LATEST POST
How the Conduent Data Breach Unfolded, and Why It Matters
Freedom For All Americans recaps what is known so far about a Conduent Business Solutions data breach that could wind up affecting many more Americans than what has already been disclosed: A cyber intrusion inside Conduent stretched for nearly 3 months, from October 21, 2024, to January 13, 2025, and ended up pulling personal and […]
Criminals threaten Wynn Resorts with data leak if they don’t pay extortion demand
Cybernews reports: The cybercrime group ShinyHunters claims it has pulled off a massive data heist against Wynn Resorts, alleging it holds more than 800,000 records containing personal and employee information. The group is escalating its pressure tactics and has issued what it calls a “final warning” on the dark web, giving the luxury resort giant […]
Negotiating with hackers: The AI in ransomware response
An article by Josh Taylor of Fortra begins: Ransomware groups are increasingly inserting AI bots into the negotiation loop to triage victims, collect leverage and scale their operations. At Fortra, I have observed a growing trend of attackers deploying chatbots for first contact, with humans stepping in only after certain thresholds are met. This approach […]
Fed agencies ordered to patch Dell bug by Saturday after exploitation warning
The Record reports: A Chinese state-backed hacking group is targeting Dell customers with a zero-day vulnerability impacting a popular line of operational and disaster recovery tools. Dell and Google released notices on Tuesday about CVE-2026-22769, warning that a sophisticated Chinese actor has been targeting the bug since at least mid-2024. Dell’s advisory said the vulnerability carries a […]
Record Number of Ransomware Victims and Groups in 2025
InfoSecurity Magazine reports: Security researchers observed a 30% annual increase in ransomware victims listed on extortion sites last year, with AI helping to lower the barrier to entry for new threat groups. Searchlight Cyber’s new report, Ransomware’s Record Year: Tracking a Volatile Landscape in H2 2025, tracked 7458 victims on dark web leak sites in 2025. These […]
Polish police detain alleged cybercriminal with Phobos ransomware ties
The Record reports: A 47-year-old man was arrested in Poland for his alleged involvement with the Phobos ransomware operation. … Phobos was a ransomware gang that attacked more than 1,000 organizations worldwide, targeting hospitals, schools, government agencies and more. U.S. prosecutors previously said operators of Phobos and a related strain called 8Base collected upwards of […]
South Korea slaps $25M fine on Dior, Louis Vuitton, Tiffany over Salesforce breach
Bleeping Computer reports: South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement adequate security measures, which facilitated unauthorized access and the exposure of data belonging to more than 5.5 million customers. All three brands are part of the Louis Vuitton Moët Hennessy (LVMH) group […]
Indian pharmacy chain giant exposed customer data and internal systems
TechCrunch reports: A security lapse by one of India’s largest pharmacy chains allowed outsiders to gain full administrative control of its platform, exposing customer order data and sensitive drug-control functions, TechCrunch has exclusively learned. The issue affected DavaIndia Pharmacy, the pharmacy arm of Zota Healthcare, which operates a large network of retail outlets across India. […]