AUTO-UPDATED EVERY 30 MIN

Significant Cyber Incidents

Major breaches, ransomware attacks, and nation-state operations affecting businesses worldwide. Sourced from Cyber Scoop, The Record, SecurityWeek, DataBreaches.net and more.

📡 51 incidents tracked·🕐 Last refresh: Jul 10, 2026, 12:39 p.m. PT
Government

CISA looks to remedy ailments from big May credential leak

A major credential leak spurred the Cybersecurity and Infrastructure Security Agency to strengthen protections for its sensitive materials, improve how researchers can report agency vulnerabilities and develop plans for …

Cyber ScoopJul 10, 2026
Government

Ryuk operator pleads guilty; Blackcat/AlphV conspirator gets nearly 6-year sentence

One man accused of deploying Ryuk ransomware pleaded guilty Wednesday in an Oregon federal court to conspiracy and computer fraud, while another man received a 70-month federal prison sentence in a Florida court for help…

The RecordJul 10, 2026
Enterprise

License plate cameras may be next target after Supreme Court reins in location tracking

If a warrant is ultimately needed for ALPR searches, experts say, it would radically limit how the networks of cameras can be used and would change modern policing.…

The RecordJul 10, 2026
Enterprise

CISA Details Incident Response to Exposed AWS GovCloud Keys

CISA reveals how it responded after sensitive AWS GovCloud credentials and internal data were exposed in a public GitHub repository…

InfoSecurityJul 10, 2026
Manufacturing

Microsoft Warns New 'GigaWiper' Malware Combines Espionage and Destructive Capabilities

A new multi-purpose backdoor allows cyber threat actors to conduct both quiet espionage activity and destructive wiping operations…

InfoSecurityJul 10, 2026
Manufacturing

In Other News: DHS Database Hacked, Adobe Boosts Patch Cadence, Canada Disrupts Ransomware Ops

Other noteworthy stories that might have slipped under the radar: Abnormal AI sued by Anthropic, AssuranceAmerica data breach affects 7 million people, NSA brings back TAO. The post In Other News: DHS Database Hacked, Ad…

SecurityWeekJul 10, 2026
Enterprise

Anthropic and OpenAI Security Tools Could Fuel Cyber-Attacks, Researchers Warn

Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could backfire…

InfoSecurityJul 10, 2026
Enterprise

China, India ran separate spying campaigns against same Pakistani police force

The activity, in some cases breaching the exact same systems, ran between February 2024 and April 2026 and centered on the force responsible for the country’s southwestern province that has been the site of a long-runnin…

The RecordJul 10, 2026
Manufacturing

Cybersecurity Negotiator Gets 70 Months for Helping BlackCat Extort Victims

Former ransomware negotiator Angelo Martino gets 70 months in prison for helping BlackCat extort US victims and misuse confidential client data in cyberattacks.…

HackreadJul 10, 2026
Manufacturing

New Ransomware Exploits Malicious Driver to Remove Cybersecurity Protections

GodDamn ransomware uses remote desktop application to secretly move around networks and drop the malicious PoisonX kernel driver…

InfoSecurityJul 10, 2026
Manufacturing

Third US Security Expert Sentenced to Prison for Helping Ransomware Gang

Angelo Martino, a former ransomware negotiator, was sentenced to 70 months for helping the BlackCat/Alphv group. The post Third US Security Expert Sentenced to Prison for Helping Ransomware Gang appeared first on Securit…

SecurityWeekJul 10, 2026
Manufacturing

China, India-Linked Hackers Both Targeted Same Pakistani Police Force

Both foes and allies have targeted the Balochistan Police force in Pakistan for at least two years, according to SentinelOne. The post China, India-Linked Hackers Both Targeted Same Pakistani Police Force appeared first …

SecurityWeekJul 10, 2026
Enterprise

Okta Warns of Vishing Attacks Targeting Microsoft 365 Customers

The attackers call victims to direct them to phishing websites mirroring Microsoft Entra ID login pages. The post Okta Warns of Vishing Attacks Targeting Microsoft 365 Customers appeared first on SecurityWeek .…

SecurityWeekJul 10, 2026
Enterprise

Microsoft Warns of Increase in Number of Security Updates

Microsoft has said the volume of Windows security updates is set to grow as it uses AI to find new bugs…

InfoSecurityJul 10, 2026
Manufacturing

FastNetMon Launches Netomics, a Self-Hosted Routing Intelligence Platform

London, United Kingdom, 10th July 2026, CyberNewswire…

HackreadJul 10, 2026
Manufacturing

GigaWiper Combines Multiple Malware for System-Level Sabotage

The backdoor’s destructive capabilities include a standalone wiper, ransomware encryption, and a multi-pass wiping command. The post GigaWiper Combines Multiple Malware for System-Level Sabotage appeared first on Securit…

SecurityWeekJul 10, 2026
Healthcare

NHS Warns Staff Over Unauthorized Access to Patient Data

NHS tells staff they could face prison for “inappropriate” access to patients’ medical records…

InfoSecurityJul 10, 2026
Manufacturing

‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism

Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution. The post ‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism app…

SecurityWeekJul 10, 2026
Critical Infrastructure

Network of 200 GitHub Repositories Used for Malware Infection

A Go module is used to load PowerShell code that fetches a resolver from public dead drops to execute Windows malware. The post Network of 200 GitHub Repositories Used for Malware Infection appeared first on SecurityWeek…

SecurityWeekJul 10, 2026
Manufacturing

Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail

Angelo Martino exploited his insider position and fed confidential information to ransomware co-conspirators to extort a combined $75.3 million from five U.S.-based victims. The post Former DigitalMint ransomware negotia…

Cyber ScoopJul 10, 2026
Telecom

Dutch police trace Odido telco cyberattack to suspected local accomplice

Dutch police said Thursday they had uncovered evidence suggesting that Dutch criminals were involved in the cyberattack on telecom provider Odido that exposed the personal data of more than 6 million customers earlier th…

The RecordJul 9, 2026
Manufacturing

Microsoft Warns of GigaWiper Backdoor Built to Destroy Windows PCs

Microsoft details GigaWiper, a destructive Windows backdoor that can wipe disks, encrypt files and give attackers remote access to compromised systems globally.…

HackreadJul 9, 2026
Defence

Interpol cybercrime crackdown nets 5,800 arrests across 97 countries

The anti-fraud crackdown, dubbed Operation First Light, identified more than 142,000 victims of various social-engineering scams. The post Interpol cybercrime crackdown nets 5,800 arrests across 97 countries appeared fir…

Cyber ScoopJul 9, 2026
Enterprise

AI Gateway Connected to Amazon Bedrock Hijacked for Cryptomining

Darktrace says a LiteLLM AI gateway linked to Amazon Bedrock was compromised for cryptomining after signs of exposed SSH activity.…

HackreadJul 9, 2026
Enterprise

QIZ Security Raises $17 Million for Cryptographic Governance Platform

The Israeli company has developed a cryptographic posture and post-quantum cryptography management platform. The post QIZ Security Raises $17 Million for Cryptographic Governance Platform appeared first on SecurityWeek .…

SecurityWeekJul 9, 2026
Manufacturing

764 splinter group leader sentenced to 40 years in jail

Alexis Chavez coerced multiple girls to commit self harm and produce child sexual abuse material for notoriety in a sprawling violent extremist collective affiliated with the Com. The post 764 splinter group leader sente…

Cyber ScoopJul 9, 2026
Financial

Latvian forestry company still restoring systems weeks after ransomware attack

A foreign, financially motivated group was responsible for a cyberattack on state-owned forestry company Latvijas Valsts Mezi (LVM), officials said.…

The RecordJul 9, 2026
Government

UK Government Rolls Out Agentic AI Defense Plan Alongside Industry Pledge

Two announcements on July 7, 2026, demonstrate the government’s determination to improve the level of cybersecurity within the UK. The post UK Government Rolls Out Agentic AI Defense Plan Alongside Industry Pledge appear…

SecurityWeekJul 9, 2026
Critical Infrastructure

Vibe-Coded Malware Caught in Active Directory Attack

Huntress found a threat actor using vibe-coded PowerShell to map an Active Directory network…

InfoSecurityJul 9, 2026
Manufacturing

Palo Alto Networks Patches 13 Vulnerabilities

Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software. The post Palo Alto Networks Patches 13 Vulnerabilities appeared first on Securi…

SecurityWeekJul 9, 2026
Enterprise

75% CISOs Fear Executives Don’t Understand Cybersecurity Risks Employees Face

Survey of cybersecurity leaders by MetaCompliance finds that many feel boards are uninterested in ever-evolving cyber risks…

InfoSecurityJul 9, 2026
Enterprise

GhostApproval Flaws Let Top AI Coding Tools Write Outside Workspaces

Wiz found GhostApproval symlink flaws in major AI coding assistants that could hide sensitive file targets, bypass approval checks and enable system access too.…

HackreadJul 9, 2026
Enterprise

Two arrests this week in unrelated crimes involved Japanese teenagers using ChatGPT to assist in their crimes

The Japan Times reports: An 18-year-old man has been arrested for his suspected involvement in a cyberattack on the operator of the Kaikatsu Club internet cafe chain, according to investigative sources. On Wednesday, the…

DataBreaches.netJul 9, 2026
Financial

Nayax investigating breach; The Syndicate claims it acquired 1 billion card records and other important data

Nayax is a global fintech company headquartered in Israel that provides cashless payment and management solutions for unattended retail and self-service machines. The firm is publicly traded on both the Tel Aviv and Nasd…

DataBreaches.netJul 9, 2026
Manufacturing

Iris Recognition vs Fingerprint: Which Biometric Wins in 2026?

Compare iris recognition and fingerprint biometrics in 2026, from accuracy and speed to security, privacy, and where each technology works best.…

HackreadJul 8, 2026
Government

Uniondale Union Free School District – Audit Follow-Up by New York State Comptroller (2023M-61-F)

In October 2023, NYS Comptroller Thomas DiNapoli released an IT audit of the Uniondale Union Free School District on Long Island. The purpose of the audit was to examine management of non-student user network controls. T…

DataBreaches.netJul 8, 2026
Enterprise

DuckDuckGo Now Blocks Most YouTube Ads Right Inside Its Browser

DuckDuckGo's browser now blocks most YouTube ads by default on supported devices. Here's how it works, which platforms support it, and its limits.…

HackreadJul 8, 2026
Government

French nonprofit starts global intelligence and research hub for AI cyber threats

One of the project’s top goals is stitching together an international, quick response coalition of governments, businesses and civil experts for AI-related threats. The post French nonprofit starts global intelligence an…

Cyber ScoopJul 8, 2026
Healthcare

Patients Sue Healthcare Corporations Over Data Breaches, Sharing of Personal Information

Mikeie Honda Reiland reports: A suite of recent class action lawsuits in state and federal courts seeks to hold large healthcare corporations accountable for exposing or leaking patients’ personally identifiable informat…

DataBreaches.netJul 8, 2026
Manufacturing

Why Bangladesh’s new data protection law may fail to protect your data

Meem Arafat Manab reports: On August 19, 2025, hackers broke into Shwapno’s customer database. They took 410 gigabytes of data: the names, phone numbers, and purchase histories of forty lakh registered customers. They de…

DataBreaches.netJul 8, 2026
Government

Armored Likho Hits Government, Energy Sectors With BusySnake Stealer

Kaspersky details how the newly named Armored Likho APT uses BusySnake Stealer, AI-generated loaders, and phishing to target government and energy organizations.…

HackreadJul 8, 2026
Government

Found fast, fixed slow: The gap the AI clearinghouse must close

The government's new AI clearinghouse risks becoming a committee that discovers more problems than it solves — unless it's designed around patching, not just scanning. The post Found fast, fixed slow: The gap the AI clea…

Cyber ScoopJul 8, 2026
Healthcare

Washington Dept. of Social and Health Services announces massive data breach

KIRO7 reports: The Washington Department of Social and Health Services (DSHS) is issuing a notice of a massive data breach that happened in March, potentially compromising the personal data of around 8,600 people. An int…

DataBreaches.netJul 7, 2026
Enterprise

Spain arrests suspected hacker linked to Russian hacktivist campaign

Authorities didn’t name the man or file formal charges, but accuse him of participating in attacks linked to Cyber Army of Russia Reborn and NoName. The post Spain arrests suspected hacker linked to Russian hacktivist ca…

Cyber ScoopJul 7, 2026
Enterprise

Deepfake CSAM lawsuit against xAI, Grok expands

Two new alleged victims detailed how Grok was used by friends and family to generate sexual images of them as minors. The suit also adds Stability AI as a defendant. The post Deepfake CSAM lawsuit against xAI, Grok expan…

Cyber ScoopJul 7, 2026
Enterprise

Bojangles sued again by workers over Russian hacker data breach. NC judge weighs in

Chase Jordan reports an update in the litigation stemming from a 2024 breach by Hunters International. This case has raised a number of issues about standing and negligence and has been up and down in the courts, with pl…

DataBreaches.netJul 7, 2026
Defence

Jacksonville, Texas, keeps some city systems offline after cyber incident

DysruptionHub reports: Jacksonville, Texas, took some city systems offline after detecting suspicious network activity Friday, leaving some online services unavailable Monday as officials investigated a cybersecurity inc…

DataBreaches.netJul 7, 2026
Government

Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities

Proofpoint researchers said attackers targeted physics and engineering departments, and warn that the campaign is likely ongoing. The post Suspected Chinese espionage group used a Roundcube exploit chain to burrow into u…

Cyber ScoopJul 7, 2026
Education

The “Anonymous” Tip System That Wasn’t: Three Months Later, Why Hasn’t Navigate360 Notified Anyone?

Trigger Warning: This post includes content from tips submitted to anonymous tiplines by or about students. While identity information is redacted, tips may include obscenities and explicit references to sexual abuse, ra…

DataBreaches.netJul 6, 2026
Defence

US Army websites defaced with pro-Kurdish sentiments, insults to Trump

At least two websites appear to be victim to 404 hijacking attacks. Army officials took the sites down after being contacted by CyberScoop. The post US Army websites defaced with pro-Kurdish sentiments, insults to Trump …

Cyber ScoopJul 6, 2026
Manufacturing

Alberta, Centurion Project sued over alleged data breach that affected millions of voters

Carrie Tait reports: A retired lawyer is suing Alberta, its Chief Electoral Officer and two organizations that support secession for their respective roles in an alleged data breach affecting 2.9 million residents in the…

DataBreaches.netJul 6, 2026