Editor's Message

Welcome to DBD. Cybercrime made global headlines in 2025. Attacks on well-known brands and organizations have raised public awareness of the severity, frequency and impact of cyber attacks. Ransomware attacks are at their highest ever recorded, and 2026 has the potential to be even worse, as cyber criminals continue to extort their victims, with little chance of being brought to justice. On a lighter note, I'd like to take this opportunity to wish you all a very Merry Christmas and all the best for the New Year. Thanks again for all your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington D.C.

Wednesday, 17 December 2025

Ransomware Operator Claims - Week 50 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 8th December and 14th December 2025, kindly assisted by our partners.

DBD discovered and researched 189 Ransomware Victims over 39 Countries and Islands claimed by 34 Data-Leaking Ransomware Operators, including 1 Newly Discovered Ransomware Operator last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels:

Monday, 15 December 2025

Data Breaches Digest - Week 51 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th December and 21st December 2025.


18th December

France Arrests 22 Year Old After Hack of Interior Ministry Systems

Google sues another Chinese scam group over large phishing scheme

Paizo GPS Solutions Allegedly Breached Exposing GPS Telemetry Data

Privacy risks sit inside the ads that fill your social media feed

SudamericaData Breach Exposes Over 1TB of Argentine Records

17th December

$3.5M Settlement Agreed to Resolve Group Health Cooperative of South Central Wisconsin Data Breach Lawsuit

8 Million VPN users just got their AI chats wiped and sold

14 Malicious NuGet Packages Found Stealing Crypto Wallets and Ad Data

55% of victims of Makop ransomware group were based in India

200 Million Pornhub Users Exposed After Data Breach

Advancing Ransomware Investigation and Cybercrime response in Africa

AI breaks the old security playbook

Al-Ahli Saudi Football Club Data Breach Exposes Player Contracts and Passports

Amazon EC2 and ECS Targeted in Cryptomining Campaign Using Compromised IAM Credentials

Amazon exposes Russian cyber saboteurs targeting Western critical infrastructure

Askul data breach exposed over 700,000 records after ransomware attack

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)

Banks built rules for yesterday’s crime and Regulatory Technology (RegTech) is trying to fix that

Biggest Cyber Attacks of the Year 2025: A Wake-Up Call for Cybersecurity

Blind Eagle Hackers Exploit Trust to Bypass Email Security Controls

BlindEagle Campaign Abuses Trust Relationships to Circumvent Organizational Email Defenses

China-Linked Ink Dragon Hacks Governments Using ShadowPad and FINALDRAFT Malware

Chinese Ink Dragon Group Hides in European Government Networks

Chinese spy group Ink Dragon is turning victims into infrastructure

Cisco email security appliances rooted and backdoored via still unpatched zero-day

Cisco warns of unpatched AsyncOS zero-day exploited in attacks

Coupang CEO Bom Kim Under Fire for Data Breach Absence

Coupang CEO faces legal action for skipping South Korean hearing on data breach

Coupang CEO fails to appear at South Korean parliamentary hearing on data breach

Coupang CEO's No-Show Sparks Outrage Amid Massive Data Breach Scandal

Coupang discloses 33 million-user data breach to US regulators

Coupang executives face Korean lawmakers over data breach

Coupang executives grilled by Korean lawmakers over data breach

Coupang founder faces legal action for skipping South Korean hearing on data breach

Coupang interim CEO apologizes over 33 million users data breach

Coupang rebuked over founder's absence at data breach hearing

Coupang reports data breach affecting 33 million customers to US Securities and Exchange Commission (SEC)

Coupang reports data leak affecting 33.7 million, warns of financial risks

Coupang's Data Breach Drama: CEO Bom Kim Faces Legal Action

Coupang's Data Breach Drama: Legal Actions and Market Implications

Critical React2Shell flaw exploited in ransomware attacks

Cybersecurity in 2026: phishing surges, shadow AI grows

CyberVolk Ransomware Flawed: Free File Recovery Possible

DragonForce Hits Edward J Kone, Leger & Shaw, GPC Industries

Dutch Data Protection Authority (DPA) warns users: TikTok continues to send personal data to China

European Investigators Disrupt $12m Call Center Fraud Ring

Exploited SonicWall zero-day patched (CVE-2025-40602)

Fake IKEA, Zalando, Dr. Martens, Mango Online Stores Campaign Targets Global Retail Sector

Fortinet firewalls under active attack, users urged to update now

France arrests suspect tied to cyberattack on Interior Ministry

France confirms cyberattack on Ministry of Interior, hackers claim 16 Million individuals exposed

France investigates Interior Ministry email breach and access to confidential files

From Fake Deals to Phishing: The Most Effective Christmas Scams of 2025

GhostPoster malware campaign exploits live Firefox extensions

GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads

Google sues alleged Chinese scam group behind massive U.S. text message phishing ring

Hackers Claim Stealing 94GB of Pornhub Premium User Watch Histories

How to spot if your Gmail account is under attack as Google issues warning

India: Central Bureau of Investigation (CBI) busts cyber fraud network that sent out bulk phishing messages, 3 arrested

India: How Digital Personal Data Protection Act (DPDP) Rules Are Quietly Reducing Deepfake and Synthetic Identity Risks

Ink Dragon Expands Cyber Espionage to European Government Networks

Inside a purchase order PDF phishing campaign

Ireland: Ombudsman’s office confirms it has suffered ransomware cyberattack

Ireland: Ransomware attack forces Office of the Ombudsman to take IT systems offline

Japanese School Yokosuka Gakuin Confirms Ransomware Attack and Data Leak Claimed by Rhysida

Makop Ransomware Puts India in Cybercrime Crosshairs

Massive new botnet hijacks almost 2 million Android devices and briefly surpasses Google

Most smart devices run outdated web browsers, expose owners to attacks

Motors WordPress Vulnerability Exposes Sites to Takeover

National Institute of Standards and Technology (NIST) Releases Draft AI Cybersecurity Guidance to Address Risks of Enterprise AI Adoption

NCC Group report finds ransomware activity plateaued in November as tactics evolve

New ClickFix Attack Uses Fake Browser Fix to Install DarkGate Malware

New “Lies-in-the-Loop” Attack Undermines AI Safety Dialogs

New Research Reveals 90% of Parked Domains Now Deliver Malware, Scams, and Phishing Attacks

New research shows most parked domains now expose users to malware scams and phishing

New SantaStealer malware drops just in time for the holidays

New Zealand property firm Hopper Developments suffers alleged cyber attack

Northern Ireland Executive agrees to set aside £119m to help cover costs arising from PSNI data breach

NS Pharma Data Breach Affects 92,845 Patients

Ongoing cryptomining campaign uses hacked Amazon Web Services (AWS) accounts

Parked Domains Emerge as a Primary Channel for Malware and Phishing

PetrĂ³leos de Venezuela (PDVSA) Cyberattack Disrupts Administrative Systems, Oil Cargo Deliveries Suspended

Police Service of Northern Ireland (PSNI) data breach: Ministers set aside £119m for PSNI data breach payouts

Pornhub: Hacker group threatens to leak list of premium users

Pornhub data breach: Who are ShinyHunters, the hackers claiming to steal user data?

Pornhub hack: 200 million user data stolen by ShinyHunters

Pornhub hit by huge cyber attack as millions of users' data 'stolen by hackers'

Pornhub Hit by ShinyHunters Threat: Hacker Group Claims It Will Expose Premium Users

Pornhub suffers massive data breach: Should the adult website's users be worried? Here’s what we know so far

Privacy on steroids: Phone automatically changes its identifier every 24 hours to prevent tracking

Pro-Russian Hacker Group Claims Breach of Ukrainian Military Data

RJ Enterprise CRM Data Breach Exposes Scam Call Center Records

SASP SNCC Automatisme Solutions Process Hit by Crypto24

ShinyHunters Targets Pornhub in Alarming Data Breach

ShinyHunters' Heist: Data Breach Hits Pornhub's Premium Customers

Sonicwall warns of new SMA1000 zero-day exploited in attacks

South Africa’s National Lotteries Commission (NLC) warns public of fake lottery win notifications

Spartanburg County cyber-attack victims identified

Spiderman Phishing Kit Targets European Banks and Crypto Users

Sports Medicine & Orthopedics Data Breach Exposes Data of 4,000 Patients

State-Level Cyber Espionage Suspected in KT Telecom Breach

Stormont Executive agrees to set aside £119m for PSNI data breach payouts

Suspect pleads guilty to credential stuffing attack on DraftKings

Texas is suing five major TV companies for spying on its users

The Cybersecurity Side of AI Crypto Bots: What Users Need to Know

TikTok and Grindr face complaint over sensitive data sharing

Too many hacks lead to Telegram: security researchers recommend blocking it

Turing & EDU Arena Data Breach Exposes User and Admin Information

UK MPs Consider Bringing VPNs Under Online Safety Act Rules

US Autoparts Maker LKQ Confirms Oracle EBS Breach

WhatsApp device linking abused in account hijacking attacks

Why vulnerability reports stall inside shared hosting companies

16th December

4.3 Billion LinkedIn-Style Records Found in One of the Largest Data Exposures Ever

700Credit data breach exposes 5.8 Million customers’ DOB, SSNs, across 20K US dealerships

700Credit Data Breach Impacts Millions of Car Owners

700,000 Records Compromised in Askul Ransomware Attack

A cyber attack hit PetrĂ³leos de Venezuela (PDVSA) disrupting export operations

Accenture Finds Gen Z Most Prone to Phishing Risks

AgeRight Data Breach Impacts 4,897 Current and Former Patients

AI might be the answer for better phishing resilience

AI Powered Tools Are Driving the Evolution of Ransomware Operations and Service Based Cybercrime

AI Turbocharges Ransomware: How LLMs Fuel Faster, Stealthier Extortion

Amazon disrupts Russian GRU hackers attacking edge network devices

Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure

Amazon Warns Russian GRU Hackers Target Western Firms via Edge Devices

Amazon Web Services (AWS) Blames Russia’s GRU for Years-Long Espionage Campaign Targeting Western Energy Infrastructure

ASEC warns of expanding Gentlemen ransomware campaigns hitting manufacturing and healthcare

Askul confirms theft of 740,000 customer records in October ransomware attack

Australia: Two Queensland clinics named in separate alleged ransomware listings

Beyer Law Group Allegedly Breached by Anubis Ransomware Group

Can a Transparent Piece of Plastic Win the Invisible War on Your Identity?

Cellik Android malware builds malicious versions from Google Play apps

City of Westminster missing public funds after cyber attack, officials say

Compromised IAM Credentials Power a Large Amazon Web Services (AWS) Crypto Mining Campaign

Coupang CEO Resigns As Police Probe Expands Over 33.7 Million-User Data Breach

Coupang CEO Quits After Breach Hits 33.7 Million South Koreans

Critical Vulnerabilities in Connected Car Modems Expose Critical Vehicle Security Risks, Researchers Say

Cyber attack in Sudbury did little damage, Rainbow District School Board says

Cyber Criminals Breach 700Credit Systems, Exposing Data of 5.8 Million

Cyber Incidents at Prosper Marketplace and 700Credit Impact Millions Across the U.S.

Cyberattack disrupts Venezuelan oil giant PDVSA's operations

Cyberattack on member-owned healthcare payer ends in $3.5M settlement

Denial-of-Service and Source Code Exposure in React Server Components

Eagle Stores Data Breach Exposes 300k Customer Records

EU Prepares Wider Data Retention Rules, VPN Providers Could Be Affected

Eurojust-Backed Authorities Dismantle Ukraine-Based Cyber Fraud Call Center Network

European authorities dismantle call center fraud ring in Ukraine

European police busts Ukraine scam call centers

Facebook data breach: How to protect your data

Fake ‘Leonardo DiCaprio’ Torrent Spreads Agent Tesla Malware

Federal government hacker twins’ criminal history overlooked by Opexus

Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass

From Sextortion to Ransomware: The Blackmail Scams Are Taking Over the Internet

Germany accuses Russia on Parliament Cyber Attack and Data Breach of over 5.6 million credit card details

German Parliament Allegedly Hit by Email Outage During US-Ukraine Talks Amid Cyberattack Suspicions

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

Global Gentlemen ransomware intrusions ramp up

Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw

Guernsey: Dental practice breached data law after hacked email sent phishing messages

Hackers exploit newly patched Fortinet auth bypass flaws

Hacking group says it’s extorting Pornhub after stealing users’ viewing data

How Cyber Attacks Can Impact a Business in the United States

How to create a ransomware playbook that works

How to Protect Yourself From Crypto Phishing Emails?

India: 8 Ways the Digital Personal Data Protection (DPDP) Act Will Change How Indian Companies Handle Data in 2026

India Dismantles ‘Phishing SMS Factory’ Infrastructure Sending Lakhs of Fraud Messages Daily

Iran-linked hacker group offers $30,000 bounty for Israel's military info

Is your smart home an easy target? 6 ways experts lock theirs down

Isle of Man: Freight company issue warning over phishing email attack

Jaguar Land Rover Confirms Employee Data Stolen in Crippling August Cyberattack Costing the Company Over $890 Million

Jaguar Land Rover Data Breach Exposes Employee Information After August Cyberattack

JumpCloud Remote Assist Flaw Lets Users Gain Full Control of Company Devices

JumpCloud Windows Agent Flaw Enables Local Privilege Escalation

LastPass Data Breach: The Cost of Weak Cybersecurity, 1.6 Million Users’ Data at Risk

Leaked letter to staff shows extent of Royal Cornwall Hospital data breach

LKQ Corporation Data Breach Exposes 9,070 SSNs

LLM-Driven Automation: A New Catalyst for Ransomware and RaaS Ecosystems

LLMs are Accelerating the Ransomware Operations with Functional Tools and RaaS

LLMs aren’t launching ransomware, but they are optimizing it

Makop Ransomware targets India: What the new attack means and how to stay safe

Makop Ransomware Turning RDP Breaches into Lateral Movement

‘Malicious’ threat targets Pulaski Electric System in ‘cyber attack,’ interrupting customer services

Medical Supply Firm Fieldtex Hit by Data Breach Affecting Hundreds of Thousands

Millions Affected by Massive Credit Report Data Breach

Millions of Car Owners Hit By 700Credit Data Breach

More Than 1.8 Million Affected in Prosper Marketplace Data Security Incident

NAHGA Claims Services Reports Data Breach Affecting Over 180,000 People

Password manager fined after major data breach

Password security firm hit for password security failings

Passwordless is finally happening, and users barely notice

Payroll data stolen in Jaguar Land Rover cyberattack

Phishing Messages and Social Scams Flood Users Ahead of Christmas

Plaintiffs Drop Data Breach Lawsuits Against Dior Over Salesforce Hack

PornHub Breached by ShinyHunters Group and Premium Members’ Data Stolen

PornHub Confirms Premium User Data Exposure Linked to Mixpanel Breach

Pornhub Extorted by ShinyHunters Following Mixpanel Analytics Breach

Pornhub Premium User Data Exposed Allegedly Due to Third-Party Mixpanel Breach, ShinyHunters Extorts the Company

Pornhub Suffers Data Breach in Attack Claimed by ShinyHunters

Pornhub targeted in extortion attempt following Mixpanel breach exposing user activity

RaidForums Dark Web Forum Listed for Sale: Cybercrime Platform Seeks New Ownership

Ransomware attack against Askul hits nearly 740K

Ransomware trends targeting storage systems in 2026

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

Retail sector faces ongoing battle against ransomware

Rhysida Ransomware Targets Japan’s Yokosuka Gakuin

Rogue NuGet Package Poses as Tracer.Fody, Steals Cryptocurrency Wallet Data

Russia’s GRU hackers targeting misconfigured network edge devices in attacks on energy sector, Amazon says

Russian GRU hackers favor misconfigured devices over vulnerabilities

Sapphire Health Data Breach Affects 5,617 Patients

SoundCloud breached, hit by DoS attacks

SoundCloud Confirms Cyberattack, Limited User Data Exposed

SoundCloud Confirms Data Breach - Hackers Exfiltrated User Account Data

SoundCloud confirms data breach - user info stolen, here's what you need to know

SoundCloud Confirms Data Breach After Hackers Exfiltrate User Account Data

SoundCloud Confirms Data Breach and Theft of 20% of User Emails After VPN Access Disruption

SoundCloud confirms it suffered a data breach

SoundCloud Confirms Security Breach and VPN Lockout After User Data Leak

SoundCloud discloses breach affecting millions, warns users about phishing attempts

SoundCloud discloses data breach incident impacting 20% of users

SoundCloud Hit by Cyberattack, Breach Affects 20% of its Users

SoundCloud warns of data breach with ‘limited data’ of a fifth of its users

Texas sues TV makers for taking screenshots of what people watch

The messy data trails of telehealth are becoming a security nightmare

Top 10 Cyber-Attacks of 2025

Urban VPN Proxy Accused of Harvesting AI Chat Conversations

Users alarmed after Pornhub was linked to data breach that affected OpenAI

Venezuela state oil company blames cyberattack on US after tanker seizure

Venezuela’s state oil company hit by cyber attack

Voltras International Data Breach: 30GB Travel Database for Sale

Volunteers launching DDoS attacks rewarded by Cryptocurrency, mostly Bitcoins

When Artificial Intelligence Becomes the Hacker: Legal Risks and Compliance Strategies for Autonomous Cyber Threats

Why We’ll Never Patch Everything, and That’s Okay

15th December

16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records

100GB Database of Kuwait Energy Basra Leaked Online

700Credit Data Breach Exposes 5.6 Million Americans’ SSNs and Personal Info

700Credit data breach exposes millions of personal records

700Credit Data Breach Exposes Names, Addresses, and Social Security Numbers

700Credit Data Breach Impacts 5.8 Million Individuals

700Credit data breach impacts 5.8 million vehicle dealership customers

Afghan Refugees Sue UK Ministry Of Defence Over Data Breach

Almost half of business owners in the floriculture sector are unaware of the consequences of cyber-attack

Apple urges updates as hackers target iPhones

Asahi Cyberattack Forces Shift to Zero-Trust Model, Delays Earnings by Over 50 Days

Asahi to Launch Cybersecurity Overhaul After Crippling Cyber-Attack

Askul confirms theft of 740k customer records in ransomware attack

Beware of DroidLock, an Android Ransomware that Can Take Over Your Phone and Infiltrate Banking Data

BlueCross members in Tennessee urged to act after data breach exposes personal info

BreachForums Reemerges, Admin Apologizes for Honeypot Confusion, Claims the Attack the French Government Announced Impacting Over 16 Million Individuals

Coinbase Phishing Scammer Arrested in New York After Probe

Conduent data breach exposed data of 10.5 million people, including Social Security numbers

Coupang CEO Steps Down After Data Breach Hits 33.7 Million Users

Coupang data breach fuels calls to expand class action lawsuits

Coupang data breach traced to ex-employee with system access

Critical Amazon Kindle Hack Confirmed - What You Need To Know

Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide

Cyber attack on Leroy Merlin

Data breach at 700Credit exposes personal info of 5.8 million Americans

Diaz Gill Medicina Laboratorial S.A. Targeted by RansomHouse Ransomware Attack

DraftKings Hacker Pleads Guilty After Group Stole About $600K

DXS Systems Ransomware Attack by Devman Group (300GB Data Breach)

Europe’s Digital Markets Act (DMA) raises new security worries for mobile ecosystems

Expert MRI Data Breach Exposes PII & PHI

FBI Cautions Alaskans Against Phone Scams Using Fake Arrest Threats

FBI confirms 630,000,000 passwords stolen in major data breach

Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats

Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files

Former Coupang employee linked to data breach exposing 33.7 million customer records

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

French Interior Ministry confirms cyberattack on email servers

FrogBlight Android Banking Trojan Targets Turkish Android Users via Smishing and Fake Government Court File Portals

Gentlemen Ransomware Emerges as a Threat to Corporate Networks

GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware

Google links more Chinese hacking groups to React2Shell attacks

Google Threat Research Uncovers Data Breach in NHS Linked to Oracle Vulnerability

Hackers Steal Personal Data in 700Credit Breach Affecting 5.6 Million

Hackers turn ChatGPT, Grok chat links into malware traps on search engines

Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices

Harbour Town Doctors suffers alleged patient data breach

Healthcare Interactive data breach exposes sensitive information of 87,565 Americans

How AI Can Help Fight the Ransomware Threat

How to Spot a Browser-in-the-Browser Phishing Attack

Inc Ransomware Group Attack Hits City of Signal Hil and Steel Works Inc

Information Commissioner’s Office (ICO) Issues Post Office Public Reprimand Instead of Fine Over Data Breach

Jaguar Land Rover confirms staff data stolen in cyberattack

LastPass fined £1.2M by ICO for comprehensive data breach

Law firm warns of rising cybercrime threats amid festive season celebrations

Madison Healthcare Confirms Data Breach After Ransomware Attack

Major Data Breach at 700Credit Linked to Third-Party API Vulnerability

Manufacturing is becoming a test bed for ransomware shifts

Manufacturing sector turns into a testing ground for ransomware hackers

Marquis Companies Data Breach Exposes SSNs & Medical Info

Massive data breach sees credit card details of over 5.6 million victims leaked - here's what we know

McElroy & Associates (OPEH&W Health Plan) Data Breach Affects 6,633 People

More than 238K hit by Akira-claimed Fieldtex Product hack

Nashua Botswana Data Breach: 21.5GB Sensitive Data for Sale

National Cyber Security Centre (NCSC) Playbook Embeds Cyber Essentials in Supply Chains

Nearly 20 million affected by Prosper, 700Credit data breaches

New Android Malware Mimic as mParivahan and e-Challan Attacking Android Users to Steal Login Credentials

New Gentlemen Ransomware Breaching Corporate Networks to Exfiltrate and Encrypt Sensitive Data

New Gentlemen Ransomware Hits Corporations, Steals Confidential Data Before Locking Systems

New SantaStealer malware steals data from browsers, crypto wallets

New VolkLocker Ransomware Variant Targets Both Linux and Windows Systems

PayPal Subscription Feature Abused in Sophisticated Phishing Campaign

PEAR Ransomware Group Lists Angstrom Automotive and Gordon Clifford

Petco Confirms Data Security Incident Impacting Customer Data

Petco confirms major data breach involving customer data

Phantom Stealer Spread by ISO Phishing Emails Hitting Russian Finance Sector

Pierce County Library System Confirms Data Breach Impacting Over 340,000 People

Pierce County Library System Cyberattack Exposes Data of Over 340,000 People

PlayTicket Data Breach: 210k User and Order Records for Sale

PornHub extorted after hackers steal Premium member activity data

Preparing users for the newest wave of AI-powered phishing

Pro-Russian CyberVolk Ransomware Flawed by Master Key for Free Decryption

Qilin Ransomware Breaches STIC, Hopper, Kier & Wright

Ransomware, Cloud and AI Risks Reshape the Global Cyber Threat

Ransomware victims to top 7,000 by 2026 as cloud risks rise

React vulnerability hits crypto websites with drainers

Researchers see global surge in attacks by new ransomware group “Gentlemen”

Royal Family thrown into chaos after King Charles’ confidential data breach

Russian Phishing Campaign Delivers Phantom Stealer Via ISO Files

Russian spy tracked down using her cat’s microchip number

Sophos finds rise in data theft as encryption declines in manufacturing attacks

SoundCloud confirms breach after member data stolen, VPN access disrupted

Still running Windows 10? Here's why that's a bad idea

Storm-0249 Abusing EDR Process Via Sideloading to Hide Malicious Activity

Storm-0249 Exploits EDR Process Sideloading to Conceal Malicious Behavior

Texas sues 5 smart TV manufacturers over data collection practices

The Budget Effect of a Security Incident

The Citizens Bank Data Breach Exposes Social Security Numbers

'The hunt has begun': Iran-linked hackers put bounties for info on Israeli air defense developers

The Shadow of Ransomware on the Festive E-Shopping Season

ThermoEx Company Limited Data Breach: 170GB of Files for Sale

Third Defendant Pleads Guilty in Fantasy Sports Betting Hack Case

Third DraftKings Hacker Pleads Guilty

Top 25 Most Dangerous Software Weaknesses of 2025 Revealed

U.S. fintech and data services firm 700Credit suffered a data breach impacting at least 5.6 million people

Up to 300 attempts made to access information from Police Service of Northern Ireland (PSNI) data breach

Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)

Venezuela: Cyber attack hits PDVSA systems, oil cargo delays confirmed

Venezuela announces that the state-owned oil company has been subjected to a cyber attack

Venezuela's PDVSA suffers cyberattack, tankers make u-turns amid tensions with US

Venezuelan Regime Accuses U.S. Of Conducting Cyber Attack Against Its State-Run Oil Company: 'Trying To Affect National Stability'

Victory Disability Data Breach Exposes Sensitive Patient Info

Village of Franklin Falls Victim to Cyber Crime

VolkLocker Emerges as a Cross-Platform Ransomware Threat Targeting Linux and Windows

VolkLocker Ransomware Exposed by Hard-Coded Master Key Allowing Free Decryption

What types of compliance should your password manager support?

Widespread credential theft possible with nascent phishing kits

World Leaks Ransomware Hits Thrings Solicitors and Wavenet

Yalidine Express Allegedly Breached: 123 GB of Data Listed for Sale

Posted by at
Labels:

Thursday, 11 December 2025

Ransomware Operator Claims - Week 49 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 1st December and 7th December 2025, kindly assisted by our partners.

DBD discovered and researched 201 Ransomware Victims over 40 Countries and Islands claimed by 33 Data-Leaking Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels:

Monday, 8 December 2025

Data Breaches Digest - Week 50 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th December and 14th December 2025.


14th December

Beware: PayPal subscriptions abused to send fake purchase emails

Conduent Data Breach Costs Soar Past $25 Million, Exposing Millions

Dozens of victims each month - and it’s just the beginning! One email could upend your life

Experts found an unsecured 16TB database containing 4.3 Billion professional records

India: Government confirms Indian airports were hit by cyber attack involving GPS spoofing

Jaguar Land Rover Hit By Major Cyber Attack, Confirms Payroll Data Theft

LastPass Data Breach - 1.6 Million Users Exposed By Security Failure

New ‘DroidLock’ Malware Locks Android Phones and Demands Ransom

Russian hackers access sensitive NHS documents from royal residences including Buckingham Palace and Windsor Castle

Southfield Public Schools warns of phishing email sent to students

Why Cyber Business Interruption Insurance Is a Lifeline for Retailers in Asia

Why resilience is the only long-term answer to ransomware

13th December

7 CISA Security Rules Every Android User Should Know

AI Ransomware 2025: 7 Alarming Trends Reshaping Cybersecurity

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

As Feds Crack Down on Huge Ed Tech Data Breach, Parents and Students Left Out

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Conduent Grapples with Mounting Fallout from Major Data Breach

Coupang Data Breach Mirrors Japan's Line Yahoo Incident

Cove Risk Services Data Breach Affects 49k People Exposing Social Security Numbers

Cyberattacks are making everyday purchases more expensive: report

CyberVolk’s ransomware debut stumbles on cryptography weakness

Cyble Global Cybersecurity Report 2025 reveals 50% rise in ransomware, record cybercrime activity

Fake Microsoft Teams and Google Meet Downloads Spread Oyster Backdoor

Germany accuses Russia of cyber attack, poll interference

Hackers hijack dozens of State.gov websites to push AI Porn

Home Depot Data Breach Risk: Exposed GitHub Token Ignored for Weeks

Massive 700Credit Data Breach Exposes 5.6 Million Americans’ Personal Data

New AI-Powered Phishing Kits Bypass MFA and Steal Credentials at Scale

Once upon an exploit: how fake audiobook led to Kindle takeover

Police Extend Coupang Data Breach Probe to Fifth Day

South Africa’s ransomware reckoning: six trends that demand urgent action

Swift Institute Data Breach Exposes Patient Social Security Numbers

UK’s Information Commissioner’s Office (ICO) Fine LastPass £1.2 Million Over 2022 Security Breach

US Lender Handing Up To $5,100 To Customers After Data Breach Exposes Names, Social Security Numbers and Other Sensitive Material

Wedbush Securities Data Breach Exposes Clients' Social Security Numbers

Why Cyber-attacks Surge During the Holidays: A Look Into Hacker Behavior Patterns

12th December

Advanced Healthcare Professionals Data Breach Impacts 1,800 Texans

Adversary-in-the-Middle (AiTM) Attack Campaign Bypasses MFA and Targets Microsoft 365 and Okta Users

AI Phishing Kits Evolve: Bypassing MFA and Scaling Cyber Threats

AI reshapes cyber threats as experts warn on automation

Apple fixes two zero-day flaws exploited in 'sophisticated' attacks

Ashen Lepus Hacker Group Attacks Eastern Diplomatic Entities With New AshTag Malware

Ashen Lepus Hacker Group Targets Eastern Diplomatic Entities with AshTag Malware Attack

BarNet hit in alleged cyber attack

Benefis patients notified of data breach involving third-party vendor

BlackForce Launches New Phishing Kit Enabling Man-in-the-Browser (MitB) Attacks to Steal Credentials and Bypass MFA

Brazos County: CodeRED sees outage and data breach

Brazos County’s Emergency Alert Notification System Is Dealing With A Data Breach

Canada’s privacy regulator to probe billboards equipped with facial scanning tech

Chinese state hackers attended Cisco cybersec training, researcher claims

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated Known Exploited Vulnerabilities (KEV) Catalog

CISA orders feds to patch actively exploited Geoserver flaw

City of Cambridge Advises Password Reset After Nationwide CodeRED Data Breach

Cleveland County Sheriff's Office hit with ransomware attack, hackers demand bitcoin

ConsentFix Attack Lets Hackers Take Over Microsoft Accounts via Azure CLI

Coupang data breach traced to ex-employee who retained system access

CyberVolk Hackers Group With New VolkLocker Payloads Attacks both Linux and Windows Systems

CyberVolk Hackers Target Linux and Windows with New VolkLocker Payloads

CyberVolk hacktivist gang reemerges with faulty new RaaS platform

CyberVolk Ransomware Flaw Lets Victims Recover Data Without Paying

CyberVolk Reemerges: VolkLocker’s New Features and Flaws

Cyble Reports Surge in Ransomware and Data Breaches in 2025

Cyprus: Oncology data breach under investigation as authorities assess failings

Data Breach: CodeRED emergency notification platform user data stolen, leaked

Data breach at credit check giant 700Credit affects at least 5.6 million

Data breach triggers closure of all Deschutes Public Library locations through the weekend; website also down

Deschutes Public Library shuts down following data breach

DroidLock Ransomware Aims to Take Control of Your Android Device

Eastern Diplomatic Entities Targeted by New AshTag Malware in Ashen Lepus Hacker Group Attack

Fake ‘One Battle After Another’ torrent hides malware in subtitles

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Federal Trade Commission (FTC), State AGs Crack Down on Ed Tech Company After Massive Student Data Breach

Feds charge former Accenture employee for misleading them on cloud security

Fieldtex Data Breach Impacts 238,000

Financial sector hit hard by breaches but ransomware seeks targets elsewhere

Flaw in photo booth maker’s website exposes customers’ pictures

Former Cloud Platform Manager Charged for Concealing Noncompliance to Secure Army Sponsorship, Raising Federal Security Risks

French interior ministry email servers hit by cyber attack

French Interior Ministry hit by cyber attack

French Interior Ministry's e-mail servers hit by cyber attack

Germany accuses Russia of 2024 cyber-attack and disinformation

Germany Accuses Russia of Air Traffic Control Cyber-attack

Germany Accuses Russia Of Cyber-Attack On Air Traffic Control And Election Interference

Germany summons Russian ambassador over cyberattack, election disinformation

Global cyberattacks rise as GenAI introduces new data exposure risks

Guernsey: Dental practice sanctioned for phishing attack breach

“Hacktivist” CyberVolk using Telegram-based bots for ransomware campaigns (with a few glitches)

Hamas-affiliated APT targeting government agencies in the Middle East, Morocco

Heart of Texas Behavioral Health Network Data Breach

Henry Ford Health Notifies 2,000 Patients About Insider Data Breach

Hired to Hack: Protecting Your Business from Remote Recruitment Scams

Home Depot exposed access to internal systems for a year, says researcher

How a game of cat and mouse with a hacker exposed a TransUnion security flaw that left consumers vulnerable to identity theft

How Long Does It Take to Detect a Cyber Attack?

India emerges as APAC’s ransomware ground zero as Qilin leads a new wave of cyber assaults

Information Commissioner’s Office (ICO) Fines LastPass £1.2m After 2022 Breach

Iroquois Memorial Hospital Targeted in Alleged Pear Ransomware Attack

IRS.GOV: alleged data breach affects the accounts of 18 million citizens

Kazu Ransomware Hits UK CT Dent and Leadway Assurance

Kenyan court halts 1.6-billion-USD health deal with U.S. amid data breach fears

LastPass Data Breach - Insufficient Security Exposed 1.6 Million Users

LastPass hit with 1.2 million fine after 2022 data breach

LastPass hit with Information Commissioner's Office (ICO) fine after 2022 data breach exposed 1.6 million users – here’s how the incident unfolded

Legal IT provider listed on ransomware group’s dark web site

LLM privacy policies keep getting longer, denser, and nearly impossible to decode

Microsoft 365 Okta Phishing Attack: Experts Warn of New Threat

Mikord Data Breach: Claims of Russia’s Military Draft Systems Hack Shared via ‘Idite Lesom’

MITRE shares 2025's top 25 most dangerous software weaknesses

Montana: Benefis patients notified of data breach involving third-party vendor

More Than 2,300 Consumers Signal Intent to Join U.S. Class Action Against Coupang After Major Data Breach

More than 340,000 impacted by cyberattack on library in large Washington county

National Cyber Security Centre (NCSC) Plugs Gap in Cyber-Deception Guidance

Nearly 5.6 million people hit by massive data breach at credit check company - what you need to know

NetPlay GO Data Breach Exposes 595k User Records Including Tax IDs

New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale

New Adversary-in-the-Middle (AiTM) Attack Campaign That Bypasses MFA Targeting Microsoft 365 and Okta Users

New Android Malware Locks Device Screens and Demands a Ransom

New BlackForce Phishing Kit Lets Attackers Steal Credentials Using Man-in-the-Browser (MitB) Attacks and Bypass MFA

New ConsentFix Attack Let Attackers Hijack Microsoft Accounts by Leveraging Azure CLI

New PyStoreRAT Malware Targets OSINT Researchers Through GitHub

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

New Research Explores the Fate of Data Stolen During Phishing Attacks and Its Consequences

New Windows RasMan zero-day flaw gets free, unofficial patches

Nium, Inc. Data Breach Exposes Social Security Numbers

Notifications Issued About MedStar Health Data Breach

Notorious Russian cybercriminals return with new ransomware

Password Manager LastPass Penalized £1.2m by Information Commissioner’s Office (ICO) for Security Failures

Qilin Ransomware Hits Nepes, Spitzer Auto Group & Others

Queensland healthcare centre Hyperdome suffers alleged cyber attack

Rain Bird Data Breach Exposes Financial Info of 24,862 Customers

Ransomware keeps widening its reach

React, Next.js disclose follow-up vulnerabilities, again urge users to patch immediately

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

React2Shell Now Used for Persistent Server Compromise

Rockrose Data Breach Exposes SSNs & Financial Info of Employees and Residents

Rolladen Planet Data Breach Exposes 496,000 Customer Records

Russia’s Digital Military Draft System Hit by Cyberattack, Source Code Leaked

Rust-Based 01flip Ransomware Hits Windows and Linux

Scams Are Reshaping Consumer Trust - And Their Financial Behaviors

Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work

South Africa’s ransomware reckoning: six trends that demand urgent action

South Korea: Personal Data Breach Companies to Face Punitive Fines of 10% of Revenue

South Korean Police Raid Coupang Over Data Breach as CEO Resigns

Space Bears Ransomware Hits Right Power Technology

Streisand effect: Businesses that pay ransomware gangs are more likely to hit the headlines

Tabsyst Data Breach Exposes 53k User Records and Banking Details

UK Parliamentarians hit by Spear Phishing Attacks

Uneven regulatory demands expose gaps in mobile security

Virginia Urology Silent on Possible Data Breach as Purported Patient Data Begins to Leak

Was Your Info Leaked in Petco's Data Breach? Here's How to Find Out

Weaponized AI risk is 'high,' warns OpenAI - here's the plan to stop it

What 35 years of privacy law say about the state of data protection

Wilmington Community Clinic Data Breach Exposes PII & PHI

11th December

5 Cybersecurity Predictions for 2026: An Industry Insider’s Analysis

A.S.A.P. Restoration Corp. Hit by DragonForce Ransomware Attack

AI data leaks fuel surge in global cyber attacks

AI prompt injection attacks are inevitable, but we can mitigate the risks

Algerian authorities break up phishing ring accused of 140,000 cyberattacks

Amazon Scams Surge as Holiday Shoppers Face Wave of Phishing Texts and Fake Refund Notices

Android users at risk of DroidLock ransomware that threatens to 'permanently destroy' files

Android warning as new 'ransomware' attack locks phones and threatens to 'delete' files

Android warning issued as fake apps spread DroidLock ransomware demanding payment

Attackers Worldwide are Zeroing In on React2Shell Vulnerability

Bank of Cyprus Oncology Centre confirms patient and staff data breach

Bell Lifestyle Products Hit by Akira Ransomware

British hacker who swindled £2 million in crypto from US businessman to buy his mother a diamond necklace is jailed

CastleLoader Malware Now Uses Python Loader to Bypass Security

CEO of South Korean e-commerce platform resigns over massive data breach

Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw

Conduent cyberattack: 10.5 million hit in 8th largest healthcare data breach in US - what affected people can do

Conduent data breach exposes 10.5 million people

Coupang CEO resigns after data breach furore

Coupang CEO Resigns Following Major Data Breach Exposing 34 Million Customers

Coupang CEO steps down following nearly 34 million-user data breach

Courier Services Company Data Breach Exposes Customer Info

“Cyber Tax” Warning as Two-Fifths of SMBs Raise Prices After Breach

Cyberattacks force small firms to raise prices

Cyble Global Cybersecurity Report 2025: 6,000 Ransomware Attacks Mark a 50% Surge

Cyprus: Cancer centre data breach sparks urgent security concerns

DeadLock Ransomware Exploits Baidu Antivirus Vulnerability for EDR Bypass

DroidLock: Malware Build for Extortion, Device Takeover, and Insider Risk in Spain

DroidLock malware locks you out of your Android device and demands ransom

Ex-Chinese employee named suspect in Coupang data breach as chairman resigns

Federal agencies now only have one more day to patch React2Shell bug

Fortinet, Ivanti, SAP release urgent patches for critical security vulnerabilities

Free spy tool can track 3 billion WhatsApp users, drain batteries and data limits

Global cyberattacks surge in November 2025 as ransomware and GenAI risks spike

GOLD SALEM tradecraft for deploying Warlock ransomware

Google fixes eighth Chrome zero-day exploited in attacks in 2025

Google Fixes GeminiJack Zero-Click Flaw in Gemini Enterprise

Google Releases Critical Chrome Security Update to Address Three Zero-Days

Google rushes Chrome updates after new vulnerability found exploited in wild

Got an Amazon Refund Text? It’s Likely a Scam - Here’s What You Need to Know

Hackers distribute thousands of phishing attacks through Mimecast's secure-link feature

Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks

Hackers exploit unpatched Gogs zero-day to breach 700 servers

Hackers reportedly breach developer involved with Russia’s military draft database

Harbour Town Doctors Data Breach: Rhysida Ransomware Attack

How data-theft ransomware is disrupting fleet operations and customer trust

How do LLMs help cybercriminals create personalized phishing messages?

Human-linked cyber incidents surge as AI use grows

India: Central Bureau of Investigation (CBI) Files Charges Against 13 in Digital Arrest Fraud Case Linked to Myanmar Cyber Slave Compounds

India: Phishing scam targets Bengalureans as traffic fine rebate ends

India Becomes Top Target in APAC for Ransomware Attacks as Qilin Leads Regional Threat Activity

Information Commissioners Office (ICO) Fines LastPass UK £1.2M For 2022 Data Breach

Information Commissioners Office (ICO) levies £1.2 million fine against LastPass - data breach compromised info on 1.6 million users

Intecro Robotics Data Breach: 11.5 GB of Defense Blueprints and CAD Files Leaked

Irish Health Service offers compensation for 2021 Conti ransomware attack

Korea to expand cardholder payback for phishing losses

LLM vulnerability patching skills remain limited

MAG Aerospace Confirms Data Breach Impacting Over 4,000 Employees

Makop Ransomware Attacks on Indian Businesses: GuLoader Delivery and Privilege Escalation

Malicious Visual Studio Code Extensions Hide Trojan in Fake PNG Files

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

Malware Discovered in 19 Visual Studio Code Extensions

Massive phishing scheme fueled by Mimecast link exploitation

Meet ConsentFix, a new twist on the ClickFix phishing attack

Michigan Attorney General Dana Nessell Advises Vigilance After 700Credit LLC Data Breach Impacts 6 Million Nationwide

Microsoft urges users to change passwords, as the Dune-inspired worm hits again

Midnight Ransomware Surge 2025: Stellar Experts Urge CIOs & CISOs to Strengthen Defences

Millcreek Pediatrics reports data breach affecting more than 14,000 individuals

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Nevada ransomware attack offers lessons in statewide cyber resilience

New 01Flip Ransomware Targets Both Windows and Linux Systems

New 24-Hour Warning For Android Users—‘Your Files Will Be Permanently Destroyed’

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

New ‘DroidLock’ Android Malware Locks Users Out, Spies via Front Camera

New 'DroidLock' malware demands a ransom, locks user out of device

New DroidLock Malware Locks Android Devices and Demands Ransom Payment

New Multi-Platform 01flip Ransomware Supports Multi-platform Architecture, Including Windows and Linux

New ransomware locks Android devices and can also erase data – how to avoid this malware

New “Spiderman” Phishing Kit Lets Hackers Build Fake Bank Login Pages Instantly

New Spiderman phishing kit lets hackers instantly spoof banking sites to steal passwords and take over accounts - how to stay safe

Newly identified ransomware can execute total takeover of compromised devices

Notepad++ fixes flaw that let attackers push malicious update files

OpenAI Enhances Defensive Models to Mitigate Cyber-Threats

OpenAI Flags Rising Cyber Risks as AI Capabilities Advance

OpenAI warns its next-gen AI models could become hacker tools

Password manager provider fined £1.2m by Information Commissioner's Office (ICO) for data breach affecting up to 1.6 million people in the UK

Pierce County Library Data Breach Impacts 340,000

Ransomware surge intensifies across industrial sectors, with manufacturing accounting for 72% of Q3 cases

Report Surfaces Multiple Novel Social Engineering Tactics and Techniques

Russian hackers debut simple ransomware service, but store keys in plain text

Scam-Busting Financial Conduct Authority (FCA) Firm Checker Tool Given Cautious Welcome

Scammers Sent 40,000 E-Signature Phishing Emails to 6,000 Firms in Just 2 Weeks

Security flaws in Freedom Chat app exposed users’ phone numbers and PINs

Service Provider Breach Hits Vitas Hospice, Nearly 320,000 Individuals Affected

Shanya Emerges As Top EDR-Killing Tool For Ransomware Gangs

Sinobi Ransomware Hits Seward County and Erie Molded Plastics

Spiderman, Spiderman - Does Whatever A Hacker Can

The Most Dangerous 6 Weeks of the Year

The rise of email attacks: why cyber insurance matters

The Shady Emails Keep Coming. It's Time to Fight Back Against Spear Phishing

Think That Party Invite Is Real? Fake E-Vite Scams Are the New Phishing Trap

Top crypto execs targeted in China's WeChat account hacks

UK fines LastPass £1.2 million for data breach affecting 1.6 million people

UK fines LastPass £1.2 million over 2022 data breach impacting 1.6 million users

UK fines LastPass over 2022 data breach impacting 1.6 million users

UK Information Commissioner's Office (ICO) Fines LastPass Over 2022 Data Breach

UK MPs face rise in phishing attacks on messaging apps

Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks

Wabasha County Reports User Data Exposed in Alert System Cyber Attack

Wadena County among multiple law enforcement agencies to decommission CodeRed after cyber attack

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

10th December

4 Billion+ records, including numerous LinkedIn profiles, exposed in one of the largest lead-generation datasets ever found open

Aeroflot hack explained: report says infrastructure was nearly destroyed

Alert Long Beach emergency notification system taken offline after data breach

ASUS Hacked: Everest Ransomware Group Claims Data Breach

Attackers exploit React2Shell vulnerability to target home CCTV, smart plugs, and TVs

Australian organisations the most targeted by ransomware in 2025

Barts Health Confirms Major Data Breach After Clop Exploits Oracle Zero-Day

Bring Your Own Vulnerable Driver (BYOVD) enhances DeadLock ransomware’s stealth

British government sanctions Russian and Chinese groups over information warfare

BroadBand Tower Breach Exposes Customer Data and Source Code

CEO of South Korean online retailer Coupang resigns over data breach

CEO of South Korean retail giant Coupang resigns after massive data breach

Cheap devices from China may come with hidden sensors and hacking tools

ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

Coolmod Allegedly Breached Exposing Support Ticket Database

Coupang CEO Replaced After Data Breach; U.S. Executive Takes Over

Coupang CEO Resigns After Massive Data Breach Exposes Millions of Users

Coupang CEO resigns after online retailer hit by massive data breach

Coupang CEO resigns amidst massive data breach exposing 33.7 million South Koreans

Coupang CEO resigns in wake of major data leak; CAO named interim chief

Coupang CEO resigns over historic South Korean data breach

Coupang CEO Steps Down 11 Days after Data Breach

Coupang Founder to be Summoned Over Data Breach

Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSS

Cyberattacks force small firms to raise prices

Cybercriminals Hijack Trust in Itch.io and Patreon with Bogus Game Updates Delivering Lumma Stealer

Data breach at Royal Cornwall Hospitals NHS Trust

DeadLock Ransomware Uses New BYOVD Loader Exploiting Driver Vulnerability to Disable EDR

Department of Justice (DOJ) Announces Actions Against Alleged Key Member of Russian Cybercriminal Groups NoName057(16) and CARR (Z-Pentest)

Department of Justice (DOJ), CISA warn of Russia-linked attacks targeting meat processing plants, nuclear regulatory entities and other critical infrastructure

Emerging DeadLock Ransomware Variant Employs BYOVD to Bypass EDR

Fears are growing that Chinese-made electronics could leave the US in the dark during a cyber attack

Flock cameras remained active in two cities where officials had asked for them to be turned off

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Four years later, Irish health service offers €750 to victims of ransomware attack

Gartner urges businesses to 'block all AI browsers' - what's behind the dire warning

Gemini Zero-Click Vulnerability Allowed Attackers to Access Gmail, Calendar, and Docs

GhostFrame iframe phishing kit powers 1 million attacks

GhostFrame phishing kit fuels widespread attacks against millions

Google ads for shared ChatGPT, Grok guides push macOS infostealer malware

Google fixes GeminiJack zero-click exposing corporate Gmail, Calendar invites, shared Docs

Google Fixes Zero Click Gemini Enterprise Flaw That Exposed Corporate Data

Hackers abuse Mimecast links to push out 40,000 fake SharePoint and DocuSign emails

Healthcare’s Data Breach Victory Lap Gets Crashed by Quantum Computing

How ransomware crime is evolving into a smart business crime

Hyper Me Data Breach: 140k Customer Records Leaked

Hypervisor-targeted ransomware incidents surge

IFLUSAC Data Breach: 22GB of Project Files and Payroll Leaked

Inbox full of promo emails? 80% are tracking you, new report warns

Infoblox Uncovers MFA-Bypassing “Evilginx” Phishing Operation Targeting U.S. Universities

Inotiv Confirms Data Breach Exposing Sensitive Employee Information

Investigators raid Coupanq HQ following data breach affecting 34 million

Ireland: €750 Payout Proposed for 90,000 Victims as Health Service Executive (HSE) Acknowledges Cyberattack Damage

Ireland: Health Service Executive (HSE) confirms second ransomware attack but 'no evidence' patient data was stolen

Japanese Firms Suffer Long Tail of Ransomware Damage

Lawmaker calls facial recognition on doorbell cameras a ‘privacy nightmare’

LLMs are everywhere in your stack and every layer brings new risk

LockBit Reborn: Inside the Group’s Post-Takedown Evolution

Log4Shell Downloaded 40 Million Times in 2025

Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025

Microsoft Issues Defense Blueprint for Organizations Targeted by Shai-Hulud 2.0 Supply-Chain Attacks

Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days

Microsoft Outlook Vulnerability Lets Attackers Execute Malicious Code Remotely

Mobile Users Less Likely to Fall for Phishing Scams

myQNAPcloud Internal Access Allegedly For Sale on Dark Web

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

New DroidLock malware locks Android devices and demands a ransom

New malware on Microsoft Marketplace steals passwords and screenshots of desktops

New Portuguese Law Shields Ethical Hackers from Prosecution

New Semperis Ransomware Risk Report reveals common patterns that cybercriminals exploit

New Spiderman phishing service targets dozens of European banks

North Korean Hackers Deploy EtherRAT Malware in React2Shell Exploits

Notepad++ releases emergency patch as hackers exploit updater to deploy malware

Online trading broker ThinkMarkets suffers alleged data breach

Over 10,000 Docker Hub images found leaking credentials, auth keys

Petco takes down Vetco website after exposing customers’ personal information

Police Conduct Second Coupang Raid in Mass Data Breach Probe

Police Continue Raid at Coupang's Seoul Headquarters over Data Breach for 2nd Day

Police raid Coupang headquarters for 2nd day over massive data breach

Phishing report highlights rise of AI and legitimate platform hijacking

Pro-Russia Hackers Target US Critical Infrastructure in New Wave

Ransomware attacks on Hypervisors increase by 700 percent

Ransomware Attacks Rise 50% In 2025; Microsoft, Apple, Oracle Among Affected Tech Vendors

Ransomware Victim Warning: The Streisand Effect May Apply

React2Shell Exploitation Delivers Crypto Miners and New Malware Across Multiple Sectors

Reporters Without Borders (RSF) Cyberattack Linked to Russian FSB Foiled by Staff Vigilance

Rewardy Data Breach: 2.2 Million User Records Allegedly Stolen

Rise in Device-Driven Cybercrime and Expanding Ransomware Threats Put India on Alert

Russia’s flagship airline hacked through little-known tech vendor

Russian State-Supported Hacktivist Groups Targeted in Dual Department of Justice (DOJ) Indictments

Senators return to effort to boost cybersecurity for commercial satellite industry

Seoul Police Raid Coupang Headquarters in Data Breach Probe

Services Australia may get powers to rein in data breach exposure

Should Organizations Block AI Browsers?

Spiderman Phishing Kit Lets Attackers Clone European Banks in Seconds

Spiderman phishing kit targets European banks

Sticker Japan Data Breach: 110,000 User Records Allegedly for Sale

Storm-0249 Abuses EDR Processes in Stealthy Attacks

Teen who allegedly stole millions of personal data records arrested in Spain

Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling

Toppersexam Data Breach Exposes 1.9 Million User Records

Torrent for DiCaprio’s “One Battle After Another” Movie Drops Agent Tesla

Trump prioritizing trade with China over cyber war, Salt Typhoon goes unpunished

Ukrainian faces 27 years in prison in the US for involvement in Russian cyberattacks on American critical infrastructure

Ukrainian hacker charged with helping Russian hacktivist groups

Ukrainian Woman in US Custody for Aiding Russian NoName057 Hacker Group

Updated Makop ransomware emerges

US extradites member of Russian hacktivist group involved in critical infrastructure attacks

US indicts hacker involved in cyberattacks on critical infrastructure

VITAS Healthcare Breach Exposes 319K Patient Records

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

Why a secure software development life cycle is critical for manufacturers

Windows Defender Firewall Service Vulnerability Lets Attackers Disclose Sensitive Data

9th December

3 Ukrainian Hackers Arrested in Warsaw Amid Heightened Security Alert on Charges of National Defense Threats

40,000 Phishing Emails Disguised as SharePoint and and e-Signing Services: A New Wave of Finance-Themed Scams

AI-driven threats are heading straight for the factory floor

Akira Group Exploits Vulnerabilities, Triggering Surge in Ransomware Attacks on Hyper-V and VMware ESXi

Akira Group Targets Hyper-V and VMware ESXi with Ransomware Exploiting Vulnerabilities

Algerian Hacker Launches 140,000 Cyber Attacks Using Only a Laptop

Apache Tika Vulnerability Widens Across Multiple Modules, Severity Now 10.0

Australia experienced highest ransomware rate globally, second highest in ransom payments

Australia leads world in costly, rising ransomware toll

Badr Airlines Allegedly Breached: 2.2 GB of Confidential Flight & Security Manuals Leaked

California man pleads guilty to Racketeer Influenced and Corrupt Organizations Act (RICO) charges as Department of Justice (DOJ) indicts crypto theft gang

ChatGPT flags crypto romance scam after widow loses $1 Million

Check Point links US cyberattacks to global crises in new clash warning

CNHI Data Breach Exposes SSNs & Financial Info

Coinbase Cartel Targets Multiple UAE Real Estate Firms and Acu Trans Solutions

Coupang Faces U.S. Punitive Damages Lawsuit Over Data Breach

Coupang founder to be summoned over data breach

Coupang to face class action suit in U.S. over data breach

Cursor vulnerable to “catastrophic budget drain:” vibe coder finds a way to spend $1 million

Cyber Talent Shortage Pushes EU Firms Toward Tech and Outsourced Security

Cyberattack on Freedom Mobile Compromises Personal Data of Thousands

Cyberattack on Reporters Without Borders Linked to Russian Security Services

Cybersecurity ‘incident’ leads to potential data breach for Tigard CodeRED subscribers

DeadLock Ransomware Uses Bring Your Own Vulnerable Driver (BYOVD) to Evade Security Measures

DragonForce Ransomware Hits VoiceTeam Call and City of La Vergne

Energy Operations: Managing Password Security and Continuity

Exploitation Efforts Against Critical React2Shell Flaw Accelerate

FinCEN data shows $4.5B in ransomware payments, record spike in 2023

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure

GOLD BLADE Exploiting Custom QWCrypt Locker for Data Exfiltration and Ransomware Deployment

GOLD BLADE Using Custom QWCrypt Locker that Allows Data Exfiltration and Ransomware Deployment

GrayBravo Expands CastleLoader Malware Operations with Distinct Activity Clusters, Impersonates ‘Booking.com’ and ‘DAT Freight’

Hackers say Volkswagen dealership’s client list is now for sale

Hackers switch tactics as manufacturers tighten defences

Hypervisors Become “Force Multiplier” for Ransomware Operators

Indirect Malicious Prompt Technique Targets Google Gemini Enterprise

Infostealers on the rise: time to take action, Australia recommends

Iran has attacked every Israeli citizen multiple times

Ireland: Health Service Executive (HSE) begins offering €750 compensation to victims of cyberattack

Ivanti warns of critical Endpoint Manager code execution flaw

Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware

Major Data Exposure at Marquis Ripples Across U.S. Financial Institutions

Major Ransomware Attack Cripples Hospital Systems Across Four States

Makop Ransomware Exploits RDP Systems with AV Killer and Other Exploits

Makop Ransomware Targets RDP Systems Using AV Killer and Additional Exploits

Malicious VS Code Extensions Deploy Advanced Infostealer

Manufacturing fares better against ransomware - with room for improvement

Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws

Millcreek Pediatrics Data Breach Affects 14,095 Patients

NCSC Warns Prompt Injection Could Become the Next Major AI Security Crisis

New AI-Native Threat: Vulnerability in Google Gemini Enterprise and Vertex AI Search Allowed Stealing Gmail, Docs, and Calendar Data

New Bring Your Own Vulnerable Driver (BYOVD) loader behind DeadLock ransomware attack

New image signature can survive cropping, stop deepfakes from hijacking trust

New GeminiJack 0-Click Flaw in Gemini AI Exposed Users to Data Leaks

New ‘Spiderman’ phishing kit targets European bank customers

Non-mobile IT threats evolve into industrial-scale attacks in Q3 2025

North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

Outsmart risk: A 5-point plan to survive a data

Over 300,000 Individuals Impacted by Vitas Hospice Data Breach

Packer-as-a-Service Shanya Hides Ransomware, Kills EDR

Patient and staff data stolen in Barts Health cyber attack

Petco data breach - SSNs, credit card info and drivers' licenses exposed

Petco Data Breach Exposes Customer Data, Including SSNs, Credit Card Info

Petco Data Breach Exposes Customer Social Security Numbers

Pharmaceutical Firm Inotiv Discloses Ransomware Attack and Data Breach

Phishing attack targets 18 US universities, bypassing MFA

Phishing-resistant authentication is taking off

Pixel tracking can significantly increase data breach risk on hospital websites

Police Dismantle EUR 700 Million Crypto Scam That Used Deepfakes

Police raid Coupang HQ amid 34 million account data breach

Police raid Coupang over massive data breach

Police raid Coupang to seize evidence related to major data breach

Police raid e-commerce giant Coupang's Seoul offices in data breach probe

Ransomware Attack at Fintech Software Solutions Firm Marquis Impacts Dozens of Banks and Credit Unions

Ransomware Attacks Decline in 2024, But Threat Remains High with $734 Million in Ransom Paid

Ransomware Attacks on Healthcare Organizations Spike During Holidays, Weekends

Ransomware increasingly targeting hypervisors

Ransomware Initial Access Broker (IAB) abuses EDR for stealthy malware execution

Ransomware Targeting Hyper-V and VMware ESXi Surges as Akira Group Exploits System Vulnerabilities

React2Shell Exploit Campaigns Tied to North Korean Cyber Intrusion Tactics

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Researchers spot 700 percent increase in hypervisor ransomware attacks

Rise in Extortion Attacks Targeting Manufacturers

Royal Cornwall Hospital staff's sick days exposed in data leak

Russian Calisto Hackers Launch ClickFix Attack on French NGO Reporters

Russian Hackers Target French NGO Reporters with ClickFix Attack Technique

Safepay Ransomware Group Breaches US Engineering Firm Chemstress

SAP fixes three critical vulnerabilities across multiple products

Scammers are poisoning AI search results to steer you straight into their traps

Seoul cyber investigators seize data, devices from ‘South Korea’s Amazon’ following data breach

SimpleX Chat X Account Hacked, Fake Site Promotes Crypto Wallet Scam

Sophos finds that manufacturing faces growing ransomware threat due to security gaps, lack of expertise

Sophos’s State of Ransomware in Healthcare 2025 report reveals 58% of providers recover within a week

South Korea police raid Coupang HQ over historic data breach

South Korea's Data Breach Compensation: Calls to Match EU, U.S. Levels

South Korea’s largest online retailer apologises for data breach

Space Bears ransomware claims Comcast data breach via contractor Quasar Inc

Spain: A young man has been arrested in Igualada for stealing and selling 64 million personal data records online

Spain arrests teen who stole 64 million personal data records

Spiderman Phishing Kit Targets European Banks with Real-Time Credential Theft

SpyCloud data shows 400% surge in corporate phishing

STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware

Storm-0249 Escalates Ransomware Attacks with ClickFix, Fileless PowerShell, and DLL Sideloading

Surge In Cyberattacks Across Various Sectors In South Africa

Taiwan blocks RedNote over fraud risks, as downloads surge through VPNs, despite ban

The Rise of Phishing Scams Targeting Streamers and Gamers

This new phishing trick fools even careful users - but staying safe is shockingly simple

Three Ukrainian Nationals Detained in Warsaw with Hacking and Spy Equipment

Trial begins for 46 suspects accused of involvement in online scams in Cambodia

UK National Cyber Security Centre (NCSC) Raises Alarms Over Prompt Injection Attacks

US Treasury offers cautious optimism as ransomware payments decline

Volkswagen Mandi Data Breach Exposes 2.5 Million User Records

What is Ransomware-as-a-Service (RaaS)? How Cybercrime Became a Business Model

8th December

58% of healthcare providers now recover within a week amid declining ransom payments across the sector

AI drives cybercrime to execute ransomware in minutes

AI Hackers Spark 4,151% Phishing Surge

AI-powered social engineering to more dangerous ransomware: Key cybersecurity threats to businesses in 2026

Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features

Apple and Google Alert Users Worldwide After New Spyware Activity Surfaces

Barts Health Confirms Cl0p Ransomware Behind Data Breach Linked to Oracle Vulnerability

Barts Health Seeks High Court Ban After Oracle EBS Breach

Beware of crypto wallet-draining 'support channels' on Telegram

Cadman Power Equipment Targeted by Securotrop Ransomware Group

Can employees sue victimized companies over data breach

ChrimeraWire Trojan Fakes Chrome Activity to Manipulate Search Rankings

CISA Releases New AI-in-OT Security Guidance: Key Principles & Risks

CISOs are spending big and still losing ground

ClayRat Android Spyware Expands Capabilities

Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity Vulnerability in React2Shell

Compromised Next.js devices weaponized by attackers: thousands remain vulnerable

Coupang issues revised notice citing 'data breach,' says no signs of secondary damage

Coupang Sees Sharp User Decline Following Massive Data Breach

Coupang updates notice after data breach affecting 33.7 million users

Coupang Users Decline 1.81 Million Amid Data Breach Concerns

Coupang's 1 Billion Won Insurance Falls Short After 33.7 Million Data Breach

Coupang’s US HQ faces class-action lawsuit over data breach

CRRC MA America Data Breach Exposes Critical Transit Schematics

Cybersecurity in 2026: The 10 Biggest Digital Threats on the Horizon

Czech Republic: TAJMAC-ZPS Allegedly Breached

Data breach hits MAG Aerospace employees

Employee of Washington Post takes legal path over Oracle EBS Data Breach

Ex-Employee Sues Washington Post Over Oracle EBS-Related Data Breach

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Fake police investigation email circulating across Israel

FinCEN says ransomware gangs extorted over $2.1B from 2022 to 2024

Former Washington Post worker files class action lawsuit over data breach affecting nearly 10,000 people

GhostFrame: New Stealth Phishing Kit Targeting Millions Worldwide

Google Confirms Rising ‘Account Takeovers’ - Users Told to Check Chrome Settings

Google, Apple Warn of State-Linked Surveillance Threats

Harvard hit by new breach after phone phishing attack

HESCO Foodservice Targeted in DragonForce Ransomware Attack

INC Ransom Claims Attack on Major Automotive Supplier Yazaki Group, Potentially Impacting BMW, Nissan

India: Central government research facility in Pune targeted in whale phishing attempt, probe on

India: Government confirms Indian airports were hit by cyber attack involving GPS spoofing

India: Income Tax Department warns citizens against fake e-PAN phishing emails

Invisible IT is becoming the next workplace priority

Ireland: Suspended sentence for student who took part in phishing scam

Is ransomware finally on the decline? Treasury data offers cautious hope

K3G Solutions LTDA Data Breach Exposes 192GB of Internal Files

Law firm to sue Coupang in both Korea, U.S. over data breach

LockBit 5.0 Infrastructure Details Exposed by Researchers in Major Security Failure, Including a Key IP Address and Domain

Makop ransomware: GuLoader and privilege escalation in attacks against Indian businesses

Malicious Document Reader App in Google Play With 50K Downloads Installs Anatsa Malware

Malicious VSCode extensions on Microsoft's registry drop infostealers

Manufacturing Blocks More Ransomware As Attackers Pivot To Data Theft

Marquis Software Breach Affects Over 780,000 Nationwide

Massive Ukrainian Data Breach Sparks Fears of Russian Penetration Into Drone Industry

Meritz Fire & Marine faces US$682m exposure to Coupang data breach

Meta proposal for less data sharing is approved by European Commission

More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years

MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign

New GhostFrame Super Stealthy Phishing Kit Attacks Millions of Users Worldwide

New JS#SMUGGLER Campaign Drops NetSupport RAT Through Infected Sites

New Splunk Windows Flaw Enables Privilege Escalation Attacks

NVIDIA research shows how agentic AI fails under attack

OceanLotus Hacker Group Targeting Xinchuang IT Ecosystems to Launch Supply Chain Attacks

OpenAI API User Data Exposed in Third-Party Mixpanel Breach

Oracle EBS zero-day used by Clop to breach Barts Health NHS

Over 70 Domains Used in Months-Long Phishing Spree Against US Universities

Patient and staff data impacted by Cl0p ransomware attack on Barts Health NHS

Petco data breach exposes customer information

Petco Data Breach Exposes SSNs, Driver's Licenses in Major Leak

Petco’s security lapse affected customers’ SSNs, drivers’ licenses and more

Pharma Firm Inotiv Confirms Data Breach Following Ransomware Attack

Phishing Campaign Uses Split QR Codes to Evade Filters

Physicians to Children Data Breach Affects 9,536 Patients

Poland arrests Ukrainians utilizing 'advanced' hacking equipment

Police confirm identity of Chinese mastermind behind Korea Telecom (KT) payment breach

Portugal Revises Cybercrime Law to Protect Security Researchers

Qilin Ransomware Breaches AMH Philippines, David M. Schwarz, Sanko

Ransomware Gangs Deploy “Shanya” to Cripple EDR Defenses Before Strikes

Ransomware gangs turn to Shanya EXE packer to hide EDR killers

Ransomware Payments Fell After Law Enforcement Actions, But Still High

Ransomware Payments Jump 77% in Latest FinCEN Report

Ransomware payments surge past $2.1 Billion, says FinCEN

Ransomware Payments Surpassed $4.5 Billion

Ransomware peaked in 2023 prior to law enforcement actions

React2Shell Under Active Exploitation by China-Nexus Hackers

Researchers track dozens of organizations affected by React2Shell compromises tied to China’s Ministry of State Security (MSS)

Russian hackers claim looting of secret big tech hardware designs

Russian police bust bank-account hacking gang that used NFCGate-based malware

Securing AI for Cyber Resilience: Building Trustworthy and Secure AI Systems

Shanya crypter emerges as new threat in ransomware toolkits

Shanya EDR Killer: The New Favorite Tool for Ransomware Operators

Shanya EDR Killer Leveraged by Hackers to Clear the Way for Ransomware Infection

Shanya Packer-as-a-Service (VX Crypt) Fuels Modern Akira, Qilin, Medusa Ransomware Cyberattacks

Sinobi Ransomware Group Breaches Multiple US Firms Including Quality

Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks

South Korea: Firms stick to bare-minimum data breach insurance despite major leaks

South Korea: Weak cybersecurity leaves hospitals vulnerable to ransomware attack, data leaks

Space Bears Ransomware Claims Comcast Data Theft Through Quasar Breach

Space Bears Ransomware Group Claims Attack on Comcast

SpyCloud Data Shows Corporate Users 3x More Likely To Be Targeted by Phishing Than By Malware

State-Sponsored Actors Leverage Backdoor Malware, CISA Warns

Three hacking groups, two vulnerabilities and all eyes on China

Total ransomware payments surpass $4.5 billion since 2013

Tri-Century Eye Care Data Breach Impacts 200,000 Individuals

Triada Malware Strikes Android Users Through Multiple Ad Networks in Sophisticated Hacker Scheme

UK Hospital Asks Court to Stymie Ransomware Data Leak

UK intelligence warns AI 'prompt injection' attacks might never go away

UK launches Proactive Notifications Service to warn businesses of security vulnerabilities

Ukrainian intelligence hit Russia's transit company assisting sanctioned goods

Ukrainians with equipment for hacker attacks detained in Warsaw: what the police seized

US Contributes to 44% of Cyber Attacks; Public Administration Targeted for Financial Gains

US Treasury Tracks $4.5B in Ransom Payments since 2013

Why Operational Technology (OT) security now needs phishing-resistant authentication

WorldLeaks Hits Big Lar, Ernest Käslin, Granjas 4 IrmĂ£os

Posted by at
Labels:
Subscribe to: Comments (Atom)