Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 2nd March and 8th March 2026.8th March
Cognizant TriZetto Data Breach Exposes Health Information of 3.4 Million Patients
EU court adviser says banks must immediately refund phishing victims
FBI Shuts Down LeakBase, Seizes 142,000 Hacker Accounts and Private Messages, Delivering Blow to Global Cybercrime Networks
Hackers Using AI at Every Stage of Cyberattacks
Malicious imToken Chrome Extension Steals Crypto Wallet Seed Phrases and Private Keys
South Korea: Ruling party seeks stricter corporate penalties for customer data breaches
Trump Administration Lays Out a High-Level Strategy to Combat Cybercrime
7th March
Alabama city says it was hit by $430,000 phishing scam
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Cognizant TriZetto Data Breach Exposes Health Information of 3.4 Million Patients
Coupang’s Data Breach and the Urgency of Data Governance Reform in South Korea
Hackers abusing AI at every stage of cyberattacks
Hackers Spread Fake Red Alert Rocket Alert App to Spy on Israeli Users
Hospitality Industry Faces Rising Threat of Phishing Attacks
Kuwait Warns Against Phishing Links in Unofficial Messages
Malware Attack Disrupts Passaic County Government Phones, IT Systems
New Social Security Scam Emails Use Fake Tax Documents to Hijack PCs
Ohio officials warn about unpaid parking or toll fine scam
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
Termite ransomware breaches linked to ClickFix CastleRAT attacks
Trump releases long-awaited cyber strategy, orders crackdown on scam networks
6th March
6 essential strategies to defend against AI-powered threat actors in 2026
900+ Certificates Used by Fortune 500, Governments Exposed by Key Leaks
2025 was a new record year for ransomware
A Satellite Receiver Trusted by Pentagon, European Space Agency (ESA) Has More Than 20 Security Flaws - and the Maker Never Responded
AI technology is placing maritime industry at greater risk of cyber-attack
AI-Powered Attackers Automating Cyber Operations
An Army of 7,000 Robot Vacuums, Meet the Accidental Hacker Who Paralyzed Smart Homes
Backup strategies are working, and ransomware gangs are responding with data theft
Breaches Up, Number of Victims Down, Impact Stronger
Can Meta see your private life through its Ray-Ban smart glasses? What to know
CFGI Management LLC Data Breach by ShinyHunters Group
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
CISA warns feds to patch iOS flaws exploited in crypto-theft attacks
Cisco Patches 48 Firewall Vulnerabilities with Two CVSS 10 Flaws
City of Arab loses over $400K in phishing scheme tied to new recreation center project
Class actions allege Brightspeed data breach exposed 1 Million customers’ PII
ClickFix attackers using new tactic to evade detection, says Microsoft
Coalition report finds sharp rise in ransomware demands as most businesses refuse to pay
Cognizant TriZetto breach exposes health data of 3.4 million patients
Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity
Connecticut’s Proposed Revisions to Data Breach Statute
Cyber Attack Hits Israelis Through Fraudulent Alert App
Cyber Researchers Trace RDP Brute-Force Attack To Hidden Ransomware Infrastructure Network
Cybercrooks using ICE as cover to steal information in phishing campaign
Cybersecurity Experts Warn AI Ransomware Is Targeting Backup Systems
Department of Justice (DoJ), Europol, and others bring down LeakBase cybercrime site of 142,000 member, multiple arrests made - seized website reportedly among world's largest hacker forums
DieNet DDoS Attacks Hit Qatar’s Ministry of Interior (MOI), Government Communications Office (GCO), and International Media Office (IMO) Websites
Edgar Agents LLC Targeted in Qilin Ransomware Attack
EP Wealth Advisors Data Breach Exposes PII
Europol seizes Tycoon 2FA Phishing service infrastructure in coordinated operation
Fake Claude Code install guides push infostealers in InstallFix attacks
FBI investigates breach of surveillance and wiretap systems
FBI Investigates Suspicious Activity on Internal Networks, Sources Link It to Wiretaps and Foreign Intelligence Surveillance System
FBI investigating ‘suspicious activities’ on agency network following February incident
FBI is Investigating the ‘Sophisticated’ Hack of Its Surveillance System
FBI servers were hacked and a data breach might have occurred
From ransomware to resilience: navigating data risk in health care
Ghanain man pleads guilty to role in $100 million fraud ring
Google Exposes iOS Exploit Kit Powering Crypto Phishing Attacks
Google reports zero-day attacks hit corporations as AI speeds cyber race
Hacker sends BBC copy of Transport for London (TfL) database, reporter finds his own details among 10 Million breached records
Hackers target FBI system used to manage wiretaps and surveillance warrants
Hackers target Mac users with fake CleanMyMac, empty crypto wallets
Handala Hack Breaches Sanzer Hasidic & Atlas Insurances Ltd
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA Known Exploited Vulnerabilities (KEV) Catalog
ICE Phishing Scam: Hackers Use 'Support ICE' Emails to Steal Credentials from Professionals and Organisations
INC Ransom’s Franchise Model Is Putting Critical Infrastructure on the Chopping Block
Iran-linked APT targets US critical sectors with new backdoors
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
Iran's MuddyWater Hackers Hit US Firms with New 'Dindoor' Backdoor
Iranian Seedworm hackers infiltrate US infrastructure and defense supply chain networks
Israel Defense Forces Targeted in Alleged Air Defense Breach
Joint Australia–New Zealand probe identifies Roman Khubov in Tonga Health ransomware attack
Kenya: How Hacker Breached Fintech Firm Eclectics International‘s System And Stole Sh52 Million
KillSec Hits YURDriversNetwork, MedicalGPT, MyFair
KomikoAI Data Breach Exposes Over One Million Users
Korea Post Warns of Phishing Emails Demanding Unpaid Delivery Fees
Korea Post warns of phishing emails impersonating internet post office
L&S Mechanical Data Breach Affects Thousands: SSNs and More Exposed
LastPass warns of scam using fake email chains spoofing account hacking 'to draw attention and generate urgency' in users
LastPass Warns of Slick New Phishing Scam That Fakes Email “Threads” to Steal Your Master Password
March 2026 Patch Tuesday forecast: Is AI security an oxymoron?
Microsoft and Europol disrupt global Tycoon 2FA scam
Microsoft And Europol Lead Tycoon 2FA Takedown as Customer Identity Risks Rise
Microsoft and Europol Take Down Tycoon2FA, a Phishing Service Built to Beat Two-Factor Security
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Missouri Department of Revenue warns of text scam surge
MuddyWater Cyberattacks Target US, Canada, and Israel Networks, Critical Infrastructure
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
New cyber module strengthens risk planning for health organizations
NoName057(16) DDoS Attacks Hit Multiple Israeli Websites
Operation Candy: data from phones seized in rural Sweden uncovers massive global crime network
Orthopaedic Institute of Western Kentucky Data Breach
Phishing Attack Targets LastPass Users via Fake Support Emails
Phishing Emails Push Fake ChatGPT and Gemini iOS Apps To Steal Logins
Phishing scammers weaponize ICE ragebait
PIH Health begins notifying patients after 2024 ransomware attack exposed sensitive data
Popular AI coding tool Blackbox AI, with 5 Million downloads, grants root access to hackers
Public Relations Society of America (PRSA) Confirms Data Breach Exposed Sensitive PII and PHI
Pyramid ETC Data Breach: 10 GB of Sensitive Info Stolen
Ransomware attacks surge 50% as industrial firms hit hardest
Ransomware’s New Target: The Systems Built to Recover From It
Remote Monitoring and Management (RMM) Tools Essential for IT Operations but Increasingly Weaponized by Attackers
Russian man admits role in global Phobos ransomware attacks
Salford City College Suffers Alleged Dragonforce Ransomware Breach
Scattered Spider Transport for London (TfL) cyber-attack affected 10 million people
Service Lighting Data Breach Affects 25k Customers
South Korea: Hope Bridge Donor Data Breach Follows Community Chest Leak
Success Magazine Data Breach: 141K Users’ Personal Data Leaked
Teenage hacker myth primed for a middle-age criminal makeover
The leader of the Phobos ransomware gang pleads guilty before U.S. justice
The Silent Supply Chain: Why Your Fourth-Party Vendor is Your Biggest Blindspot
These Chrome AI assistants secretly harvested ChatGPT chats
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
Transport for London (TfL) admits 2024 cyberattack may have affected over 10 million people - personal customer info stolen, here's what we know so far
Transport for London (TfL) hack in 2024 affected around 10 million people
Transsion Holdings Suffers Data Breach by AiLock Ransomware
TriZetto confirms 3.4 Million people’s health and personal data was stolen during breach
TriZetto Confirms Massive Data Breach: 3.4 Million People's Health and Personal Info Stolen
Tycoon2FA Is Beating Two-Factor Authentication - By Hijacking Your Logged-In Session in Seconds
Tycoon 2FA phishing service disrupted in EU crackdown
UK Cyber Incidents Rise 130% As Experts Warn About Phishing Scams
US Government Contractor Arrested in $46 Million US Marshals Cryptocurrency Theft
US Mortgage Corp Data Breach Exposes Social Security Numbers
“US power provider attacked,” claim Russian cyber gang
Walters-Morgan Data Breach Exposes Social Security Info
What is AI Security? Top Security Risks in LLM Applications
Williams Accountancy Data Breach Exposes Client PII
WordPress Membership Plugin Vulnerability Lets Attackers Create Admin Accounts
Zero‑Day Attacks on Enterprise Software Reach Record High
5th March
12 Hacktivist Groups Targeted 110 Organizations Globally: Almost 150 DDoS Attacks in Over 15 Countries
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group
AAA Driver Training Data Breach Affects 25k Massachusetts Residents: PII Exposed
AI-Driven Insider Risk Now a “Critical Business Threat,” Report Warns
Akira Ransomware Attack Hits DesignSourceCT and Trionex
APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
Authorities and Tech Firms Team Up to Take Down Phishing Platform
Authorities pull plug on Tycoon 2FA phishing-as-a-service platform
Authorities Shut Down Tycoon 2FA Phishing Platform Used to Bypass MFA
AzCopy Misused In Active Ransomware Data Exfiltration Campaigns
Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware
Chinese state hackers target telcos with new malware toolkit
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Cisco flags more SD-WAN flaws as actively exploited in attacks
Cisco Issues Patches for 48 Vulnerabilities in Enterprise Networking Products
Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities
Coinbase, Microsoft & Europol Dismantle Tycoon 2FA Phishing Network
ContextCrush Flaw Exposes AI Development Tools to Attacks
Cornerstone First Mortgage Data Breach Exposes SSNs
Coruna Exploit Kit Targets Older iPhones in Multi-Stage Campaigns
Coupang Data Breach Affects Over 200,000 Taiwan Users; Ministry Orders Inspection and Compensation
Critical Cisco Catalyst SD-WAN Vulnerabilities Allow Attackers to Gain Root Access
Critical Cisco Secure Firewall Management Vulnerability Enables Remote Code Execution
Critical pac4j-jwt Authentication Bypass Lets Attackers Impersonate Any User
Crypto payment trail leads to major phishing platform takedown
Cyber Attack Takes Down New Jersey County’s Phones, IT Systems
Data Breach Hits LexisNexis Legal & Professional Division, Thousands of Customer Records Affected
Data leak at Iran’s Ariomex Crypto Exchange exposes user and transaction records from 2022 to 2025
Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware
Eureka Casino Settles Data Breach Class-Action Lawsuit for $1 Million
Europe: Banks must refund phishing victims first, recover later
Europol Operation Seizes LeakBase Data Breach Site
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Europol’s Major Operation Dismantles Tycoon 2FA Phishing-as-a-Service Network Linked to Over 64,000 Cyberattacks
Fake Google Security Site Launches Phishing Attack: PWA App Used to Steal OTP and Crypto Wallet Data
Fake LastPass alerts seek master password compromise
FBI and Europol Dismantle LeakBase Cybercrime Forum With 142,000 Users
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
FBI arrests suspect linked to $46 Million crypto theft from US Marshals
FBI investigating hack on its wiretap and surveillance systems
Florida Software Distributor Sentenced for Illicit Microsoft Certificate of Authenticity (COA) Trafficking
Florida woman given major jail sentence for illegally selling Microsoft product keys
Frankel Loughran Starr & Vallone (FLSV) Data Breach Exposes SSNs and Other PII
Gecko Custom Data Breach Exposes Customer and Order Information
General Physician, P.C. agrees to $2.5 million settlement over 2024 data breach affecting patient records
Global Coalition Disbands Tycoon 2FA Phishing Operation
Google says 90 zero-days exploited in 2025 as commercial vendor activity grows
Google says 90 zero-days were exploited in attacks last year
Google says half of all zero-days it tracked in 2025 targeted buggy enterprise tech
Hackers Now Use Official Microsoft Logins to Send Malware to Government Agencies
Hackers Pivot to Ransomware Encryption Model as Data Theft Has Become Less Profitable
Hackers Used New Exploit Kit to Compromise Thousands of iPhones
How impenetrable are AI-powered cybersecurity defenses?
HungerRush Data Breach Allegedly Exposes 28 Million Users
INSS Cyberattack: Handala Hack Team Claims Data Breach
Iranian APT Groups Target Critical Infrastructure Amid Geopolitical Tensions
Iranian Hackers Intensify Criminal Ransomware Tactics Amid Regional War
Ireland: Priest lost nearly €50,000 in broadband phishing scam
Israel Air Defense Systems Allegedly Hacked by Cardinal Group
Israel Claims it ‘Struck’ Iran’s Cyber Warfare Headquarters
Italian prosecutors confirm journalist was hacked with Paragon spyware
JBS Brazil Targeted by Coinbasecartel Ransomware Attack
Krece Fintech Data Breach Exposes Millions of User Records
Kubernetes and AI Workloads Under Attack By VoidLink Malware
LastPass Issues Urgent Warning Over New Security Scam To Steal Passwords
Latest OpenClaw Security Risk: Fake GitHub Repositories Used to Deploy Infostealers
Law enforcement and security firms take down huge Phishing-as-a-service (PhaaS) platform
Law enforcement and tech firms take down Tycoon phishing platform
LeakBase Cybercrime and Hacker Forum Seized
LeakBase cybercrime forum with 142,000 users taken down in global operation
LeakBase Hacker Forums Dismantled in Global Law Enforcement Operation, 37 Highly Active Users Targeted
Madison Square Garden Confirms Data Breach; Ticket Buyer Data Likely Not Involved
Major data leak forum LeakBase seized by FBI, Europol, and shut down
Major Hub of Stolen Data and Large Phishing Operation Neutralized in Separate Takedown Efforts
Major Phishing Network Tycoon 2FA Taken Down in Joint Operation by Coinbase, Microsoft, and Europol
Major phishing operation disrupted in joint Europol action
Meta AI Glasses Prompt UK Information Commissioner's Office (ICO) Investigation Over Privacy as Employees Review Intimate User Videos
Meta sued over AI smart glasses’ privacy concerns, after workers reviewed nudity, sex, and other footage
Microsoft Issues Warning: Malware Spread Through Abuse of OAuth Redirect Flow
Microsoft, Europol take down global phishing as a service network which was able to bypass 2FA with ease
New Jersey county says malware attack took down phone lines, IT systems
New MongoDB Vulnerability Allows Attackers to Crash Any Server
New phishing attacks exploit stolen digital certificates for malicious software
OAuth redirection abuse: why a real sign-in link can still lead to phishing or malware
One of the largest hacker forums in the world has been seized by the US Department of Justice (DoJ)
One Of The World's Largest Hacker Forums Dismantled
Pakistan-Linked APT36 Floods Indian Government Networks With AI-Made ‘Vibeware’
Pender County Schools warns of phishing emails sent from staff accounts
Phishing Campaign Uses Google Cloud Storage For Malicious Redirects
Phobos Ransomware admin faces up to 20 years after guilty plea
Phobos ransomware admin pleads guilty to wire fraud conspiracy
Phobos ransomware leader facing 20 years in prison after pleading guilty to hacking charges
Phobos ransomware leader pleads guilty, faces up to 20 years in prison
PIH Health Notifies Patients About 2024 Hacking Incident
Police dismantle major phishing platform blamed for attacks on hospitals and schools
Police dismantle online gambling ring exploiting Ukrainian women
Pro-Iranian Ransomware Operators Tactical Shift from Sicarii to BQTLock
Proof-of-Concept (PoC) Exploit Released for Cisco SD-WAN 0-Day Vulnerability Actively Exploited in the Wild
Revealed - what's changing about cyber insurance claims
Russian phishing campaign hits Ukraine with novel malware
Russian Phobos Ransomware Administrator Pleads Guilty to Wire Fraud Conspiracy
Russian Ransomware Operator Pleads Guilty in US
Scottish National Party (SNP) Government forced to take down part of Alex Salmond Files over 'shambolic' data breach fears
Silver Dragon APT Uses Google Drive For Covert Communication In European, Asian Attacks
Social Media Rumors: New Cyber Attack at Caesars?
Star Citizen's billion-dollar community is irate over delayed data breach reveal
Telegram has become a common marketplace for hackers, cybersecurity firm says
That attractive online ad might be a malware trap
The average tax scam victim loses $1,020 - and they're younger than you'd think
The biggest AI threats come from within - 12 ways to defend your organization
The Great Security Culture Shift: Building a Proactive Defense in an Era of Advanced Threats and Social Engineering
The Hidden Cyber Risks of Remote Work Infrastructure
This paint company is dripping stolen information, hackers claim
Tieu Dental Data Breach Exposes Sensitive PHI and PII
Tycoon 2FA Goes Boom as Europol, Vendors Bust Phishing Platform
Tycoon 2FA phishing empire dismantled in global cybercrime crackdown
Tycoon 2FA phishing kit disrupted by global operation
U.S. and Global Law Enforcement Dismantle Major Hacker Forum Selling Stolen Data
Ukrainian women fleeing war exploited in multimillion-dollar gambling fraud scheme
Understanding the Dark Web Changes How Organizations Approach Security
University of Mississippi Medical Center Reopens Clinics After Ransomware Attack
US and EU join forces to seize LeakBase, one of the world’s largest hacker forums
US and EU police seize LeakBase, a site where crooks share stolen passwords and hacking tools
US banks on high alert for cyberattacks as Iran war escalates
Warren County Sheriff’s Office (WCSO) investigating cyber attack on its computer network
Warren County Sheriff’s Office releases notice of cyber attack
Why should businesses be optimistic about AI in cybersecurity
Wikipedia hit by self-propagating JavaScript worm that vandalized pages
WordPress membership plugin bug exploited to create admin accounts
Zero-Click FreeScout Bug Enables Remote Code Execution
4th March
7 Phishing Gang Members Arrested in Korea for Stealing 800 Million Won from Virtual Wallets
149 Hacktivist DDoS Attacks Hit 110 Organizations in 16 Countries After Middle East Conflict
AI agents are too easy to fool, with websites now littered with hidden “system override” commands
AI Raises the Cybersecurity Stakes - But People Still Open the Door
AI Technology Is Placing The Maritime Industry At Greater Risk Of A Cyber Attack, Reveals New Data
Alleged Data Breach at Colombia’s Tax Authority Could Expose Millions of Citizens’ Records
Anubis ransomware claims responsibility for AkzoNobel network breach
APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2
Attackers abuse OAuth’s built-in redirects to launch phishing and malware attacks
Attackers are abusing Google logins to spread malware
Australia: It’s time schools moved beyond passwords
Brown Advisory Data Breach Exposes PII Including SSNs
Browser-in-the-browser attacks: from theory to reality
Calls for Global Digital Estate Standard as Posthumous Deepfake Fraud Risk Grows
Canada: Phishing scam targeting Ponoka residents, vendors
Car Tyre Sensors Can Be Used to Track Drivers Without Their Knowledge
Children’s Council of San Francisco Data Breach Affects 12k People
China-linked hackers hide cyber-spy operation inside Windows services and Google Drive
CIMB denies data breach involving 1.2 million records
CIMB Dismisses Recent Data Breach Allegations As False
CIMB refutes claims of data breach involving 1.2 million records
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to Known Exploited Vulnerabilities (KEV) Catalog
CISA Warns of Actively Exploited Memory Corruption Vulnerability in Qualcomm Chipsets
CISA Warns of Actively Exploited Vulnerability in VMware Aria Operations
Cisco warns of max severity Secure Firewall Management Center (FMC) flaws giving root access
ClickFixers now pretend to be investors and target crypto professionals
Coinbase, Microsoft disrupt Tycoon 2FA phishing network linked to credential theft
Coinbase, Microsoft take down phishing site Tycoon 2FA, seize 330 domains
Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1
Coupang Data Breach Leads to Q4 Losses
Cyber spillover: Middle East conflict triggers phishing, deepfakes and brand impersonation risks for Indian companies
Cybersecurity is now the price of admission for industrial AI
Cybersecurity professionals are burning out on extra hours every week
CyberStrikeAI Deployed in Over 600 FortiGate Attacks Targeting 55 Countries
Cydome report finds 150% surge in maritime Operational Technology cyberattacks as ransomware tightens grip in 2025
Data Breach Allegedly Hits Colombian Tax Authority DIAN
Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals
Data breach sparks outrage at Cloud Imperium among players
Department of Justice (DOJ) takes down huge hacker forum, seizes LeakBase’s data
DoorDash, Walmart data manager breached, with millions of records exposed, attackers claim
Dorset ambulance service pays out £30k in data breach claims
Dragonforce Attacks New Generation Media, Lincoln Green, Bravo Electro
Dutch watchdog accuses Meta of turning a blind eye as scam ads keep circulating
Eureka Casino in Mesquite to Pay $1M After Massive Data Breach Exposed 229K Records
Epic Fury Cyber Conflict Surges As Iran Goes Offline, Hacktivists Strike Back
Europol-coordinated action disrupts Tycoon2FA phishing platform
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
Fake LastPass support email threads try to steal vault passwords
FBI seizes LeakBase cybercrime forum, data of 142,000 members
From phishing to Google Drive C2: Silver Dragon expands APT41 playbook
General Physician Pays $2.5 Million to Settle Data Breach Litigation
Global coalition dismantles Tycoon 2FA phishing kit
Global phishing-as-a-service platform taken down in coordinated public-private action
Global Takedown Neutralizes Tycoon2FA Phishing Service
Google’s Biggest Android Security Update in Years Fixes 129 Bugs, Including an Actively Exploited Zero-Day
Hack on French medical site sees over 15 million records leaked, including private health info
Hacker mass-mails HungerRush extortion emails to restaurant patrons
Hackers Abused Legit Certificates to Sneak Into Work PCs
Hackers claim LexisNexis breach exposing data on 400K users, including .gov accounts
Handala Hack Claims Aramco Ransomware Breach: The Facts So Far
Havoc C2 framework weaponized in new tech support scam
How a Single Overprivileged Service Turned the LexisNexis Breach Into a Keys-to-the-Kingdom Moment
How to clean up your digital footprint - and why it matters more than you think
ICAFe Companies Suffers Ransomware Attack by Akira Group
Inside Tycoon2FA: How a leading Adversary-in-The-Middle (AiTM) phishing kit operated at scale
Insight Hospital and Medical Center Data Breach Exposes PHI and PII
IPVanish VPN for macOS Vulnerability Allows Privilege Escalation and Code Execution
Iran Conflict and Cybersecurity: What to Expect in the Next 30 Days
Iran’s AI-Powered Cyber Offensive Intensifies, Warning of Threat to Global Infrastructure
Ivanti Connect Secure devices may carry dormant RESURGE malware
LastPass issues alert as customers face second major phishing campaign of 2026
LastPass Warns of New Phishing Campaign
LastPass warns of spoofed alerts aimed at stealing master passwords
LexisNexis confirms data breach at Legal & Professional arm, some customer records affected
LexisNexis confirms data breach, says hackers hit customer and business info
LexisNexis Data Breach: Threat Actor Claims Theft of 2.04 GB of Data
LexisNexis Faces Data Breach After 2.04 GB of Data Allegedly Stolen
LexisNexis Legal & Professional confirms data breach after React2Shell exploit
LexisNexis Says Data Breach Has Been Cointained; Hackers Claim Access to Government and Law Firm User Data
Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers
Malaysia: CIMB Refutes Claims Of Data Breach Involving 1.2 Million Records
Microsoft Alerts Customers to New Phishing Attack Exploiting OAuth in Entra ID to Bypass Detection
Microsoft and Coinbase Aid in Shutting Down Tycoon Phishing Service
Microsoft Flags Malware Delivery Tied to OAuth Login Phishing Campaign
Microsoft Flags New OAuth-Based Phishing Attack Targeting Public Sector
Microsoft flags phishing campaign abusing Entra ID, Google OAuth links
Microsoft leads takedown of Tycoon2FA phishing service infrastructure
Microsoft Warns of Advanced Phishing Campaign Abusing OAuth in Entra ID
Microsoft Warns of Phishing Exploiting OAuth URL Redirects
Mississippi medical center reopens clinics hit by ransomware attack
Moroccan hacker group announces cyber campaign targeting Israel
Multi-Stage "BadPaw" Malware Campaign Targets Ukraine
Nevada’s Eureka Casino settles $1 million data breach case
New LexisNexis Data Breach Confirmed After Hackers Leak Files
New phishing scam uses legit software to hijack computers, but the real story is even wilder
New Power Party Data Breach Exposes 33K User Records
New Starkiller phishing kit bypasses MFA, mimics legitimate sites
North America leads global ransomware cases
OptimizerAI Data Breach Exposes Over 118,000 User Records
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500)
Paint giant AkzoNobel reveals data breach, says US site was affected
Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files
Phishing Campaign Exploits Google Cloud to Host Malicious Redirects via Google Cloud Storage (GCS) Bucket
Qilin Hacks Vision Aero, ATS, Golden Clay, Outsourcia, Dr. Pizzoglio
Ransomware Breach at University of Hawaii Cancer Center Affects 1.2 Million People
RedAlert Trojan Campaign Disseminates Fake Emergency App Targeting Israel via SMS Spoofing, Steals Contacts, GPS Data
RoundOne AI Data Breach Exposes Job Candidate Information
Russian hackers deploy new malware in phishing campaign targeting Ukraine
Seoul Police Arrest Crypto Phishing Ring That Stole $570,000
South Korea: Phishing Group Arrested for Stealing 800 Million Won in Tether
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks
Star Citizen developer draws ire over delayed data breach disclosure
Surge in Attacks on Surveillance Cameras Linked to Iranian Hackers
Suspected Iranian Threat Actors Compromise IP Camera Feeds in Iran, Israel, the UAE, Qatar, Bahrain
Telegram Increasingly Used to Sell Access, Malware and Stolen Logs
Telegram Used By Hackers For Initial Access To Critical Corporate Infrastructure
The Afghan Data Breach Victims Who Say They Have Been Abandoned by Britain
The Booking.com scam crisis - how a simple message revealed a sophisticated fraud
The Coruna iPhone Exploit Kit Used by Cybercriminals, Possibly a Leaked Government Hacking Tool
The Instagram API Scraping Crisis: When ‘Public’ Data Becomes a 17.5 Million User Breach
The Most Common Swap Scams in 2026, and How to Avoid Them
The vulnerability that turns your AI agent against you
Third-Party Data Breach at Online DIY Firm ManoMano Affects Nearly 38 Million People
Trusted Azure Utility AzCopy Turned into Data Exfiltration Tool in Active Ransomware Campaigns
Tycoon 2FA Phishing Kit Disrupted by Microsoft, Europol and Partners
Tycoon 2FA Phishing Platform Dismantled in Global Takedown
Tycoon2FA phishing platform dismantled in major operation
United States Leads Dismantlement of One of the World’s Largest Hacker Forums
University of Hawaii Cancer Center Data Breach: 1.2 Million People Impacted
US and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools
US and Global Law Enforcement Shut Down LeakBase Hackers Forum
US Shuts Down 'LeakBase' Hacker Forum Known for Selling Stolen Data
Verlat Energy Suffers Data Breach by Vect Ransomware Group
VoidLink Malware Framework Targets Kubernetes and AI Workloads in New Cyber Attack Wave
Why “Old” Cyber Attacks Still Work - and What Organizations Get Wrong
Why workforce identity is still a vulnerability, and what to do about it
Wynn Resorts Data Breach: 800,000 Records Stolen
youX hacker declines to publish further stolen data
3rd March
1 billion personal records exposed in massive new data leak - full names, addresses, phone numbers and more
1 Million Impacted by University of Hawaii Cancer Center Breach
1.2 Million Affected by University of Hawaii Cancer Center Data Breach
1.2 Million Impacted As Heartless Hackers Attack Cancer Center In Ransomware Breach
5 years of shifting cybersecurity behavior
15 million impacted in French health ministry cyber attack
45% of Cybersecurity Leaders Work a “Sixth Day”
$100 radio equipment can track cars through their tire sensors
A suite of government hacking tools targeting iPhones is now being used by cybercriminals
AI adoption shrinks cyber attack window to 48 hours in shipping
AI and Deepfakes Supercharge Sophisticated Cyber-Attacks
AI supercharges LinkedIn phishing risks in Australia
AI technology is placing the maritime industry at a greater risk of a cyber attack, reveals new data
AI went from assistant to autonomous actor and security never caught up
AI-driven hacking uses booking.com and Microsoft Teams in vibe coding and “flat pack” malware campaigns
AI-Powered Ransomware threatens even Encrypted Backups
AiLock Ransomware Hits Aaronson Rappaport & Demanor
Andal Law Group Suffers Anubis Ransomware Attack and Data Breach
Android gets patches for Qualcomm zero-day exploited in attacks
Android’s March 2026 security patch fixes over 100 flaws, one under targeted exploitation
Attackers could hijack Perplexity’s Comet browser to take over your 1Password vault
Aura.Build Data Breach Exposes Information of Over 132,000 Users
California fines national high school ticketing platform $1.1 million for privacy violations
Check if your Chrome is up to date: Google’s Gemini might still be spying on you
Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets
CISA flags VMware Aria Operations RCE flaw as exploited in attacks
Cloud Imperium faces backlash over delayed data breach disclosure
Cloudflare tracked 230 billion daily threats and here is what it found
Coruna: Spy-grade iOS exploit kit powering financial crime
Critical MS-Agent Vulnerability Allows Attackers to Hijack AI Agents and Gain Full System Control
Cyber Resilience as a Corporate Mindset
Cyber-Kinetic Warfare Escalates as Iran, US, and Israel Clash Across Military and Digital Fronts
Cyberattack on healthcare RCM vendor may have impacted 140K patients
Digital Sabotage And Bad Grammar: Inside The Cyber Hijack Of Pakistan’s Airwaves
Epic Fury/Roaring Lion Sparks Escalating Cyber Conflict as Iran Goes Offline, Hacktivists Step Up Retaliation
Fake Google Security page used in Progressive Web App (PWA) phishing campaign
Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations
Fake Zoom and Google Meet Pages Trick Users Into Installing Monitoring Tool
Figure data breach exposes nearly 1 Million accounts
From reactive to proactive: closing the phishing gap with LLMs
Gamers furious as British studio Cloud Imperium quietly admits to data breach
German Court Convicts Key Operator of Global Multi-Million Investment Scam Milton Group
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Hacked traffic cams and hijacked TVs: How cyber operations supported the war against Iran
Hackers Abuse .arpa Top-Level Domain to Host Phishing Scams
Hackers abuse OAuth error flows to spread malware
Hackers breach Star Citizen players’ personal data in January, but CIG only just got around to mentioning it
Hackers Use CyberStrikeAI Tool to Breach Fortinet FortiGate Devices
Hackers Use GTFire Phishing Attack to Steal Credentials via Google Services
Hacktivists Claim Department of Homeland Security (DHS) Breach, Leak 6,600+ ICE Contractor Records
Half of US CISOs Work the Equivalent of a Six-Day Week
Handala Hack Breaches Sharjah National Oil & Israel Opportunity
Healthcare organizations are accepting cyber risk to cut costs
Higginbotham Data Breach Affects 9k Texans: SSNs Exposed
Hospital General de Medellín Data Breach Exposes Patient Records
How Israel hacked Iran’s traffic cameras to pinpoint Khamenei
How Pakistan, Bangladesh, and Sri Lanka Were Hit by India-Linked Threat Actors
Huge “Shadow Layer” of Organizations Hit by Supply Chain Attacks
I4C Warns of Ransomware Groups Turning To Professional Firms, Targeting Network Storage Devices
Iran leveraging AI and stolen data to escalate cyber campaigns
Iranian Communications and Sensors Disrupted by US Cyber Command; Researchers Warn of Retaliatory Cyber Attacks
Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign
Iranian Use of Cybercriminal Tactics in Destructive Cyber Attacks
Ireland: Fifth of companies experienced a cyber attack in last two years
Israel: RedAlert Spyware Campaign Exploits Wartime Panic With Trojanized App
Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion
LexisNexis confirms data breach as hackers leak stolen files
LexisNexis Data Breach - Threat Actor Allegedly Claims 2.04 GB Stolen
LexisNexis Investigates Massive Data Breach by FULCRUMSEC
LexisNexis says hackers accessed legacy data in contained breach
Mercer Advisors Hit by ShinyHunters Data Breach
Microsoft reveals OAuth redirection abuse powering new phishing attempts
Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets
Microsoft warns of OAuth phishing campaigns able to bypass email and browser defenses - says 'these campaigns demonstrate that this abuse is operational, not theoretical'
MTN Irancell Data Breach Exposes Customer Information
Nevada: $1 Million Eureka Casino data breach class action settled
New Google-Themed Phishing Attack Turns Browser Features Into Spyware
New Starkiller Phishing Framework Uses Real Login Pages to Bypass MFA Security
OAuth phishers make ‘check where the link points’ advice ineffective
OAuth Redirect Abuse Targets Government and Public Sector Organizations, Microsoft Warns
OCRFix Botnet Trojan Uses ClickFix Phishing To Evade Detection
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
Paint maker giant AkzoNobel confirms cyberattack on U.S. site
Phishing campaign exploits OAuth redirection to bypass defenses
Play Ransomware Hits Cabka, WCC, LRA, Kuker Group & More
Project Compass Targets 764 Network as 30 Arrested and Victims Rescued
Ransomware is now less about malware and more about impersonation
Ransomware Tightens Grip on Chartered Accountancy (CA) & Consulting Firms; NAS Devices Emerge as Prime Target
Sadenet ISP Data Breach Exposes 160K Customer Records
Samsung comes clean after collecting Texans’ TV data
Samsung reaches settlement with Texas over smart TV data collection practices
SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains
SonicWall Firewalls Under Siege From Over 4,000 Unique IP Addresses
Star Citizen developer CIG admits that a hacker gained access to account data...six weeks ago
Star Citizen developer suffers data breach impacting user personal data
Star Citizen Forgot to Mention Your Data Was Leaked Over a Month Ago
Star Citizen game developer discloses breach affecting user data
“Star Citizen” maker says that an undisclosed month-old data breach isn’t a big deal
Star Citizen studio suffered a data breach in January, and some players aren't happy with the very quiet disclosure that only happened this week
Starkiller Phishing Framework Uses Real Login Pages to Evade MFA Protections
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Study Finds AI Is Fueling An Alarming Surge In Sophisticated Phishing Scams
Surviving Ransomware: Best practices to safeguard your business
Suspected ShinyHunters’ Vishing Attack Hits Ad Tech Firm Optimizely, Leaking Business Information
This new phishing campaign uses a fake Google Account security page to steal passcodes and more
Threat actors weaponize OAuth redirection logic to deliver malware
UK academia strong, but still at threat from cyber attack
University of Hawaiʻi Cancer Center says up to 1.2 million affected in ransomware breach
University of Hawaii Cancer Center Breach Exposes SSNs of 87,000+ Participants
University of Hawaii Cancer Center confirms data compromised
University of Hawaii (UH) Cancer Center data breach affects nearly 1.2 million people
“We go bankrupt:” stolen Gemini API key turns $180 monthly bill into $82K catastrophe, developer says
Wild pack without a leader: pro-Iranian hackers already active in wake of US-Israeli strikes
Wisconsin ‘Denmark School District’ Cyber Incident Triggering Network Outage Claimed by INC Ransom
2nd March
4 Data Security Incidents to Know About
A new app alerts you if someone nearby is wearing smart glasses
After the hack: why Odido’s crisis is only getting bigger
Agent Tesla Phishing Campaign Uses Process Hollowing To Evade Security Tools
AI is placing maritime industry at greater risk of cyber-attack
AI Overviews Rife With Scam Phone Numbers
AI placing maritime industry at risk of cyber attack
AI risk moves into the security budget spotlight
AI threats will get worse: 6 ways to match the tenacity of your digital adversaries
AI Tools Are Supercharging Hackers
AkzoNobel Suffers Data Breach by Anubis Ransomware Group
Alabama man pleads guilty to hacking, extorting hundreds of women
All data from Dutch telco Odido’s 6.5 Million customers leaked online
Alleged India-linked espionage campaign targeted Pakistan, Bangladesh, Sri Lanka
APT28 Exploits MSHTML Zero-Day Ahead of February 2026 Patch Tuesday
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before February 2026 Patch Tuesday
BE-ATEX Data Breach Exposes Customer and Employee Information
British authorities issue cyber alert as former FBI chief warns Iran will retaliate with ransomware and digital sabotage
British organizations urged to be alert to threat of Iranian cyberattacks
Building Detroit Data Breach Allegedly Exposes 185,000 Records
Bumble Faces Lawsuit Over “Preventable” Data Breach
Canadian Tire data breach affects over 38 million accounts
Chilean National Extradited to U.S. Over Stolen Credit Card Data Trafficking Scheme
Claude Code Weaponized in Mexican Government Cyberattack, Exposing Roughly 195 Million Identities
ClawJacked Bug Enables Covert AI Agent Hijacking
Compromised Go Crypto Package Delivers Rekoobe Malware To Dev Systems
Conduent Data Breach: 25 Million Exposed. What to Do Now?
Coupang Q4 Profit Plunges 97% Following Major Data Breach
Cyberattack briefly disrupts Russian internet regulator and defense ministry websites
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Data Breach Exposes 25 Million Americans in What Texas Calls the Largest US Hack in History
Data Breach Prompts Lawsuit Against Clackamas Community College
DDoS and Website defacement might increase on US Networks says Department of Homeland Security (DHS)
Den kulturelle skolesekken Data Breach Exposes 1.3 Million Records
Dohdoor Malware Targets U.S. Schools and Healthcare In Multi-Stage Campaign
Don’t Click Yet: How to Recognize a Phishing Scam Fast
DuckDuckGo Browser UXSS Flaw in AutoConsent JS Bridge Enables Cross-Origin Code Execution
Excel Healthcare Receivable Management & Consulting Data Breach Impacts Health Information
Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel
Fake Google Security site uses Progressive Web App (PWA) to steal credentials, MFA codes
Fake Zoom Update Scam Infects 1,437 Users, Deploys Surveillance Malware In Just 12 Days
Florida woman imprisoned for massive Microsoft license fraud scheme
Foom Cash Recovers $1.84 Million After $2.26 Million Exploit With Help From White Hat Hacker
French firm making Airbus and Boeing parts faces cyber threat
Fundacão Getulio Vargas (FGV) Suffers Ransomware Attack
German court convicts alleged mastermind behind global investment scam network
Growing AI use by maritime sharply increases the risk of a cyber attack
Grupo D’arc Suffers Ransomware Attack by Qilin Group
GTFire Phishing Campaign Exploits Google Services to Bypass Detection and Harvest Credentials
GTFire Phishing Scheme Abuses Google Services to Evade Detection and Steal Credentials
Hacked Prayer App Weaponized in Cyber Operations Amid US-Israel Strikes on Iran
Hackers and internet outages hit Iran amid U.S. air strikes
Hackers exploit .arpa domains for sophisticated phishing attacks
Hackers hijack .arpa domain for phishing scams - hosting malicious websites and domains where no one can spot them
Hackers infiltrated Iran's popular prayer app and posted political messages
Hackers Leverage Campaign Platform To Bypass Google Ads Security and Promote Malicious Ads
Hacktivists claim to have hacked Homeland Security to release ICE contract data
Hotel hacker arrested after digital fraud involving paying 1 cent for luxury suites
Hundreds of FreePBX instances infected by web shells exploiting command injection vulnerability
Hybrid Middle East Conflict Triggers Surge in Global Cyber Activity
Identity attacks rise to 67% of incidents
IDMERIT breach: How hackers turn fake news into ransomware
INC Ransomware Breaches Ramet-Trom, LKE Group, Abrams, Denmark High School
Iran-US conflict triggers internet blackout, cyberattacks, and UAE misinformation warning
Iran's cyberwar has begun
Iranian Apps, Websites Hacked Following US-Israeli Strikes
Israel Faced Record Cyber Threats in 2025 as Alerts Surged
Israeli MOSSAD Sophisticated Cyber Attack Against Pakistan Media
Madison Square Garden Data Breach Confirmed Months After Hacker Attack
Maritz Holdings Data Breach Exposes Social Security Numbers
Meta AI in WhatsApp organizes chats and reopens privacy issues
Nephrology Associates Data Breach Exposes Social Security Numbers
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT
OAuth redirection abuse enables phishing and malware delivery
OCRFix Botnet Trojan Leveraging ClickFix Phishing and EtherHiding to Conceal Blockchain-Based Command Infrastructure
OCRFix Botnet Uses ClickFix Phishing and EtherHiding to Mask Blockchain C2 Infrastructure
OneUptime Command Injection Flaw Enables Full Server Takeover
Pakistan cyber attack targets Indian TV channel ABP News
Pakistan’s Top News Channels Hacked and Hijacked With Anti-Military Messages
Pakistani news channels hacked with pro-Mossad messages
PayPal Loan App Customer Data Breach Results in Unauthorized Transactions and Refunds
Phishing Pages for Zoom and Google Meet Install Teramind Monitoring Tool
PIH Health Discloses Data Breach Exposing SSNs, Health Information, and More
Popular Iranian App BadeSaba was Hacked to Send “Help Is on the Way” Alerts
Protecting the Most Vulnerable: Lessons from Last Year’s Nursery Cyber Attack
Purchase order attachment isn’t a PDF. It’s phishing for your password
Ransomware has changed - and so must public sector organisations
Ransomware Payments Decline 8% as Attacks Surge 50%
Remote-working breaches as phishing fears reach record high
Rhysida Ransomware Attack Hits Southold Police and Senior Services
Rising Network of Teenage Hackers: From Data Theft to Digital Extortion, Cyber Threat Becomes More Serious
Security debt is becoming a governance issue for CISOs
South Korea Tax Office Leaks Cryptocurrency Assets, Critical Failure Leads to Wallet Breach
Study Finds Phishing Scams Are on the Rise, Accelerated by AI
Teramind stealthily spread via Zoom, Google Meet-exploiting phishing schemes
The InterTech Group Data Breach Exposes Social Security Numbers
The Top Ways Attackers Infiltrate Systems Today
This purchase order PDF is fake, malicious, and after your password
Turkcell Superonline Customer Data Breach Exposes PII
UK reduces cyberattack fix times from two months to eight days
UK warns of Iranian cyberattack risks amid Middle-East conflict
Ukrainian hacker pleads guilty to running OnlyFake AI ID scam site
University of Hawaiʻi Cancer Center confirms data leak following ransomware attack
University of Mississippi Medical Center (UMMC) operations return to normal after cyber-attack
University of Mississippi Medical Center phones working after cyberattack
University of Mississippi Medical Center (UMMC) reopens clinics shut down by ransomware attack as recovery progresses
University of Mississippi Medical Center (UMMC) restores phone lines after ransomware attack
University Spine Center Discloses Data Breach to Department of Health and Human Services (HHS)
Unprecedented GitHub hacking spree: “security research” AI bot compromises major repositories from Microsoft, Datadog, and others
Valley Radiology Consultants Medical Group Discloses September Data Breach
Vietnam Announces National Cybersecurity Firewall Plan Under New Digital Governance Law
Why encrypted backups may fail in an AI-driven ransomware era
Why enterprise AI agents could become the ultimate insider threat
Your dependencies are 278 days out of date and your pipelines aren’t protected