Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)

“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC

74% of companies experienced social media attacks in 2021.

Thursday, 3 April 2025

Ransomware Operator Claims - Week 13 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 24th March and 30th March 2025, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Posted by at
Labels:

Monday, 31 March 2025

Data Breaches Digest - Week 14 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 31st March and 6th April 2025.


5th April

56% of Cyberattacks Exploit Valid Credentials

AI-generated Aadhaar, PAN cards spark debate on privacy, data breach

Australian Super Funds Hit by Major Cyber Attack: What Members Need to Know

Can AI Outsmart Ransomware 2.0 Before It’s Too Late?

Cybercriminals shift focus to mobile devices, crypto assets

Kellogg’s Confirms Data Breach Affected Servers that Sent Files to Human Resources

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data

Maryland pharmacist used keyloggers to spy on coworkers for a decade, victim alleges

Scam Emails Explained: How to Protect Yourself from Phishing and Fraud

Top Cybersecurity Concerns in 2025: Key Statistics You Must Know

4th April

1.5 Million Explicit Images Leaked From Dating Apps, Including BDSM And LGBTQ+ Platforms

7 password rules security experts live by in 2025 - the last one might surprise you

16 months after they experienced a ransomware attack, Dameron Hospital notifies those affected

$500K Believed To Have Been Stolen From Aussie Superfunds In Data Hack Scandal So Far

$500,000 stolen in Australian super fund data breach

AI is now better than humans at phishing

Australia's data breach costs hit record AUD $4.26m

Australian pension funds hit by cyber attack affecting thousands

Australian pension funds hit by wave of credential stuffing attacks

Australian super system caught unprepared for cyber attack

Australian superannuation funds hit by cyber attacks, with members' money stolen

AustralianSuper data breach and $500K theft explained: Is your retirement safe?

AustralianSuper, Rest, ART Among Victims in Widespread Superannuation Cyberattacks

Beware of Fake Unpaid Toll Message Attack to Steal Login Credentials

Beware! Fake Unpaid Tolls Messages Used in Phishing Attack to Steal Login Credentials

CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware

Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw

Chinese threat actor jumps on misdiagnosed RCE in Ivanti VPN appliances

CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers

City of Chattanooga says it was also affected by data breach

Connected cars drive into a cybersecurity crisis

Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code

Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware

Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses

Cyber attacks target Australian superannuation funds, members report account lockouts and missing funds

Cyber Insurance Market Adapts to Evolving Threats

Cyberattack affects major Aussie superannuation funds: Hostplus, Rest and AustralianSuper caught up in hack

Cybercriminals are trying to loot Australian pension accounts in new campaign

Data compromise confirmed by Highline Public Schools

DDoS attack cripples Dutch hosting company Argeweb for over a week

DDoS Attacks Now Key Weapons in Geopolitical Conflicts

DeepSeek-R1 Prompts Abused to Generate Advanced Malware and Phishing Sites

DeepSeek-R1 Prompts Exploited to Create Sophisticated Malware & Phishing Pages

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub Ransomware Unmasked Using ChatGPT & OPSEC Mistakes

Europcar GitLab breach exposes data of up to 200,000 customers

Evasive "fast flux" technique is latest national security threat, CISA warns

Forward-thinking CISOs are shining a light on shadow IT

Four in ten Irish businesses have suffered a cyber-attack in the last five years

Free VPN apps linked to Chinese military: over 70 million downloads

Go phish: Why the sudden rise in phishing attacks?

Hackers abuse Tax Day lure to steal credentials and deploy malware

Hackers Exploit Fast Flux to Evade Detection and Obscure Malicious Servers

Hackers Leveraging URL Shorteners & QR Codes for Tax-Related Phishing Attacks

Hackers strike Australia's largest pension funds in coordinated attacks

Hackers use Booking.com scam to hijack hotels

Hackers Use URL Shorteners and QR Codes in Tax-Themed Phishing Attacks

How Cyber Criminals Are Exploiting QR Codes for Phishing Attacks

Hunters International Dumps Ransomware, Goes Full-on Extortion

Hunters International rebrands away from ransomware

Insignia platform breached amid ‘unsettling’ super sector cyber attack

Jamaica: Suspects charged in National Commercial Bank (NCB) $47.5 million phishing scam

Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering

Lawsuit filed against Le Mars trucking firm over data breach

Leader of gay furry hacker group has home raided by FBI

Life University Confirms Data Breach Following July 2024 Cybersecurity Incident

LiUNA Announces Data Breach Following Confirmed Ransomware Attack

Longtime ‘Fast Flux’ Evasion Technique Now a National Security Threat

Major Australian superannuation funds targeted in cyberattack, with some customers believed to have savings drained from accounts

Major Cyber Attack Targets Australia's Pension Sector

Major superannuation cyber attack update after 'retirement funds stolen' in co-ordinated security breach

Mass Data Leak of 2.8 Billion X and Twitter User Profile May Have Been Work of Disgruntled Former Employee

Medusa Rides Momentum From Ransomware-as-a-Service Pivot

Medway Community Healthcare still recovering from 'cyber-attack'

Minnesota Tribe Struggles After Ransomware Attack

Nevro Files Notice of Data Breach Affecting Confidential Consumer Information

New PoisonSeed Attacking CRM & Bulk Email Providers in Supply Chain Phishing Attack

North Korean Hackers Disguised as IT Workers Targeting UK, European Companies

NSA and Global Allies Declare Fast Flux a National Security Threat

OPSEC Failure Exposes Coquettte's Malware Campaigns on Bulletproof Hosting Servers

Oracle admits data breach to some clients, investigations underway

Oracle Confirms The Data Breach - Starts Initiating Client Notifications

Pakistan: Government Issues Cybersecurity Warning Following Alleged Oracle Cloud Data Breach

Phishing Campaign Targets Users Of Monex Securities

PoisonSeed phishing campaign behind emails with wallet seed phrases

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

Port of Seattle says 90,000 people impacted in 2024 ransomware attack

Port of Seattle says ransomware breach impacts 90,000 people

Ransomware: The Final Frontier

Royal Mail investigates data leak

Royal Mail Suffers Major Data Breach Involving 144GB of Leaked Files

Russia jails hacker for two years over cyberattack on local tech company

Russian Android users hit with preloaded Triada trojan

Samsung Germany data breach exposes 270,000 customer support records

SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack

State Bar of Texas confirms data breach following ransomware gang's claims

State Bar of Texas Confirms Data Breach Started Notifying Consumers

Super account holders defrauded of hundreds of thousands in cyber attack

Super security fears as customer's disturbing revelation raises questions about when the massive cyber attack that hit five major funds really started

Texas city warns thousands of utility payment site breach

Texas State Bar hit by possible ransomware attack, warns of data breach

The threat of phishing attacks and law enforcement’s role

Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

3rd April - World Cloud Security Day

2024 Ransomware Attack Compromised Data From Highline Schools, Washington

AI coding sounds great, until you realize it breaks, and leaks everything

AI Image Site GenNomis Exposed 47GB of Underage Deepfakes

Alleged Data Leak Targets Indonesian Ministry of Transportation

ALN Medical Management Data Breach Affects Patients of Teledigm Physician Services

Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)

Babuk2 and the dark art of ransomware data commoditisation

Beware fake AutoCAD, SketchUp sites dropping malware

Blogpost Based Phishing: A New Playground for Threat Actors

Building a cybersecurity strategy that survives disruption

Canadian hacker Cottle faces charges after allegedly stealing Texas Republican Party data

Cargills Bank Assures Customers of Security Amid Cyber Attack

Cargills Bank says core operations unaffected by data breach

Chinese hacker behind ransomware attack on MacKay Hospital, others

Chinese hacker targeting hospital identified

CISA warns of Fast Flux DNS evasion used by cybercrime gangs

CISA’s Latest Advisories Expose High-Risk Vulnerabilities in Industrial Control Systems

Class-Action Lawsuit Targets Oracle for Alleged Data Breach

Crooks target Spotify and Apple Music to attack users

CrushFTP Vulnerability Exploited Following Disclosure Issues

Cybercriminals exfiltrate data in just three days

Cybercriminals Offer Access to 'Lucid' Phishing Platform to Target iPhone, Android Phones in 88 Countries

Cybersecurity Leaders, CTS Technology Solutions, Infiltrate Rhysida Ransomware Command Center to Uncover Attack Tactics

DNS Deep Diving Into 2025’s Up and Coming Ransomware Families

EvilCorp and RansomHub Collaborate to Launch Worldwide Attacks on Organizations

Evolve to settle data breach lawsuit for nearly $12M

Gay furry hacker leader ‘raided by FBI’ after Project 2025 details leaked

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Greece: Students eye legal action over alarming data breach

Hacker Claims Twilio’s SendGrid Data Breach, Selling 848,000 Records

Hackers Abuse Cloudflare Services for Sophisticated Phishing Attacks

Hackers Exploit Stripe API for Web Skimming Card Theft on Online Stores

Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware

Hackers target Aussie pensioners in major super fund cyber attack

Hamilton County investigates data breach affecting 14,000 ambulance customers

HellCat Ransomware: What You Need To Know

Hospitals need unified strategy vs ransomware

Hunters International Overlaps Hive Ransomware Attacking Windows, Linux, and ESXi Systems

Hunters International Ransomware Gang Rebranding, Shifting Focus

Hunters International shifting tactics amid growing risks

Hunters International shifts from ransomware to pure data extortion

Infected 4G/5G routers secretly send SMS messages and drain accounts

Iowa Department of Transportation (DOT) Warns Consumers of Text Phishing Scam

Ivanti patches Connect Secure zero-day exploited since mid-March

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)

Jamaica: Major Organised Crime and Anti-Corruption Agency (MOCA) makes two more arrests in phishing scam targeting NCB accounts

Kelly Benefits Notifies Guardian Life Insurance Customers of Data Breach Affecting Their Sensitive Information

Lazarus and other North Korean threats: how hackers steal billions from US companies

Lazarus Group Targets Job Seekers With ClickFix Tactic to Deploy GolangGhost Malware

Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign

Max severity RCE flaw discovered in widely used Apache Parquet

Medusa Ransomware: Evolution of Cyber Extortion

Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

NCC report reveals cyber threats to UK emergency services

Nearly 600 Phishing Domains Emerge Following Bybit Heist

New Phishing Campaign Attacking Investors to Steal Login Credentials

New Phishing Campaign Targets Investors to Steal Login Credentials

North Korean hacker group cashes in on crypto trade

Open-source malware doubles, data exfiltration attacks dominate

Oracle Acknowledges Data Breach and Starts Informing Affected Clients

Oracle privately confirms Cloud breach to customers

Oracle tells clients of second recent hack, log-in data stolen

Over 173,000 people impacted in Tennessee dental care provider breach

Over Half of Attacks on Electricity and Water Firms Are Destructive

Phishers are increasingly impersonating electronic toll collection companies

Phishing Attacks Lead to Theft in the Shipping Industry

Phishing Scams: Here's How To Recognise Them And Keep Yourself Safe

Poland’s prime minister says cyberattack targeted his party as election nears

Putnam Sheriff says student ransomware attack came from out-of-state

Qilin Operators Mimic ScreenConnect Login Page to Deliver Ransomware & Gain Admin Access

RansomHub attack disrupts Minnesota tribal community systems

Ransomware remains the greatest cyber threat to operational technology

Ransomware Report Shows Surge in New Players

Recent GitHub supply chain attack traced to leaked SpotBugs token

Red Piranha Shuts Down Ransomware Gang Targeting Australian Legal Sector

Rhysida ransomware group claims major data theft from Forrest City School District

Royal Mail Investigates Cyber-attack Claim of 144GB Leaked Data

Royal Mail investigates potential data breach following leak of 144GB of stolen data

Royal Mail investigating possible data breach after supplier targeted

Russia captures Ukraine drone infected with malware

Scam Kill Chain – what is it, and how can it help fight cybercrime?

Scammers stealing tax returns from thousands of Americans

Securing critical infrastructure: The path to phishing-resistant authentication

Sensitive Data Breached in Highline Schools Ransomware Incident

Sensitive Data From Parking Payment Platform Allegedly Leaked

Sophisticated QR Code Phishing Attack Targeting Microsoft 365 Users to Steal Logins

Suspected Russian Cyber Attack Hits Ukraine’s State Railway Operator Ukrzaliznytsia, Disrupting Operations

Texas State Bar warns of data breach after INC ransomware claims attack

Thailand Post Data Breach: 19 Million Customer Records Allegedly for Sale on Dark Web

The Evolution of Smishing: 3 Ways to Detect and Prevent Attacks

The Social Security data breach compromised 'billions' of accounts. Here's how to protect yourself

Threat Actor Claims to Sell Sensitive Information Belongs to BajajCapital

Threat Actors Allegedly Selling SnowDog RAT Malware With Control Panel on Hacker Forums

Threat actors leverage tax season to deploy tax-themed phishing campaigns

TikTok set to face €500 million fine over EU data breach to China

Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices

Trump’s Signalgate proves, once again, that human error is still the number one cybersecurity threat

UK Announces Stricter Cyber Reporting Rules for Critical Infrastructure

UK’s Royal Mail investigates major data breach

US, Australia, Canada warn of ‘fast flux’ scheme used by ransomware gangs

Verizon Call Filter leaks call records, exposing millions of Americans

Warning: QR Code Phishing (Quishing) Becoming Increasingly Stealthy

Watch Out Louisiana – A Massive Data Breach of Elon Musk’s X Could Leave You Exposed

2nd April

5 Questions CISOs Should Ask Third-Party Vendors

All organizations are vulnerable to browser ransomware. Here's why

Alleged Access to Mexican Territorial Operating System Exposes Thousands of Records

Alleged Data Breach of Thailand Post Exposes 19M Records

ALSO Cloud UK highlights need for robust, proactive cybersecurity measures against ongoing ransomware threats

Apple Backports Zero-Day Patches to Older Devices in Latest Security Update

Balancing data protection and clinical usability in healthcare

Be Alert to Investor Risks from SMS Phishing Scams

Boosting Cyber Attack Resilience with an Optimized Simulation Training Approach

Browser-Native Ransomware Adds to Threat Risks

Bybit Heist Fuels Record Crypto-Theft Surge

Canon Printer Drivers Flaw Could Let Hackers Run Malicious Code

Check Point plays down impact of alleged breach

China’s FamousSparrow APT Hits Americas with SparrowDoor Malware

Cisco warns of CSLU backdoor admin account used in attacks

Clicked on a phishing link? Take these 7 steps ASAP to protect yourself

Counterfeit Android devices found preloaded With Triada malware

Crimelords at Hunters International tell lackeys ransomware too 'risky'

Cybersecurity is the second highest business concern for SMBs

Devastating security failure hits “Gay Daddy” dating app: 50K users exposed

DragonForce Claims to Be Taking Over RansomHub Ransomware Infrastructure

Evolving strategies essential amidst AI-driven cyber threats

FIN7 Deploys Anubis Backdoor to Hijack Windows Systems via Compromised SharePoint Sites

For healthcare organizations, disaster recovery means making sure doctors can save lives during ransomware infection

“Gay Furry Hacker” Group Leader Has Allegedly Been Raided and Arrested by the FBI

Genetic data site openSNP to close and delete data over privacy concerns

GitHub expands security tools after 39 million secrets leaked in 2024

Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse

Google is making sending end-to-end encrypted emails easy

Google simplifies end-to-end encrypted emails for businesses on Gmail

Gray Bots Surge as Generative AI Scraper Activity Increases

Hacker claims over 200 million X users data leaked

Hacker Leaks 144GB of Royal Mail Group Data, Blames Supplier Spectos

Hacker Leaks 270,000 Samsung Customer Records - Stolen Credentials Were Left Unchecked for Years

Hacker linked to Oracle Cloud intrusion threatens to sell stolen data

Hacker Steals $5.4M from zkLend - Then Gets Scammed

Hackers are using QR codes to steal your login info – and it’s working

Hackers steal even micro crypto tokens as $70M theft hits UPCX

Hamilton County investigates data breach affecting 14,000 ambulance customers

Houston Housing Authority reports data breach affecting over 30,000 Texans

Huge data breach sees 50,000 profiles LEAKED from 'Gay Daddy' dating app - exposing users' names, private photos, and HIV status

Information Commissioner’s Office (ICO) Apologizes After Data Protection Response Snafu

Information Commissioner’s Office (ICO) Fines Advanced Computer Software Group £3 Million Following Ransomware Attack

Karl Malone Auto Group Files Notice of Recent Data Breach

'Largest breach ever': Massive data breach at Musk's X leaks over 200 million users' email addresses, photos and more

Latest Ivanti bug, paired with malware, earns an alert from CISA

Malaysian Airport's Cyber Disruption a Warning for Asia

Malicious IPs suddenly started scanning PAN-OS firewalls

Massive 2.9B-user Twitter leak less serious than feared

Microsoft Teams, other tools exploited in new vishing scam

MSPs remain targets for ransomware attacks

National Presto Industries claimed to be compromised by InterLock ransomware gang

Native tribe in Minnesota says cyber incident knocked out healthcare, casino systems

New Malware Loaders Use Call Stack Spoofing, GitHub C2, and .NET Reactor for Stealth

North Korea's Fake IT Worker Scheme Sets Sights on Europe

North Korean IT worker scam spreading to Europe after US law enforcement crackdown

North Korean IT workers set their sights on European organizations

Only 1% of malicious emails that reach inboxes deliver malware

Oracle Staff Tell Some Clients Hacker Stole Login Credentials

Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers

Pennsylvania Bankers warns consumers of uptick in phishing scams

Prince Ransomware – An Automated Open-Source Ransomware Builder Freely Available on GitHub

QR Code Phishing (Quishing) Attacks Your Smartphones To Steal Microsoft Accounts Credentials

Ransomware Is a Core Threat Across 93% of Industries – Resilience Key

Romanian Security Firm Allegedly Breached Affecting 586K Customers

Royal Mail confirms cyber attack resulting from third-party provider Spectos

Royal Mail Investigates Data Breach Affecting Supplier

Royal Mail investigates data leak claims, no impact on operations

Steam Surges to Top of Most Spoofed Brands List in Q1

Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities

Stripe API Skimming Campaign Unveils New Techniques for Theft

The Siegel Group Announces Data Breach Following Early 2025 Cyberattack

This Is the Most Damaging Cyber Attack in History

Threat actor using vishing, MS QuickAssist and Teams can potentially drop ransomware

Top Data Breaches of March 2025

Top gig platform service may have leaked over 14 million user files

Trump’s national security adviser reportedly used his personal Gmail account to do government work

Two ransomware incidents highlight how attackers target security blind spots

Verizon Call Filter API flaw exposed customers' incoming call history

What Are The Most Scammed Brands of 2025 So Far?

What business leaders need to know about the Cyber Security and Resilience Bill

When it comes to security, public Wi-Fi could be a risky choice for commuters worldwide

Who’s driving ransomware’s accelerated growth in 2025

Why banning ransomware payments is only a limited fix

World Cloud Security Day: The Growing Threat of Ransomware & Data Breaches

X Breach: Here's what hackers can do with the leaked information

Years-old login credential leads to leak of 270,000 Samsung customer records

Your smart home may not be as secure as you think

ZkLend Hacker Loses Stolen ETH to Phishing Scam

1st April

173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach

A Crypto Disaster: zkLend Hacker Loses 2,930 Stolen ETH to Fake Tornado Cash - The Shocking Details Revealed

AI has ushered in a new kind of hacker

Akira Ransomware Group Claims Cyberattack on Spain’s STE Group and Exfiltrating 30GB of Data

Alleged Schneider Electric data posted following November ransomware incident

Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices

Apple backports zero-day patches to older iPhones and Macs

Attackers are probing Palo Alto Networks GlobalProtect portals

Australia: 13cabs may have suffered a major data breach

Australia: New South Wales police investigating online court registry data theft

Baiting for small fish or a whale: Here is how scammers customise their phishing attacks to steal money

California Cryobank faces class action suit over 2024 data breach

Canon CVE-2025-1268 Vulnerability: A Buffer Overflow Threatening Printer Security

Check Point Acknowledges Data Breach, Claims Information is ‘Old’

Check Point Data Breach: Big Deal or Big Bluff?

Check Point denies severity of alleged data breach amid hacker claims

China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions

Chord Specialty Dental Partners Data Breach Exposes Customer Personal Data

ClickFix technique leveraged in new crypto-targeted Lazarus attacks

Coinbase security under fire after $46M phishing attacks

Coinbase Users Hit by $46M in Phishing Scams

Companies battle rising ransomware threats

Critical auth bypass bug in CrushFTP now exploited in attacks

Cyber attack impacts operations at South Africa's top poultry supplier Astral Foods

Cyber Security and Resilience Bill Will Apply to 1000 UK Firms

Cybercriminals Expand Use of Lookalike Domains in Email Attacks

Cybersecurity Breach at Capilano University (CapU)

Digital disruptions continue for Russian transportation, this time at state railway

Don’t take the bait: Essential tips to protect your business from phishing

Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform

Even more active North Korean IT workers now targeting Europe

Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon

FBI investigating cyberattack at Oracle

Federal Trade Commission (FTC) head says 23andMe genetic data safe in wake of bankruptcy sale

Former GCHQ Intern Pleads Guilty to Smuggling Top Secret Data

Generative AI Is reshaping financial fraud. Can security keep up?

Gig platform app Yoojo leaks millions of user files

Global iOS, Android SMS phishing facilitated by Lucid PhaaS platform

Google rolls out easy end-to-end encryption for Gmail business users

Google says easy email encryption is on the way - for some users

Google to Switch on End-to-End Encryption (E2EE) for All Gmail Users

Hacker Claims Breach of Check Point Cybersecurity Firm, Sells Access

Hacker falls victim to phishing scam after exploiting ZkLend for millions

Hacker Loses 2,930 ETH to Phishing While Laundering via Tornado Cash

Happy 21st Birthday, Gmail! Google’s Present to Enterprise Gmail Users: End-to-End Encryption

Help! I clicked on a phishing link - now what?

Hong Kong: Fashion firm found at fault for data breach

How cybercriminals exploit AI for April Fool’s day phishing scams

How to build an effective cybersecurity simulation

How to talk to your family and friends about online security - before it's too late

I Froze My Kids' Credit After a Data Breach. Here's Why You Should Too

Infostealer malware poses potent threat despite recent takedowns

Lawmakers warn of impact Department of Health and Human Services (HHS) firings will have on medical device cybersecurity efforts

LensDeal Data Breach Exposes 100,000 Customers’ Personal Information

Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing

Man charged after cyber attack saw terror messages displayed at train stations

Man, 36, is charged over Network Rail 'cyber attack' at 19 railway stations after passengers logging onto public wi-fi were shown 'terror messages'

Massive 400GB X (Twitter) Data Leak Surfaces on Hacker Forums

Meerkat Mayhem: Phishing-as-a-Service Unleashed

Microsoft Teams Vishing Used to Deploy Malware via TeamViewer

Morphing Meerkat leads sophisticated phishing operation

Moscow Metro Digital Outage: Alleged Cyberattack or Technical Failure?

Moscow Metro targeted in likely retaliatory cyberattack

Most Phishing Emails Rely Purely on Social Engineering

Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign

New Phishing Attack Combines Vishing and DLL Sideloading Techniques

New York University (NYU) hit with 10 class action lawsuits following data breach

North Korea home to multiple threat actors, not just Lazarus

North Korean IT worker army expands operations in Europe

Ongoing Gamaredon phishing campaign targets Ukraine with Remcos RAT

Oracle Cloud Data Breach Claims Surface Despite Company Denials

Oracle Health data breach possibly compromised millions of patients' data

Oracle Hit with Lawsuit Over Alleged Cloud Breach Affecting Millions

Oracle warns customers of health data breach amid public denial

Over 200 Million X User Records Allegedly Leaked Online

Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign

Phishing scams caused €5.6 million in damage in 2024

Phishing Twist: zkLend Hacker Being Scammed 2,930 ETH

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream

Ransomware Never Disappeared - and in 2025, It’s Worse Than Ever

Researchers are warning Android users about Crocodilus banking Trojan

Royal Mail customer data stolen in massive attack, hackers claim

Royal Mail suffers alleged data breach as threat actor claims 144GB stolen

Russia tightens cybersecurity measures as financial fraud hits record high

Samsung Germany customer data exposed in credential breach linked to third-party vendor

Security Firm Reveals Voice Phishing Attack Targeting Microsoft Teams

SIR.trading begs hacker to return $255K or ‘no chance for us to survive’

Someone stole the stolen money from ZKLend

Tables Turned: zkLend Hacker Scammed Out of Millions

Tax scams intensify ahead of tax filing deadline

The human side of insider threats: People, pressure, and payback

UK: Man charged over train station cyber attack

UK GDPR Regulator Fines Data Processor After Ransomware Attack

UK sets out new cyber reporting requirements for critical infrastructure

Ukraine Blames Russia for Railway Hack, Labels It "Act of Terrorism"

What Really Happens in a Data Breach (and What You Can Do About It)

Why delaying software updates is a terrible idea

Why global tensions are a cybersecurity problem for every business

Why multi-factor authentication is absolutely essential in 2025

Why no small business is too small for hackers - and 8 security best practices for SMBs

Why paying the ransom is not the answer

Will using a VPN help protect you from malware or ransomware?

World Backup Day: Why Human Error Remains the Biggest Threat to Data Protection

WP Ultimate CSV Importer Flaws Expose 20,000 Websites to Attacks

ZkLend exploit backfires as hacker loses $9.6 million in ETH to phishing scam

zkLend hacker claims losing stolen ETH to Tornado Cash phishing site

zkLend Hacker Gets a Taste of Instant Karma: $5.4M in Stolen ETH Lost to Phishing Scam

ZkLend Hacker Gets Hacked: Loses $5.4M Stolen ETH in Phishing Scam

zkLend hacker loses all 2,930 stolen ETH to TornadoCash phishing scam

31st March - World Backup Day

65% of the 100 largest US hospitals and health systems have had a recent data breach

200 Million X User Records Released - 2.8 Billion Twitter IDs Leaked

A fake Zoom app is spreading – and it’s harvesting your data

A ransomware attack through an IP camera

ABYSSWORKER: Malicious driver disables security tools

API testing firm APIsec exposed customer data during security lapse

Belgium: Reports of phishing down sharply in 2024

Beware! A Fake Zoom Installer Drops BlackSuit Ransomware on Your Windows Systems

Bitdefender Threat Debrief: March 2025

British intel intern pleads guilty to smuggling top secret data out of protected facility

Bromley man accused of cyber attack on trains to 'incite religious hatred'

Browser-native ransomware threat examined

Canadian hacker arrested for allegedly stealing data from Texas Republican Party

CISA Details New Malware Used in Ivanti Attacks

CISA reveals new malware variant used on compromised Ivanti Connect Secure devices

CISA warns new malware targeting Ivanti zero-day vulnerability

CISA, FBI warn healthcare, other critical sectors about Medusa ransomware

ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers

ClickFix Captcha – A New Technique Hackers Used to Deliver Infostealers, Ransomware, & Quakbot Malware

Clop ransomware admits Sam’s Club compromise

Coinbase users hit by $46M in suspected phishing scams

Coinbase Users Lose $46M in Crypto Phishing Scams

Coinbase Users Report Millions Lost to Phishing Scams in March

Coinbase Users Suffered $46 Million Loss from Phishing Scams in March 2025

Coinbase Victim of Latest Phishing Scam, Users Lose over $46 Million

Contractor Brighton Australia listed on SafePay’s ransomware leak site

Cryptocurrency Caper: Notorious Hacker Falls Prey to Elaborate Scam - Mystery Unravels in $9.6 Million Heist!

Daisy Cloud Hacker Group Exposed 30K Login Credentials Across a Wide Range of Services

Data breach at Oracle Health leads to extortion of hospitals

Department of Justice (DOJ) charges hacker for 2021 Texas GOP website defacement

Ex-GCHQ employee pleads guilty to secret data breach risking national security

Ex-GCHQ intern admits risking national security with data breach

Fake Zoom installer tries to trick users into installing dangerous ransomware – here’s how to stay safe

Federal Trade Commission (FTC) says 23andMe purchaser must uphold existing privacy policy for data handling

Find out what to do in the event of a cyber attack on your business

Former GCHQ intern admits top secret data breach risking national security

Gen Z’s Rising Susceptibility to Social Engineering Attacks

GenAI turning employees into unintentional insider threats

Georgia Urology Notifies Patients of Data Breach Following Compromised Employee Email Accounts

Hacker Leaks Samsung Customer Data

Hacker linked to Oracle Cloud intrusion threatens to sell stolen data

Hacker Tactics: Exploiting Edge Devices, Missing Multifactor

Hackers abuse WordPress Must-Use Plugins (MU-Plugins) to hide malicious code

Hackers broke Google’s AI. Here’s how they did it

Hackers Distributing Phishing Malware Via SVG Format To Bypass File Detection

Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images

Hong Kong: Data breach of 128,000 'due to system fix and neglect'

How to recognize and prevent deepfake scams

KnowBe4 Report Finds Polymorphic Phishing Features Present in 76.4% of Campaigns

Latest gambit for Gamaredon: Fake Ukraine troop movement documents with malicious links

Lyon Living Files Notice of Data Breach; Sends Notification Letters to Victims

Major dating app data breach may have exposed 1.5 million private user images online

Morphing Meerkat phishing kits exploit DNS MX records

Moscow subway app and website disrupted in possible retaliation for Ukraine railway hack

National Cyber Security Centre (NCSC) Urges Users to Patch Next.js Flaw Immediately

National Defense Corporation victim of ransomware attack; discloses breach and declines to pay any ransom

New Android Banking Trojan Targets More Than 750 Financial and Crypto Apps

New Malware Variant RESURGE Exploits Ivanti Vulnerability

New phishing attack uses real-time interception to bypass 2FA

New phishing scam outsmarts security codes to steal your info

North Korean hackers adopt ClickFix attacks to target crypto firms

Only 2-5% of application security alerts require immediate action

Oracle buried serious data breach from customers, now hacker has it up for sale

Oracle hid serious data breach from customers, now hacker has it up for sale

Oracle under fire for its handling of separate security incidents

Oracle warns health customers of patient data breach

Phishing Attacks Shift to More Subtle Enticements

Phishing Emails Aren't as Obvious Anymore. Here's How to Spot Them

Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks

Phishing Tests in the Workplace: Does Fear Truly Drive Awareness?

Ransomware crews add 'EDR killers' to their arsenal – and some aren't even malware

Resilience in the face of ransomware: A key to business survival

Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine

Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp

Sam’s Club investigates possible Cl0p ransomware breach

Sam’s Club investigating possible Clop ransomware breach

Samsung in trouble: data of 270,000 customers dumped online

SimonMed confirms data breach

SquareX warns of rising browser-native ransomware threat

Thousands of subscribers affected in Nine-owned news masthead data breach

Ukraine: Organizers of cyber attack on JSC Ukrzaliznytsia (UZ) don’t receive personal data of passengers, info about military cargo

United Domestic Workers of America Sends Out Data Breach Letters Following Apparent Cyberattack

University of Michigan athlete sues school, former assistant coach over private image data breach

US Seizes $8.2m from Romance Baiting Scammers

Walmart’s Sam’s Club claimed by Cl0p ransomware gang

Was Check Point hacked? Security firm calls ransom demands old news

Weaponized Zoom Installer Used by Hackers to Gain RDP Access and Deploy BlackSuit Ransomware

Why no business is too small for the cyber criminals

World Backup Day: Why Backup Isn't Enough in the Age of AI and Data Exfiltration

Posted by at
Labels:
Subscribe to: Posts (Atom)