Significant Cyber Incidents
Major breaches, ransomware attacks, and nation-state operations affecting businesses worldwide. Sourced from Cyber Scoop, The Record, SecurityWeek, DataBreaches.net and more.
FBI Chief Kash Patel’s Clothing Store Hacked in ClickFix Infostealer Attack
Hackers compromised FBI Chief Kash Patel’s clothing store in a ClickFix attack that tricked macOS users into installing infostealer malware.…
Ghost CMS Vulnerability Exploited to Hack Over 700 Websites
Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack. The post Ghost CMS Vulnerability Exploited to Hack Over 700 Websites appeared first on Securit…
PowerSchool’s $17.25 Million Settlement Exposes Years of Student Data Tracking
If you ask most people what breach PowerSchool experienced, their first response might be the 2024 hacking incident that affected tens of millions of students. But even before that breach, there was another significant b…
Oncology Institute Discloses Data Breach
The affected third-party vendor has not been named, but one possible candidate is TriZetto. The post Oncology Institute Discloses Data Breach appeared first on SecurityWeek .…
Netherlands Busts Bulletproof Hosting Network Linked to Disinformation and Cybercrime
Dutch authorities arrested two suspects after dismantling a bulletproof hosting network linked to cybercrime, disinfo, and Russian sanctions evasion.…
266,000 Affected by Data Breach at Radiology Associates of Richmond
Threat actors stole files containing names and protected health information from the healthcare organization’s systems. The post 266,000 Affected by Data Breach at Radiology Associates of Richmond appeared first on Secur…
Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects
Many findings have been confirmed to be critical or high-severity vulnerabilities and the number will continue to increase. The post Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects a…
Laravel-Lang Packages Poisoned for Malware Delivery
Published within a 15-minute window, the malicious tags introduced backdoors to exfiltrate CI secrets. The post Laravel-Lang Packages Poisoned for Malware Delivery appeared first on SecurityWeek .…
DocketWise Data Breach Impacts 143,000
Hackers accessed names, addresses, Social Security numbers, financial information, and medical data from third-party partner repositories. The post DocketWise Data Breach Impacts 143,000 appeared first on SecurityWeek .…
FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
The Kali365 phishing-as-a-service platform lowers the barrier of entry for cybercriminals, said the FBI…
Fake Streams, Counterfeit Merch and Other Scams: How Fraudsters Target F1 Fans
From fake F1 streams to counterfeit merch, fraudsters are exploiting fans online and the Bitdefender Cybersecurity Grand Prix Fan Threat Index details how…
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
Fake automated commits injected GitHub Actions workflows containing payloads to steal credentials, CI secrets, keys, and tokens. The post Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain At…
Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches
A hacker is selling a 340M OnlyFans user database allegedly built by matching old breach data and public profiles to real OnlyFans accounts.…
France Sees More Violent Attacks on Crypto Holders Than Any Other Country
Julian Lim reports: The hardest part of crypto security used to be keeping private keys away from hackers. In France, the problem has moved much closer to home. A new report says roughly 70% of documented wrench attacks …
UK: £355,880.10 confiscation order secured following proceeds of crime hearing
There’s a follow-up to the case of a motor insurance worker who received a suspended prison sentence for unlawfully accessing personal information. On May 21, the Information Commissioner’s Office (ICO) annou…
Rhode Island’s workers’ compensation notifies those affected by January data breach
Rhode Island residents may understandably wonder about the state’s vendor security monitoring. First, it was the Deloitte and the RIBridges data breach that affected more than 730,000 residents. Now the vendor that…
UK: Victims feel ‘violated’ after water firm’s data breach
Oprah Flash reports: “Violated” and being “unable to trust” have been the feelings plaguing victims of a cyber attack on a Midlands-based water company. The personal data of 633,887 people was sto…
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers
Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers.…
‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
The stealthy vulnerability impacts roughly 88 million domains and can be exploited to bypass DNS filtering and hide command-and-control traffic. The post ‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connection…
CISA to allow researchers to report vulnerabilities to exploited bugs catalog
The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a nomination form on Thursday that they said enables “researchers, vendors, and industry partners” to report bugs that need to be adde…
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
Kali365, which was first observed in April, abuses legitimate Microsoft device authorization pages to grant persistent access to cybercriminal-controlled applications. The post FBI warns about fast-growing phishing kit t…
FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The law enforcement agency published an advisory on Thursday about Kali365 — a Telegram-based service for cybercriminals that allows them to capture legitimate "OAuth" tokens enabling widespread access to Microsoft 365 e…
FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Account
FBI warns of Kali365, a PaaS scam kit that lets cybercriminals bypass MFA and hijack Microsoft 365 accounts without passwords.…
Meta settles school district lawsuit claiming addictive design harmed students' mental health
The bellwether lawsuit was the first of at least 1,200 to be brought by a school district against Meta, Snap, YouTube and TikTok for similar alleged harms. The other cases have not yet been tried.…
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The post Drupal Vulnerability in Hacker Crosshairs Shortly After Dis…
Radiology Associates of Richmond discloses second data breach; 266k people affected
On July 1, 2025, Radiology Associates of Richmond (“RAR”) reported a breach to HHS that had occurred in April 2024 and affected more than 1.4 million patients. By the end of July 2025, the well-known radiolog…
Why the Supreme Court's Chatrie case could change the meaning of privacy in America
Lawyer Adam Unikowsky spoke with Recorded Future News about why he believes geofence searches are problematic and why the way the court rules could have a dramatic impact on Americans’ right to privacy.…
Canadian man arrested, charged for running KimWolf DDos botnet
In court documents unsealed on Thursday, the Justice Department said Jacob Butler ran KimWolf as a DDoS-for-hire service that infected over a million devices worldwide.…
Trump Mobile confirms it exposed customers’ personal data, unclear whether it will notify those affected
Lorenzo Franceschi-Bicchierai reports: Phone provider Trump Mobile has confirmed that it was exposing customers’ names, email addresses, mailing addresses, cell numbers, and order identifiers to the open internet. Chris …
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
Other noteworthy stories that might have slipped under the radar: CISA contractor exposes credentials, Mythos testing and new features, Huawei router flaw triggered telecom blackout. The post In Other News: Industrial Ro…
Proposed State Laws For Breach Notification Could Reshape Incident Response Plans
Joseph Lazzarotti of JacksonLewis writes: State breach-notification laws continue to evolve, and legislatures are using 2026 sessions to tighten consumer protections and shift the civil liability landscape that often fol…
How a consultant and a concert pianist from the Netherlands were arrested on suspicion of aiding NoName057(16)
Officials allege that WorkTitans and MIRhosting were used to facilitate pro-Russian hackers and evade EU sanctions. Huib Modderkolk and Henrik Moltke write: Youssef Z. may have seen trouble coming. The 57-year-old entrep…
Hackers steal patient and billing data from German hospitals via third-party provider
Daryna Antoniuk reports: German university hospitals are grappling with a large-scale patient data breach after unknown hackers targeted an external billing service provider used by medical centers across the country, ac…
5,561 GitHub Repositories Hit by Megalodon Supply Chain Attack in Six Hours
SafeDep uncovered the Megalodon attack targeting 5,561 GitHub repositories with malicious CI workflows and cloud credential theft.…
Fake Gemini and Claude Code Sites Spread Infostealers Through SEO Poisoning
The infostealer payload in this campaign collect a vast amount of data, from collaboration authentication keys to cryptocurrency wallets…
Apple Blocked $2.2bn in App Store Fraud in the Last Year
Total figure for fraudulent transactions Apple has blocked since 2020 now stands at over $11bn…
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
Jacob Butler, a 23-year-old from Ottawa, awaits extradition to the United States and faces up to 10 years in prison. The post Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada appeared f…
Lawmakers from both parties say CISA cuts have gone too far
Reps. Don Bacon, R-Neb., and James Walkinshaw, D-Va., found rare bipartisan agreement that the agency tasked with defending civilian networks has been diminished at a moment when threats from China and others are growing…
Trump postpones executive order focused on AI security
Under a draft executive order, the NSA, Treasury Department and other federal agencies would get 90-days to test new models for cybersecurity and national security concerns. The post Trump postpones executive order focus…
CISA chief frets about open-source vulnerabilities, delayed security improvements
Acting director Nick Andersen’s comments came as a wave of malware attacks hit tech that’s publicly available for collaboration. The post CISA chief frets about open-source vulnerabilities, delayed security improvements …
European authorities take down prolific cybercrime VPN service
Officials arrested the alleged administrator of First VPN, seized its servers and domains. Europol said the service appeared in almost every major recent cybercrime investigation. The post European authorities take down …
Deleted Google API Keys Remain Active up to 23 Minutes, Study Finds
Deleted Google API Keys remain active for up to 23 minutes after deletion, exposing GCP, Gemini, BigQuery, and Maps data to attackers.…
Cybercriminal VPN Dismantled in Europol Crackdown
First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol…
GitHub Breach Traced to Malicious 'Nx Console' VS Code Extension
A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace…
Three-Quarters of Firms Knowingly Ship Vulnerable Code
AI risks threaten to permeate supply chains through unvetted code and unaudited suppliers…
Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
Europol has seized First VPN, a service used by ransomware gangs, arrested its administrator and gained access to data linked to thousands of users.…
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally…
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
As AI expands the attack surface and alert fatigue grows, cyber exposure management offers a clearer path to understanding where risk truly concentrates and how to reduce it before a crisis hits. The post The readiness p…
Meet Rampart and Clarity, Microsoft’s new red team combo AI agents
Microsoft’s AI red team lead talked to CyberScoop about the goals behind open sourcing a pair of security tools meant for developers and incident responders. The post Meet Rampart and Clarity, Microsoft’s new red team co…
GitHub says internal repositories were impacted in poisoned VS Code extension attack
GitHub said late Tuesday that internal repositories were exfiltrated after an employee device was compromised through a poisoned Visual Studio Code extension, an incident that underscores the growing risks facing softwar…
CISA credential leak raises alarms, and Capitol Hill demands answers
A researcher who found a repository that leaked on GitHub said it was one of the worst he’s witnessed. The post CISA credential leak raises alarms, and Capitol Hill demands answers appeared first on CyberScoop .…