Ransomware Operator Claims - Week 43 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 20th October and 26th October 2025, kindly assisted by our partners.

DBD discovered and researched 149 Ransomware Victims over 36 Countries and Islands claimed by 34 Data-Leaking Ransomware Operators including 4 Newly Discovered Ransomware Operators last week.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 44 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 27th October and 2nd November 2025.

2nd November

Australia: Victims of IVF provider data breach seek compensation in complaint to national regulator

Hacker Group Reveals Identities of Several Wanted Israeli War Criminals

Hackers Exploit Fake Microsoft Teams Ads to Deploy Rhysida Ransomware

Ongoing Ransomware Attacks Exploit Linux Vulnerability, CISA Warns

Voice Phishing Gang Arrested Impersonating Prosecutors, Financial Watchdog

WestJet, Cathay Pacific, Japan Airlines, Air Europa and more joining in Massive Cyber Attack This Year - You Won’t Believe Who’s at Risk

1st November

Akira Ransomware Allegedly Claims Theft of 23GB in Apache OpenOffice Breach

Akira Ransomware Strikes Apache OpenOffice, Allegedly Exfiltrates 23GB of Data

Australian Signals Directorate (ASD) Warns of Ongoing BADCANDY Attacks Exploiting Cisco IOS XE Vulnerability

Beware of fake Microsoft Teams ads spreading ransomware

China-linked hackers exploited Lanscope as a zero-day flaw in attacks

China-Linked Hacking Group Targets European Diplomatic Entities in Espionage Campaign

CISA Alerts on Linux Kernel Vulnerability Exploited in Ransomware Attacks

CISA Issues Warning: Hackers Exploit Linux Vulnerability to Spread Ransomware

CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware

City of Columbus warns of email ‘phishing’ scam mentioning planning department

Crooks target luxury brands with 1,330 fake domains

Hackers Claim Major US Bank Data Breach, Allegedly Posting Names, Social Security Numbers, Account Numbers and More for Sale on Dark Web

Hackers send fraudulent mass emails to University of Pennsylvania students

Legacy Linux Flaw CVE-2024-1086 Drives Resurgence of Ransomware Attacks

Marks & Spencer to reveal financial impact of cyber attack and online shutdown

Meduza Infostealer Developers Arrested in Russian Authorities’ Crackdown

Meta, Nigeria to Agree Settlement Terms in $32.8m Data Breach Fine

New Kurdish Hacktivists Hezi Rash Behind 350 DDoS Attacks in 2 Months

‘People have had to move house’: Inside the British Library, two years on from devastating cyber attack

Rising threat of phishing and ransomware in Indian banking sector

Voice Phishing Courier Arrested With 540 Million Won at Seoul Station Locker

Woman charged after Edinburgh patients' records accessed in data breach

Woman charged after patient records accessed in NHS data breach

31st October

After a Cyber Attack: How Investment Managers Should Recover and Prepare

AI chatbots are sliding toward a privacy crisis

Albanese Physical Therapy Data Breach Exposes Patient Records

Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition

Alleged Meduza Stealer malware admins arrested after hacking Russian org

Australia Makes History: The World’s First Country to Force Disclosure of Ransomware Payments

Australia warns of BadCandy infections on unpatched Cisco devices

Beverly Hills Oncology Reports 5-Day Data Breach

Beware of Tricks: Halloween Scams Are Stealing Credentials, Money

Bitcoin (BTC) bridge flagged for laundering money got hacked

Black Shrantac Hits CyPark, TENAX, Matlusky, and CCI Tax Pros

BNB Chain reveals root cause of $13k X account hack

Cambodian Voice Phishing Gang Members Sentenced

Canadian cybersecurity agency recommends enabling 2FA after cyberattack reports on vital infrastructure

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide

Chinese-Linked Hackers Exploit Windows Flaw to Spy on Belgian and Hungarian Diplomats

CISA and NSA Issue Urgent Guidance to Secure WSUS and Microsoft Exchange Servers

CISA and partners take action as Microsoft Exchange security risks mount

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

CISA releases security best practices guide for on-site Microsoft Exchange Servers

Colvanes SAS (Envía) Data Breach Exposes Customer Information

Conduent Data Breach: How 10 Million Lives Were Exposed and What Comes Next

Conduent Data Breach Impacts Over 10.5 Million Individuals

Conti Ransomware Suspect Extradited from Ireland to the US to Face Charges

Court Finalizes HCA Healthcare Data Breach Class Action Settlement

DW Data Breach: German News Giant’s Database For Sale

Eclipse Foundation Revokes Leaked Open VSX Tokens Following Wiz Discovery

Ernst & Young (EY) Exposes 4TB SQL Server Backup Publicly on Microsoft Azure

Facial Recognition Firm Clearview AI Hit with Criminal Complaint in Austria

Federal Communications Commission (FCC) plans vote to remove cyber regulations installed after theft of Trump info from telecoms

G-Plans Data Breach Affects Subscriber Privacy

Government data leaks can be a matter of life and death

Government hackers breached telecom giant Ribbon for months before getting caught

Gun Accessory Supply (GAS) Hit by Qilin Ransomware Attack

Hackers Exploit WSUS Flaw to Spread Skuld Stealer Despite Microsoft Patch

Hackers threaten to leak data after breaching University of Pennsylvania to send mass emails

High-severity Linux flaw now exploited by ransomware gangs

How Did Marks & Spencer (M&S) Cyber Attack Cost £300 Million and Help Next?

Hundreds of Australian Devices Compromised with BadCandy Implant

Japanese retailer Askul confirms private info leakage due to cyberattack

Kimsuky and Lazarus Hacker Groups Unveil New Tools That Enable Backdoor and Remote Access

LinkedIn Phishing Scam Targets Executives with Fake Board Offers

LinkedIn phishers target executives with fake board invitations

Marks & Spencer (M&S) to reveal extent of cyber-attack

Meduza Stealer Developers Arrested in Russia

Most organisations struggle to keep pace with AI-powered ransomware

Multilingual ZIP File Used by Threat Actors to Target Financial and Government Organizations

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

New LinkedIn phishing scam targets executives with fake board positions

New Tools from Kimsuky and Lazarus Hacker Groups Enable Backdoor and Remote Access

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

Over 10 Million patients affected by Conduent data breach

Oxford County cyberattack linked to dark web ransomware group

Passwordless adoption moves from hype to habit

Patient records accessed in NHS Lothian data breach

Personalised internal emails drive sharp rise in phishing risk

Probe On After ‘Offensive’ Mass Emails Sent In Suspected Security Threat At University Of Pennsylvania

RansomHouse group claims responsibility for attack on Askul

Ransomware gang runs ads for Microsoft Teams to pwn victims

Ransomware resilience: It’s time to be ‘more Bruce Lee’

Rhysida OysterLoader malvertising campaign leverages 40+ code-signing certificates

Russia Arrests Meduza Stealer Developers After Government Hack

Scotland: Woman charged after around 100 patient records accessed in data breach

Scottish patient records accessed in major NHS data breach

Shadow AI: New ideas emerge to tackle an old problem in new form

Sling TV settles with California for allegedly violating state consumer privacy law

The Calm Before A Storm: Why 2025’s Cyberattacks Seem ‘Quiet’ And Why It Should Terrify Us

The evil masterminds behind Meduza infostealer malware are...kids in Hello Kitty pants

The Hidden Risks of Third-Party IoT Devices: What Organizations Need to Know

The Phishing Renaissance, How AI Brought Back the Classics

Three Members of Cambodia 'Ma Dongseok Team' Phishing Ring Sentenced to Prison in First Trial

Three suspected developers of Meduza Stealer malware arrested in Russia

Ukrainian allegedly involved in Conti ransomware attacks faces up to 25 years in jail

Ukrainian Conti Ransomware Suspect Extradited to US from Ireland

Ukrainian extradited from Ireland on Conti ransomware charges

University of Pennsylvania investigating offensive email sent through graduate school system

Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)

Victorian medical centre suffers cyber attack

Vietnam Arrests 60 People in Cambodia's Voice Phishing Organization...Fraud charges of 16 billion won

‘We got hacked’ emails threaten to leak University of Pennsylvania data

Windows 10 users face ransomware nightmare as Microsoft support ends in 2025 worldwide

Windows zero-day actively exploited to spy on European diplomats

Woman charged after NHS patients’ records accessed in data breach

Yale New Haven Health System (YNHHS) reaches preliminary $18 million settlement over data breach

Yas Takaful Dubai Insurance Data Breach Exposes Client Data

30th October

28% of Irish businesses risk closure with one ransomware attack

95% of companies believe they’re ready for ransomware. But only 15% actually are!

180 ransomware attacks plague education sector worldwide in 2025 through Q3

Afghan data breach saw sensitive information left open on train

Akira Ransomware Group Claims Cyberattack on BK Technologies, Says 25GB of Data Stolen

Akira Ransomware Claims It Stole 23GB from Apache OpenOffice

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)

BPO giant Conduent confirms data breach impacts 10.5 million people

CISA orders feds to patch VMware Tools flaw exploited by Chinese hackers

Cisco Talos identifies surge in Qilin ransomware attacks, with manufacturing sector hit hardest in 2025

City of Columbus, Indiana, warns of phishing email scam circulating appearing to come from the ‘planning department’

Class action targets Pacific Seafood over data breach

Conduent admits its data breach may have affected around 10 million people

Confidential information leaked after Ministry of Defence (MoD) official left laptop open on train

Critical Flaws Found in Elementor King Addons Affect 10,000 Sites

Crypto scammers deepfaked Nvidia's CEO during livestream

Cyber-attack on Jaguar Land Rover (JLR) leaves UK September car production at 70-year low

Cyberattack targets Polish municipalities, mayors in phishing campaign

Cybersecurity and energy leaders join forces to protect EU power grids

Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) share tips on securing Microsoft Exchange servers

Defense Contractor Boss Pleads Guilty to Selling Zero-Day Exploits to Russia

Denmark reportedly withdraws Chat Control proposal following controversy

Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed

Determining the Credibility of Online Threats in a World of Digital Noise

Diplomatic entities in Belgium and Hungary hacked in China-linked spy campaign

Email breaches are the silent killers of business growth

Ernst & Young (EY) subject of whopping 4TB data breach following cloud migration error

Even the most complex and advanced business VPN tools could still leave you at risk of attack - here's how to stay safe

Ex-L3Harris exec guilty of selling cyber exploits to Russian broker

Extortion and Ransomware Drive Over Half of Cyberattacks

Financial Conduct Authority (FCA) prosecutes boiler room data breach

Financial Conduct Authority (FCA) secures first data breach conviction

From Deepfakes to Phishing 2.0: Why Passwords Alone Can't Protect You Anymore

GCash, Department of Information and Communications Technology (DICT) confirm no data breach after dark web claim

Germany publishes checklist on how to act when your online account is hacked

Gmail Passwords Exposed In 183 Million Account Data Breach

Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month

Hacker gang claims raid on Japanese grocery store chain

Hackers Claim Massive Data Theft from Sweden’s Power Grid Operator

Hacktivist Industrial Control Systems (ICS) Attacks Target Canadian Critical Infrastructure

Hacktivists tampered with Canadian industrial systems, cyber agency warns

Handle a data breach quickly to protect your personal information and minimize damage

Hitler Ransomware Revived in Roblox Executors

How AI Phishing Is Putting School Districts at Risk

How Jaguar Land Rover's Category 3 Cyber Attack Caused Production Shutdown

How neighbors could spy on smart homes

Ireland: Cyber Threats Could Force 1 in 4 SMEs to Shut Down After a Ransomware Attack

Jaguar Land Rover (JLR) Cyber Attack Impact on Car Production Revealed

Jaguar Land Rover Cyber-Attack cost UK Economy £1.9 billion

Jaguar Land Rover (JLR) cyberattack reinforces urgent need for stronger cyber safeguards

JFS Wealth Advisors Data Breach Affects 865 Residents

Kenya: Government Responds to Alleged M-Tiba Personal Data Breach

Key Telecom Supplier Ribbon Communications Discloses Nation-State Cyberattack

L3Harris Trenchant Former Executive Pleads Guilty to Selling Zero-Day Exploits to Russian Buyer

La Vergne city offices reopen nearly 2 weeks after suspected cyber attack

LG Uplus Reports Suspected Data Breach Amid Growing Cybersecurity Concerns in South Korea

LinkedIn phishing targets finance execs with fake board invites

Luxury Brands Face Wave of Impersonation via Over 1,300 Suspicious Domains Ahead of Holiday Season

M-Tiba Data Breach Exposes Millions of Kenyans’ Health Records

Major telecom services provider Ribbon breached by state hackers

Marina Bay Sands Fined for Data Breach Affecting 665,000 Customers

Marks & Spencer (M&S) Cyber Attack Boosts Profits of Rival Retailer Next

Massive surge of Near-Field Communication (NFC) relay malware steals Europeans’ credit cards

MedImpact Confirms Ransomware Attack as Qilin Claims Responsibility

MedImpact Hit by Cyberattack, Claims Processing Delayed

Millions Impacted by Conduent Data Breach

Ministry of Defence (MOD) data breach linked to deaths of 49 Afghans, says new academic research

Naruto, Sailor Moon US publisher’s Google Drive breached, attackers claim

Nation-state attackers infiltrate Ribbon Communications, a telecoms networking and cloud services provider used by the US Department of Defense (DoD)

National Informatics Centre (NIC) Kavach App Data Breach

New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

New York Police Department (NYPD) sued for using Microsoft-powered spy network to track New Yorkers

Northern Montana Health Care (NMHC) Notified of Data Breach

Open-source AdaptixC2 hacking tool has fans in Russian cybercrime underground

Open-Source Red Team Tool Adaptix Framework Exploited by Cybercriminals with Russian Ties, Including Akira

Over 3 billion Chromium users vulnerable to browser crash bug

Pan-American Data Breach Affects PII & PHI

PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Developers

Phishing via LinkedIn is on the rise with sophisticated tactics

Profits from ransomware attacks declining

Proton Claims 300 Million Records Compromised So Far This Year

Proton Data Breach Observatory reports as soon as your personal data hits the dark web

Proton Launches Data Breach Observatory to Track Dark Web Activity in Real-Time

Proton launches 'Data Breach Observatory' to track personal info leaks

Proton Launches Free Data Breach Observatory to Track Dark Web Leaks

Proton trains new service to expose corporate infosec cover-ups

Proton Unveils Data Breach Observatory for Dark Web Credential Alerts

Proton Will Discover Online Breaches As Soon As Your Data Is Sold On The Dark Web

Proton’s new Data Breach Observatory shines a light into the dark web

Pruksa Holding Data Breach Exposes Data of 460,000 Members

Push Security Identifies Surge in Sophisticated LinkedIn-based Phishing Campaigns

Qilin ransomware claims cyber attack on Malibu Boats Australia

Ransom payment rates drop to historic low as attackers adapt

Ransomware attacks surge 28% in September as Industrials sector hit hardest

Ransomware gang claims Conduent breach: what you should watch for next

Ransomware hackers upped the game, and it’s personal

Rethinking identity security in the age of autonomous AI agents

Rogers Mechanical Data Breach Affects PII and PHI

Russian cybercrime group hits Pharmacy Benefit Manager (PBM) with ransomware

Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

Safaricom Under Fire After Massive M-Tiba Data Breach Exposes Millions of Kenyans’ Health Records

Sandworm-linked attackers continue to target Ukrainian organizations

Shadow AI: One In Four Employees Use Unapproved AI Tools, Research Finds

Spyware-Plugged ChatGPT, DALL·E and WhatsApp Apps Target US Users

Synthetic phishing in the AI era: Is India ready for the next wave of cyber threats?

Tata Consultancy Services (TCS) Refutes Claims of Contract Loss Following M&S Cyber Incident

Tata Motors Breach Exposed 70TB of Sensitive Data Before Fix

Tech Expert Claims Russia Behind Major UK Cyber Attack, Using Gaza Conflict as 'Cover'

Telco provider used by US government and others hit by nation-state hackers

This sucks: developer finds backdoor in his robot vacuum, potentially giving full control to spies

Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery

UK retailers hit by surge in AI-powered phishing & vishing scams

Vinomofo Failed to Protect Customer Data, Australian Privacy Commissioner Rules

VIZ Media Data Breach Exposes 254GB of Sensitive Data

Was Your Data Exposed in the Canadian Tire Breach? Here’s What To Do Next

Year-Long Nation-State Hack Hits US Telecom Ribbon Communications

Your photo could be all AI needs to clone your voice

29th October

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

2026 Data Breach Law Updates - California and Oklahoma

Active Exploits Hit Dassault and XWiki - CISA Confirms Critical Flaws Under Attack

AI agents can leak company data through simple web searches

AI web browsers threaten your privacy and the open web

Amid Shutdown, Cyber Attack Thwarts Georgia Supplemental Nutrition Assistance Program (SNAP) Recipients

Apache Warns of Critical Tomcat Vulnerabilities Impacting Versions 9, 10, and 11

Average Cyber-attack Now Costs Firms £2.8 Million, Report Warns

Banking & payroll details stolen in Merkle data breach, Dentsu warns staff

Beast Ransomware Targets Active SMB Connections to Infect Entire Networks

BlueNoroff reemerges with new campaigns for crypto theft and espionage

British Standards Institution (BSI) Warns of Looming AI Governance Crisis

Canada says hacktivists breached water and energy facilities

Central Intelligence Agency (CIA) launched cyber attack on Venezuela five years ago

Cisco, Citrix VPNs at 7 times higher ransomware risk

ClickOnce leveraged in new SideWinder APT attacks

Cloud Atlas hackers target Russian agriculture sector ahead of industry forum

Conduent Data Breach Hits Thousands of Blue Cross Blue Shield Members in Montana

Cyber Attack Reported Inside Walt Disney World Theme Park

Data breach hits Dentsu subsidiary Merkle

Dentsu warns staff of data breach after Merkle hit by cyber ‘security incident’

Early reporting helps credit unions stop fraudulent transfers faster

Email breaches skyrocket in 2025: 78% of businesses compromised, $217K lost per attack

Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins Challenging SOC Defenses

Employee data from advertising giant Dentsu leaked in hacker attack

Everest Ransomware Group Claims Theft of 1.5 Million Passenger Records from Dublin Airport

Experts Report Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

False Reports of Gmail Data Breach Alarm Internet

Former L3Harris Trenchant boss pleads guilty to selling zero-day exploits to Russian broker

Former Security Company Official Pleads Guilty to Stealing Trade Secrets to Sell to Russian Buyer

Former Trenchant executive pleads guilty to selling cyber exploits to Russian broker

From Deepfakes To Phishing 2.0: Why Passwords Alone Can't Protect You Anymore

GCash data breach report false

GCash denies dark web data breach, assures customers funds are safe

GCash warns users against fake news on alleged data breach

Gmail-Linked Credentials Exposed in Massive Breach

Goosehead Insurance hit with lawsuit over alleged data breach notification delay

Green Mountain Higher Education Consortium Data Breach

Gunra Ransomware Leveraging Attacking Windows and Linux Systems with Two Encryption Methods

Gunra Ransomware Targeting Windows and Linux Systems Through Two Encryption Techniques

Gunra Ransomware Targets Windows and Linux with Dual Encryption

Hackers Hijack Corporate XWiki Servers for Crypto Mining

Hackers Use Near Field Communication (NFC) Relay Malware to Clone Tap-to-Pay Android Transactions

Halloween scams spike as 63% of festive spam found malicious

How Businesses Should Approach the Post-Quantum Cryptography Transition

HSBC USA caught in data breach controversy after Cyber Attack

If you get an email saying you’re dead...it’s the new LastPass phishing scam

Intensifying Iranian, Russian global cyberattacks expand to target small businesses

Jaguar Land Rover cyber attack 'could take six months to recover from'

Kenya: Data Commissioner probes possible M-Tiba data breach involving users’ health information

Kenya: Office of the Data Protection Commissioner (ODPC) Probes Alleged M-Tiba Personal Data Breach

Korea launches AI-based platform to bolster fight against voice phishing

Korea Telecom (KT) will provide free data and discounts to victims of data breach

LG Uplus joins three major South Korean telecoms hacked this year

'Living off the land' allowed Russia-linked group to breach Ukrainian entities this summer

M-Tiba Under Probe Over Alleged Data Breach Affecting Millions of Users

M-Tiba Under Probe Over Alleged Personal Data Breach

Malicious NPM packages fetch infostealer for Windows, Linux, macOS

Malicious Typosquatted npm Packages Deliver Cross-Platform Credential Stealer, Researchers Warn

Marina Bay Sands fined for data breach affecting over 665,000 patrons

Marina Bay Sands fined more than US$243,000 for 2023 data breach that impacted 665,495 rewards members

Marina Bay Sands Fined US$243,400 For Data Breach Involving Over 665,000 Rewards Members

Marks & Spencer cyberattack leads to profit for other UK retailers

Massive Credential Leak Sparks Google Data Breach Allegations

MedImpact purportedly hacked by Qilin

More than 10 million impacted by breach of government contractor Conduent

Nearly Half of Ransomware Victims Who Pay Ransom Can’t Recover Data

New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts

New Atroposia RAT Surfaces on Dark Web

New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network

New Beast Ransomware Expands Through Network by Scanning Active SMB Ports

New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding

New research reveals human cost of Ministry of Defence Afghan data leak

Newk's Data Breach Impacts Thousands

NOYB demands criminal sanctions against Clearview AI for GDPR violations

Npm Malware Uses Invisible Dependencies to Infect Dozens of Packages

On-premises VPNs up odds of ransomware victimization

Only 23% of Ransomware Victims Pay the Ransom

Over 1.5 Million Sensitive Records Targeted in Collins Aerospace Data Breach, Hackers Claim

Paterson & Dowding confirms data breach by ransomware group

PhantomRaven attack floods npm with credential-stealing packages

Phishing Attack Uses Invisible Characters in Email Subject Lines to Bypass Filters

Phishing scams are all trick, no treat

PHP Servers and IoT Devices Face Growing Cyber-Attack Risks

Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc

Qilin Ransomware Exploits Windows Subsystem for Linux (WSL) to Run Linux Encryptors on Windows

Ransomware Attacks Against Critical Industries Surge

Ransomware hackers are now running Linux encryptors in Windows to stay undetected

Ransomware Predictions for the Rest of 2025: Ecosystem in Flux

Ransomware Spotlight: DragonForce

Reacting slowly to a security breach opens up your business to more threats

Reputation.com exposes 120 million logs in major data leak

Rethinking Data Collection in Identity Security

Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics

Safepay ransomware gang claims hack on German surveillance provider Xortec

Sanctions won’t stop cyberattacks, but they can still “bite”

Scammers target international students by threatening their visa status

SideWinder Targets Indian Embassy and South Asian Organizations in Sophisticated Phishing Campaign

South Korea: Financial Authorities Launch AI Platform to Block Voice Phishing

‘Stealer Logs’ & ‘Credential Stuffing Lists’ Data Breach Leaks 183 Million Email Passwords

Survey Surfaces Rise in Email Security Incidents Tied to Ransomware

Tasmanian government agencies hit by cyber attack

Tata Consultancy Services (TCS) slams 'misleading' The Telegraph report on Marks & Spencer (M&S) ending IT contract amid major cyber attack fall out

The US refuses to sign UN’s cybercrime treaty

To stop cybercrime, don't think like a criminal

UK firms confident on ransomware but face rising AI-driven risks

UK taxpayers are under an increased risk of deception

UK watchdog announces rules to stop scammers in their tracks

Were 183 Million Gmail Passwords Stolen? Google Responds to Claims of Data Breach

When Money Moves, Hackers Follow: Europe’s Financial Sector Under Siege

WordPress security plugin exposes private data to site subscribers

28th October

40 Billion Records Exposed From Marketing and Email Data Platform

76% of organizations struggle to combat AI attacks

183 Million Email Passwords Leaked in Global Data Breach

A Quarter of Scam Victims Have Considered Self-Harm

Actively Exploited WSUS Bug Added to CISA Known Exploited Vulnerabilities (KEV) List

Advertising giant Dentsu reports data breach at subsidiary Merkle

Are All Ransomware Gangs Interconnected

At least 49 relatives and colleagues of Afghans affected by the Ministry of Defence's mass data breach 'have been killed'

Australia & New Zealand lag in rapid ransomware recovery rates

Beatings, killings, and lasting fear: The human toll of Ministry of Defence's Afghan data breach

Bengaluru’s Central Crime Branch (CCB) Cyber Crime Wing Busts ₹47 Crore ($5.6 Million) International Cybercrime Racket Linked to Dubai

Booking.com Impersonation Targets Crypto Users in Fake Dubai Summit Scam

Caller ID Spoofing Is a Big Problem. Europol Wants Solutions

CEO of spyware maker Memento Labs confirms one of its government customers was caught using its malware

Chain of security weaknesses found in smart air compressor model

Chrome Zero-Day Actively Exploited in Attacks by Mem3nt0 mori

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware

CISA warns of two more actively exploited Dassault vulnerabilities

CISA Warns that DELMIA Apriso Vulnerabilities Are Under Attack

Clearview AI sued in Europe over alleged privacy violations

Colegio de Abogados de Rosario Data Breach Exposes Attorneys

Copeland Auto Group Data Breach Affects Dealerships

Critical Flaw CVE-2025-55315 Exposes QNAP NetBak PC Agent to Security Bypass Attacks

Critical Microsoft WSUS Security Flaw is Being Actively Exploited

Cyber extortion success rate declining

Cyber Security Must Be a Board Priority – And It Starts With Cyber Essentials

Cybercriminals Use Invisible Characters in Subject Lines for New Phishing Attack

Data breach at Conduent linked to months-old system compromise

Delay responding to email breaches likely to lead to ransomware attacks

Delayed Breach Response Tied to Higher Ransomware Risk

Dentsu warns staff of data breach after Merkle hit by cyber 'security incident'

Email Passwords Confirmed in Major 183 Million Account Data Breach

Europol calls for European response against caller ID spoofing

Everest group claimed the hack of Sweden’s power grid operator Svenska kraftnät

Everest Leaks AT&T Records, Demands $1M for Dublin Airport Passenger Data

Everest ransomware group claims breach at Sweden’s Svenska kraftnät

Federal Communications Commission (FCC) adopts new rule targeting robocalls

FIA Data Breach Exposes Sensitive Personal Information of F1 Drivers, Including Max Verstappen’s Passport

Form Energy, Inc. Data Breach Affects 622 in Massachusetts

From phishing to deepfakes: Africa faces next generation of cyber threats

Gamaredon Launches New Phishing Campaign Against Government Entities Exploiting WinRAR Vulnerability

Gamaredon Phishing Campaign Exploits WinRAR Vulnerability to Target Government Agencies

Gmail Passwords Confirmed Within 183 Million Account Infostealer Leak

Gmail security alert: 183 Million credentials exposed - are you at risk?

Gmail users told urgent action needed after millions of passwords stolen in data breach

Gmail-Linked Credentials Exposed in Massive Breach

Google Denies Data Breach Claims, Refutes Rumors of 183 million Accounts Leaked

Google Denies Gmail Data Breach Amid Widespread Misreporting

Google Debunks Gmail Data Breach Reports That Said 183 Million User Account Credentials Leaked

Google pushed to publicly deny false reports of massive Gmail breach

Google says reports of a Gmail breach have been greatly exaggerated

Hackers put 8 Million records of Mexicans’ debt data up for sale

How many companies really shut down after a data breach?

How Threat Intelligence Feeds Help Organizations Quickly Mitigate Malware Attacks

Investment Scams Spread Across Asia With International Reach

Iran-Linked Hacker Group Claims Breach of Israeli Defense Contractor MAYA

Ireland: Cyber Threats Could Force 1 in 4 SMEs to Shut Down After a Ransomware Attack

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign

Jaguar Land Rover (JLR) cyber attack impact 'could last for six months' as small firms hit hard

Jaguar Land Rover (JLR) cyber attack impact 'may last for six months'

Jersey Financial Services Commission (JFSC) avoids fine after data breach impacting nearly 67k people

Kaspersky links spyware attack to Hacking Team successor

LastPass warns of a new phishing campaign involving death certificates and a nefarious email that demands you reply to it if you're not dead

Lawsuit against New York Police Department (NYPD) alleges its surveillance system is unconstitutional

LG Uplus is latest South Korean telco to confirm cybersecurity incident

Managing legacy medical devices that can no longer be patched

Marina Bay Sands fined S$315,000 for 2023 data breach

Marina Bay Sands fined $315,000 over 2023 data breach involving over 600k visitors

Marina Bay Sands fined over major 2023 data breach

Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins

Massive Data Breach at Kenyan Health Platform M-TIBA; Sensitive Medical and Personal Data of 4.8 Million Users Reportedly for Sale

Massive Data Breach Hits M-Tiba: Millions of Kenyan Health Records Allegedly Exposed

Massive Data Breach Hits Safaricom-Backed M-TIBA, Exposing Millions of Kenyan Patients’ Records

Massive risk: 92% of Exchange servers in Germany unprotected after Microsoft support ends

Mexican Bank Debtor Database Leaked on Dark Web

Microsoft Teams will snitch your location in the office to your boss

Millions of Gmail passwords exposed in massive data breach, experts urge users to act immediately

More Than 10 Million Patients Affected by Conduent Business Solutions Data Breach

Multibillion-dollar bitcoin bridge called out for helping North Koreans launder stolen funds

Nation-State Cyber Ecosystems Weakened by Sanctions, Report Reveals

New Android malware mimics human typing to evade detection, steal money

New Android Trojan 'Herodotus' Outsmarts Anti-Fraud Systems by Typing Like a Human

New Atroposia malware comes with a local vulnerability scanner

New Counter Ransomware Initiative (CRI) guidance calls on organizations to tighten cyber hygiene, risk assessments across supply chains

New Gamaredon Phishing Attack Targeting Govt Entities Exploiting WinRAR Vulnerability

New Herodotus Android malware fakes human typing to avoid detection

New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves

New Phishing Attack Using Invisible Characters Hidden in Subject Line Using MIME Encoding

No one pays ransomware demands anymore - so attackers have a new goal

Oracle EBS zero-day attacks claim Emerson, Schneider Electric as victims

Organizations That Delay Responding to Email Breaches are 79% More Likely to Suffer a Ransomware Hit

Over 183 million Gmail users issued urgent warning after password data breach

People's Postcode Lottery suffers data breach exposing players' personal details

Premera Members’ Personal Information Exposed in Conduent Data Breach

Proof-of-Concept (PoC) code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)

Qilin claims large pharmacy benefit manager MedImpact

Qilin ransomware abuses Windows Subsystem for Linux (WSL) to run Linux encryptors in Windows

Qilin Ransomware Claims Another Health Provider, MedImpact Healthcare Systems Targeted in Cyberattack

Qilin Ransomware Targets Windows with Linux-Based Payload

Qilin uses Linux ransomware to evade Windows defenses

Ransomware attacks jumped 28% in September

Ransomware Hackers Look for New Tactics Amid Falling Profits

Ransomware in the healthcare sector: Extortion at all-time high, ransom demands down, stress among teams

Ransomware payments hit record low: only 23% Pay in Q3 2025

Ransomware Profits Plunge to 23% as Victims Shun Payments in 2025

Ravin Academy confirms data breach

RedTiger Malware Steals Data, Discord Tokens and Even Webcam Images

Researchers Expose GhostCall and GhostHire: BlueNoroff's New Malware Chains

Researchers warn of Qilin ransomware gang after group hit hundreds of orgs this year

SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats

Sinobi ransomware targets Cavalry Consulting

Surprised, Not Surprised, Ransomware Attacks Have Ticked Up

Svenska kraftnät investigates data breach linked to Everest ransomware group

Sweden power grid confirms cyberattack, ransomware suspected

Swedish Power Grid Operator Confirms Data Breach Following Everest Ransomware Gang Claim

Swedish power grid operator confirms it was hit by hacker attack

SymbolTransport Data Breach Exposes Source Code and Databases

Tata Motors confirms it fixed security flaws, which exposed company and customer data

TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs

The end of ransomware? Report claims the number of firms paying up is plummeting

Treasure Coast Hospice Reports Data Breach Affecting Staff Information

UK: Defense Ministry data breach could have led to the deaths of at least 49 Afghans

UN’s First Global Cybercrime Treaty Sparks Debate Over Privacy and Surveillance

US Cities Halt Automated License Plate Reader (ALPR) Cameras Due to Privacy Concerns as Municipalities Re-evaluate Surveillance Technology

Warning to every Gmail user in Ireland as passwords exposed in massive data breach

Western Australia law firm confirms cyber attack following Anubis ransomware claims

Western Sydney University suffers data breach, again

When Security Is a Matter of Life and Death: The UK Afghan Data Leak

27th October

72 states sign first global UN Convention against Cybercrime

183 Million Email Accounts Breached: Is Yours Affected?

183 Million Gmail accounts leaked in latest online data breach - are you affected?

AI writes code like a junior developer, and security is feeling it

Artificial intelligence fuelling cyber frauds on SMEs

Beware fake credit card account restriction scams

Bristol Student Union data breach saw society instructors' private information accessible

Bug enables researchers to access F1 race drivers’ information via FIA portal

ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands

‘ChatGPT Tainted Memories’ Exploit Enables Command Injection in Atlas Browser

Chiapas Health Secretariat Data Breach Hits State Agency

China-Linked ‘Smishing Triad’ Exploits 194,000 Domains In Global Phishing Campaign

Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group

CISA orders feds to patch Windows Server WSUS flaw used in attacks

CISA releases warning about Windows Server Update Service bug, orders agencies to patch

Cities reverse course on automated license plate reader cameras amid privacy concerns

City of Gloversville hit by ransomware attack

Co-op 'told staff to boost vape promotion' in revelation after cyber attack

Crafted URLs can trick OpenAI Atlas into running dangerous commands

Critical WordPress Plugin Bugs Exploited En Masse

Cross-platform ransomware: Qilin weaponizes Linux binaries against Windows hosts

CrowdStrike warns AI-driven ransomware outpacing legacy defenses

Crypto24 Ransomware Hits Bayu Buana Travel and Meinhardt Group

Cyberattack on Jaguar Land Rover Costs Company £1.9 Billion

Cybersecurity executive charged with stealing and selling trade secrets to Russia

Cybersecurity grapples with acute skill gap as threats increase

Cyble warns of sharp rise in ransomware incidents

DDoS, data theft, and malware are storming the gaming industry

Dimarco Group LLC Data Breach Affects 9 in Massachusetts

DomeWatch Leak Exposed Personal Data of Capitol Hill Applicants

Dozens of Afghans say colleagues, relatives killed after UK data breach

Dublin Airport Data Breach Hits 1.5 Million Passengers

Europol Warns of Rising Threat From Caller ID Spoofing Attacks

ForumTroll APT Campaign Deploys the Dante Next-Gen Commercial Spyware in Russia, Belarus

GCash: No evidence of data breach

GCash assures systems secure amidst alleged data breach

GCash denies 8-million user data breach, even as National Privacy Commission (NPC) launches investigation

GCash denies data breach as privacy commission starts probe

GCash denies data breach claims, assures users of security

GCash finds no evidence of data breach, assures users

GCash says no data breach; Privacy watchdog launches probe, urges vigilance

GCash says no data breach found, systems remain secure

Gerar data breach exposes over 500 GB of youth records

Gloversville hit by ransomware attack, paid ransom

Gmail Data Breach: 183 Million Accounts Compromised - Infostealer Malware Behind Massive Leak

Gmail Data Breach Exposes 183 Million Passwords

Gmail Data Breach Exposes 183 Million Passwords Worldwide

Gmail data breach hits 183 Million Accounts

Gmail Passwords Confirmed As Part Of 183 Million Account Data Leak

Gmail users put on red alert after millions of passwords stolen in huge data breach

Gmail warning as millions of passwords stolen in huge data breach

Gmail warning issued as millions of passwords stolen in data breach

Google disputes false claims of massive Gmail data breach

Google issues statement after reports of Gmail 'data breach' affecting 183 million users

Hackers exploiting Windows updates: Microsoft urges users to patch

HEZI RASH Claims DDoS Attack on Iraqi Electoral Commission Website

HSBC USA data breach exposes client transactions, hackers claim

Investigation launched after Dublin airport passenger data published online in Collins Aerospace data breach

Iran's school for cyberspies could've used a few more lessons in preventing breaches

Iranian Intel-Linked Cybersecurity School Hit by Data Breach

Israeli IT Firm Sensory Hit by Major Data Extortion Attack

Italian spyware vendor linked to Chrome zero-day attacks

Italian-made spyware spotted in breaches of Russian, Belarusian systems

Journalists outline Ministry of Defence (MOD) secrecy in Afghan data breach

Landmark data breach penalty a warning to Australian businesses, with more penalties expected

LastPass ‘digital will’ phishing attack uses fake death certificate emails

Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD

LockBit 5.0 expands targeting amid ransomware escalation

LockBit ransomware reemerges after 2024 takedown

M-TIBA Data Breach Exposes Kenyan Healthcare Platform Data

Major Gmail data breach as 183 million users 'compromised'

Marina Bay Sands fined US$243k over 2023 data breach involving 665,000 clients

Marks & Spencer Cuts Ties With Tata Consultancy Services Amid £300m Cyber Attack Fallout

Marks & Spencer (M&S) ditches IT service desk tie up with Tata Consultancy Services (TCS) following high profile cyber attack on UK retailer

Marks & Spencer ends contract with IT service desk Tata Consultancy Services (TCS) months after cyberattack

Marks & Spencer (M&S) ends IT contract with Tata Consultancy Services (TCS) following £300m cyber-attack

Massive China-Linked Smishing Campaign Leveraged 194,000 Domains

Microsoft Copilot Studio agents exploited in new phishing campaign

Millions of Gmail passwords stolen in massive data breach

Millions of passengers possibly affected by cyber breach at Dublin Airport supplier

Muji Online Stores Taken Offline After Ransomware Attack on Logistics Partner Askul

Netherlands Software Firm Irias Suffers Source Code Data Breach

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

New corporate espionage claims emerge, centered on two highly valued 401(k) admin startups

New HyperRat Android Malware Sold as Ready-Made Spy Tool

'Not due to cyber attack': Tata Consultancy Services (TCS) dismisses UK media report; reveals why Marks & Spencer didn't renew contract

Over a million airline records stolen in Everest group hack

PayPal Warns Consumers About Rising Phishing Scams This Cybersecurity Month

Phishing emails target LastPass users

Phishing scam uses fake death notices to trick LastPass users

QBE predicts 40% rise in ransomware incidents by 2026

Qilin Ransomware Combines Linux Payload With Bring Your Own Vulnerable Driver (BYOVD) Exploit in Hybrid Attack

Qilin ransomware escalates rapidly in 2025, targeting critical sectors with 700 attacks amid RansomHub shutdown

Qilin Ransomware Exploits MSPaint and Notepad to Find Sensitive Information

Qilin Ransomware Exploits MSPaint and Notepad to Locate Sensitive Files

Qilin Ransomware Gang Claims Attack on City of Sugar Land, 800GB Allegedly Leaked

Qilin Ransomware Group Publishes Over 40 Cases Monthly

Qilin Ransomware Group’s TTPs Examined by Researchers

Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information

Qilin Ransomware’s Evolving Attack Methods Include Leveraging VPN Credentials Exposed on the Dark Web

Qilin Targets Windows Hosts With Linux-Based Ransomware

QNAP warns of critical ASP.NET flaw in its Windows backup software

Ransomware Group Everest Takes Credit for Collins Aerospace Breach

Ransomware Payments Dropped in Q3 2025

Ransomware profits drop as victims stop paying hackers

Ransomware, extortion groups adapt as payment rates reach historic lows

RIBridges Data Breach Affects 650,000 Individuals

Rising brute-force attacks signal looming ransomware threats, experts warn

Royal Thai Army Enlistment Portal Data Breach

Russian hackers claim Dublin airport hack

South Africa Faces Surge in Cyber Attacks, Leads Africa in Reported Incidents

Sweden’s Power Grid Operator Admits Data Breach Linked to Everest Ransomware Gang

Sweden’s power grid operator confirms data breach claimed by ransomware gang

Tata Consultancy Services Refutes Losing Marks & Spencer (M&S) Contract After Cyber-Attack

Thailand’s Department of Agricultural Extension (DOAE) Data Breach

The Philippines: National Privacy Commission (NPC) probes alleged GCash data breach; e-wallet denies leak

The Philippines: National Privacy Commission (NPC) probes alleged GCash data breach; firm says systems remain secure

Three Factors Determine Whether a Ransomware Group is Successful

Travere Therapeutics Data Breach Exposes Social Security Numbers

Turkiye: 6 arrested in Istanbul data breach probe linked to app

UK Fraud Cases Surge 17% Annually

UK issues safeguards against supply chain ransomware attacks

Urgent warning to Gmail users as 183 MILLION passwords are stolen in data breach - here's how to check if your account is affected

US declines to join more than 70 countries in signing UN cybercrime treaty

US Secret Service Cracks Down on Payment Card Fraud, Removes 22 Card Skimmers in Maryland Operation

Vibra Hospital Data Breach: Employee Emails Hacked

Whisper 2FA: The New Phishing Tool That Steals Microsoft 365 Credentials

Why ransomware group names don’t matter for defense

Xortec reportedly targeted by Safepay ransomware group

Your logins could be among 180 Million just added to Have I Been Pwned - how to check for free