Editor's Message

Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and PRiSM celebrated it's 2nd anniversary. Little did I know when I started both of these ventures just how much an impact they would have on my life and I'd like to thank each and everyone of you who have supported me over the years, with a special thanks to those individuals who have kindly shared their knowledge with me, and continue to do so. Thanks again for your support. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC


Home is where the hack is.

Monday, 17 March 2025

Data Breaches Digest - Week 12 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 17th March and 23rd March 2025.


18th March

Ascom affected by cyber attack

17th March

£1 Million Lost as UK Social Media and Email Account Hacks Skyrocket

AI Module Security Flaws in Drupal: MyCERT Urges Immediate Patching

AI-supported spear phishing threatens APAC e-commerce

All your Alexa recordings will go to the cloud soon, as Amazon sunsets Echo privacy

Alleged LockBit developer extradited to the US

Amazon’s Controversial Change to Echo’s Privacy Settings Takes Effect Soon

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

As Medusa Ransomware Attack Surges, FBI Issues Critical Warning to Gmail & Outlook Users

Automated brute forcing tool leveraged in Black Basta ransomware intrusions

BlackLock Ransomware Hacked 40+ Organizations Within Two Months

BlackLock Ransomware Strikes Over 40 Organizations in Just Two Months

Brydens Lawyers investigating cyber incident that compromised client data

Bumble heightens safety measures with new ID verification feature

Chinese threat actor resided in US electric grid for almost one year

Coinbase users received mass-phishing emails from scammers over the weekend

Critical RCE flaw in Apache Tomcat actively exploited in attacks

Customers of “China‘s Amazon” had their passwords stolen, hackers say

Cyber ransomware: A growing threat in the digital age

Cyberattacks on Major Consumer Brands in 2024: Key Takeaways

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions

Cybersecurity Officials Warn Against Potentially Costly Medusa Ransomware Attacks

DeepSeek can develop malware, cyber experts are sharing the risks

Department of Government Efficiency (DOGE) staffer violated Treasury rules by emailing unencrypted personal data

Do you use Gmail or Outlook? FBI, CISA issue warning about Medusa ransomware

Don’t Take the Bait: Coinbase & Gemini Exchange Users Targeted by Phishing Attack

FBI and CISA warn of a new wave of ransomware attacks

FBI has a ‘hacker’ warning for Gmail, Microsoft Outlook users

FBI issues national security warning to Gmail, Outlook email users

FBI Issues urgent warning: Secure your Gmail against rising ransomware & hacking threats

FBI Issues Warning: Scammers Target Gmail and Outlook Users with Deceptive Ransom Demands

FBI issues warning to Gmail, Outlook users about recent ransomware attacks

FBI Sounds Alarm on Medusa Ransomware Cyberattack: Here's How Organizations Can Protect Themselves

FBI Warning Issued for Medusa Threat: Everything You Need to Know

FBI warns Gmail, Outlook, and VPN users as Medusa ransomware attacks escalate

FBI, CISA Issue Warning To Gmail, Outlook And VPN Users About Medusa Ransomware Scheme

FBI, CISA Sound Alarm on Medusa Ransomware Surge

February 2025 reports record spike in ransomware attacks

Fog ransomware group claims a major data theft from radiology firm UDMI's systems

GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

GitHub project maintainers targeted with fake security alert

Gmail Users Get Urgent Warning From FBI As Hackers Spread Ransomware Attack

Google may also have received a Technical Capabilities Notice (TCN) from the UK government

Hackers are exploiting Fortinet firewall bugs to plant ransomware

Hackers claim major Chinese online shopping platform Taobao

Hackers claim they’ve breached Orange and have “very detailed” information

Hackers exploit fake audio issues to spread malware in virtual meetings

Here’s how to win the ransomware battle

How Economic Headwinds Influence the Ransomware Ecosystem

Identities of 12 million people in France potentially leaked in cyberattack: how to protect yourself

Indian CERT Flags Severe Vulnerabilities in Rising Technosoft Software

Infosys agrees to pay US$17.5 Million in data breach settlement

Investigation launched into Fakenham council's data breach

Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials

Jaguar Land Rover Hit by HELLCAT Ransomware Using Stolen Jira Credentials

Lehigh Valley Health Network Agrees to Pay $65 Million Class Action Settlement to Patients after Ransomware Attack

LockBit ransomware developer extradited to the US

LockBit ransomware developer extradited to the USA

Malicious Code Hits ‘tj-actions/changed-files’ in 23,000 GitHub Repos

Mandatory Cyber Extortion Reporting: Why We Need It Now

Medusa Ransomware Hits Critical Infrastructure

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Merkur Information Leak Raises Concern Over Data Protection

Microsoft 365 accounts are under attack from new malware spoofing popular work apps

Microsoft 365 environments exploited in business email attacks

'Mora_001' ransomware gang exploiting Fortinet bug spotlighted by CISA in January

New Akira Ransomware Decryptor Leans on Nvidia GPU Power

New decryptor targets Akira ransomware with GPU technology for Linux systems

New Phishing Scam Targets Coinbase, Gemini Users, Urging Transition to Self-Custody Wallets

New RAT malware used for crypto theft, reconnaissance

OKX Suspends DEX Aggregator After Lazarus Hack Attempt

OKX suspends DEX aggregator after Lazarus hackers try to launder funds

One of the most powerful ransomware hacks around has been cracked using some serious GPU power

OpenAI's AI Agent Exploitable in Phishing

Over 120,000 patients impacted in Florida hospital data breach

Phishing and data leaks: the biggest digital threats

Phishing campaign attacks 12,000 GitHub users with rogue OAuth app

Phishing campaign targets 12,000 GitHub repositories with fake security alerts

Ransomware hits record high, Australia among top targets

Researcher releases free GPU-Based decryptor for Linux Akira ransomware

Researchers Confirm BlackLock as Eldorado Rebrand

Rise in Phishing Attacks Fuels Growth in Passwordless Security

Scammers Impersonate Cl0p Ransomware in Fake Extortion Schemes

Scammers Pose as Cl0p Ransomware to Send Fake Extortion Letters

Secret-printing code, phishing attempts flagged on GitHub

Security Database Aims to Empower Non-Profits

SingCERT Alerts Public on Fraudulent Emails Impersonating Cyber Security Agency of Singapore (CSA) and Singapore Police Force (SPF)

SocGholish Exploits Compromised Websites to Deliver RansomHub Ransomware

SocGholish Leveraging Compromised Websites To Deploy RansomHub Ransomware

Sperm bank California Cryobank confirms data breach

Supply chain attack on popular GitHub Action exposes CI/CD secrets

Temu’s sister company allegedly hit by ransomware, 700 Million users at risk

Texas man faces prison for activating ‘kill switch’ on former employer’s network

TFE hotels group suffers severe operational disruption following a cyber attack

Threat actors rapidly exploit new Apache Tomcat flaw following PoC release

TikTok rolls out a ‘Security Checkup’ tool to help users secure their accounts

Tj-actions Supply Chain Attack Exposes 23,000 Organizations

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

Upstate school district remains offline after data breach

US extradites alleged LockBit developer

US Legislators Demand Transparency in Apple's UK Backdoor Court Fight

Warning! FBI Alerts Gmail, Outlook Users of Sneaky New Hacker Trick

Weirdest Threat Group Names: The Funny, Scary and Just Plain Weird

Why SharpRhino Malware is Leaving Victims Thunderstruck

Widespread Coinbase phishing attack uncovered

Thursday, 13 March 2025

Ransomware Operator Claims - Week 10 2025

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 3rd March and 9th March 2025, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.


Monday, 10 March 2025

Data Breaches Digest - Week 11 2025

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 10th March and 16th March 2025.


16th March

A hacker threatens to sell the bank data of millions of free subscribers

A ransomware attack hit the Micronesian state of Yap, causing the health system network to go down

AI and the Dark Art of Social Engineering

Akira ransomware can be cracked with sixteen RTX 4090 GPUs in around ten hours — new counterattack breaks encryption

Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts

FBI Warning - Gmail, Outlook And VPN Users Need To Act Now

Follow these 5 steps to protect your NAS against ransomware and keep your data safe

How hackers take over WhatsApp accounts and ways to stop them

Israeli-Russian hacker extradited to US over global ransomware attacks

LockBit Developer Rostislav Panev Extradited from Israel to the US

Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts

Medusa Ransomware cyberattacks grow as FBI issues warning. How to stay protected

Officials warn against dangerous Medusa ransomware attacks. Here's how to stay protected

Seven members of voice phishing group arrested after fleeing to South Korea

SlowMist Uncovers Sneaky LinkedIn Phishing Scam Draining Crypto Wallets

15th March

12 Computer Hacking Myths You Need To Stop Believing

AI driving cybercrime to 'extraordinary new heights'

Coinbase Users Targeted in Sophisticated Phishing Scam Posing as Wallet Migration

Cybersecurity in Crypto: Best Practices to Prevent Theft and Fraud

Cybersecurity officials warn against potentially costly Medusa ransomware attacks

Cybersecurity officials warn of ransomware targeting users of email services

Dark storm team claims responsibility for cyber attack on X platform – What it means for the future of digital security

FBI issues urgent warning to users of Gmail, Outlook and VPN over sinister ransom threat

FBI issues warning to Gmail, Outlook users

FBI Urges Immediate Action Against Medusa Ransomware Threats

FBI Warns Gmail, Outlook Users About Data Stealing Scheme That Asks for a Ransom - Here’s How to Stay Protected

FBI, CISA warn 1.8 Billion Gmail accounts at risk from Medusa ransomware

Infosys settles $17.5 million class action over US cyberattack, data breach

Jamaica: 12 persons now in custody in connection with $47.5 million National Commercial Bank (NCB) phishing scam

Lingnan University data breach exposes thousands of internal documents

Malicious PyPI Packages Stole Cloud Tokens - Over 14,100 Downloads Before Removal

New Akira ransomware decryptor cracks encryptions keys using GPUs

Russian-Israeli National Extradited to U.S. for Role in LockBit Ransomware Conspiracy

Sri Lanka’s financial phishing cases spike in 2024

14th March

3 Ivanti flaws added to CISA’s vulnerabilities catalogue

94% of Wi-Fi networks lack protection against deauthentication attacks

98% Spike in Phishing Campaigns Leveraging Russian (.ru) Domains

220,968 Americans Exposed As Major Data Breach Leaks Names, Addresses, Social Security Numbers, Medical Records and More

Accused LockBit ransomware developer extradited to the US

Advisory warns of Medusa ransomware activity

AI agents can be hijacked to write and send phishing attacks

AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware

Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges

Alleged LockBit Ransomware Developer Extradited to U.S. to Stand Trial

Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court

Amazon Web Services’ Simple Notification Service (AWS SNS) Exploited for Data Exfiltration and Phishing Attacks

Apple-UK Encryption Saga Continues: British Officials’ Clarification & US Officials’ Warning

Australian Securities and Investments Commission (ASIC) alleges FIIG’s security lapses led to massive data breach

Beware That Email From Booking.com: It Could Be a Phishing Scam

Biggest Cyber Threats to the Healthcare Industry Today

Black Basta Ransomware Attack Edge Network Devices With Automated Brute Force Attacks

Booking.com scammers unleash credential-stealing malware havoc against hosts

Brute Force & Stolen Credentials Driving Surge in Ransom Attacks

Chinese Hackers Targeted US Utilities Provider - Infrastructure Attacks on the Rise

Cisco IOS XR vulnerability lets attackers crash BGP on routers

Coinbase phishing email tricks users with fake wallet migration

College Hospital Costa Mesa Files Notice of Data Breach with California Attorney General

Cyber Attack at Raymond: IT Teams, Authorities Probe Massive Breach

Cyber attack on North Carolina nursing facility impacted over 100,000 patients

Cyber leaders must prepare quantum security now, research finds

Cyber threats surge in 2025 as Coalition highlights rising risks and new trends

Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director

Data Breach Compromises New Hampshire School District's Vendor Info

Decrypting Akira Ransomware on Linux/ESXi Without Paying Hackers

Decrypting Linux/ESXi Akira Ransomware Files Without Paying Ransomware

DeepSeek R1 Jailbreaked to Create Malware, Including Keyloggers and Ransomware

DeepSeek’s chatbot can be used to generate ransomware and keylogger

Europe's telecoms sector under increased threat from cyber spies, warns Denmark

FBI issues warning to all Gmail users

FBI warns Gmail users about growing ransomware threat

FBI warns Gmail users about ransomware attack

February 2025 Was The Worst Month in Ransomware History

February was the worst month on record for ransomware attacks – and one threat group had a field day

Forescout details SuperBlack ransomware exploiting critical Fortinet vulnerabilities

Fort St. John to give residents extra time for utility bill payments after cyber attack

Fraudsters Impersonate Clop Ransomware to Extort Businesses

Ganong in St. Stephen hit by ransomware cyber attack

Google refuses to deny it received encryption order from UK government

Hackers Using Deepfake Videos of YouTube’s CEO to Steal Creators’ Account Credentials

Harris County Toll Road Authority tells drivers to stay wary of scam texts asking for toll payments

Hospital, law enforcement thwart ransomware attempt

Hospitality businesses at risk of phishing campaign impersonating Booking.com

Hospitality Sector Targeted By Ongoing ClickFix Phishing Campaign

Hoteliers Warned of Phishing Campaign Impersonating Booking.com

How to not get caught in a phishing attempt

Infosys to pay $17.5 million to settle data breach case in Business Process Management (BPM) unit

Jamaica: Eight more people arrested in relation to $47.5 million National Commercial Bank (NCB) phishing scam

Kansas healthcare provider Sunflower Medical Group reports major data breach

LockBit developer extradited to United States

LockBit Ransomware Developer Extradited to US

LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

Lower Kuskokwim School District (LKSD) reveals thousands of students and staff affected by PowerSchool data breach

Malware's AI time bomb

Microsoft exposes phishing scam targeting Booking.com hosts

Microsoft warns hotels of phishing campaign

New Android spyware serves your data to North Korean hackers on a silver platter

New Cyber Attack Targets PyPI Users to Steal Cloud Tokens and Sensitive Data

New kids on the ransomware block channel Lockbit to raid Fortinet firewalls

New malware lurking in pirated software website steals crypto

New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions

New Microsoft 365 Phishing Scam Tricks Users Into Calling Fake Support

New ransomware gang shows LockBit link

OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection

Ongoing Cyber Attack Mimic Booking.com to Spread Password-Stealing Malware

OpenAI’s Operator AI agent can be used in phishing attacks, say researchers

Phishing Campaign Impersonates Booking.com, Plants Malware

Phishing campaign impersonating Booking.com targeting UK hospitality

Preparing for the Realities of a Ransomware Confrontation

Ransomware attack on Community Care Alliance compromised 2.5TB of sensitive patient data

Ransomware attack takes down health system network in Micronesia

Ransomware Attacks Soared to New Heights Last Month

Ransomware Developer Extradited, Admits Working for LockBit

Ransomware gang creates tool to automate VPN brute-force attacks

Ransomware scheme uses Gmail, Outlook, other email to extort sensitive info

Reading the Data Breach Tea Leaves: Preventing Data Exfiltration Before it Happens

Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks

Report on ransomware attacks on Fortinet firewalls also reveals possible defenses

SocGholish’s Intrusion Techniques Facilitate Distribution of RansomHub Ransomware

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

SuperBlack ransomware used to exploit Fortinet vulnerabilities

Suspected LockBit ransomware developer extradited to United States

Suspected LockBit Ransomware Developer Extradited to US

Swiss exhibition stand builder Syma hit by ransomware attack

Symantec Demonstrates OpenAI’s Operator Agent in PoC Phishing Attack

Tata Technologies data leaked by ransomware group on the dark web

Thai businesses most targeted in ASEAN for financial phishing

The Role of Advanced Technologies in Ransomware Recovery

Thousands of healthcare records exposed online, including private patient information

Threat Actor Impersonates Booking.com in Phishing Scheme

Threat Actor Tied to LockBit Ransomware Targets Fortinet Users

Top 5 threats keeping CISOs up at night in 2025

U.S. Charges LockBit Ransomware Developer in Cybercrime Crackdown

UK Faces Pressure to Lift Secrecy on Apple Encryption Court Battle

United States Charges Developer of LockBit Ransomware Group

Update Your iPhone Now to Fix Safari Security Flaw

US government warns Medusa ransomware has hit hundreds of critical infrastructure targets

Vulnerable Fortinet Firewalls Subjected To New LockBit-Linked Intrusions

Warning to South Africans with banking apps on their phones

What Do You Get When You Hire a Ransomware Negotiator?

Why Channel Partners are Critical for Cybersecurity

13th March

222 Ransomware Attacks Reported in Japan in 2024

240 million Windows 10 users are vulnerable to six different hacker exploits - protect yourself now

Alleged Data Breach Exposes Indian Voter Information on Dark Web

Apple’s appeal against UK’s secret iCloud backdoor order must be held in public, rights groups urge

Australia: New South Wales (NSW) law firm Brydens Lawyers at the centre of major cyberattack and data breach

Australia regulator sues FIIG Securities for cybersecurity failures

Australian financial firm hit with lawsuit after massive data breach

Babuk Locker 2.0: The New Ransomware Affiliate Program

Berkeley Research Group suffers data breach

Brazilian Bank Sicoob Allegedly Breached by Threat Actor

Calls grow for UK to move secret Apple encryption court hearing to public session

CISA issues advisory on Medusa ransomware as over 300 entities suffer attacks

CISA issues warning over Medusa ransomware after 300 victims from critical sectors impacted

CISA, FBI Issue Medusa Ransomware Advisory

CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure

CISOs, are your medical devices secure? Attackers are watching closely

ClickFix attack delivers infostealers, RATs in fake Booking.com emails

‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality

Crypto wallet manufacturers are now helping fix each other's vulnerabilities

Cyber attack exposes security problem at X

Cybersecurity Advisory Seeks to Defuse Medusa Ransomware Threat

Denmark raises the cyber threat level for telecommunications due to Russian espionage

Digitel Venezuela Allegedly Targeted 7 Million Records Exposed

FBI and CISA Urge Enabling 2FA to Counter Medusa Ransomware

FBI issues warning to all Gmail users over attack hijacking accounts

FBI Warning - Enable 2FA For Gmail, Outlook And VPNs Now

February sets record for highest number of ransomware attacks ever reported

Federal Trade Commission (FTC): Top scams in 2024 led to $12.5 Billion in losses

FIIG Securities Accused of Cybersecurity Failures, Data Breach Exposes 18,000 Clients

Getting hacked through fonts: Facebook warns about major vulnerability

GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

GitLab patches critical authentication bypass vulnerabilities

Hacked Tata Technologies data leaked by ransomware gang

Hackers Abuse Microsoft Copilot for Sophisticated Phishing Attack

Hackers Use Trump’s Coin, Binance’s Name in Crypto Phishing Scam

Health tech firm ESHYFT exposes sensitive nurse records in massive data breach

HealthTech Database Exposed 108GB Medical and Employment Records

Hong Kong: Privacy watchdog clears registry in data breach

How AI Agents Can Perform Autonomous Phishing Attacks

How to secure your personal metadata from online trackers

Juniper patches bug that let Chinese cyberspies backdoor routers

Hong Kong: Privacy watchdog clears Companies Registry in data breach

Medusa Ransomware: FBI and CISA Urge Organizations to Act Now to Mitigate Threat

Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand

Medusa Ransomware Made 300 Critical Infrastructure Victims

Medusa ransomware slams critical infrastructure organizations

Medusa Ransomware Targets Over 300 Critical Infrastructure Organizations

Medusa Ransomware Turns Critical Infrastructure to Stone

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

Microsoft 365 Phishing Campaign Active, Growing

Microsoft Issues Warning For Booking.com Phishing Campaign

Microsoft uncovers sleuthy new XCSSET MacOS malware campaign

Microsoft warns about a new phishing campaign impersonating Booking.com

Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails

Navigating AI-powered cyber threats in 2025: 4 expert security tips for businesses

New Lockbit-linked ransomware group targets Fortinet vulnerabilities

New Microsoft 365 Attack Bypasses Email Security Controls

New OBSCURE#BAT Malware Targets Users with Fake Captchas

New SuperBlack ransomware exploits Fortinet auth bypass flaws

North Korea's ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps

North Korean hackers exploit new Android spyware KoSpy to monitor users

Now hackers and online fraudsters steal your credentials

One in five shipping companies faced a cyber attack in the last 12 months

OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack

Over 300 critical organizations affected by Medusa ransomware, FBI warns

Pam Golding data breach incident a reminder of notification duties in South Africa

Pegasus and other spyware tools: rising threats of government and criminal surveillance

Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware

Phishing campaign impersonating Booking.com targeting UK hospitality

Phishing campaign impersonating Booking.com targets hospitality sector with malware

Ransomware Hits Record High: 126% Surge in Attacks in February 2025

Report Shows Historic Ransomware Activity

SuperBlack ransomware may have ties to LockBit

Suspected North Korea Group Targets Android Devices with Spyware

System oversight leaks 23 million government records

Tech Complexity Puts UK Cybersecurity at Risk

That 'angry guest' email from Booking.com? It's a scam, not a 1-star review

Threat hunters successfully use OpenAI’s Operator for phishing attack

UK Information Commissioner’s Office (ICO) Fires GDPR “Warning Shot” Over Use of Children’s Data

Ukraine seeks to bolster offensive cyber capabilities amid rising threats from Russia

US exposes Medusa ransomware threat, as over 300 organizations targeted across critical infrastructure sector

Volt Typhoon Accessed US Operational Technology (OT) Network for Nearly a Year

Why AI-powered security tools are your secret weapon against tomorrow's attacks

Widespread US critical infrastructure targeting conducted by Medusa ransomware

Will the UK legislate to curb ransomware payments?

Zoom Fixes Critical Security Flaws Affecting Workplace Apps and SDK

12th March

1inch Recovers Majority of Stolen Funds After Hacker Negotiation

1Password Warning - Beware Of Master Password-Reset Attack

5+ PC Security Essentials to Not Get Hacked

23 million secrets spilled on GitHub, developers naively assume no one will know

48% of Americans have received a fraudulent tax-related message

58% of Ransomware Attacks Involved Compromised Perimeter Security Appliances

245% Increase in SVG Files Used to Obfuscate Phishing Payloads

After breach of school staff financial data, ransomware gang takes credit

All data restored following Fort St. John cyber attack, more services back online

Alleged Data Breach Hits Maxikits 500K Records Exposed

Alleged Data Breach Targets Spanish Business Confederation

Allstate sued for not reporting data breach of 165,000 New Yorkers

Amateur hacker behind prolonged DDoS attack against X

Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks

Apple Rolls Out Critical Security Fixes: iOS 18.3.2, macOS Ventura, and More Receive Important Updates

Australian TFE Hotels group admits cyber attack recovery an ongoing process

Beware of DeepSeek Hype: It’s a Breeding Ground for Scammers

Bourne Moving Past January Cyber Attack

Browser-Based Data Leaks: 3 Biggest Data Security Challenges Today

Business owners warned of ransomware scam that could cost $500K

China continues cyberattacks on routers, this time targeting Juniper Networks devices

Chinese Cyber Espionage Group UNC3886 Backdoored Juniper Routers

Chinese cyberspies backdoor Juniper routers for stealthy access

Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits

Chinese Hackers Implant Backdoor Malware on Juniper Routers

Chinese spies plant custom backdoors and secretly lurk in Juniper routers

Chinese Volt Typhoon Hackers Infiltrated US Electric Utility for Nearly a Year

Cleveland Municipal Court reopens after cyber attack

Clop leaks data purportedly stolen from Rackspace

Columbus Regional Healthcare Agrees to $1,175,000 Data Breach Settlement

Crazyhunter, the new cyber gang that destroys data and uses blockchain for ransomware

Critical Apple vulnerability enables “extremely sophisticated” attacks

Cyber attack rattles real estate firm Pam Golding

Cyber experts rubbish Musk’s Ukraine claim after X outage

Dark web cybercrime marketplace: How much does it really cost to hack?

Data Breach Alert: Tata Technologies Once Again Hit by Ransomware Gang

Facebook discloses FreeType 2 flaw exploited in attacks

FBI issues warning on E-ZPass text scam: Delete texts on your iPhone, Android phone

FunkSec Hacking Group Claims Breach of UNIMORE University’s Systems

Garantex administrator arrested in India at request of US authorities

Garantex crypto exchange admin arrested while on vacation

Gone in 120 Seconds: TRUMP Coin Phishing Lure Delivers RAT

Goodbye passwords? Enterprises ramping up passkey adoption

Hacker goldmine: over 110,000 iOS apps expose hardcoded secrets, research finds

Hacker Group Claims Responsibility for X Outage

Hackers are abusing $TRUMP tokens to lure victims in to new phishing scam

Hackers claim cyber attack on Trump winery, golf courses

Hackers leak stolen Tata Technologies data following ransomware attack

Hong Kong: Companies Registry cleared of privacy violations despite 100,000-person data breach

Hunters International Leak Over 1.4 TB of Stolen Sensitive Information from Tata Technologies

India: Delhi Police busts cyber fraud syndicate, three held for phishing scam

India faced over 2 lakh phishing attack attempts in 2023

Indonesian Educational Platform Allegedly Targeted

iOS 18.3.2 Patches Actively Exploited WebKit Vulnerability

Jaguar Land Rover Allegedly Hacked – 700 Internal Documents Including Source Code Leaked

Jaguar Land Rover’s source code, tracking data leaked, attackers claim

Jamaica: 2 more arrests in connection with $47.5M phishing scam at National Commercial Bank (NCB)

Jamaica: Two more arrests in $47 million National Commercial Bank (NCB) phishing scam probe

Jamaica: Two more arrested in connection with National Commercial Bank (NCB) $47-million phishing scam

Lazarus Group targeting developers with infostealer and backdoor malware

Machine Identities Outnumber Humans Increasing Risk Seven-Fold

March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days

Massive research into iOS apps uncovers widespread secret leaks, abysmal coding practices

Medusa ransomware hit over 300 critical infrastructure organizations

MGM Ransomware Attack Settlement Is Reached

Microsoft Copilot Spoofing: A New Phishing Vector

Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days

Microsoft Patches a Whopping Seven Zero-Days in March

Microsoft patches Windows Kernel zero-day exploited since 2023

More than 300 critical infrastructure organizations attacked by Medusa ransomware

Most Ransomware Claims Begin With Compromised Perimeter Security

Multiple vulnerabilities in Mozilla products could put governments and businesses at risk

Navigating 2025: Zero Trust and Privileged Access Management for IT and OT Security

New North Korean Android spyware slips onto Google Play

New Zealand: Kiwi insurance broker confirms it is investigating a ransomware attack

North Korean government hackers snuck spyware on Android app store

NTT Data Breach Exposes 18,000 Corporate Customers’ Info

Ohio Turnpike warning about digital phishing scams with fraudulent tolls text requests

Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack

Pam Golding confirms data breach in South Africa

Phishing: A Persistent Threat in the Age of AI

Picklescan Vulnerabilities Could Let Hackers Bypass AI Security Checks

Pittsburgh customers impacted by Rivers Casino Philadelphia’s recent data breach

PowerSchool data breach investigation reveals earlier security breach

PowerSchool Portal Compromised Months Before Massive Data Breach

Regulation and its role in protecting critical infrastructure

Russian YouTubers blackmailed into spreading crypto miner

Sault Tribe works to recover from cyber attack

“Script kiddie” hackers behind Dark Storm cyberattack on Musk's X, security researcher says

Spyware in bogus Android apps is attributed to North Korean group

Tata Technologies: Ransomware Gang Hunters International Leaks 1.4 TB of Documents in Dark Web Site

Tata Technologies data leaked by ransomware group on the dark web

That weird CAPTCHA could be a malware trap - here's how to protect yourself

The Rising Threat of API Attacks: How to Secure Your APIs in 2025

The state of ransomware: Fragmented but still potent despite takedowns

The state of ransomware - how to future-proof your cyber security

Tycoon2FA Phishkit Updates Tactics with PDF Lures & Redirects

UK Cybersecurity Sector Revenue Grows 12% to Top £13 Billion

US consumer watchdog agency reveals that top scams of 2024 led to losses of $12 Billion

Utrecht University employees victim of mobile phone phishing scam

Volt Typhoon hackers were in Massachusetts utility’s systems for 10 months

WhatsApp Launches New Privacy Features After Facebook Data Breach

Wisconsin school district sues PowerSchool after student data breach

X Under Attack - Who Was Really Behind The Musk Platform Outages?

11th March

48% of professionals struggle to keep up with cybersecurity threats

95% of data breaches involve human error, report reveals

95% of Data Breaches Tied to Human Error in 2024

18,000 companies affected as NTT stung by data breach

A pro-Russian hacker group attacks Twitter and Elon Musk links it to Ukraine

Alleged Data Leak Targets French Government Websites

Allstate faces lawsuit for security failures in data breach

Almost 60% of New Zealand businesses faced a cyber attack in 2024

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks

Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices

Best Collateral Data Breach Exposes Sensitive Consumer Information

Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks

Blind Eagle Targets Colombian Government with Malicious .url Files

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to Known Exploited Vulnerabilities (KEV) List

CISA tags critical Ivanti EPM flaws as actively exploited in attacks

CISA Urges All Organizations to Patch Exploited Critical Ivanti Vulnerabilities

Critical PHP RCE vulnerability mass exploited in new attacks

Cyber experts rubbish Musk’s Ukraine claim after X outage

DDoS Blamed as X Suffers Multiple Outages

Elon Musk Alleges Cyber Attack On X Origins Tied To Ukraine

Elon Musk claims “massive cyber-attack” causes X outages

Elon Musk claims X outages were caused by a ‘massive cyber-attack’

Elon Musk points to Ukraine for cyber attack on X, pro-Palestinian Dark Storm Team claims responsibility

Ex-Employee Sabotages Company Systems, Faces Up to 10 Years

Fake Binance Wallet Email Promises TRUMP Coin, Installs Malware

False confidence leaves businesses at risk of phishing scams

Federal Trade Commission (FTC) says Americans lost $12.5 Billion to scams last year - social media, AI, and crypto didn’t help

Former head of UK cyber security dismisses Elon Musk's 'garbage' claim that Ukraine was behind X outage

Hacking group ‘Dark Storm’ claims responsibility for DDoS attack on X

Hacktivists protest Musk and Trump by shutting down X for tens of thousands

How remote work strengthens cybersecurity teams

How to spot and avoid AI-generated scams

Internet data breach leads to fraudulent credit card and $30,000 worth of charges

Ireland: Man given suspended sentence for role in phishing scam

Is Your Cloud App Server Secure? Best Practices for Data Protection

Israeli authorities investigate alleged Iranian-linked data breach targeting gun owners

Jaguar Land Rover Allegedly Breached

Jaguar Land Rover Suffers Major Data Breach, Sensitive Employee and Internal Data Leaked

Japanese Betting Platform Allegedly Targeted in Dark Web Data Leak

KnowBe4's global report finds rising cyber threats aimed at retail sector

MassJacker malware uses 778,000 wallets to steal cryptocurrency

Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws

Microsoft Patch Tuesday March 2025: 6 Zero-Days, 10 High-Risk Vulnerabilities

Mission asks Governor Abbott to declare state of emergency over 'cybersecurity incident'

Most ransomware incidents start with compromised perimeter security

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches

Musk Blames X (Twitter) Outage on Cyberattack, Links It to Ukraine

Musk Claims Ukrainian IP Addresses Linked to Cyber Attack on X

Musk says X hit by ‘massive cyber attack’

New York Sues Allstate Over Data Breach and Security Failures

NHS contractor Medefer denies software flaw put patient data at risk of breach

North Korean hackers turn to Russia-linked ransomware for new extortion campaign

North Korean Lazarus hackers infect hundreds via npm packages

NTT telco breach allegedly impacts thousands of corporate clients

PowerSchool data breach preceded by months-long systems compromise

Previously unidentified botnet targets unpatched TP-Link Archer home routers

PowerSchool previously hacked in August, months before data breach

Pro-Palestinian Hacker Group Took Responsibility for X Cyber Attack – Before Elon Musk Blamed Ukraine

Rackspace files allegedly published by Cl0p ransom gang

Ragnar Loader Employed By Multiple Ransomware Groups To Evade Detection

Ransomware attacks are more dangerous in the AI era

Seattle library ransomware attack affected nearly 27K people

Settlement Agreed to Resolve Rhode Island Public Transit Authority (RIPTA) Ransomware Attack Lawsuit

SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa

Singaporean IT leaders can’t tell apart legit emails and phishing scams

Smart cybersecurity spending and how CISOs can invest where it matters

SMS Scam Uses Elon Musk’s Name to Sell Fake Energy Devices to US Users

Sony Removes 75,000 Deepfake Items, Highlighting a Growing Problem

South African real estate company hit by data breach

Sunflower Medical Group says cyber attack impacted over 220,000 patients

Surging Complaints To Australia’s Tax Authority Signal Data Breach Crisis

Tata Technologies’ data leaked by ransomware gang

Telecom Giant NTT Confirms Data Breach Affecting 18,000 Corporate Customers

The AI race: Dark AI is in the lead, but good AI is catching up

U.S. Fraud Losses Soared 25% in 2024 to $12.5 Billion

X formerly known as Twitter experiences multiple outages - The Dark Storm Team, a pro-Palestinian cyber attack group takes credit

X hit by massive cyber attack: Musk points to Ukraine

X outage claimed as cyber attack by hacktivists as Musk suspects Ukraine

X Platform Hit by Major Cyber Attack as Dark Storm Claims Responsibility

X’s ‘Massive Cyberattack’ has Links to Ukraine, Musk Claims. But Was It Really Ukraine?

10th March

1inch Hacker Refunds $5 Million After Settlement, Keeps Bounty

30 Percent Of All Ransomware Attacks Impact Europe

560,000 People Impacted Across Four Healthcare Data Breaches

Achilles Email: Defending the Eternal Attack Surface

AI Security: Invoice or Impersonation? 36.5% Spike in Phishing Attacks Leveraging QuickBooks’ Legitimate Domain in 2025

AI-Assisted Ransomware: Fighting Fire With Fire

AI-Driven Phishing And Deep Fakes: The Future Of Digital Fraud

Akira Ransomware Attacking Windows Server via RDP & Evades EDR Using Webcam

Almost 60% of New Zealand businesses hit by cyber attack last year

American Civil Liberties Union (ACLU) announces proposed settlement in lawsuit over Rhode Island Public Transit Authority’s (RIPTA) 2021 data breach

Archie Cochrane Ford Announces Data Breach, Compromising an Unknown Number of SSNs

Australian New Zealand Clinical Trials Registry (ANZCTR) cyber attack causes week-long research delays

Best Collateral Files Notice of Data Breach Following Cyberattack that Compromised Consumer SSNs

Breaking Down the AMD Zen Microcode Flaw: Bug Hunters Investigate Signature Validation Issue

Chicago Public Schools investigate data breach affecting 700,000 students

Commvault Webserver Vulnerability Poses Cybersecurity Risk, Urging Immediate Action

Consumer Reports finds popular voice cloning tools lack safeguards

Crazyhunter: The Ransomware with the Three-Dimensional Data Annihilation System That Redefines Data Destruction

Cyber attack on Carruth Compliance Consulting impacted workers at dozens of public schools

Cyber attack on National Presto Industries caused operational disruptions

Cybersecurity In Construction: How To Effectively Mitigate Cyber Risk

Data Breach Affects Thousands of Chicago Public School Students

Data Breach at Sunflower Medical Group Affects Confidential Info Belonging to 220,968 Individuals

Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links

Elon Musk claims ‘massive cyber-attack’ caused X outages

Elon Musk claims 'massive cyber attack' that hit X 'originated in Ukraine'

Elon Musk Claims Twitter Outage Was Due to “Massive” Cyber Attack

Elon Musk says X hit by major cyber attack

Elon Musk Says X Hit by ‘Massive Cyber Attack’ as Thousands of Users Locked Out

Elon Musk says X hit by 'massive cyber attack' as users unable to log in

Elon Musk says X is down due to cyberattacks

Elon Musk says X was hit by 'massive cyber attack' that's impacting thousands of users

Elon Musk says X outages the result of a cyber attack and investigations are underway to determine who's behind it

Elon Musk’s X platform under ‘massive cyber-attack’

Facebook Phishing Scam Scares Page Owners Into Sharing Their Password

Fake BianLian Ransom Claims Targeting US Firms With Physical Letters

Fake playtest invites are targeting Steam users again in latest phishing scam

Federal Trade Commission (FTC) will send $25.5 million to victims of tech support scams

Financial services sector is facing data risks from personal apps

Five Coercive Tactics Used By Ransomware Operators To Pressure Victims Into Paying

Fraudulent DocuSign email seeks to steal credentials

Garantex Crypto Exchange Seized, Two Charged in Laundering Scheme

'Garbage' to blame Ukraine for massive X outage, experts say

Google paid $12 million in bug bounties last year to security researchers

Hacker accessed PowerSchool’s network months before massive December breach

Hackers Using Advanced Social Engineering Techniques With Phishing Attacks

How to safely dispose of old tech without leaving a security risk

Indian Government leaks nearly two million citizens’ documents

Kansas healthcare provider says more than 220,000 impacted by cyberattack

KELA’s Cyber Intelligence Center details more insights on Black Basta’s ransomware tactics, victim selection strategies

Last Pass hack led to over $100 million theft of Ripple co-founder’s crypto

Long Arm of the Law Comes for Russian Crypto: Why Secret Service Seized Garantex

Lumen Technologies Provides Notice of Late-2024 Data Breach

Makai Files Official Notice of January 2025 Data Breach

'Massive cyber attack': Elon Musk says X cut caused by co-ordinated group or country

Massive data breach: Israelis' COVID records, other information on sale for $1 million

Massive Malvertising Campaign Infects a Million Devices

Massive X Cyber Attack, Outage Claimed by the Dark Storm Team on Telegram, Elon Musk Confirms the Incident

Medusa Ransomware Attacks Grown By 42% With New Tools & Techniques

Melbourne man sentenced over $35k phishing campaign

Mining equipment supplier Bis Industries investigating ransomware claims

Mission Extends Emergency Declaration After Cyber-Attack

Mission, Texas Declares State of Emergency Following Cyberattack on City Systems

Most AI voice cloning tools aren't safe from scammers, Consumer Reports finds

Musk claims ‘massive cyber attack against X’ after day of outages

Musk suggests 'massive cyber attack' on X came from Ukraine

New North Korean Moonstone Sleet Employs Creative Tactics To Deploy Custom Ransomware

New York sues Allstate over data breach, alleged security lapses

NTT Communications warns nearly 18,000 corporate customers of data breach

Number of Unauthorized Cobalt Strike Copies Plummets 80%

Numotion Announces Data Breach Following Compromised Employee Email Accounts

Over 1000 Malicious Packages Found Exploiting Open-Source Platforms

PlayPraetor trojan spreads through fake Play Store pages to steal user data

Qilin ransomware leveraged by North Korea’s Moonstone Sleet in new attacks

Ragnar Loader Used by Multiple Ransomware Groups to Bypass Detection

Ransomware attack on elite Bronx private school exposes students personal information

Ransomware Attacks Hit Record High Despite Payment Decline

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials

Rhode Island Public Transit Authority (RIPTA), United Healthcare agree to settle lawsuit from 2021 data breach. What to know

Scam spoofs Binance website and uses TRUMP coin as lure for malware

Scotland’s exams board investigates data breach at Ayrshire school after large cache of documents leaked on web

Scottish exams body investigating data breach amid claims thousands of files have been leaked

Scottish Qualifications Authority (SQA) investigates data breach after thousands of documents leaked online

Scottish Qualifications Authority Investigating a Data Breach

Second biggest bank in US hit by major data breach stealing social security numbers and other personal info

Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

SIM Swapping Fraud Surges in the Middle East

Social Engineering Attacks in Crypto: How to Identify, Prevent, and Protect Your Assets

Sorbonne University in Paris claimed by AI-powered Funksec ransomware

Surge in Malicious Software Packages Exploits System Flaws

Swiss critical sector faces new 24-hour cyberattack reporting rule

Switzerland mandates 24-hour cyberattack reporting for critical sector

Switzerland Mandates Cyber-Attack Reporting for Critical Infrastructure

Texas Developer Convicted After Kill Switch Sabotage Plot

That Parking Fine SMS You Received Is Likely a Phishing Scam

The Human Factor: Training Employees To Recognize Phishing Attacks

Travelers reports rise in ransomware activity in Q4’24 Cyber Threat Report

Trump administration ends Federal Trade Commission’s ransomware data breach case against MGM Resorts

Trump coin scam delivers malware that hijacks your device

Typosquatted packages delivering malware to Linux and macOS systems

UK AI Research Under Threat From Nation-State Hackers

US government says Americans lost record $12.5 billion to fraud in 2024

Web cameras behind latest ransomware, DDoS incidents serving hackers a launchpad

What PowerSchool won’t say about its data breach affecting millions of students

What’s happening with X? Elon Musk reports massive cyber attack

X hit by ‘massive cyberattack’ amid Dark Storm’s DDoS claims

X Outage Linked to Dark Storm Hacker Group as Elon Musk Confirms 'Massive Cyberattack'

YouTube creators targeted in deepfake phishing scams