This is not an incident involving personally identifiable information or protected health information. It involves source code and information about product vulnerabilities. Street Insider reports: F5 Networks (NASDAQ: FFIV) disclosed that a nation-state threat actor gained unauthorized access to certain company systems on August 9, 2025, according to a company statement. The network security company said […]
Farmers Insurance is facing negative attention and lawsuits because of a three-month delay in notifying 1.1 million policyholders about a data breach. H. Dennis Beaver, Esq writes: To paraphrase the notice (you can read it in full here): On May 30, 2025, one of our vendors informed us about suspicious activity of an unauthorized actor who […]
From the New York Attorney General’s Office:
The Register reports: Cyberattacks that meet upper severity thresholds set by the UK government’s cyber agents have risen 50 percent in the last year, despite almost zero change in the volume of cases handled. GCHQ’s cyber arm, the National Cyber Security Centre’s (NCSC), said in its annual review published today that its incident management team handled 429 […]
Bleeping Computer reports: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. “Harvard is aware of reports that data associated with the University has been obtained […]
Computing.co.uk reports; Notorious hacking group Crimson Collective has claimed responsibility for a major breach of Nintendo’s internal systems. Crimson Collective says it has access to sensitive production assets, developer files, and backup data. This claim was given weight by cybersecurity intelligence firm Hackmanac which shared a screenshot on X purportedly showing folders labeled “Production Assets,” “Dev Builds,” […]
The FBI urges all organizations using Red Hat’s OpenShift AI platform to address a 9.9/10 security flaw. It allows an attacker with authenticated access to a low-privileged account to escalate privileges, potentially leading to stolen data, disrupted services, and complete takeover of the underlying infrastructure. If you have OpenShift deployed in your environment, urgent action is […]
CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing resources in what they describe as an increasingly “challenging” ransomware business environment. DragonForce, Qilin, and LockBit announced the partnership in early September, with DragonForce proposing the collaboration shortly after LockBit reemerged with its LockBit 5.0 […]
Bleeping Computer reports: Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk support system instance, including government IDs and partial payment information for some people. The company is also pushing back on claims that 2.1 million photos of government IDs […]
The Vicksburg Daily News reports on the findings by the state auditor: According to Mississippi State Auditor Shad White, a third of state offices are at risk of cybercrimes due to not meeting cybersecurity assessment requirements according to a report released yesterday, Tuesday, Oct. 7. Auditor Shad White stated in the release, “Part of our […]
