Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organisations raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks were the highest ever recorded, and 2026 could be worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. It's a dangerous world out there, so please be extra vigilant and mindful of the risks and threats. Wishing you all the best for the New Year. Thanks again for all your support. Stay safe. :)
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 26th January and 1st February 2026.1st February
‘A Jenga tower’: Why New Zealand’s health cybersecurity is leaving patients exposed
Bangladesh: Election Commission data breach exposes personal details of 14,000 journalists
Bangladesh: Election Commission Website data breach exposes details of 14,000 journalists
Blue Star flags possible data breach, engages cybersecurity experts
Canada Computers & Electronics confirms customer data breach
Data Breach Class Actions: Real vs. Scam
Exposed MongoDB instances still targeted in data extortion attacks
Identity risks widen cyber attack surface in Asia-Pacific
Islamic regime targeting dissidents, Israelis in new wave of advanced phishing attacks
New Apple privacy feature limits location tracking on iPhones, iPads
ShinyHunters Escalates Cyber Extortion Through Sophisticated Voice Phishing Blitz Targeting Corporate America
South Korea: Financial Supervisory Service (FSS) Warns of AI Voice Phishing Mimicking Children
UAE: Scam messages rise 35% in a year
UAE alerts public to risks from phishing, SMS scams; 35% rise in fake messages
Vulnerability Exploitation Overtakes Phishing as Primary Attack Vector, Cisco Reports Amid Rising MFA Bypass Threats
31st January
Address Poisoning Phishing Hits Crypto Whale Again: 4556 Tokens Lost After Copying On-Chain History Address
City of New Britain hit with a ransomware attack
Cloud storage payment scam floods inboxes with fake renewals
Coupang's interim chief questioned for 12 hours over data breach probe
Crypto Investor Loses Over $12 Million in Ethereum to ‘Address Poisoning’ Scam
Department of Justice (DOJ) releases details alleged talented hacker working for Jeffrey Epstein
Email scams go QR
Ex-Google employee found guilty of stealing AI trade secrets
FBI takes notorious RAMP ransomware forum offline
Gen Z more likely to engage with phishing than Boomers
In 2026, Immutable Storage Has Become Mandatory to Protect Against Autonomous Ransomware
Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists
Lawsuit After Breach of Patient Information at Northeast Spine and Sports Medicine Gets Green Light from Judge
Major Cyber Attack Attempt on Dating Apps, Hackers Try to Breach User Data
Manage My Health Hacker Identified Amid Calls for Arrest
Mandiant details how ShinyHunters abuse SSO to steal cloud data
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
Northern Ireland: Committee for Agriculture, Environment and Rural Affairs (AERA) briefed on Agri-Food and Biosciences Institute (AFBI) data breach by officials
Panera Bread data breach exposed personal info of 5.1 million customers
Poland: CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms
Poland accuses Russian intelligence of orchestrating cyber attack in late December
Qilin ransomware gang claims Tulsa airport breach, leaks files
Researcher reveals evidence of private Instagram profiles leaking photos
Stellantis sued over Chrysler data breach claimed by Everest ransomware
U.S. convicts ex-Google engineer for sending AI tech data to China
US Seizes $400 Million Linked to Helix Dark Web Crypto Mixer
When Digital Extortion Turns Physical: Security Chiefs Confront Ransomware’s Dangerous Evolution
Windows Malware Uses Pulsar RAT for Live Chats While Stealing Data
30th January
Accounting Firm Handing Up To $10,000 Per Person Over Data Breach That Exposed Social Security Numbers and Other Sensitive Info
Active Ransomware Groups Dwindle, But Victim Numbers Rise
After FBI’s RAMP seizure, cybercriminals scatter as mistrust spreads on dark web forums
All Hands on Deck: IPIDEA Proxy Network Disrupted, Swatting Suspects Arrested, Darknet Operators Plead Guilty
Another massive data breach: why changing passwords is no longer enough
Apple’s new privacy feature limits how precisely carriers track your location
Argaam Investment Company Breach: 2 Million Records Leaked Online
Arsink Spyware Posing as WhatsApp, YouTube, Instagram, TikTok Hits 143 Countries
Avenir Design Ltd Allegedly Impacted by Data Breach
Badges, Bytes and Blackmail
Belgian hospitals unable to pay employees due to ransomware attack
Canada Computers & Electronics Data Breach: Customers Demand Transparency Amid Growing Concerns
Canada Computers warn customers of data breach. Your credit card information may have been stolen
Center for Life Resources Data Breach: Social Security Numbers Exposed
Chase fraud alert email: How to identify and respond to phishing
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Cisco sees vulnerability exploitation top phishing in Q4
Comcast Nears $117.5 Million Settlement Deal in Yearslong Data Breach Lawsuit Proceedings
Comcast to Pay $117 Million in Security Breach Settlement
Commission Nationale de l'Informatique et des Libertés (CNIL) Fines France Travail After Hack Exposes 20 Years of Job Seekers’ Personal Data
Contractor Data Breach Impacts Health Info of Thousands in Central Oregon
Coupang CEO questioned by police investigating obstruction of probe into data breach
Coupang CEO questioned in first police appearance over data breach
Coupang CEO questioned over data breach case
Crypto wallets received a record $158 billion in illicit funds last year
Cyber Group Says It Has Identified Hacker Behind Manage My Health Breach
Cyberattacks hit record high in Hong Kong as AI fuels phishing schemes
Cybercrime group claims credit for voice phishing attacks
Cybersecurity company identifies Manage My Health hacker
Cybersecurity Experts Arrested During Courthouse Pen Test Reach $600K Settlement
Cybersecurity Threats to Universities and Colleges - How to Stay Safe
Cyble Research Discovers ShadowHS, an In-Memory Linux Framework for Long-Term Access
Data Breach Impacts Health Information of Thousands in Central Oregon
Dating-app giants investigate incidents after cybercriminals claim to steal data
Default Credentials, Vulnerable Devices Exploited in Polish Energy Grid Attack
Electronic Frontier Foundation (EFF) calls out major tech companies on encryption promises
EU facing unprecedented attacks, needs to rethink cybersecurity
Eventing South Africa Allegedly Breached: Member Data Leaked
Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup
Ex-Google engineer found guilty of stealing AI secrets
Fake Traffic Challan Message Costs Bengaluru Techie Lakhs, Cyber Police Probe Phishing Scam
Federal Motor Carrier Safety Administration (FMCSA) issues alert about ‘aggressive’ email phishing scheme targeting trucking companies
First ever extradition from United Arab Emirates to Luxembourg amid fraud probe
Former Google Engineer Convicted of Stealing AI Secrets for China
Framework to host AI locally on Windows and macOS leaks massive amount of data
France fines employment agency €5 million for data breach affecting 43 million
France fines employment agency €5 million over major data security failures
Github’s viral AI assistant Moltbot is a step away from a massive breach
In Latin America, Brazil leads in phishing campaign with fake invitations on Microsoft Teams
Informant told FBI that Jeffrey Epstein had a ‘personal hacker’
Investigation into data breach involving Blue Cross Blue Shield members could head to court
Is Renewing CISA Enough to Restore Confidence for Cyber Threat Reporters?
Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Affecting ‘Very Limited’ Number of Customers
Ivanti Patches Two Zero-Days in Mobile Manager After Attackers Exploit Vulnerable Systems
Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)
Krispy Kreme settles data breach lawsuit impacting 160,000 current and former workers
Labyrinth Chollima Evolves into Three North Korean Hacking Groups
Langley Twigg Law Confirms Data Security Incident After Ransomware Attack
LawPavilion Data Breach: 63,000 Users Leaked from Nigerian Legal AI
Marquis confirms data breach, point finger of blame at SonicWall firewall
Marquis considers compensation claim against SonicWall after ransomware breach
Marquis Data Breach Linked to SonicWall Hack: Fintech Firm Attributes Breach to Firewall Provider
Marquis Software Solutions breach pinned on SonicWall hack
Massachusetts Attorney General secures $515,000 settlement with Rowley company for data breach
Match, Hinge, OkCupid, and Panera Bread breached by ransomware group
Montana Launches Probe Into Blue Cross Blue Shield of Montana (BCBSMT) Data Breach Affecting 462,000 Members
Motor carriers targeted in phishing scheme
National Crime Agency and NatWest Issue Joint Warning Over Invoice Fraud Threat
NCC Group warns of surge in ransomware & insider threats
New AI-Developed Malware Campaign Targets Iranian Protests
New Britain City Hall Network Disruption Takes Systems Offline, Halts Municipal Services
New plaintiffs join class action against Cognizant’s TriZetto over data breach
0APT Ransomware Group Adds 60 Global Victims to Leak Site
Paa.ge Data Breach: 33 Million Rows of Customer and Order Data Put for Sale
Personal data of nearly 37 million job seekers exposed in France Travail breach
Phishing has not disappeared, but it has grown up
Phishing link in traffic penalty message swindles techie
Precision Becomes the New Playbook for Software Supply Chain Attacks
Proofpoint details TA584’s fast-evolving 2025 attacks
Quorum cyber's report: Ransomware and cyber risks
Ransomware Gangs Recruit Malicious Insiders as Attacks Surge Over Holidays
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access
Russian hackers breached Polish power grid thanks to bad security, report says
Saudi Arabia NPHIES Healthcare Platform Faces Massive Data Leak
Securing Trust: Why Crisis Communication is Your First Line of Defense
Security teams are carrying more tools with less confidence
Security work keeps expanding, even with AI in the mix
ShinyHunters targets dating apps Bumble and Match in Data Breach incident
SK Telecom rejects arbitration recommending W100,000 compensation per customer
SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score
SoundCloud Data Breach Exposes Nearly 30 Million User Accounts
South Korean police to question Coupang's interim CEO in data breach probe
South Korean police to question interim CEO of Coupang in data breach probe
South Korean prosecutors lose $28 million in seized Bitcoin after phishing attack on offline wallets during ongoing gambling trials
Spain Logs Nearly 2,800 Personal Data Breach Notifications in 2025 as Ransomware and Cyber Intrusions Dominate
Suspect arrested in Dubai, extradited to Luxembourg on fraud charges
The FBI has seized the RAMP hacking forum, but will the takedown stick? History tells us otherwise
The viral AI agent Moltbot is a security mess - 5 red flags you shouldn't ignore (before it's too late)
There’s a high chance your family business clients have faced a cyber-attack, warns Deloitte
Tinder owner reports data breach
Transparency lacking amid record high data breach incidence
Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released
Under Armour data breach claims trigger alerts for millions of users
US probes claims Meta employees had “unfettered” access to WhatsApp chats
Virginia Habitat for Humanity loses $85K in phishing scheme
VNA Texas Data Breach Impacts 12,673 Individuals Exposing SSNS and More
WalutaTu Data Breach: Italian Car Valuation Platform Compromised
Wearable tech adoption continues as privacy worries grow
WeddingRelation.com Data Breach Exposes User Profiles
Why life changes increase digital risk: Are you ready for moving, new jobs, or university?
Zoom phishing campaign: How threat actors fake SSA alerts and abuse ConnectWise ScreenConnect
29th January
500 Million+ Facebook records ‘cleaned’ by attackers: Why the 2019 leak is still dangerous?
2025 Data Breach Report: More Compromises, Less Transparency
A fake romance turns into an Android spyware infection
A Lack of Spending Isn’t the Problem With Cloud Security, Structural Complexity Is
Acting CISA Chief Flagged for Uploading Sensitive Government Files Into ChatGPT
AI & Ransomware Are Industrialising Cyber Crime
AI Chat App Data Breach Exposes Millions of Private Conversations
AI generated ransomware makes Data Decryption nearly Impossible
AI is helping scammers target crypto users – cases jumped sixfold last year
AI, cryptocurrency leveraged to boost ransomware threats
AI-powered insurance platform breach impacts 3.1 Million individuals
Aisuru botnet sets new record with 31.4 Tbps DDoS attack
Ambulance billing company to pay $515K after data breach exposed Connecticut and Massachusetts patient data
Ambulance Billing Vendor Reaches Settlement With Connecticut Over Data Breach
ARC Raiders Hit With Devastating Cyber Attack, More Could Be On The Way
Attackers target public-facing applications over ransomware in 2025
Bumble Inc. Allegedly Breached by ShinyHunters
Bumble, Panera Bread, Crunchbase, Match hit by cyberattacks
Canada Computers & Electronics Data Breach Exposes Customer Information
Canadian Hacker Steals $65 Million, Disappears From Custody - What Happened?
Central Ozarks Medical Center Data Breach Exposes SSNs
CFD Investments Data Breach Exposes SSNs, Government IDs, and More
China executes 11 gang members in first death penalties against online scammers
CISA Acting Director’s ChatGPT Uploads Again Draw Internal Anonymous Claims as Department of Homeland Security (DHS) Pushes to Clarify
Clinic Service Corp Data Breach Exposes PII and PHI
Co-op faces backlash over mistaken 'scam warning email' months after cyber attack
Contractor data breach may have exposed the protected health info of thousands of Central Oregonians
Cyberattack on large Russian bread factory disrupts supply deliveries
Data breach: FRANCE TRAVAIL fined €5 million
Data breach at Canada Computers & Electronics leaks personal customer information
Data breaches climbed to a record high in 2025. How to protect your personal information
Dating apps Bumble and Match reportedly hit in cyberattack - user data potentially stolen, here's what we know
devCamp Data Breach Exposes Student and Applicant Information
Distinctive Systems Data Breach: INC Ransom Group Claims Attack
eScan AV supply chain compromise: Users targeted with malicious updates
EU Data Breach Notifications Surge as GDPR Changes Loom
FBI seizes RAMP cybercrime forum used by ransomware gangs
FBI seizes RAMP cybercrime forum used to promote ransomware operations
FBI Takes Down RAMP Ransomware Forum
Fewer ransomware gangs, but more victims in late 2025
Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach
France Fines National Employment Agency €5m Over 2024 Data Breach
France fines unemployment agency €5 million over data breach
France Travail fined €5 million for failing to protect job seeker data
Free VPN Extension Found Misusing CyberGhost Servers
French government agency fined nearly $6 million for data security failings
From Cybercrime to Conflict: Why Infrastructure Defenders Must Rethink Risk
Google agrees to pay $135 million over Android data harvesting claims
Google Dismantles Massive Proxy Network That Hid Espionage, Cybercrime for Nation-State Actors
Google Disrupts Extensive Residential Proxy Networks
Google disrupts IPIDEA residential proxy networks fueled by malware
Google disrupts proxy network used by 550+ threat groups
Google shuts down massive proxy network hijacking home internet
Governments keep asking TikTok for user data. TikTok keeps saying yes
Grubhub customers warned of massive data breach
Hugging Face abused to spread thousands of Android malware variants
Identity Theft Resource Center 2025 Annual Data Breach Report: Record Number of Data Compromises in 2025; 79 Percent Jump Over Five Years
Illegally withdrew over $1.4 million: Norwegian hacker, wanted internationally, detained in Kyiv, Ukraine
Insightin Health Data Breach Exposes 378GB of PII and PHI
Ivanti warns of two EPMM flaws exploited in zero-day attacks
Latvia says Russia remains its top cyber threat as attacks hit record high
LeMatic Hit by Sinobi Ransomware Attack Data Breach 450GB Stolen
Malicious Google Ads Target Mac Users with Fake Mac Cleaner Pages
Marquis blames ransomware breach on SonicWall cloud backup hack
Marquis Points Finger at SonicWall for Fintech Breach
Match Group breach exposes data from Hinge, Tinder, OkCupid, and Match
Match Group Suffers Data Breach of 10 Million Records
Microsoft may give your encryption key to law enforcement upon valid request - here's how to keep it safe
Microsoft's latest zero-day patch blocks a viral Office document hack
Moltbot is a security nightmare: 5 reasons to avoid using the viral AI agent right now
MongoDB Ransomware Is Still Actively Hitting Exposed Databases
Nation-State Hackers, Cybercriminals Weaponize Patched WinRAR Flaw Despite Six-Month-Old Fix
Nevada’s Urgent Hunt for a Cyber Sentinel After Ransomware Chaos
New Britain officials confirm ransomware attack
New CISA Guidance Targets Insider Threat Risks
Nike probes suspected cyber attack after data leak claim
Notorious Russia-based RAMP cybercrime forum apparently seized by FBI
Nova Ransomware Group Claims Massive 500GB Data Theft From KPMG Netherlands
Op Bizarre Bazaar: New LLMjacking Campaign Targets Unprotected Models
Open Source Malware Instances Increased 73% in 2025
Open-source AI models vulnerable to criminal misuse, researchers warn
Open-source malware zeroes in on developer environments
Operation Winter SHIELD: FBI Issues Call to Arms for Organizations to Improve Cybersecurity
Oregon: Local patient info accessed in data breach
Over 72 Million People Exposed in Data Breach at Apparel Giant Under Armour
Phishing threat accelerates in the Philippines as risky URLs surge nearly fourfold in 2025
Public transport companies are not allowed to constantly film bus drivers, Dutch Data Protection Authority says
QR codes becoming new trap for phishing
Quantum Financial Corp Data Breach: 0APT Ransomware Group Claims Attack
RAMP ransomware forum goes dark in probable FBI sting
Ransomware is a ‘significant’ threat in Canada - and set to worsen
Ransomware Victim Numbers Rise, Despite Drop in Active Extortion Groups
Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries
Researchers Tracks Three Groups Emerging From LABYRINTH CHOLLIMA
Reseau.Site Data Breach Exposes Personal Info of 73k Customers
Russian gang tied to recent massive cyberattack on Poland’s power grid
Ryuk ransomware: Attack methods, impact, and prevention
Security Researcher Finds Exposed Admin Panel for AI Toy
Semsar Masr Data Breach Exposes Over 185,000 User Records
ShinyHunters Claims 14 Million Panera Bread Records Exposed in Data Breach
ShinyHunters claim 30GB of Bumble data stolen from Slack and Google Drive
ShinyHunters Claims Okta Customer Breaches
Silent Push details human-led ShinyHunters phishing campaign targeting Okta SSO accounts across organizations
Sneaky 2FA Attack Reveals Fake Windows Stealing Passwords From Users
SolarWinds fixes critical Web Help Desk RCE vulnerabilities
SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass
SoundCloud Data Breach Exposes 29.8 Million User Accounts
South Korea: Sharp-Eyed Officer Arrests Voice Phishing Suspect
Stablecoin bank Kontigo suffers cyber attack
Survey of 100+ Energy Systems Reveals Critical Operational Technology (OT) Cybersecurity Gaps
TA584 threat actor leverages Tsundere Bot and XWorm for network access
Tahkout Group Hit by Tengu Ransomware Data Breach
The Philippines: Phishing attacks surge nearly fourfold in 2025
The Trust Crisis: 88% of Organizations Breached by AI-Powered Attacks as Legacy Email Security Fails
Trocaire College Ransomware Incident Exposes Social Security Numbers
Under Armour data breach claims trigger alerts for millions of users
US Data Breaches Hit Record High but Victim Numbers Decline
US government crypto wallets hit in suspected $60 Million hack by defense contractor's son
US Sentences Chinese National for Role in $36.9 Million Crypto Scam
Using Bumble Or Tinder? Here's What You Should Do As Dating Apps Face Cyber Attacks
Warning: cybercriminals are hijacking open-source AI for scams and disinformation
What motivates hackers and what makes them walk away
WinRAR flaw used against Ukraine now fueling global cybercrime, Google warns
Your intern clicked the wrong link - now what?
Your Next Data Breach May Start With a Job Interview: The Deepfake Candidate Problem
28th January
31 More Charged in Massive ATM Jackpotting Scheme Linked to Tren de Aragua Gang
AI Security Threats Loom as Enterprise Usage Jumps 91%
American Hospital Association (AHA) Releases New Guides to Strengthen Hospital Emergency and Cyber Preparedness
Android AI apps leak Google secrets the most, 700TB of files already exposed
Another Credential Leak, Another Dollar
Autonomous System Uncovers Long-Standing OpenSSL Flaws
Baltimore City Health Department investigates data breach involving insurance eligibility files
Black U services emerge as a key tool in Chinese crypto money laundering
Blue Cross Blue Shield of Montana Faces Data Breach Probe
Canada: Criminals using AI to commit ransomware attacks, cybersecurity centre warns
Chinese Money Launderers Drive Global Ecosystem Worth $82 Billion
Chinese Teen Hacker Sentenced to Six Years for $570,000 Online Refund Scam
Cl0p ransomware gang claims cyberattack on Hilton, alleged breach unconfirmed
Critical and High Severity n8n Sandbox Flaws Allow RCE
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Critical RCE vulnerability in IDIS Cloud Manager Viewer tied to spear-phishing risk
Cyberattack on Delta smart alarm system paralyzes cars across Russia
Cyberattack on Poland’s power grid hit around 30 facilities
Cyberattack on Polish energy grid impacted around 30 facilities
Cyberthreat actors shift from ransomware to patient extortion
Data breach exposes 29.8 Million SoundCloud accounts
Data Breach Reporting Responsibilities and Penalties in South Africa: What Businesses Need to Know
DataBank Nicaragua Targeted in NightSpire Ransomware Attack
DOCS Dermatology Data Breach Impacts Sensitive Personal Info Including SSNs
Eeny, meeny, miny, moe? How ransomware operators choose victims
Emojis in PureRAT’s Code Point to AI-Generated Malware Campaign
Encryptionless Extortion on the Rise as Ransomware Groups Shift Tactics
eScan confirms update server breached to push malicious update
ESET Ireland says “data-first” cyber-attacks are increasingly replacing traditional ransomware tactics
Everybody is WinRAR phishing, dropping RATs as fast as lightning
Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
FBI seizes RAMP cybercrime forum used by ransomware gangs
Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected
Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
Fortinet Temporarily Disables FortiCloud SSO Following Active Exploitation
GoTo Resolve Tool’s Background Activities Compared to Ransomware Tactics
Google settles $68 Million lawsuit over Assistant secretly recording users
Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088
Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions
Hackers Exploit React2Shell Vulnerability to Deploy Miners and Botnets Worldwide
Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation
Hackers Still Using Patched WinRAR Flaw for Malware Drops
Hacktivists Are an Overlooked Threat, But That Threat is Increasing
Healthcare ransom asking price drops by 80%: here’s why
HoneyMyte Hacker Group Updates CoolClient Malware to Deploy Browser Login Data Stealer
How Nike is Responding After Potential Data Breach
Initial access hackers switch to Tsundere Bot for ransomware attacks
Lawsuit Claims ChristianaCare Failed to Safeguard Patient Data After Breach
Learned Lessons From 5 Headline-Making Ransomware Attacks
London’s ultra-prime property market rocked by council cyberattacks
Major Cyberattack Cripples Russia’s Alarm and Vehicle Security Provider Delta
Malicious Open Source Software Packages Neared 500,000 in 2025
Massive SoundCloud Data Breach Exposes Personal Details of 29.8 Million Users
Microsoft App-V Exploited In Sneaky CAPTCHA Phishing Campaign
Ministry of Defence (MoD) warned 'innocent people could die' after after delay to Afghan data breach legal case
Munson Healthcare Hit by Major Data Breach Linked to Oracle Health EHR Vulnerability
Murex Petroleum Data Breach by Ransomware Group Exposes PII
Mustang Panda Deploys Updated COOLCLIENT Backdoor in Government Cyber Attacks
Nearly 30 million SoundCloud accounts affected by data breach
New email phishing tricks exploit QR codes & Teams
New Microsoft Office zero-day under active attack, patch now
New sandbox escape flaw exposes n8n instances to RCE attacks
New WhatsApp lockdown feature protects high-risk users from hackers
New, Aggressive Ransomware Group Attack New Zealand Law Firm
Nike Investigates Data Breach After WorldLeaks Ransomware Group Takes Credit
Nike Investigating Data Breach Following WorldLeaks Ransomware Group Claim
Nova Biomedical Corp. Data Breach Affects 10k Users
0APT Group Breaches Metropolis, Apex, TechnoSoft, GreenValley, Sunrise, Rapid Food, Dr. Smith, Orion
Panera Bread reportedly hit by worrying data breach that sees 14 million records exposed - here's what we know
Panera Bread’s 1.4 Million Record Data Breach Exposes Critical Vulnerabilities in Restaurant Chain Cybersecurity
PureRAT: Attacker Now Using AI to Build Toolset
Pro-Life Group Victimized by Custom-Made Cyber Attack
Pro-Life Group Victimized by Cyber Attack
Progressive Auto Group Data Breach Exposes SSNs and Financial Information
Ransomware attack hits Winona County
Ransomware criminals forced to take off-RAMP as FBI seizes forum
Researchers Uncover 454,000+ Malicious Open Source Packages
Russian Cybercrime Platform RAMP Forum Seized by FBI
Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
Russian ransomware forum seized by U.S. law enforcement
Salt typhoon hacked phones belonging to the aids of three British Prime Ministers
Scotland: Comhairle cyber-attack 'catastrophic' for planning
ShinyHunters claims 10 Million dating records from Match Group's Hinge and OkCupid
Sicarii ransomware locks your data and throws away the keys
Sinobi Ransomware Breaches FIAMPACK, Ashcraft, JP Research, Active Green + Ross, AHM, Impressico, Gallagher, and Morison
Slovakian man pleads guilty to operating darknet marketplace
SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
SoundCloud Data Breach: Nearly 30 Million Accounts Confirmed Exposed
SoundCloud Data Breach Exposes 29.8 Million Personal User Details
SoundCloud Data Breach Exposes 29.8 Million Personal users Details
SoundCloud data breach hit 29.8 million accounts - how to find out if you're affected
South Korea: Gwangju Prosecutors Lose 40 Billion Won Bitcoin in Phishing Scam
Strong Privacy Requires Strong Security - and GenAI Raises the Stakes
True RCM Data Breach Affects 1,247 Individuals in US
Trump’s Acting Cyber Chief Allegedly Leaked Data to ChatGPT
Trump’s CISA chief at it again: uploads sensitive files into ChatGPT
Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution
US Charges 87 in Major ATM Jackpotting Scheme Linked to Tren de Aragua
Viral Moltbot AI assistant raises concerns over data security
WhatsApp rolls out new security feature to protect users from sophisticated attacks
Why AI’s Rise Makes Protecting Personal Data More Critical Than Ever
Why Cybersecurity Risk Management Is Critical for Schools in 2026
Winona County Ransomware Attack Prompts Local Emergency
WinRAR Flaw Becomes Hacker Gold Mine: State Spies and Cybercriminals Still Exploiting Six-Month-Old Bug
WinRAR vulnerability still a go-to tool for hackers
27th January
14 Million Panera Bread customer records leaked: What do we know so far?
16 Fake ChatGPT Extensions Caught Hijacking User Accounts
AI’s appetite for data is testing enterprise guardrails
AI-powered polymorphic attack lures victims to phishing webpages
Amnesia RAT deployed in multi-stage phishing attacks against Russian users
And let the phishing begin! Microsoft is taking action against a zero-day exploit already exploited in Office
Attackers use Windows App-V scripts to slip infostealer past enterprise defenses
Baltimore City Health investigating data breach involving third-party system
Bragging crypto criminal story turns into an investigation by US Marshals
Caminho Loader-as-a-Service: Steganography Trick Conceals .NET Threats In Pictures
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023
Chinese money launderers moved more than $16 billion of illicit crypto in 2025
Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor
CISA Flags Actively Exploited VMware vCenter RCE Flaw in Known Exploited Vulnerabilities (KEV) Catalog
ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services
Clop ransomware gang purports Hilton breach
Critical sandbox escape flaw found in popular vm2 NodeJS library
Crunchbase confirms data breach after ShinyHunters leak millions of records
Crunchbase Confirms Data Breach as ShinyHunters Revives Leak Site
Crunchbase confirms hack by ShinyHunters, 2 Million records up for grabs
Cybercriminals Exploit Fake Notepad++ and 7-Zip Sites To Distribute Remote Monitoring Malware
Data Breach at Manufacturing Firm Luxshare Leaks Sensitive Files from Apple, Nvidia, Tesla, and Others
Data of 146K users leaked as hackers claim Edmunds breach
Delta.ru Data Breach: 429k User Records Allegedly Leaked Online
Dozens more are charged in Ploutus ATM jackpotting conspiracy
Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities
Fortinet blocks exploited FortiCloud SSO zero day until patch is ready
Grubhub confirms data breach amid extortion claims
Hack exposed kids’ data, Swedish sports software firm fined €565K
Hackers Turn to Malicious QR Codes in Phishing Attacks
Health-ISAC 2026 Report Details Rising Cyber Threats Across Health Sector
Interpol Takes Down Online Scammers
Japan insurance market lags as Asahi ransomware breach hits millions
Korean prosecutors lost 320 BTC in staggering security lapse: Inside the $29 million phishing fiasco
KPMG refutes alleged Nova ransomware hack of Dutch branch
LayerX Discovers Malicious Chrome Extensions Stealing ChatGPT Accounts
Malta College of Arts, Science and Technology (MCAST) warns students after email system hacked in phishing scam
Manage My Health warns of impersonation, phishing attempts on patients
Melwood discloses data breach following a ransomware attack
Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation
Microsoft Office Zero-Day Actively Exploited in Targeted Cyberattacks
Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft Teams used in new phishing scam targeting businesses
Microsoft told to stop tracking children in Europe
New Zealand law firm investigating cyber attack as hackers share employee, client passport scans
Nike Data Breach: Over 1.4TB of Internal Files Leaked Online
Nike Investigates Alleged Data Breach After Cybercrime Group Claims Access to Company Systems
Nike investigates alleged data breach following leak claims
Nike Investigates Alleged Data Breach Tied to World Leaks
Nike investigates data breach after extortion gang leaks files
Nike investigates possible data breach after cybercrime group claims massive leak
Nike investigating mega security breach as hackers claim to have stolen 1.4TB of data
Nike Probes Cyber Attack After Hackers Claim Massive Data Leak
Nike Probes Possible Cybersecurity Incident Following Dark Web Claims
Nike Probes Possible Data Breach After Hacking Group Claims Leak
Nike probes potential cyber incident after hackers claim data leak
Nike Says it is Investigating Possible Data Breach
North Korea is turning open-source projects into malware traps
North Koreans now using AI-generated PowerShell backdoor to target developers
Nova ransomware claims breach of KPMG Netherlands
Over 80% of Ethical Hackers Now Use AI
Over 6,000 SmarterMail servers exposed to automated hijacking attacks
Panera Bread Data Breach: ShinyHunters Claims 14 Million Records Stolen
PeckBirdy Framework Tied to China-Aligned Cyber Campaigns
Phishing attacks exploit visual URL tricks to impersonate major brands
Poland Thwarts Russian Wiper Malware Attack on Power Plants
Public Backlash Grows Against Coupang Over Data Breach and Market Power
Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core
Ransomware doesn’t lock servers, it locks credit. The financial side of cybersecurity
Russian security systems firm Delta hit by cyberattack, services disrupted
Sacramento Clinic Caught In Data Nightmare Points Finger At Outside Vendor
ShinyHunters Target 100+ Firms Using Phone Calls to Bypass SSO Security
SoundCloud Data Breach Exposes 30 Million Accounts As Extortion Gang Dumps Stolen Data
SoundCloud data breach impacts 29.8 million accounts
South Korean prosecutors lose seized Bitcoin in phishing incident
'Stanley' Toolkit Turns Chrome Into Undetectable Phishing Vector
Texas & New Jersey Dermatology Practices Settle Class Action Data Breach Lawsuits
The Netherlands: Prisons seize inmate laptops over security flaw
Trump-Era IRS Data Breach Triggers Treasury Crisis as Booz Allen Contracts Come Under Fire
U.S. Treasury Cancels Booz Allen Hamilton Contracts, Former Contractor Pleads Guilty to Taxpayer Data Breach
UK plans sweeping overhaul of policing amid surge in online crimes
US charges 31 more suspects linked to ATM malware attacks
US Charges 31 Suspects in Nationwide ATM Jackpotting Scam
Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted
WhatsApp is rolling out a new stricter security setting to protect users from cyber attacts
WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware
When AI meets human nature: The perfect storm for cyber deception
Why Secure Access is the New Data Protection Perimeter
WinRAR path traversal flaw still exploited by numerous hackers
World Leaks Ransomware Group Claims 1.4TB Nike Data Breach
Zebra Technologies Allegedly Suffers Major Source Code Data Breach
zHealthEHR Data Breach: 1.2 Million Patient Records Extorted
26th January
360 Dental PC Data Breach Exposes SSNs: 11,273 Patients Affected
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome
A new wave of ‘vishing’ attacks is breaking into SSO accounts in real time
Amnesia RAT, ransomware spread in new Russia-targeted phishing campaign
Atrox Fit Data Breach Leaks Personal Info of 2,300 Users
Axtria Data Breach: Cloud Software Source Code Leaked
Chrome and Safari users warned: ‘rn’ lookalike links fuel a fresh phishing wave
Chrome, Safari users warned over new phishing threat
CISA says critical VMware RCE flaw now actively exploited
Clop Ransomware Attack Hits 43 Global Companies Including Hilton and Weather.com
Columbia Medical Practice confirms November ransomware attack exposed patient data
Comcast to pay $117.5 Million over security breach
Crunchbase Confirms Data Breach After Hacking Claims
Crunchbase hacked and data breach confirmed by ShinyHunters
Dark Web Profile: BravoX Ransomware
Data Breach Nightmare: 149 Million Login Credentials Leaked, Including 420,000 Binance Accounts
Deloitte Warns of Rising Ransomware and Phishing Threats in Nigeria for 2026
Devious New Phishing Attack Exploits Font Illusion To Create Fake Login Pages
Edmunds Data Breach: ShinyHunters Leaks 146k User Records
Email Phishing Scam Targets New York Financial Services Firms
Encryption illusion: Microsoft shared keys with FBI, leaving user data vulnerable
Energy sector targeted in multi-stage phishing and BEC campaign using SharePoint
eScan Antivirus Supply Chain Breach Delivers Signed Malware
Europe Slaps Tech Sector with €1.2 Billion in Fines under GDPR in 2025
Fake Microsoft Teams Billing Phishing Alerts Reach 6,135 Users via 12,866 Emails
Germany’s Bundesbank sees cyberattacks coming in faster than a human could blink
Google agrees to pay $68 million to settle voice recording lawsuit
Google pays $68M to settle claims its voice assistant spied on users
Grubhub confirms data breach amid extortion claims
Hacker swipes $17 million from Matcha Meta users as protocol reports security ‘incident’
Hackers Are Auctioning 860GB of Source Code Stolen From Target’s Development Server
Hackers are using LLMs to build the next generation of phishing attacks - here's what to look out for
Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
Hackers Weaponize GenAI To Turn Clean Webpages Malicious In Seconds
Has King Philippe of Belgium invited you to a gala dinner? Beware, you’re being scammed
Health Alliance Plan Discloses Data Breach: Social Security Numbers Exposed
Hilton pulled into Cl0p’s dark‑web hit list: hackers post claims, no proof yet
Huge Data Breach: Netflix, Gmail Affected
Indian Users Targeted by Sophisticated Blackmoon Banking Malware Disguised as Tax Alerts
Indian Users Targeted in Tax Phishing Campaign Delivering Blackmoon Malware
Judge awards British critic of Saudis $4.1 million, finds the regime hacked his devices
Konni Hackers Deploy AI-Generated PowerShell Backdoor Against Blockchain Developers
Korea hacks fuel shift as phishing targets citizens with data-stealing apps
Korea’s data breaches reveal a global shift towards targeted phishing
Laurel Health Centers identifies email system breach involving patient information
Law Firm Investigates Coupang Security Failures Ahead of Class Action Deadline
MacSync macOS Infostealer Uses ClickFix Tactic To Hijack Terminal Pastes
MACT Health Board Data Breach Exposes Social Security Numbers
MACT Health Board Patients Affected by November 2025 Ransomware Attack
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
Michigan Official Renews Call for Immediate Cyber Attack Reporting
Microsoft patches actively exploited Office zero-day vulnerability
Microsoft Releases Emergency Fix for Exploited Office Zero-Day
Microsoft Shared BitLocker Keys With FBI, Raising Privacy Fears
Montana court clears path for Blue Cross Blue Shield (BCBS) data breach showdown
Nearly 50,000 CSEA Members Affected by Data Security Breach
Nearly 800,000 Telnet servers exposed to remote attacks
New ClickFix attacks abuse Windows App-V scripts to push malware
New Fake CAPTCHA Scam Abuses Microsoft Tools to Install Amatera Stealer
New malware service guarantees phishing extensions on Chrome web store
New Phishing Attack Exploits Vercel to Host and Deliver Remote Access Malware
New Phishing Attack Leverages Vercel Hosting Platform to Deliver a Remote Access Tool
New phishing attacks exploit visual URL tricks to impersonate major brands
New Phishing-as-a-Service Kit Targets Google, Microsoft, and Okta Users
Nike data breach: Hackers post company data, but what do we know so far?
Nike Data Breach Claims Surface as WorldLeaks Leaks 1.4TB of Files Online
Nike investigates possible data breach
Nike Investigates Ransomware Data Breach Claims
Nike Investigates Ransomware Group’s Claims of Data Breach
Nike says it is investigating possible data breach
Nike suffered major data breach from ransomware attack
Nova claims KPMG cyberattack
Nova Ransomware Allegedly Claiming Breach of KPMG Netherlands
Nova ransomware group claims to have breached KPMG Netherlands
Okta Flags Customised, Reactive Vishing Attacks Which Bypass MFA
Okta warns of real-time vishing kits defeating MFA
Ontario Hockey League (OHL) teams warn fans of phishing campaign
OpenAI team invitation system exploited in sophisticated phishing scam
Over 30 million accounts affected in Coupang data breach
Phishing-as-a-Service (PhaaS): What it is and why it’s dangerous
Poland repels data-wiping malware attack on energy systems
Ransomware Attack Disrupts Operations at Japan’s Largest Port
Ransomware Attacks Soar with a 45% Increase in 2025
Reports link ShinyHunters to SSO vishing attacks, but key details reserved for Okta paying customers
Researchers Uncover “Haxor” SEO Poisoning Marketplace
Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid
Russian state hackers likely behind wiper malware attack on Poland’s power grid
Sandworm group linked to major attempted cyberattack on Poland’s power system
Saudi satirist hacked with Pegasus spyware wins damages in court battle
ShinyHunters claims 2 Million Crunchbase records; company confirms breach
ShinyHunters, CL0P Return with New Claimed Victims
SMS and scam calls in the Philippines dropped in 2025, but phishing links are rising
South Korea’s Osan Air Base security measure raises data breach concerns
South Korean Bitcoin Catastrophe: Prosecutors Pinpoint Phishing in Staggering Loss of Seized Crypto
Spain: Travel chaos in Catalonia as ‘suspected cyber attack’ hobbles train network leaving thousands stranded amid intermittent services
‘Stanley’ Malware Toolkit Enables Phishing via Website Spoofing
Supreme Court to hear Facebook pixel tracking case
‘SyncFuture’ Campaign Weaponizing Legitimate Enterprise Security Software to Deploy Malware
Ten Brands Scammers Are Most Likely to Impersonate
The Chimera Deception: How Multi-Stage Phishing Attacks Are Outsmarting Corporate Defenses
The New Taxman Cometh: How Cybercriminals Are Exploiting India’s Digital Economy with Advanced Phishing Schemes
Thousands of Microsoft Teams users are being targeted in a new phishing campaign
Veradigm to Pay $10.5 Million to Settle Lawsuit Tied to 2024 Data Breach
Why security companies cannot simply block all ransomware
Why Should Human Awareness Be Your Best Cyber Defense
Wiper Attack on Polish Power Grid Linked to Russia’s Sandworm
