sailor detained in Italy

Hacker Busts Startup Running Huge Web of AI-Generated “Influencers” on Instagram

Hacker Group Extorts Pornhub Over Premium User Data

Hackers Claim Pornhub Premium Data Breach, Demand Bitcoin Ransom

Hackers Claim Stealing 94GB of Pornhub Premium User Watch Histories

How to spot if your Gmail account is under attack as Google issues warning

India: Central Bureau of Investigation (CBI) busts cyber fraud network that sent out bulk phishing messages, 3 arrested

India: How Digital Personal Data Protection Act (DPDP) Rules Are Quietly Reducing Deepfake and Synthetic Identity Risks

Ink Dragon Expands Cyber Espionage to European Government Networks

Inside a purchase order PDF phishing campaign

Ireland: Data may have been taken in Ombudsman office cyber attack

Ireland: Ombudsman’s office confirms it has suffered ransomware cyberattack

Ireland: Ombudsman’s office targeted with suspected ransomware attack

Ireland: Ransomware attack forces Office of the Ombudsman to take IT systems offline

Italy detains second sailor over cyber attack on GNV ferry

Japanese School Yokosuka Gakuin Confirms Ransomware Attack and Data Leak Claimed by Rhysida

Kimwolf Botnet Hijacks 1.8 Million Android TVs, Launches Large-Scale DDoS Attacks

London council warns 'potentially sensitive' personal details 'copied' by hackers

Makop Ransomware Puts India in Cybercrime Crosshairs

Malicious NuGet package steals cryptocurrency wallets

Marshfield Clinic Data Breach Affects 35,952 Patients

Massive new botnet hijacks almost 2 million Android devices and briefly surpasses Google

Minersville School District continues to probe ransomware attack

Minersville, Pennsylvania, Schools Cancel Classes Due to Cyber Threat

Most smart devices run outdated web browsers, expose owners to attacks

Motors WordPress Vulnerability Exposes Sites to Takeover

National Institute of Standards and Technology (NIST) Releases Draft AI Cybersecurity Guidance to Address Risks of Enterprise AI Adoption

NCC Group report finds ransomware activity plateaued in November as tactics evolve

New Android Virus Can Lock You Out of Your Phone and Wipe Data

New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware

New FinCEN Ransomware Report: Banks Must Contain Materiality Risk

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs

New Research Reveals 90% of Parked Domains Now Deliver Malware, Scams, and Phishing Attacks

New research shows most parked domains now expose users to malware scams and phishing

New SantaStealer malware drops just in time for the holidays

New spyware discovered on Belarusian journalist’s phone after interrogation

New Zealand property firm Hopper Developments suffers alleged cyber attack

News-Press & Gazette Company Data Breach Exposes SSNs, Names & More

Northern Ireland Executive agrees to set aside £119m to help cover costs arising from PSNI data breach

NS Pharma Data Breach Affects 92,845 Patients

Ongoing cryptomining campaign uses hacked Amazon Web Services (AWS) accounts

Operation ForumTrol Known for Exploiting Chrome 0-Day Attacking Users With New Phishing Campaign

Parked Domains Emerge as a Primary Channel for Malware and Phishing

Petróleos de Venezuela (PDVSA) Cyberattack Disrupts Administrative Systems, Oil Cargo Deliveries Suspended

Police Service of Northern Ireland (PSNI) data breach: Ministers set aside £119m for PSNI data breach payouts

Pornhub: Hacker group threatens to leak list of premium users

Pornhub data breach: Who are ShinyHunters, the hackers claiming to steal user data?

Pornhub hack: 200 million user data stolen by ShinyHunters

Pornhub hit by huge cyber attack as millions of users' data 'stolen by hackers'

Pornhub Hit by ShinyHunters Threat: Hacker Group Claims It Will Expose Premium Users

Pornhub suffers massive data breach: Should the adult website's users be worried? Here’s what we know so far

Privacy advocates see risk in new Meta policy that uses AI chats to serve targeted ads

Privacy on steroids: Phone automatically changes its identifier every 24 hours to prevent tracking

Pro-Russian Hacker Group Claims Breach of Ukrainian Military Data

Richmond Behavioral Health Authority (RBHA) Data Breach Impacts 113,232 Individuals

RJ Enterprise CRM Data Breach Exposes Scam Call Center Records

Russian BlueDelta hackers ran phishing campaign against Ukrainian webmail users

SASP SNCC Automatisme Solutions Process Hit by Crypto24

Secure Your Google Account Immediately: Phishing Attacks Are On The Rise & Able to Bypass Security Systems More Efficiently

ShinyHunters Targets Pornhub in Alarming Data Breach

ShinyHunters' Heist: Data Breach Hits Pornhub's Premium Customers

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall warns of actively exploited flaw in SMA 100 Appliance Management Console (AMC)

Sonicwall warns of new SMA1000 zero-day exploited in attacks

SoundCloud suffers data breach, user information accessed

South Africa’s National Lotteries Commission (NLC) warns public of fake lottery win notifications

Spartanburg County cyber-attack victims identified

Spiderman Phishing Kit Targets European Banks and Crypto Users

Sports Medicine & Orthopedics Data Breach Exposes Data of 4,000 Patients

State-Level Cyber Espionage Suspected in KT Telecom Breach

Stormont Executive agrees to set aside £119m for PSNI data breach payouts

Suspect pleads guilty to credential stuffing attack on DraftKings

‘Taking the Bait’: Phishing on the Rise in Montenegro

Texas is suing five major TV companies for spying on its users

The Cybersecurity Side of AI Crypto Bots: What Users Need to Know

The Imperative of Software Supply Chain Security: AI-Generated Code Risks, Secure SDLC Practices, and SBOM Validation

TikTok and Grindr face complaint over sensitive data sharing

TikTok tracked user’s Grindr activity in violation of European law, rights group alleges

Too many hacks lead to Telegram: security researchers recommend blocking it

Turing & EDU Arena Data Breach Exposes User and Admin Information

UK MPs Consider Bringing VPNs Under Online Safety Act Rules

US Autoparts Maker LKQ Confirms Oracle EBS Breach

Wellcare Data Breach Compromises PII & PHI

WhatsApp device linking abused in account hijacking attacks

Why vulnerability reports stall inside shared hosting companies

16th December

4.3 Billion LinkedIn-Style Records Found in One of the Largest Data Exposures Ever

700Credit data breach exposes 5.8 Million customers’ DOB, SSNs, across 20K US dealerships

700Credit Data Breach Impacts Millions of Car Owners

700,000 Records Compromised in Askul Ransomware Attack

A cyber attack hit Petróleos de Venezuela (PDVSA) disrupting export operations

Accenture Finds Gen Z Most Prone to Phishing Risks

AgeRight Data Breach Impacts 4,897 Current and Former Patients

AI might be the answer for better phishing resilience

AI Powered Tools Are Driving the Evolution of Ransomware Operations and Service Based Cybercrime

AI Turbocharges Ransomware: How LLMs Fuel Faster, Stealthier Extortion

Amazon disrupts Russian GRU hackers attacking edge network devices

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon Warns Russian GRU Hackers Target Western Firms via Edge Devices

Amazon Web Services (AWS) Blames Russia’s GRU for Years-Long Espionage Campaign Targeting Western Energy Infrastructure

ASEC warns of expanding Gentlemen ransomware campaigns hitting manufacturing and healthcare

Askul confirms theft of 740,000 customer records in October ransomware attack

Australia: Two Queensland clinics named in separate alleged ransomware listings

Beyer Law Group Allegedly Breached by Anubis Ransomware Group

Can a Transparent Piece of Plastic Win the Invisible War on Your Identity?

Cellik Android malware builds malicious versions from Google Play apps

City of Westminster missing public funds after cyber attack, officials say

Compromised IAM Credentials Power a Large Amazon Web Services (AWS) Crypto Mining Campaign

Coupang CEO Resigns As Police Probe Expands Over 33.7 Million-User Data Breach

Coupang CEO Quits After Breach Hits 33.7 Million South Koreans

Critical Vulnerabilities in Connected Car Modems Expose Critical Vehicle Security Risks, Researchers Say

Cyber attack in Sudbury did little damage, Rainbow District School Board says

Cyber Criminals Breach 700Credit Systems, Exposing Data of 5.8 Million

Cyber Incidents at Prosper Marketplace and 700Credit Impact Millions Across the U.S.

Cyberattack disrupts Venezuelan oil giant PDVSA's operations

Cyberattack on member-owned healthcare payer ends in $3.5M settlement

Denial-of-Service and Source Code Exposure in React Server Components

Eagle Stores Data Breach Exposes 300k Customer Records

EU Prepares Wider Data Retention Rules, VPN Providers Could Be Affected

Eurojust-Backed Authorities Dismantle Ukraine-Based Cyber Fraud Call Center Network

European authorities dismantle call center fraud ring in Ukraine

European police busts Ukraine scam call centers

Facebook data breach: How to protect your data

Fake ‘Leonardo DiCaprio’ Torrent Spreads Agent Tesla Malware

Federal government hacker twins’ criminal history overlooked by Opexus

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

From Sextortion to Ransomware: The Blackmail Scams Are Taking Over the Internet

Germany accuses Russia on Parliament Cyber Attack and Data Breach of over 5.6 million credit card details

German Parliament Allegedly Hit by Email Outage During US-Ukraine Talks Amid Cyberattack Suspicions

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

Global Gentlemen ransomware intrusions ramp up

Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw

Guernsey: Dental practice breached data law after hacked email sent phishing messages

Hackers exploit newly patched Fortinet auth bypass flaws

Hacking group says it’s extorting Pornhub after stealing users’ viewing data

How Cyber Attacks Can Impact a Business in the United States

How to create a ransomware playbook that works

How to Protect Yourself From Crypto Phishing Emails?

India: 8 Ways the Digital Personal Data Protection (DPDP) Act Will Change How Indian Companies Handle Data in 2026

India Dismantles ‘Phishing SMS Factory’ Infrastructure Sending Lakhs of Fraud Messages Daily

Iran-linked hacker group offers $30,000 bounty for Israel's military info

Is your smart home an easy target? 6 ways experts lock theirs down

Isle of Man: Freight company issue warning over phishing email attack

Jaguar Land Rover Confirms Employee Data Stolen in Crippling August Cyberattack Costing the Company Over $890 Million

Jaguar Land Rover Data Breach Exposes Employee Information After August Cyberattack

JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices

JumpCloud Windows Agent Flaw Enables Local Privilege Escalation

LastPass Data Breach: The Cost of Weak Cybersecurity, 1.6 Million Users’ Data at Risk

Leaked letter to staff shows extent of Royal Cornwall Hospital data breach

LKQ Corporation Data Breach Exposes 9,070 SSNs

LLM-Driven Automation: A New Catalyst for Ransomware and RaaS Ecosystems

LLMs are Accelerating the Ransomware Operations with Functional Tools and RaaS

LLMs aren’t launching ransomware, but they are optimizing it

Makop Ransomware targets India: What the new attack means and how to stay safe

Makop Ransomware Turning RDP Breaches into Lateral Movement

‘Malicious’ threat targets Pulaski Electric System in ‘cyber attack,’ interrupting customer services

Medical Supply Firm Fieldtex Hit by Data Breach Affecting Hundreds of Thousands

Millions Affected by Massive Credit Report Data Breach

Millions of Car Owners Hit By 700Credit Data Breach

More Than 1.8 Million Affected in Prosper Marketplace Data Security Incident

NAHGA Claims Services Reports Data Breach Affecting Over 180,000 People

Password manager fined after major data breach

Password security firm hit for password security failings

Passwordless is finally happening, and users barely notice

Payroll data stolen in Jaguar Land Rover cyberattack

Phishing Messages and Social Scams Flood Users Ahead of Christmas

Plaintiffs Drop Data Breach Lawsuits Against Dior Over Salesforce Hack

PornHub Breached by ShinyHunters Group and Premium Members’ Data Stolen

PornHub Confirms Premium User Data Exposure Linked to Mixpanel Breach

Pornhub Extorted by ShinyHunters Following Mixpanel Analytics Breach

Pornhub Premium User Data Exposed Allegedly Due to Third-Party Mixpanel Breach, ShinyHunters Extorts the Company

Pornhub Suffers Data Breach in Attack Claimed by ShinyHunters

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

RaidForums Dark Web Forum Listed for Sale: Cybercrime Platform Seeks New Ownership

Ransomware attack against Askul hits nearly 740K

Ransomware trends targeting storage systems in 2026

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

Retail sector faces ongoing battle against ransomware

Rhysida Ransomware Targets Japan’s Yokosuka Gakuin

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Russia’s GRU hackers targeting misconfigured network edge devices in attacks on energy sector, Amazon says

Russian GRU hackers favor misconfigured devices over vulnerabilities

Sapphire Health Data Breach Affects 5,617 Patients

SoundCloud breached, hit by DoS attacks

SoundCloud Confirms Cyberattack, Limited User Data Exposed

SoundCloud Confirms Data Breach - Hackers Exfiltrated User Account Data

SoundCloud confirms data breach - user info stolen, here's what you need to know

SoundCloud Confirms Data Breach After Hackers Exfiltrate User Account Data

SoundCloud Confirms Data Breach and Theft of 20% of User Emails After VPN Access Disruption

SoundCloud confirms it suffered a data breach

SoundCloud Confirms Security Breach and VPN Lockout After User Data Leak

SoundCloud discloses breach affecting millions, warns users about phishing attempts

SoundCloud discloses data breach incident impacting 20% of users

SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users

SoundCloud warns of data breach with ‘limited data’ of a fifth of its users

Texas sues TV makers for taking screenshots of what people watch

The messy data trails of telehealth are becoming a security nightmare

Top 10 Cyber-Attacks of 2025

Urban VPN Proxy Accused of Harvesting AI Chat Conversations

Users alarmed after Pornhub was linked to data breach that affected OpenAI

Venezuela state oil company blames cyberattack on US after tanker seizure

Venezuela’s state oil company hit by cyber attack

Voltras International Data Breach: 30GB Travel Database for Sale

Volunteers launching DDoS attacks rewarded by Cryptocurrency, mostly Bitcoins

When Artificial Intelligence Becomes the Hacker: Legal Risks and Compliance Strategies for Autonomous Cyber Threats

Why We’ll Never Patch Everything, and That’s Okay

15th December

16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records

100GB Database of Kuwait Energy Basra Leaked Online

700Credit Data Breach Exposes 5.6 Million Americans’ SSNs and Personal Info

700Credit data breach exposes millions of personal records

700Credit Data Breach Exposes Names, Addresses, and Social Security Numbers

700Credit Data Breach Impacts 5.8 Million Individuals

700Credit data breach impacts 5.8 million vehicle dealership customers

Afghan Refugees Sue UK Ministry Of Defence Over Data Breach

Almost half of business owners in the floriculture sector are unaware of the consequences of cyber-attack

Apple urges updates as hackers target iPhones

Asahi Cyberattack Forces Shift to Zero-Trust Model, Delays Earnings by Over 50 Days

Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

Askul confirms theft of 740k customer records in ransomware attack

Beware of DroidLock, an Android Ransomware that Can Take Over Your Phone and Infiltrate Banking Data

BlueCross members in Tennessee urged to act after data breach exposes personal info

BreachForums Reemerges, Admin Apologizes for Honeypot Confusion, Claims the Attack the French Government Announced Impacting Over 16 Million Individuals

Coinbase Phishing Scammer Arrested in New York After Probe

Conduent data breach exposed data of 10.5 million people, including Social Security numbers

Coupang CEO Steps Down After Data Breach Hits 33.7 Million Users

Coupang data breach fuels calls to expand class action lawsuits

Coupang data breach traced to ex-employee with system access

Critical Amazon Kindle Hack Confirmed - What You Need To Know

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

Cyber attack on Leroy Merlin

Data breach at 700Credit exposes personal info of 5.8 million Americans

Diaz Gill Medicina Laboratorial S.A. Targeted by RansomHouse Ransomware Attack

DraftKings Hacker Pleads Guilty After Group Stole About $600K

DXS Systems Ransomware Attack by Devman Group (300GB Data Breach)

Europe’s Digital Markets Act (DMA) raises new security worries for mobile ecosystems

Expert MRI Data Breach Exposes PII & PHI

FBI Cautions Alaskans Against Phone Scams Using Fake Arrest Threats

FBI confirms 630,000,000 passwords stolen in major data breach

Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats

Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files

Former Coupang employee linked to data breach exposing 33.7 million customer records

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

French Interior Ministry confirms cyberattack on email servers

FrogBlight Android Banking Trojan Targets Turkish Android Users via Smishing and Fake Government Court File Portals

Gentlemen Ransomware Emerges as a Threat to Corporate Networks

GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware

Google links more Chinese hacking groups to React2Shell attacks

Google Threat Research Uncovers Data Breach in NHS Linked to Oracle Vulnerability

Hackers Steal Personal Data in 700Credit Breach Affecting 5.6 Million

Hackers turn ChatGPT, Grok chat links into malware traps on search engines

Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices

Harbour Town Doctors suffers alleged patient data breach

Healthcare Interactive data breach exposes sensitive information of 87,565 Americans

How AI Can Help Fight the Ransomware Threat

How to Spot a Browser-in-the-Browser Phishing Attack

Inc Ransomware Group Attack Hits City of Signal Hil and Steel Works Inc

Information Commissioner’s Office (ICO) Issues Post Office Public Reprimand Instead of Fine Over Data Breach

Jaguar Land Rover confirms staff data stolen in cyberattack

LastPass fined £1.2M by ICO for comprehensive data breach

Law firm warns of rising cybercrime threats amid festive season celebrations

Madison Healthcare Confirms Data Breach After Ransomware Attack

Major Data Breach at 700Credit Linked to Third-Party API Vulnerability

Manufacturing is becoming a test bed for ransomware shifts

Manufacturing sector turns into a testing ground for ransomware hackers

Marquis Companies Data Breach Exposes SSNs & Medical Info

Massive data breach sees credit card details of over 5.6 million victims leaked - here's what we know

McElroy & Associates (OPEH&W Health Plan) Data Breach Affects 6,633 People

More than 238K hit by Akira-claimed Fieldtex Product hack

Nashua Botswana Data Breach: 21.5GB Sensitive Data for Sale

National Cyber Security Centre (NCSC) Playbook Embeds Cyber Essentials in Supply Chains

Nearly 20 million affected by Prosper, 700Credit data breaches

New Android Malware Mimic as mParivahan and e-Challan Attacking Android Users to Steal Login Credentials

New Gentlemen Ransomware Breaching Corporate Networks to Exfiltrate and Encrypt Sensitive Data

New Gentlemen Ransomware Hits Corporations, Steals Confidential Data Before Locking Systems

New SantaStealer malware steals data from browsers, crypto wallets

New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems

PayPal Subscription Feature Abused in Sophisticated Phishing Campaign

PEAR Ransomware Group Lists Angstrom Automotive and Gordon Clifford

Petco Confirms Data Security Incident Impacting Customer Data

Petco confirms major data breach involving customer data

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Pierce County Library System Confirms Data Breach Impacting Over 340,000 People

Pierce County Library System Cyberattack Exposes Data of Over 340,000 People

PlayTicket Data Breach: 210k User and Order Records for Sale

PornHub extorted after hackers steal Premium member activity data

Preparing users for the newest wave of AI-powered phishing

Pro-Russian CyberVolk Ransomware Flawed by Master Key for Free Decryption

Qilin Ransomware Breaches STIC, Hopper, Kier & Wright

Ransomware, Cloud and AI Risks Reshape the Global Cyber Threat

Ransomware victims to top 7,000 by 2026 as cloud risks rise

React vulnerability hits crypto websites with drainers

Researchers see global surge in attacks by new ransomware group “Gentlemen”

Royal Family thrown into chaos after King Charles’ confidential data breach

Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files

Russian spy tracked down using her cat’s microchip number

Sophos finds rise in data theft as encryption declines in manufacturing attacks

SoundCloud confirms breach after member data stolen, VPN access disrupted

Still running Windows 10? Here's why that's a bad idea

Storm-0249 Abusing EDR Process Via Sideloading to Hide Malicious Activity

Storm-0249 Exploits EDR Process Sideloading to Conceal Malicious Behavior

Texas sues 5 smart TV manufacturers over data collection practices

The Budget Effect of a Security Incident

The Citizens Bank Data Breach Exposes Social Security Numbers

'The hunt has begun': Iran-linked hackers put bounties for info on Israeli air defense developers

The Shadow of Ransomware on the Festive E-Shopping Season

ThermoEx Company Limited Data Breach: 170GB of Files for Sale

Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case

Third DraftKings Hacker Pleads Guilty

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

Up to 300 attempts made to access information from Police Service of Northern Ireland (PSNI) data breach

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)

Venezuela: Cyber attack hits PDVSA systems, oil cargo delays confirmed

Venezuela announces that the state-owned oil company has been subjected to a cyber attack

Venezuela's PDVSA suffers cyberattack, tankers make u-turns amid tensions with US

Venezuelan Regime Accuses U.S. Of Conducting Cyber Attack Against Its State-Run Oil Company: 'Trying To Affect National Stability'

Victory Disability Data Breach Exposes Sensitive Patient Info

Village of Franklin Falls Victim to Cyber Crime

VolkLocker Emerges as a Cross-Platform Ransomware Threat Targeting Linux and Windows

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

What types of compliance should your password manager support?

Widespread credential theft possible with nascent phishing kits

World Leaks Ransomware Hits Thrings Solicitors and Wavenet

Yalidine Express Allegedly Breached: 123 GB of Data Listed for Sale