Welcome to DBD. On March 8th 2026, DBD celebrated it's sixth anniversary and 
Dentons Senior Analyst, Washington D.C.
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 4th May and 10th May 2026.5th May
A critical bug in corporate file transfer software lets hackers bypass login entirely
AI Adoption Outpaces Safety Policies, Leaving Organizations Exposed to Cyber Risk
Amazon SES Turned Weapon: Sophisticated Phishing Attacks Surge Worldwide
Amazon Simple Email Service (SES) Phishing and BEC Attacks Leverage Leaked AWS IAM (Identity and Access Management) Keys
Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists
Ardmore police database hit by ransomware attack
Attackers Abuse Amazon SES To Send Authenticated Phishing Emails
Attackers Abuse Amazon SES to Send Authenticated Phishing Emails That Bypass Security
Attackers Exploit Amazon SES to Send Authenticated Phishing Emails
Australia: New South Wales government downgrades impact of alleged Treasury data breach
Canvas maker Instructure reveals data breach - confirms user personal information leaked
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
Clipboard to Encryption: The Critical Role of ClickFix in Ransomware Campaigns
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
Code of Conduct Phishing Emails Target 35,000 Users in Multi-Stage AiTM Attack
Connecticut Judicial Branch warns of targeted phishing scams
Conti ransomware gang member sentenced to 102 months in prison
Conti, Akira ransomware affiliate given 8-year sentence
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Cyber attack hit UAE's Fujairah Port 'minutes before' Islamic Revolutionary Guard Corps (IRGC) missile strike
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Education Sector Hit by Espionage, Phishing, and Supply Chain Attacks
Education Sector Under Attack From State Espionage, Spear-Phishing, and Supply Chain Attacks
Educational tech firm Instructure data breach may have impacted 9,000 schools
Europol built “shadow IT database” under terror pressure, then lost control
Experts warn Amazon's Simple Email Service is being abused to launch 'massive volume' of phishing attacks
Facebook Phishing Campaign Hijacks 30,000 Accounts Using Google AppSheet
Facebook Phishing Scam Devastates 30,000 Accounts Through Deceptive Blue Tick Verification Scheme
Fake SSA Emails Drive Venomous#Helper Phishing Campaign
Federal Trade Commission (FTC) to ban data broker Kochava from selling Americans’ location data
FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware
German regulator sits on hands as facial recognition tool PimEyes amasses billions of faces
Goodwin University Data Breach Exposes Both PHI and PII
Google AppSheet Abuse Helped Phish 30,000 Facebook Accounts
Google Update: Android Flaw Could Put Billions of Devices at Risk
Hackers Mass-Exploit Critical cPanel Vulnerability May Impact 550,000+ Potentially Vulnerable Servers
Hackers steal students’ data during breach at education tech giant Instructure
Hackers Target Education Sector With Spear-Phishing Attacks
Healthcare Firm Suffers Major Data Breach - Personal, Medical and Health Records of 143,842 People at Risk
Helix Energy Solutions Data Breach Exposes PII: Thousands Affected
Instructure Confirms Canvas Cybersecurity Incident, User Data Accessed
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
Karakurt Ransomware Negotiator Sentenced to Prison
Kaspersky suspects Chinese hackers planted a backdoor into Daemon Tools in ‘widespread’ attack
Latvian Cybercriminal Jailed for Role in Multi-Million Dollar Ransomware Scheme
Latvian national sentenced for ransomware attacks run by former Conti leaders
Locked out at lunchtime: why ransomware is now a real risk for Scotland’s hospitality trade
Major shift in Chinese cyber attack activity
Member Of Russian Ransomware Group Sentenced To Prison
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft Edge writes passwords to memory in cleartext: a gift for attackers
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
Microsoft reports 8.3 billion phishing threats as QR codes surge
Microsoft Reveals Phishing Attack Targeting 35,000 Users in 26 Countries
Microsoft warns of global campaign stealing auth tokens from 35K users
Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations
Most Financial Scams Don’t Hack Systems - They Hack People
Murata Electronics Data Breach: Social Security Numbers Exposed
Mythos AI hacking fears prompt UK health service crackdown on open-source code
National Cyber Security Centre (NCSC) Warns of an AI-Fuelled “Vulnerability Patch Wave”
New Infostealer Dubbed ‘Pheno’ Hijacks Windows’ Phone Link App to Steal MFA OTPs
New WhatsApp Flaws Could Affect Billions of Users After Meta Security Patch
North Korean APT Targets Yanbian Gamers via Trojanized Platform
North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China
One in four MCP servers opens AI agent security to code execution risk
Phishing Campaign Impersonating the U.S. Social Security Administration Targets 80+ Organizations
'Phishing campaigns continue to improve sophistication and refinement': Microsoft flags major 'sophisticated' phishing campaign targeting 35,000 users across 26 countries
Pro-Iran hacker group claims access to Fujairah Port classified data
Pro-Iran hacker group claims coordinated cyber, missile attack on Fujairah Port
Pro-Iran hacker group claims it has classified data on 400 US Navy marines
Ransomware negotiator sentenced for role in major cyber crime group
Real estate giant confirms vishing incident as ShinyHunters and Qilin both come knocking
Retail stakeholders 'underestimate cyber attack disruption'
Saiga phishing kit returns to bypass multifactor authentication
ScarCruft hackers push BirdCall Android malware via game platform
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
ShinyHunters claims Cushman & Wakefield breach, 500k Salesforce records at risk
ShinyHunters impersonator claims to have hacked Nvidia’s GeForce Now
Silver Fox expands Asia cyber campaign with new ABCDoor malware
Silver Fox Uses Fake Tax Notices to Deploy ValleyRAT and New ABCDoor Backdoor
Sophisticated “Microsoft Advertising” Phishing Campaign Targeting Microsoft Ad Users
Teen hacker arrested over French government data leak
The Art of Security: It Is Time to Rethink the CISO’s Role
Transport businesses underestimate impact of disruption from a cyber attack
Trellix confirms data breach after hack of 'a portion' of its source code
Trellix reports data breach following unauthorized access to source code repository
Trellix Reveals Unauthorized Access to Source Code
Triad Radiology Associates reports employee email data breach
Trojan abuses Microsoft Phone Link app to steal your passwords
Unpatched flaws turn Ollama’s auto-updater into a persistent RCE vector, researchers say
Vimeo data breach exposes personal information of 119,000 people
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
Western Orthopaedics Data Breach Exposes Patients' Personal and Health Information
What the Celebrity Stalkerware Breach Means for Executive Protection
4th May
7 Ways to Modernize Employee Phishing Training for AI-Driven Threats
15-year-old detained over massive data breach at French government agency
2026: The Year of AI-Assisted Attacks
AI Accelerated Cyber-Attacks Aren’t New, But They Are Faster
Amazon Simple Email Service (SES) increasingly abused in phishing to evade detection
Attempted cyber attack affects San Diego Community College systems
Backdoored PyTorch Lightning package drops credential stealer
Bluekit Phishing Kit Automates Domain Setup and Session Hijacking
Bluekit phishing kit enables automated phishing with 40+ templates and AI tools
Boutique phishing kit Saiga 2FA reappears with new campaigns and ‘lorem ipsum’ metadata
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
Canvas Breach May Put 275 Million Users, 9,000 Schools at Risk
Canvas Confirms Data Breach Following ShinyHunters Claim
Canvas Parent Instructure Confirms Data Breach After ShinyHunters Claims Attack
CISA Alerts on cPanel & WHM Flaw Actively Exploited in Attacks
CISA says ‘Copy Fail’ flaw now exploited to root Linux systems
CISA Warns of Linux Kernel Zero-Day Vulnerability Exploited in Active Attacks
Critical Apache MINA Flaws Enable Remote Code Execution Attacks
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
Cybercriminals Abuse Tanstack Package To Target Developer Environments
Cybersecurity professionals jailed for ransom attacks
Cybersecurity Professionals Sentenced to Prison for Ransomware Attacks
Data breach hits Canvas learning platform serving millions
Department of Justice (DOJ) Sentences Two Americans for ALPHV BlackCat Ransomware Attacks
DigiCert breached via malicious screensaver file
Edtech Firm Instructure Discloses Data Breach Amid Hacker Leak Threats
Educational company Infrastructure reports cyber incident
Email Bombing and Fake IT Support Calls Fuel New Microsoft Teams Phishing Attacks
Email Bombing, Fake IT Support Calls Drive Microsoft Teams Phishing Surge
FBI Warns of Surge in Cyber-Enabled Cargo Theft Targeting Logistics Firms
Four Years in Prison for Cybersecurity Pros Turned Ransomware Attackers
Global Crackdown Arrests 276, Shuts 9 Crypto Scam Centers, Seizes $701 Million
Hackers are mass-exploiting the cPanel bug to gain control of thousands of websites
Hackers breach Canvas learning platform serving millions, steal student data
Hackers replace top Google result for Homebrew with sponsored MacOS malware
Hackers threaten to leak Canvas messages and emails: 275 Million students at risk
If You See This X Message - A Hacker Is Attacking Your Account
Indirect Prompt Injection Is Now a Real-World AI Security Threat
Instructure confirms data breach, ShinyHunters claims responsibility
Instructure data breach: ShinyHunters says it stole data and private messages from 275 million teachers and students
Instructure Data Breach by ShinyHunters puts Students and Teachers to Cyber Risks
Instructure Faces Cyberattack Resulting in Data Breach Affecting Millions in Education Sector
Instructure Investigating Cyber Attack, Exposure of User Data
Instructure Restores Services Following Major Edtech Data Breach
Instructure, Parent of Canvas, Confirms Data Breach
Kaspersky Reveals SilverFox Cyber Attack Disguised as Tax Audit in Indonesia
KnowBe4 finds 86% of phishing attacks now AI-driven
“Legitimate” phishing: how attackers weaponize Amazon SES to bypass email security
Liberty Mutual listed on ransomware leak site as Everest group claims 108 GB data theft
Major car brands face 'unavoidable trade-off' as hackers target millions of vehicles, ex-FBI cyber chief warns
Man from Russian group sentenced in $56 million ransomware scheme
Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940)
National Cyber Security Centre (NCSC) Warns Organisations to Act Fast as Hidden Software Flaws Surface
New ‘Bluekit’ Phishing Kit Uses AI Assistant to Simplify and Scale Cyber Attacks
New Phishing Scam Uses Fake Party Invites To Steal Passwords And Personal Data
New Zealand electrical contractor confirms cyber attack
Over 40% of UK Firms Hit by Cyber Attacks Last Year, Government Survey Finds
Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools
Phishing Emails Now Look Legitimate, One Wrong Click Can Expose OTP And Bank Accounts
Progress Patches Critical MOVEit Automation Bug Enabling Authentication Bypass
Progress warns of critical MOVEit Automation auth bypass flaw
Ransomware accounts for 90% of cyber losses in manufacturing, claims data shows
Ransomware group claims breach of pro-Orbán Hungarian media firm
Ransomware In 2026: Newer Groups, Severe Impact
Ransomware Victims Jump To 7,831 As AI Crime Tools Scale Global Attacks
Rhode Island Settles With Deloitte for $12 Million Over 2024 Ransomware Attack on Benefits System
RMM Tools Fuel Stealthy Phishing Campaign
Sandhills Medical Foundation Notified Individuals of a May 2025 Data Breach
Sandhills Medical Foundation Ransomware Breach Draws Class Action Investigation Nearly a Year Later
ShinyHunters Claims Responsibility for Breach of EdTech Company Instructure
ShinyHunters Claims Responsibility for Instructure Data Breach
ShinyHunters impersonator claims to have hacked Nvidia’s GeForce Now
Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia
Small Defense Firms Lack Network Data to Stop Nation-State Hackers
South Korea: Phishing Sites Disguised as KakaoTalk, Claude Downloads Steal User Data
Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition
'The inbox is no longer the only front line': Report claims vast majority of phishing attacks are now generated by AI - here's how to stay safe
‘The inbox is no longer the only frontline’: Phishing attacks are evolving as cyber criminals ramp up ‘multi-channel’ campaigns over email and Microsoft Teams
Thousands of Facebook accounts stolen by phishing emails sent through Google
Trellix Confirms Source Code Repository Breach
Trellix discloses data breach after source code repository hack
Two cybersecurity pros get prison time for helping ransomware gang
US government warns of severe CopyFail bug affecting major versions of Linux
US healthcare marketplaces shared citizenship and race data with ad tech giants
Weaver E-cology critical bug exploited in attacks since March
Who owns the decision to pay ransomware attackers?
Your work apps are quietly handing 19 data points to someone
Welcome to last month's DLR Report, an exclusive presentation of Data-Leaking Ransomware Operator's Global and US Victims that were claimed between 1st April and 30th April 2026.
Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 20th April and 26th April 2026, kindly assisted by our partners.