Editor's Message

Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and PRiSM celebrated it's third anniversary. Both projects have made a huge impact on my life and I'd like to thank each and everyone of you who have supported me, with special thanks to those individuals and communities who have helped me build up my knowledge on cybercrime and ransomware over the years. Thanks again for all your continued support. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.



Monday, 6 July 2026

Data Breaches Digest - Week 28 2026

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 6th July and 12th July 2026.


6th July

70,000 people affected in Singapore Land Authority (SLA) data breach

Australia: Data Breach Alerts Hit Record High in 2025

Bad Epoll Zero-Day Linux Kernel Flaw Lets Unprivileged Users Escalate to Root

ClickFix spear-phishing technique tops Q2 malware charts

Cybersecurity Experts Warn: Your Biggest Risk May Be a Vendor, Not a Hacker

Finding focus: Strategic approach to cyber security for small and medium companies

Gaslight Malware Abuses Prompt Injection to Trick Automated AI Cybersecurity Agents

How to prioritize AI agent security by business impact

INTERPOL Report Warns of Sharp Rise in AI-Powered Cybercrime Across Asia-Pacific

Microsoft device telemetry key to unmasking alleged Scattered Spider hacker

ModSecurity Flaws Let Attackers Bypass WAF Rules and Request-Body Inspection

New ClamAV security patch closes seven scanner bugs dating back two decades

New Java-Based QuimaRAT Malware-as-a-Service (MaaS) Built to Run on Windows, Linux, and macOS

'No hacker needed': New AI ransomware can automate database attacks from start to finish, warns cybersecurity firm

OAuth, guest accounts, and weak MFA drive SaaS risk

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

Ousaban Banking Trojan Uses Daily-Changing DDNS Domains to Hide C2 Infrastructure

Personal details of about 70,000 people exposed in Singapore Land Authority (SLA) cloud security incident, investigations ongoing

Renting The Exploits: How Fraud-As-A-Service Platforms Turned Digital Crime Into A Subscription Business

Securing the inbox: Where identity, brand and security meet

Seven FatFs Vulnerabilities Exposing Embedded Devices to Code Execution

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

The future of payment fraud could be automated

The operational challenge: What the Mackay Sugar cyber attack reveals about Australia’s cyber readiness