Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Monday, 27 April 2026

Data Breaches Digest - Week 18 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 27th April and 3rd May 2026.


27th April

Attackers Chain Flaws to Backdoor CODESYS Applications and Deploy Malicious Code

BlackFile Group Targets Retail and Hospitality with Vishing Attacks

Carnival Investigates Potential Data Breach Affecting Millions Of Cruisers

CTM360 Exposes Global GovTrap Campaign With 11,000+ Fake Government Portals Targeting Citizens Worldwide

Device codes are the new frontier for phishing as Barracuda detects 7 million attacks in four weeks

Extradition Drama: Italian Government Approves Chinese Hacker's Transfer to U.S.

Fake Android Apps Distributing Spyware, Linked to Italian Surveillance Vendor IPS

Fake CAPTCHA International Revenue Share Fraud (IRSF) Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud

FBI, Indonesian Authorities Team to Take Down Site Ripping Off Users for Millions

Former Ransomware Negotiator Pleads Guilty to Aiding Attackers

Google users receive $30 bills after fake CAPTCHA scammed them into sending premium text messages

How to Prepare for GenAI-Driven Threats and Ransomware Attacks

India: CERT-In warns of AI-driven cyber attack risks

International Tensions: Extradition of Chinese Hacker Xu to U.S. Sparks Controversy

Italy: Extradition decree signed for Chinese hacker arrested at Malpensa Airport

Lee & Lee Country Club Personal Data Breach...Possible Involvement of North Korean Hackers

Microsoft Store App Vibing.exe Accused of Harvesting Screens, Audio, and Clipboard Data

Narteks Tekstil A.S. Suffers Krybit Ransomware Attack

Now a ransomware turns quantum computing safe in encryption

Proof-of-Concept (PoC) Exploit Released for Critical Metabase Enterprise RCE Vulnerability

Qilin Ransomware claims to have breached Inspira, Muller, A&A, Longwood, Exclusive, Istarpal

Ransomware attacks affect 2 senior care providers

Researchers Identify Fast16 Sabotage Malware That Pre-Dates Stuxnet

Sri Lanka: Banks alert customers to phishing attacks

Synmosa Biopharma Hit by Dragonforce Ransomware Attack

The $700 million question: How cyber risk became a market cap problem

The AI criminal mastermind is already hiring on gig platforms

Two researchers stumble on pre-Stuxnet malware that may have targeted Iran's nuclear program

U.S. utility giant Itron discloses a security breach

Udemy Data Breach Results in 1.4 Million Accounts Leaked by ShinyHunters

Your Identity and Access Management (IAM) was built for humans, AI agents don’t care

Posted by at
Labels: