Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Monday, 18 May 2026

Data Breaches Digest - Week 21 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 18th May and 24th May 2026.


18th May

201 arrested in INTERPOL disruption of phishing and fraud networks

AI is drowning software maintainers in junk security reports

AI shrinks vulnerability exploitation window to hours

Aintree hospital staff illegally accessed Southport knife attack victims' care details

Anthropic to brief on Mythos AI after warning it could "crack the whole cyber-risk world open"

Attackers accessed, downloaded code from Grafana Labs’ GitHub

Attackers are exploiting critical NGINX vulnerability (CVE-2026-42945)

Bank of England, Financial Conduct Authority (FCA) and Treasury Raise Alarm Over Frontier AI

Critical n8n Flaw Expose Automation Nodes to Full RCE

Critical FunnelKit Bug Leaves WooCommerce Stores Open To Attacks

Crypto Users Warn of Official-Looking Phishing Emails: Exchange and DeFi Users Targeted

Cyber Insurers Now Want Evidence That Companies are Fixing Security Risks

Developer Workstations Are Now Part of the Software Supply Chain

Exploit available for new DirtyDecrypt Linux root escalation flaw

First Shai-Hulud Worm Clones Emerge in NPM Supply Chain

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Foxconn Suffers Ransomware Attack With Important Project Files From Apple Stolen

Gamaredon Deploys GammaDrop and GammaLoad In Phishing Campaigns

Game over for 74 suspected scammers after Dutch cops plastered their faces on billboards

Gîtes de France among three booking websites to be hit by cyberattack

Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign

Grafana Confirms Breach After Hackers Claim They Stole Data

Grafana Labs Announces GitHub Breach Following Coinbase Cartel Claims

Grafana Labs Breach Exposes GitHub Repositories and Codebase

Grafana pushes back on blackmail after breach: Will monitoring dashboards now be used against defenders?

Grafana says stolen GitHub token let hackers steal codebase

Gremlin Stealer Abuses .NET Resource Files To Conceal Malware Payloads

Hacker Steals Over $11 Million From Verus-Ethereum Bridge

Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026

Hackers Exploit Critical NGINX RCE Vulnerability in the Wild

HDFC Asset Management Company discloses cybersecurity incident after anonymous threat claim

HDFC Asset Management Company IT infrastructure Under Cyber Attack: Investigation Underway

Inside the Foxconn Cyber Attack: Ransomware & Stolen Data

Interpol Launches Sweeping Cybercrime Crackdown in Middle East and North Africa (MENA) Region

Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

JDownloader Website Hacked To Deliver Weaponized Linux and Windows Installers

Kenya: Safaricom Ordered to Pay KES 9.9 Million Over Customer Data Breach in Landmark Privacy Ruling

Leaked Shai-Hulud malware fuels new npm infostealer campaign

Marimo Security Flaw Enables remote code execution Attacks

MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

National Cyber Security Centre (NCSC) Calls for Tight Security and Human Oversight as Agentic AI Use Expands

National Cyber Security Centre (NCSC) Publishes Guidance on Securing Agentic AI Use

New Phishing Scam Uses Google Email System to Target Crypto Users

New Reaper Malware Uses Fake Microsoft Domain to Steal macOS Passwords

OpenAI responds to TanStack supply chain cyber attack

Paper Werewolf APT Disguises EchoGather RAT As Adobe Reader Installer

PawsRunner Loader Uses Steganography To Deploy PureLogs Infostealer

Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations

Q1 2026 Android Threat Landscape: Banking Trojans, Triada.ag Backdoor Surge

Qilin ransomware group claims responsibility for Generation Life hack

Race to tear down open source: copycats reusing TeamPCP’s code in NPM attacks

Ransomware attack on Extant Aerospace exposed sensitive personal data

Revenue staff warned not to use work passwords for personal reasons after data breach

Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

Shadow AI Is Growing in Silence While Enterprise Security Falls Behind

The AI backdoor your security stack is not built to see

The Gentlemen Ransomware Gang Hit by Internal Breach, Operations Exposed

The Netherlands: Privacy regulators outline 3 urgent steps companies must take as data breaches hit 44K

Verber Dental Group Data Breach May Have Exposed Patient Information

Vindictive researcher gains complete Windows control using 6-year-old Google bug report

Was Adobe Suite breached? This is what we know

When ransomware hits, confidence doesn’t restore endpoints

Your Peace Sign Selfie Is a Hacker’s New Favorite Photo

Zara confirms 200,000 customers’ data exposed in alleged ransomware attack

Posted by at
Labels: