Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and 
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 23rd March and 29th March 2026.29th March
Cyber Attack in the Name of Gas Bill Update: Accounts Emptied in Minutes via APK Files, ₹1 Crore Fraud in Mumbai
Data breach at US insurance firm may have exposed personal data of 7,400 people
FBI confirms hack of Director Patel's personal email inbox
File read flaw in Smart Slider plugin impacts 500K WordPress sites
How did Iran’s fake missile alert texts turn into cyber attacks in Israel?
Identity attacks drive 67% of breaches
Lloyds Data Breach Exposes Customers
Pennsylvania Department of Transportation (PennDOT) Warns of Text Phishing Scams Aimed at Pennsylvanians
Russian Access Broker Sentenced to Over 6 Years in Prison for Ransomware Schemes
Shwapno data breach: A wake‑up call for businesses
Shwapno files General Diary (GD) seven months after customer data breach
South Africa: Stats SA breached in cyberattack
South Africa: Stats SA confirms data breach – Here’s what was affected
South Africa: Stats SA hacked
South African government agency with sensitive data breached in R1.7 million ransomware attack
28th March
Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)
Bank Sending Up To $12,500 To Customers Following Major Data Breach That Affected 869,411 People
CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
Crunchyroll Faces Second Class Action Lawsuit This Month, This Time Over Alleged Major Data Breach
Cyber attack against Japanese studio leaks details of new Resident Evil with Leon and remakes
Cyberattacks Wreak Havoc as EU Commission Cloud Platform Breached; Hacker Claims Access to All Data
Data breach suspected after attack on EU Commission website
EU Commission Confirms Major Cyberattack, Data Breach
EU Commission hit by major cyber-attack on its public website platform
EU Commission web platform hit by cyber-attack on March 24th
European Commission Confirms Cyberattack on Cloud Systems Following Hacker Data Theft Claims
European Commission hit by cyberattack, data breach suspected in Amazon Web Services (AWS) cloud systems
European Commission hit by data breach in Amazon Web Services (AWS) cloud system, launches investigation
Financial Services Firm Hit With Massive Data Breach, Sensitive Records of 131,483 Americans Stolen
Georgia Man Arrested for Massive Phishing and Sex Trafficking Scheme That Targeted Pro Athletes
Hong Kong prison department’s IT system hacked, 6,800 employees’ data compromised
How to protect yourself from a cyber attack
Illumifin Data Breach Exposes Social Security Numbers
Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack
Iran-Linked Handala Hackers Breach FBI Chief Kash Patel’s Gmail
Iranian hackers threaten to launch terrifying cyber attack on US water supplies if American strikes continue to hit Iran infrastructure
Largest U.S. health data breach ever? Lawsuits could spell record payouts
Lloyds Banking Group Data Breach Exposes Customer Data
Lloyds Data Breach Exposes Customer Details
Lloyds Group to Compensate 450,000 Customers After App Glitch
Los Angeles Metro resumes TAP card sales after data breach
Namibia Airports Company (NAC) data on dark web confirmed after ransomware attack
New Infinity Stealer malware grabs macOS data via ClickFix lures
Retail chain Shwapno hit by customer data breach, hackers seek $1.5 million
Rocky Mountain Care Discloses Data Breach Following Ransomware Attack
Sensitive Data of 2,697,540 Americans at Risk As Benefits Administrator Hit by Major Data Breach
ShinyHunters Claims 350GB Data Breach at European Commission
ShinyHunters claims the hack of the European Commission
Smith & Co Solicitors in Ipswich faces data breach
Sri Lanka Post warns of phishing scam using fake websites
Suspect arrested in Spain over Luxtrust fraud
TA446 Deploys DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Thousands of Corewell Health patients impacted by 2024 data breach
Woodfords Family Services notifying patients and families about 2024 ransomware attack
27th March
ActionPower Suffers Suspected Crypto24 Ransomware Attack
Adversary-in-the-Middle (AitM) Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
After Funding Jolt, EU Moves to Back the CVE Vulnerability System
AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure
Ajax data breach exposed season tickets, supporter bans open to tampering
Anthropic’s Claude Mythos AI Model Exposed in Major Data Breach
Anubis Attack Hits Scalian and Schlam Stone & Dolan LLP
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
Arcterminal.xyz Data Breach Exposes User Emails and Wallets
Austin Cosmetic Surgery Data Breach: Personal Information Exposed
Backdoored Telnyx PyPI package pushes malware hidden in WAV audio
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
Bearlyfy targets Russian companies with the GenieLocker ransomware
BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks
BreachForums Version 5 Data Breach Exposed 340,000 Accounts, ShinyHunters Claim Leak
Cambodian Fraud Compound Operators ‘Legend Innovation’ and Crypto Marketplace ‘Xinbi‘ Sanctioned by the UK
Centauro Data Breach Exposes 4.3 Million User Records
Chinese hackers are hiding deep inside telecom networks to spy on entire populations
CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
Claude Chrome extension’s “zero-click” flaw confirms it: the better the browser, the easier the hack
Co-op says 2025 cyber attack dealt a £285 million impact to annual revenue
Critical Citrix NetScaler bug: nearly 40,000 instances exposed to unauthenticated attackers
CRUNCHYROLL Facing Class Action Lawsuit Over Third-Party Data Breach Involving User Names, Emails, And More
Dutch Police discloses security breach after phishing attack
Epstein victims sue Google and Department of Justice (DoJ) for “dumping” their personal information
European Commission confirms cyberattack after hackers claim data breach
European Commission confirms data breach
European Commission investigates cyber attack on its websites
European Commission investigates data breach in Amazon cloud
European Commission investigating breach after Amazon cloud hack
European Commission says hackers stole data in Amazon Web Services (AWS) cloud breach
Excelsior Orthopaedics; Buffalo Surgery Center Pay $2.4 Million to Settle Data Breach Lawsuit
Fake VS Code alerts on GitHub spread malware to developers
FBI confirms theft of director’s personal emails by Iran-linked hacking group
FBI director Kash Patel hacked by pro-Iranian group as personal photos appear online
Foster City makes progress in restoring services following ransomware attack
Gentlemen Attack: Groupe Courtois, STS Travel & Durable Superior
Google Issues High-Risk Security Patch for 3.5 Billion Chrome Users: What You Need to Know
Hackers are hijacking TikTok business accounts to steal credentials in real time
Hackers Use Phishing ZIP Files to Deploy PXA Stealer Against Financial Firms
Handala claims hack of FBI Director Kash Patel’s personal email
Health Gorilla Data Breach Exposes Sensitive Patient Health Data
Hightower Holding data breach impacts over 130,000 individuals, exposing sensitive personal data
Hightower Holdings data breach impacted over 130,000 individuals
InterLock: Full Tooling Breakdown of a Ransomware Operation
INTERPOL-Led Operation Dismantles 45,000+ Malicious IPs Linked To Ransomware Networks
Iran-backed hackers breach FBI director Kash Patel's personal emails
Iran-linked hackers claim breach of FBI director Kash Patel’s inbox
Iran-Linked Threat Group Hacks FBI Director Kash Patel’s Personal Email
IT and Operational Technology (OT) Are Not Equal. IT Can Fail. Your OT Cannot
Kaaj Technologies Data Breach Exposes Small Business Loan Data
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
Lloyds bank warns thousands of customers hit by data breach
Lloyds exposed nearly half a million customers' data in banking app glitch
Lloyds pays compensation after data breach exposes nearly 450,000 customers
Maine mental health provider AMHC targeted in suspected Russian ransomware attack
Major British Bank Data Breach Affects Nearly 450,000 Customers
Nearly half a million Lloyds customers hit by data breach after IT glitch
New AITM phishing wave hijacks TikTok Business accounts
New campaign targets TikTok for Business accounts
New Ghost Campaign Uses Fake npm Progress Bars to Phish Sudo Passwords
New Silver Fox Campaign Hits Japanese Businesses With Tax-Themed Phishing Lures
New Wave of Adversary-in-the-Middle (AiTM) Phishing Targets TikTok for Business
Nubank Colombia Data Breach Exposes Customer Records
OMAX Autos Limited Discloses Ransomware Attack on IT Infrastructure
Omax Autos Ltd Fends Off Ransomware Attack on IT Systems
Omax Autos Ransomware Attack: Assessing Impact
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
Phishing ZIP Files Used to Deploy PXA Stealer Targeting Financial Firms
Pro-Iranian hacker group claims breach of FBI Director Kash Patel’s personal account
Pro-Ukrainian Bearlyfy Ransomware Group Attacks Target Russian Companies
Pro-Ukraine Hacker Group Bearlyfy Targets Over 70 Russian Firms with Custom Ransomware Campaign
Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google
Ransomware and Phishing Still Drive Data-Security Incidents, But AI’s Shadow Looms
Ransomware attack crashes Jackson County Sheriff's Office computer systems
Researchers find hundreds of exposed API keys providing access to AWS, GitHub, Stripe, and OpenAI
Scammers have created 54,000 fake stablecoins to trick crypto users
ShinyHunters Leaks BreachForums Version 5 Database
ShinyHunters Walk Away from BreachForums, Leak 300,000-User Database
South Korea: "Debt Forgiven If You Send Cryptocurrency" Phishing Scams Surge - Financial Supervisory Service Issues Consumer Alert
South Korea: Phishing Scam Promises Debt Relief via Coin Transfers
St Anne's Catholic School forced to close after cyber attack
Standards Home Health Data Breach Exposes PHI of 6,847 Individuals
Staying vigilant against phishing scams
Summit Insurance Services Data Breach Affects 2k
Suspected Armenian Extradited for Operating RedLine Malware Scheme Following Co-Conspirator Arrest
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
The Danger of Treating CyberCrime as War – The New National Cybersecurity Strategy
The Energy Sector Isn’t Ready for Ransomware - and 2025 Proved It
The European Commission confirmed a cyberattack affecting part of its cloud systems
The Port of Vigo “was hit” by a ransomware attack
Thousands of Bank of Scotland customers hit by data breach after IT glitch as group hands out compensation
Thousands of Corewell Health patients affected by 2024 vendor data breach
TikTok for Business accounts targeted in phishing campaign - here's how to stay safe
UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
US Department of Justice (DoJ) confirms FBI director's email breached by Iranian hacker group Handala
Waterfall Threat Report 2026 finds ransomware slowdown masks deeper shift toward nation-state attacks on critical infrastructure
We Are At War
What to know about NFL, NBA players scammed by man posing as porn star in sex phishing scheme
Why Cybersecurity in Sports Is More Important Than Ever
26th March
4 new ways to survive the ransomware battle
A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know
A nearly undetectable LLM attack needs only a handful of poisoned samples
AFC Ajax data breach exposed fan information, risked ticket theft
AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It
AI SOC vendors are selling a future that production deployments haven’t reached yet
Ajax football club hack exposed fan data, enabled ticket hijack
Ajax suffers major own goal as data breach hits personal info of 300,000 fans
Alleged RedLine malware developer extradited to US, faces up to 30 years
An actionable code of ethics for cyber-security
Apple made strides with iOS 26 security, but leaked hacking tools still leave millions exposed to spyware attacks
Apple’s new ID checks dubbed as ‘ransomware’ as UK rollout begins
Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
British retailer Co-op swings to a loss on cyber attack, rising costs
China-Linked Hackers Breach Southeast Asian Military Systems
China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Co-op boss steps down as cost of last year’s attack nears £3 million
Co-op cyber attack saw £285 million hit to revenue
Co-op plunges to loss after cyberattack as CEO steps aside
Co-op reports lost sales and lower turnover in 2025 after cyber attack
Co-op takes £126 million knock from cyber attack as boss quits
Coruna iOS exploit framework linked to Triangulation attacks
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
Critical Ivanti EPMM Vulnerabilities Allow Remote Code Execution
Critical NVIDIA Vulnerabilities Enable RCE and DoS Attacks
Critical TP-Link Archer NX flaws let hackers bypass login and upload new firmware
Data Breach Hits Benefits Administrator Navia, Affecting Nearly 2.7 Million People
Delve Provided Certifications for LiteLLM Before Malware Breach Suspected to Originate from Trivy Supply Chain Attack
Device code phishing campaign targets 340+ Microsoft 365 organizations using OAuth abuse
Dragonforce Breaches Pride Solvents, Kalima Resort, & SSP
eLocal Data Breach Exposes Over 1.8 Million User Records
Esprinet Ransomware Attack: ALP-001 Claims 1.2TB Data Breach
EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts
Fake VS Code Security Alerts on GitHub Used to Push Malware in Widespread Phishing Campaign
Fidelity to settle data breach class action lawsuit for $2.5 million
Fixing the cracks in zero trust
GitHub Phishing Campaign Targets Developers with Fake VS Code Alerts that Urge the Patching of Fabricated CVEs
Goodwill Industries Data Breach by InterLock Ransomware
Hackers threatens Mark Cuban-backed ZenBusiness with data leak of "several terabytes" of data
Handala Hacker Group Gives Lockheed Employees 48 Hours to Leave Israel
IDrive for Windows Vulnerability Allows Privilege Escalation Attacks
Invoice Fraud Costs UK Construction Sector Millions, National Crime Agency (NCA) Warns
Iran-Linked Pay2Key Ransomware Group Re-Emerges
Iranian hacker group threatens Lockheed Martin staff in Israel
LeakBase Hacker Forum Admin Arrested by Russian Authorities
Linux Ransomware Pay2Key Targets Servers, Virtualization Hosts
LiteLLM breach spawning the largest cybercrime operation the world has ever seen
Lockheed Martin Employees doxed in Handala Hack Campaign
Maine Mental Health Agency Targeted in Russian Cyber Attack
Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception
Microsoft 365 Under Siege: Phishing Campaign Bypasses MFA Across 5 Countries
Mirai Botnet Growth Spurs Massive DDoS Attacks and Proxy Exploits
Monmouth University Suffers Data Breach in PEAR Ransomware Attack
New Langflow flaw actively exploited to hijack AI workflows
New PXA Stealer Malware Targets Banks, Uses Telegram to Exfiltrate Data
Node.js Fixes Critical Flaws, Patches DoS Risk in Latest Security Update
Nova Scotia Power Data Breach Compromises Data of Over 900,000 Users
OVHcloud breach claimed by hacker, millions of users potentially affected
Pennsylvania officials warn of Pennsylvania Department of Transportation (PennDOT) text phishing scams
Phishing Attacks Are Getting Smarter. Employee Training Must Keep Up
Phishing surge targets Gulf after Iran-Israel tensions
Port of Vigo Hit by Ransomware Attack, Cargo Systems Disrupted
Pro-Ukraine hacker group Bearlyfy targets Russian companies with custom ransomware
QualDerm data breach exposes health and insurance information of over 3.1 million patients
Quish Splash QR Code Phishing Campaign Hits 1.6 Million Users
Ransomware attack forced Foster City council to declare a state of emergency
RedLine Infostealer Network’s Second Defendant Now Faces a U.S. Court
Russia arrests suspected owner of LeakBase cybercrime forum
Russia detains alleged admin of LeakBase cybercrime forum weeks after global crackdown
Russian Authorities Announce Suspected LeakBase Admin Arrest
Russian cybercriminal imprisoned for operating Mario Kart botnet
Second RedLine infostealer operator ends up in US custody
Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
Soccer club Ajax suffers data breach exposing fan information, prompts security overhaul
South Korea: Financial Services Commission (FSC) launches Korea voice phishing taskforce, targets new scams and mule accounts
South Korea: Regulator to ramp up efforts to crack down on online phishing, mule accounts
St Anne's School in Southampton closed after cyber attack
Suspected Hijacked Developer Accounts Spread npm Malware
Suspected RedLine infostealer malware admin extradited to US
The rise of “too interconnected to fail”
TikTok for Business accounts targeted in new phishing campaign
TP-Link Fixes Bug That Lets Hackers Take Over Routers Without a Password
U.S. court sentences Russian hacker for running large-scale botnet operation
UK privacy groups slam Apple over iPhone age checks requiring ID
UK sanctions Chinese crypto marketplace tied to scam compounds
UK sanctions Xinbi marketplace linked to Asian scam centers
Unusually, LeakBase admin gets nabbed in Russia, his home base
US government launches new bureau to track cyber threats
US official accuses China of supporting, exploiting cyber scam crisis in Southeast Asia
Victims of cyber attack on London council 'won't be told for months' that their details have been stolen
WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites
Who owns AI agent access? At most companies, nobody knows
25th March
6.8 million Crunchyroll subscribers allegedly impacted in cyber attack
AI Social Media Scams Are Coming for Your Accounting Firm: Why DNS Filtering Belongs in Your Security Stack
AI-Generated Phishing Campaign Hits Hundreds of Organizations via Microsoft Cloud
Ajax hit by data leak as hacker could change stadium bans and assign tickets to other names
Ajax hit with data breach: hacker accessed details of 300,000 fans
Alleged OVHcloud Data Breach Exposes Millions of Customers and Server Infrastructure
An Evolving GlassWorm Malware is Making the Rounds of Code Repositories
APT Iran hackers steal over 375TB of data from Lockheed Martin
Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars
Bubble AI app builder abused to steal Microsoft account credentials
CISA, FBI Warn of Phishing Campaign Targeting Messaging App Users
Citrix urges admins to patch NetScaler flaws as soon as possible
Cloud-based Phishing Resumes After Tycoon2FA Disruption
Cloud Phones Linked to Rising Financial Fraud Threat
Convicted spyware chief hints that Greece’s government was behind dozens of phone hacks
Critical Python supply chain compromise: how library used by millions of AI developers got infected with malware
Crunchyroll Confirms Customer Data Breach Linked to Third-Party Vendor
Crunchyroll confirms investigation after hacker claims unauthorized access to user data
Crunchyroll Data Breach: Over 100GB Of User Information Reportedly Leaked
Crunchyroll Hack Exposes Customer Support Data in Vendor Security Incident
Cybercriminals Leverage Google Forms Job Offers To Spread PureHVNC Malware
Data breach in France exposes information of around 770,000 students
Deaconess Health System Affected by Vendor Data Breach
Dermatology services giant operating in 17 states exposes data of 3.1 million
Device Code Phishing Hits 340+ Microsoft 365 Organizations Across Five Countries via OAuth Abuse
Did A Hacker Access Millions Of Crunchyroll User Data? Here's What The Anime Site Said
Dutch Finance Ministry investigates cyberattack after unauthorized system access
Elixia gym operator reports cyber attack on IT systems
Elixia gym owners SATS Group hit in cyber attack
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
F5 NGINX Flaw Allows Code Execution via Malicious MP4 Files
Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam
Families urged to come up with a “safe word” as deepfake scams skyrocket
Federal Communications Commission (FCC) Bans New Foreign-Made Routers Over Supply Chain and Cyber Risk Concerns
Foster City cyberattack keeping network down: Investigation continues into ransomware found last week
Foster City Declares State of Emergency Following Ransomware Attack
Gemini picks up criminal activity buried in dark web noise
GitHub adds AI-powered bug detection to expand security coverage
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
GoHarbor Vulnerability Allows Attackers to Fully Compromise Container Registry
Hacker claims theft of 100 GB of Crunchyroll data
HackerOne Data Breach: Employee Data Stolen in Navia-Linked Hack
HackerOne Employee Data Exposed in Massive Navia Breach
HackerOne hit by data breach via third-party partner
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
Hackers Exploit Magento Flaw for Remote Code Execution and Account Takeover
Hackers smooth-talking their way into corporate networks as voice phishing surges
Hackers threaten Ameriprise Financial with 200GB data leak
Handala Hackers Releases Massive Data Breach of Former Mossad Chief
Head of Russian Cybercrime Group Mario Kart Sentenced for Locking Out Dozens of U.S. Businesses
Hightower Faces Class Action Suit Over Data Breach
Infinite Campus warns of data breach following extortion threat targeting Salesforce account
Iran: Confidential Information on the Maker of the F-35 and THAAD to Be Released
Iran: Oghab 44 Underground Air Base Alleged 3TB Data Breach
Iran-Linked Pay2Key Ransomware Strikes U.S. Healthcare Again
Iran-linked ransomware operation targeted US healthcare provider
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
Lewis Drug faces lawsuits over data breach
Liberty confirms data breach: email systems compromised but client assets secure
Linux Ransomware Pay2Key Attacking Servers, Virtualization Platforms, and Cloud Environments
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
Manager of botnet used in ransomware attacks gets 2 years in prison
Millions possibly affected by data breach at dermatology giant QualDerm
Mirai Malware Evolves into Hundreds of Variants Driving Botnet Growth
Naming a ransomware hacker can make retaliation and insurance claims ineffective
National Oil Ethiopia PLC Suffers Major Data Breach
Nearly 7 Million Email Addresses Exposed in Crunchyroll Third-Party Breach
New Torg Grabber infostealer malware targets 728 crypto wallets
Nigeria: Court Remands Hacker for Allegedly Stealing N3.09 Billion from First City Monument Bank (FCMB)
North Korean hacker caught within days by geography slip
Operation Henhouse Nets Over 500 Arrests in UK Fraud Crackdown
Over 3.1 million affected in QualDerm data breach exposing sensitive health and personal information
Palo Alto Networks Phishing Scam Targets Professionals
Poland Cyberattacks Surged in 2025, Suspected Pro-Russian Actors Targeted Critical Infrastructure
PolyShell attacks target 56% of all vulnerable Magento stores
ProCamps Suffers Alleged Data Breach Exposing 623K Records
Puerto Rico government agency cancels driver’s license appointments after cyberattack
Ransomware attack disrupts operation at major Spanish fishing port
Ransomware attack on University of Mississippi Medical Center (UMMC) causes 20% drop in revenue due to delayed patient care
Ransomware attacks fall as CL0P & The Gentlemen surge
Ransomware newcomer claims breach of security camera firm Hikvision
Recent Navia data breach impacts HackerOne employee data
Russia arrests alleged owner of cybercrime forum LeakBase
Russian botnet operator linked to major ransomware attacks sentenced in US
Russian Broker Aleksandr Khinkis Allegedly Laundered $4.7 Million for Ransomware Groups
Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks
Russian "Initial Access Broker" sentenced in Indiana for multi-million dollar ransomware scheme
Russian Initial Access Broker Sentenced to Prison for Enabling Ransomware Attacks on U.S. Firms
Russian Man Sentenced in Southern Indiana for Ransomware Attacks
Russian Mario Kart Manager Sentenced for Botnet Ransomware Attacks on Over 70 US Corporations
Russian national faces federal prison in ransomware and computer botnet scheme
Securing The Future: A Modern Blueprint for Higher Education Identity Management
School software serving 11 Million students hacked, ShinyHunters claims attack
SoFi class action alleges data breach exposed sensitive customer information
State Department Launches New Bureau to Combat High-Tech Threats
Supply chain attack hits widely-used AI package, risks impacting thousands of companies
TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise
The Federal Communications Commission (FCC) Just Blocked Every New Foreign-Made Router from the U.S. Market
The Netherlands: Ajax confirms major data breach affecting fans and season tickets
Think Before You Click: How Phishing Emails Can Steal Your Identity
Threat Actors Exploit RDP Servers To Deliver Malware and Establish Long-Term Access
Time travel for hackers: how clock spoofing threatens oil, gas, and industrial systems in Iran conflict
TP-Link warns users to patch critical router auth bypass flaw
Trio-Tech International Reports Data Breach to Securities and Exchange Commission (SEC)
US: Federal Communications Commission (FCC) Bans Foreign-Made Routers Over National Security Concerns
US healthcare provider reportedly struck by Iranian ransomware gang
US Prisons Russian Access Broker for Aiding Ransomware Attacks
US workers think they're pretty good at spotting phishing emails - but the reality is quite different
War in the Middle East Triggers Surge in Phishing and Malware Campaigns Targeting Gulf Countries
Why AI agents are one prompt away from ransomware
Your security stack looks fine from the dashboard and that’s the problem
24th March
3.1 Million Impacted by QualDerm Data Breach
32% of top-exploited vulnerabilities are over a decade old
Alleged Cyberattack on Crunchyroll Exposes Risks in Outsourced Systems
Anime streaming giant Crunchyroll says hacker stole data related to customer service tickets
Armenian ManyChat Database Breach Exposes 352k User Records
Attackers are handing off access in 22 seconds
Austin Plastic Surgery Data Breach Exposes Sensitive Personal and Health Info
BMG of Kansas Data Breach Exposes PHI of 1,327 Individuals
Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities
Citrix Urges Patching Critical NetScaler Flaw Allowing Unauthenticated Data Leaks
Columbus nonprofit organization announces data breach of its computer network
Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
Crunchyroll confirms data breach after hacker claims unauthorized access
Crunchyroll investigates major data breach after hackers claim to access 6.8 million user records
Crunchyroll reassures users about data breach
Crunchyroll Responds to Claims of Data Breach
Crypto heist against Resolv earns hacker about $24.5 million
Cyber Attack Continues to Paralyze Foster City, California
Cyberattack targets Libyan oil refinery in espionage campaign
Dangerous iPhone hack code now leaked on GitHub - users urged to patch now
DarkSword iPhone Exploit Kit Newer Version Leaks on GitHub, Exposing iOS Users to Spyware
DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk
Data breach at Dutch Ministry of Finance impacts staff following cyberattack
Data breach in French Education Ministry information system hits 243,000 staff
Defion Security Data Breach: ESXi Hosts Compromised
Down the rabbit hole: Operation Alice dismantles 373,000 dark web sites in global sting
Duffy’s Sports Grill Hit by Ransomware Attack; Customers Left Without Credit Card Processing for Days
Dutch Finance Ministry probing cyber breach affecting internal systems
Dutch Ministry of Finance discloses breach affecting employees
Enterprise Cybersecurity Software Fails 20% of the Time
Extortion Group Claims It Hacked AstraZeneca
FBI Warns of Iran’s Handala Hack Group Using Fake Apps to Spy on Windows Users
Federal Communications Commission (FCC) bans foreign-made routers from US market over ‘unacceptable risk’
Federal Communications Commission (FCC) bans import of new consumer routers made overseas, citing security risks
Federal Communications Commission (FCC) bans new routers made outside the USA over security risks
Federal Communications Commission (FCC) blocks foreign-made routers from US market over national security fears
Foster City declares emergency after cyberattack forces city computer system offline for days
Foster City declares State of Emergency following cyber attack
Foster City declares state of emergency following ransomware attack
FriendlyDealer Scam Mimics App Stores to Push Gambling Platforms, Some Impersonate Mr. Beast Affiliations
Fugitive Canadian Hacker, Released by Serbia, Seeks Pardon from Trump
Gcore Radar report reveals 150% surge in DDoS attacks year-on-year
German officials targeted in Signal phishing attacks, traces point to Russia
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
GitHub just made it much harder to ship a vulnerable pull request
Global phishing attack on Signal was initiated by Russian security agencies, Correctiv reports
Grayback Forestry Data Breach exposes PII of 5k
Gunra Ransomware Attack Breaches BKK Sky and Trio-Tech International
Hacker walks away with $24.5 million after breaching Resolv DeFi platform
HackerOne Data Breach Exposes SSNs and Health Details
HackerOne demands clarity after delayed breach warning from Navia
HackerOne discloses employee data breach after Navia hack
HackerOne, Mazda, Infinite Campus and Dutch Ministry Hit by Data Breaches
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
Handala Group Tied to Iranian Hack‑and‑Leak Operations, FBI Reveals
Handala Leaks Full Details of Shabak’s Iran Desk Officers
Infinite Campus Data Breach Exposes Student Records
Infinite Campus warns of breach after ShinyHunters claims data theft
Inside Pay2Key: Technical Analysis of a Linux Ransomware Variant
Iran linked hackers using Telegram to steal data, FBI issues alert
Iran-Linked Hackers Use Messaging Platform to Target Dissidents and Journalists
Iran-linked ransomware gang targeted US healthcare organization amid military conflict
Iran tries to portray cyberwar victory against Israel despite physical setbacks
Is Your Signal Account Safe? FBI Warns About Russian Phishing Campaign
Kaplan data breach exposes personal information of more than 230,000 people
Lehigh Carbon Community College Still Recovering From Data Breach
Liberty hit by data breach after unauthorised system access
Liberty Insurance Discloses Data Breach Affecting Customer Info
Marion Military Institute Ransomware Attack by Worldleaks
Marquis Cyber Attack Affected Over 672,000, Akira Ransomware Gang Exonerated
Mazda Confirms Data Breach Impacting Employee Partner Data
Mazda confirms limited employee, business partner data breach
Mazda Data Breach Exposing Employee and Partner Records Via System Vulnerability
Mazda investigates data breach following vulnerability in internal IT system
Mazda Says Employee, Partner Information Stolen in Cyberattack
Millions of Anonymous Student and Crime Tips Exposed in Major Data Breach
Multiple new tax season-exploiting phishing schemes uncovered
New ‘DarkSword’ Leak Puts Millions of iPhones at Risk After Initial Attack
New data and US watchdog rank routers as “the most hackable device”
New law enables Hong Kong police to demand passwords
New Npm 'Ghost Campaign' Uses Fake Install Logs to Hide Malware
Oracle Issues Emergency Patch for Critical Flaw Enabling Remote Code Execution
Over 300 organizations impacted by global AI-powered phishing campaign
OVHcloud Data Breach: Millions of Customers and Websites Exposed
OVHcloud founder denies hacker claims of massive data breach
OVHcloud Founder Denies Massive 590TB Data Breach Claims
Pay2Key Iranian-Linked Ransomware is Back, Back Again
Poland faced a surge in cyberattacks in 2025, including a major assault on the energy sector
Popular LiteLLM PyPI package backdoored to steal credentials, authentication tokens
PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
QualDerm Partners December 2025 data breach impacts over 3 Million people
Quatrro Data Breach Exposes Sensitive PII Including SSNs
Ransomware Attacks Against the US: 2026 Insights
Ransomware groups surge as July attacks hit Singapore
Ransomware has changed: So should recovery
Ransomware hits Trio-Tech’s Singaporean subsidiary
Ransomware Inc. and the startup approach to cybercrime
Resolv DeFi Breach Results in $24.5 Million Theft and Minting of $80 Million of Uncollateralized USR
Resolv gives hacker 72 hours to return stolen $25 million
Resolv Offers 10% Bounty to Hacker After $25 Million Stablecoin Exploit
Russian Access Broker Gets Nearly 7 Years for Enabling Millions in Ransomware Extortion
Russian Access Broker Jailed for Facilitating Ransomware Attacks Targeting U.S. Companies
Russian access broker sentenced to over 6 years in prison for ransomware schemes
Russian ‘Chubaka.kor’ Hacker Gets 81 Months In Indianapolis Ransomware Case
Russian Citizen Gets Almost 7 Years in Prison for Facilitating Dozens of Ransomware Attacks in U.S.
Russian hacker sentenced in Indiana federal court after stealing data, extorting U.S. businesses
Russian Hacker Sentenced to 7 Years in Indiana Court
Russian hacker sentenced to nearly 7 years for enabling U.S. ransomware attacks
Russian hacker who helped Yanluowang ransomware gang gets nearly 7-year prison sentence
Russian Initial Access Broker Handed 81-Month Sentence
Russian initial access broker helped ransomware gangs extort millions, sentenced to 81 months
Russian initial access broker who fed ransomware crews gets 81 months in US prison
Russian sentenced to jail for his part in ransomware attacks
Scammers run circles around sideloading restrictions with fake app stores
Security Leaders Share Thoughts on Foster City Cyberattack
Signal Phishing Attack: Digital Evidence Points to Russia
Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage
Singapore firms face world’s highest ransomware risk
South Africa: Insurer Liberty hit by data breach
South Africa: Liberty hit by data breach
Standard Bank hit with data breach at Liberty
Stryker says malware was involved in recent cyberattack as production lines reopen
Surviving ransomware: Best practices to safeguard your business
Takedown fails to deter Tycoon2FA phishing kit revival
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Telehealth Platform Provider OpenLoop Health Disclosed Data Breach
The $24 Million Keyholder: Russian Access Broker Sentenced To 7 Years For U.S. Ransomware Blitz
This tax-themed malvertising attack can blind security software before it arrives - and then unleashes ransomware
Toll of Kaplan data breach surpasses 230K
'Traces of unauthorized access': Mazda confirms data breach exposing employee and partner data - here's what we know
Trio-Tech Subsidiary Hit by Ransomware Attack, Data Leak Raises Concerns
Tycoon2FA Operators Resume Cloud Account Phishing After Infrastructure Disruption
Tycoon2FA Operators Resume Cloud Account Phishing Following Infrastructure
U.S. agencies warn of messaging app phishing attacks affecting thousands
U.S. Sentences Russian Hacker to 6.75 Years for Role in $9 Million Ransomware Damage
U.S. State and Local Government Under Ransomware: 2025–2026 Trend Analysis
UK businesses hit by cyber breaches as phishing rises
Uncle Sam closes the door on all new foreign-made routers
US Bans New Foreign-Made Routers, Citing ‘Unacceptable’ Security Risks
US jails Russian national linked to ransomware crew behind bold breach of Cisco systems
Vibe coding could reshape SaaS industry and add security risks, warns UK cyber agency
Washington Department of Licensing (DOL) hid License Express data breach for six years, lawsuit claims
'We are continuing to monitor the situation closely': Crunchyroll investigating breach which reportedly stole data on 6.8 million users
Who are ShinyHunters and what is Telus Digital? Crunchyroll data breach explained. Here's how much and what kind of Sony anime streamer user data was stolen and what should users do now
Yanluowang ransomware access broker gets 81 months in prison
23rd March
1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now
3.7 Million Records Exposed, Many Belonging to Sears Home Services
Akeela Data Breach Settlement Gets First Nod from the Court
An AI-powered phishing campaign has compromised hundreds of organizations
Anime fans' credit cards might be stolen from Sony streamer Crunchyroll
AstraZeneca Alleged Data Breach by LAPSUS$ Group
AstraZeneca Data Breach: What You Need to Know
AstraZeneca Data Breach Allegedly Claimed by LAPSUS$ as Internal Data Access Reported
AstraZeneca Data Breach Claimed by LAPSUS$ Hackers
Balance Autism Settles Class Action Data Breach Lawsuit
California-based semiconductor testing company reports ransomware attack to Securities and Exchange Commission (SEC)
Charlotte-Mecklenburg Students Targeted by Phishing Scam
Chip Services Firm Trio-Tech Says Subsidiary Hit by Ransomware
CISA orders feds to patch DarkSword iOS flaws exploited attacks
CISA Orders US Government to Patch Maximum Severity Cisco Flaw
Criminal prints millions in Resolv stablecoin, crashes its price 70%
Crunchyroll Alleged Data Breach: What Do Users Need to Know?
Crunchyroll Breach: Hackers Claim 100GB of User Data Stolen
Crunchyroll Data Breach: Cybersecurity Sources Report 100GB Leak
Crunchyroll Data Breach? Personal Details Like Emails, Credit Cards, And More Reportedly Leaked Online
Crunchyroll Data Breach - Threat Actor Claims Exfiltration of 100 GB of User Data
Crunchyroll Data Breach Allegedly Exposes 100 GB of User Data
Crunchyroll Data Breach Exposes Customer Information via Telus, Reports Say
Crunchyroll Faces Possible Data Breach
Crunchyroll Officially Responds to Data Breach With New Statement
Crunchyroll probes breach after hacker claims to steal 6.8 Million users' data
Crunchyroll responds to data breach claims and promises to investigate the alleged cyber attack: "We are aware...and working closely with leading cyber security experts"
Crunchyroll Suffers Major Data Breach; 100 GB Of Sensitive User Information Stolen
‘Cyber Attack Uncovered’: Admin Accounts Hijacked via CVE-2025-32975 in Quest KACE SMA
Data breach at large South African insurance and investment company
Department of Justice (DOJ) Disrupts Botnets, But DDoS Threats Remain, Security Pros Warn
Department of Justice (DOJ) takes down hacker group who targeted Stryker Group
Education company Kaplan reports data breach impacting more than 230,000
Energetika Ljubljana Data Breach Exposes Energy Infrastructure Files
Ethical hacker takes responsibility for Malta Gaming Authority data breach
Fairfield Council takes legal action after major data breach, uses Dropbox to contact hackers
Fake “Pudgy World” Site Lures Gamers Into Handing Over Crypto Wallet Passwords
Faster attacks and ‘recovery denial’ ransomware reshape threat landscape
FBI says Iranian hackers are using Telegram to steal data in malware attacks
FBI warns of Handala hackers using Telegram in malware attacks
FBI warns of Russian, Iranian cyber activity involving messaging platforms
Foster City Cyberattack Disrupts Services, Raises Data Breach Fears
France’s National Jobs Agency Hit With $5.4M Fine After Massive Data Breach Exposes 36.8 Million People
German hacker claims responsibility for Malta regulator breach, threatens data leak
German security researcher claims Malta regulator data breach
Global Crackdown Dismantles 4 Botnets Behind Major DDoS Attacks
Google Reinvents Android Sideloading to Thwart Scammers
Government of Chile Ley Lobby Portal Data Breach
Hacker group behind Stryker attack forced to 'reorganise' after key figures killed in military action
Hacker Targets Malta Gaming Authority, Alleges Crime Links
Hackers claim 500GB data theft in cyberattack on Namibia Airports Company
Hackers Claim to Have Breached Streaming Service CrunchyRoll’s Data
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Harper Executive Group Data Breach Affects 5,672: PHI and PII Exposed
High-Tech Sector Overtakes Finance as Top Target for Cyber-Attacks, Mandiant Reports
In Ohio County, Phishing Attack May Have Led to a Data Breach
Iran Denies Reports of Major Cyberattack on Water Infrastructure
Iran-Linked Hacker Group Targets Middle East Energy Firms Through Supply Chain Attacks
Korea Police Issue Urgent Phishing Alert Over Middle East Crisis Scams
LAPSUS$ claims major data theft from pharma giant AstraZeneca
LAPSUS$ Hackers Claim Breach of AstraZeneca’s Internal Systems
Lapsus$ Hackers disclose more about AstraZeneca Data Breach
Major Cybersecurity Threats to Watch in 2026: Prevent Ransomware Attacks with Expert Strategies
Malta Gaming Authority (MGA) Data Breach Claim Raises Security and Integrity Questions
Mazda discloses security breach exposing employee and partner data
Mazda Suffered a Data Breach Affecting 692 People in Thailand
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys Remote Monitoring and Management Tool (RMM) Malware
Microsoft Warns of New IRS-Based Phishing Attacks
Million-dollar hacker who targeted US businesses from South Africa jailed in America, faces deportation
Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems
Mutual of America Data Breach Exposes PII Including SSNs
Navia Benefit Solutions data breach impacted over 2.6 million individuals
Navia Data Breach Hits 2.7 Million People, Exposing Sensitive Personal Data
New CanisterWorm Targets Kubernetes Clusters, Deploys “Kamikaze” Wiper
NIST updates its DNS security guidance for the first time in over a decade
North Korean Hacker Lands Remote IT Job, Caught After VPN Slip
North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware
One Operator, 373,000 Dark Web Sites, and a Criminal Business Built on Selling Nothing
Operation Alice Takes Down 370,000+ Dark Web Sites
Oracle issues emergency fix for pre-auth RCE in Identity Manager (CVE-2026-21992)
Over 511,000 End-of-Life Microsoft Internet Information Services (IIS) Servers Exposed Online
Pellenc Ransomware Attack: Alp-001 Group Claims Data Breach
Pharma giant AstraZeneca claimed by hackers, with source code on the table
Police Shut Down 373,000 Dark Web Sites in Single-Operator Cybercrime-as-a-Service (CaaS) and Child Sexual Abuse Material (CSAM) Network
Police warn Korea of phishing exploiting Middle East crisis anxiety
Police Warn Potential Tipsters About Alleged CrimeStoppers Data Breach
Prefeitura Municipal de Caieiras Data Breach Exposes Citizen PII
Ransomware Gangs Broaden EDR Killer Methods Past Driver Exploits
Ransomware's New Era: Moving at AI Speed
Rogers Communications & Fido Data Breach Exposes Records
Russia-linked malware operation collapses after security failures, developer’s arrest
Russian hackers go after high-value targets through Signal
Russian hacker group 'Fancy Bear' found in Serbian military institutions
Russian hackers target Signal users in phishing campaign, FBI and CISA warn
San Felipe-Del Rio Consolidated Independent School District (CISD) Outage: Internal Network Systems Impacted, Including Internet and Phones
Serbian Ministry of Defense targeted by Russian state hackers
ShinyHunters Attack Hits Infinite Campus and Ameriprise
Shubert Organization Data Breach on Telecharge Platform
Signal is being targeted by Russian hackers in a huge new phishing campaign, FBI says
Sitting ducks: over 500K outdated Windows web servers are exposed online
Smooth criminals talking their way into cloud environments, Google says
Someone has publicly leaked an exploit kit that can hack millions of iPhones
TeamPCP deploys Iran-targeted wiper in Kubernetes attacks
The devices winning the race to get hacked in 2026
The Philippines: Alleged Department of Public Works and Highways (DPWH) 50GB data breach under probe
The phone call is the new phishing email
The Race to Build Better Cybersecurity: How Governments and Private Firms Are Responding to Rising Cybercrime
The Weaponization of Ransomware and DDoS: Navigating Geopolitical Risk and Building Corporate Resilience
Trends set to shape Singapore’s cybersecurity landscape
Trio-Tech’s Singapore subsidiary hit by ransomware attack, stolen data published online
Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper
Trivy Supply Chain Attack Expands With New Compromised Docker Images
Trivy supply-chain attack spreads to Docker, GitHub repositories
Tycoon 2FA Fully Operational Despite Law Enforcement Takedown
Tycoon2FA phishing platform returns after recent police disruption
Tycoon2FA Phishing Service Resumes Activity Post-Takedown
UK’s essential services under constant cyberattacks as bosses fear for public data
US chip testing firm shrugged off ransomware hit as minor - then came the data leak
US sentences Nigerian national to 7 years in $6 million email fraud scheme
US soldier sentenced for helping North Korean IT workers
US, Germany, Canada disrupt botnets that infected millions of devices
Was Your Personal Information Sold in Washington Department of Licensing (DOL) Data Breach? Lawsuit Claims It Might Have
Watch out for suspicious Microsoft Azure Monitor alerts - it could be this shifty new callback phishing attack
Who is the German hacker claiming responsibility for the Malta Gaming Authority (MGA) breach?
Why Companies Shouldn’t Pay Ransomware Demands
Your AI agents are moving sensitive data. Do you know where?
