BleepingComputer recaps what they view as the 15 biggest cybersecurity and cyberattack stories of 2025. Four of the 15 involve ShinyHunters or the ScatteredLapsus$Hunters collective. Among other stories: In 2025, ClickFix attacks became widely adopted by numerous threat actors, including state-sponsored hacking groups and ransomware gangs. What started as a Windows malware campaign, quickly expanded to macOS and […]
From an article in The Financial Poise: When a business gets the call that something has gone wrong with its data, the first instinct is usually panic. Systems are slow, employees are confused, and leadership wants answers immediately. But as cybersecurity incidents become a routine part of modern business life, the difference between companies that […]
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed; however, the data breach is known to have affected approximately 80 hospitals, although a list of those hospitals has not been made public. Oracle Health has been notifying the affected healthcare provider clients, some of […]
Bloomberg News reports: Goldman Sachs Group Inc. warned investors in some of its alternative investment funds that their data may have been exposed in a breach at one of the bank’s law firms. In a Dec. 19 letter, Goldman said it had been informed of a “cybersecurity incident” by Fried Frank Harris Shriver & Jacobson LLP, which serves […]
Agencias reports a detail in the Coupang breach and arrest: Coupang, the South Korean e-commerce giant, has faced a serious data breach affecting 33.7 million customers, compromising sensitive information such as names, addresses, and phone numbers. The situation unfolded in late November when the company announced that hackers had accessed its users’ data. Since December 1, […]
The Record reports: France’s data protection regulator has fined the software company Nexpublica France €1.7 million ($2 million) for poor cybersecurity practices in the wake of a data breach. In November 2022, users of a Nexpublica portal reported they could access documents about third parties. France’s data regulator, known as CNIL, investigated the incident and […]
SecurityWeek provides an update on the Coupang breach: Coupang, the South Korean ecommerce giant listed in the US (NYSE: CPNG), on Monday announced plans to spend 1.685 trillion won (~$1.17 billion) in compensation over a recent data breach. The incident, the company said in early December, was discovered on November 18, and involved unauthorized access […]
News19 reports: Nearly a quarter of a million residents in South Carolina may have had their data exposed in a breach that occurred months earlier, according to state records. A data breach notice provided to the South Carolina Department of Consumer Affairs (SCDCA) by Prosper Marketplace Inc. on Dec. 11 stated that the company learned […]
BleepingComputer reports: A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million additional records for other Condé Nast properties. On December 20, a threat actor using the name “Lovely” leaked the database […]
Security Affairs reports: The blockchain intelligence firm TRM Labs warns that encrypted vault backups stolen in the 2022 LastPass breach are still being cracked using weak master passwords, enabling crypto theft as late as 2025. In 2022, hackers breached LastPass, stealing encrypted backups of roughly 30 million vaults containing sensitive credentials, including crypto keys. TRM […]
