News, Legal News, Vendor News
October 10, 2025
16 views 2 mins 0

Policyholder Plot Twist: Cyber Insurer Sues Policyholder’s Cyber Pros

Hunton Andrews Kurth writes: When a cyber incident occurs and the insurer pays out the claim, they often face the frustrating reality that pursuing the actual criminals – the threat actors – for indemnification is virtually impossible. Thus, insurers are now turning to subrogation claims against the very cybersecurity vendors entrusted by policyholders to protect […]

Data Breach News, Malware Ransomware, Miscellaneous News, News
October 10, 2025
13 views 39 secs 0

LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions

CSO reports: Three of the most notorious ransomware-as-a-service operations have formed a criminal cartel aimed at coordinating attacks and sharing resources in what they describe as an increasingly “challenging” ransomware business environment. DragonForce, Qilin, and LockBit announced the partnership in early September, with DragonForce proposing the collaboration shortly after LockBit reemerged with its LockBit 5.0 […]

Data Breach News, News, Vendor News
October 09, 2025
17 views 53 secs 0

Hackers claim Discord breach exposed data of 5.5 million users

Bleeping Computer reports: Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk support system instance, including government IDs and partial payment information for some people. The company is also pushing back on claims that 2.1 million photos of government IDs […]

Vulnerabilities, News, Vendor News
October 08, 2025
33 views 42 secs 0

Critical Vulnerability Alert: Oracle E-Business Suite

The FBI Cyber Division has posted the following on LinkedIn to emphasize this critical alert and the need to patch and hunt promptly: Oracle just issued a Security Alert for CVE-2025-61882, a remote code execution vulnerability (CVSS 9.8 – Critical) affecting Oracle E-Business Suite versions 12.2.3 through 12.2.14. The vulnerability allows unauthenticated attackers to execute […]

Data Breach News, News
October 08, 2025
21 views 3 mins 0

Two arrested over nursery chain Kido hack

IT Pro reports two men have been arrested in connection with the attack on Kido schools in which individuals calling themselves Radiant Group first posted pictures, names, and details of nursery school kids and threatened to dump all 8,000, and then deleted the data and apologized. The UK’s Metropolitan Police have arrested two teenagers for […]

Cyberattack, News
October 06, 2025
35 views 30 secs 0

Red Hat Confirms GitLab Instance Hack, Data Theft

Security Week reports: Red Hat on Thursday confirmed that one of its GitLab instances was hacked after a threat actor claimed to have stolen sensitive data belonging to the company and its customers.  It was initially reported that the hackers had targeted a GitHub instance, but the enterprise software giant clarified that it was actually […]

Data Breach News, News
October 06, 2025
34 views 56 secs 0

ParkMobile pays… $1 each for 2021 data breach that hit 22 million

Bleeping Computer reports: ParkMobile has finally wrapped up a class action lawsuit over the platform’s 2021 data breach that hit 22 million users. But there’s a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. In-app $0.25 credit can be […]

Data Breach News, News
October 04, 2025
38 views 42 secs 0

Scattered Lapsus$ Hunters Returns With Salesforce Leak Site

DarkReading reports: After announcing its farewell last month, the cyber extortion group known as Scattered Lapsus$ Hunters returned on Friday with a website featuring stolen Salesforce data and a list of dozens of alleged victims. Scattered Lapsus$ Hunters is an apparent combination of the Scattered Spider, Lapsus$, and ShinyHunters cybercriminal groups, which first emerged over the summer […]

Data Breach News, News
October 04, 2025
35 views 46 secs 0

Oracle customers being bombarded with emails claiming widespread data theft

CyberScoop reports: Attackers appearing to be aligned with the Clop ransomware group have sent emails to Oracle customers seeking extortion payments, claiming they stole data from the tech giant’s E-Business Suite, according to researchers who spoke with CyberScoop.  Researchers haven’t confirmed the veracity of Clop’s claimed data theft, but multiple investigations into Oracle environments belonging […]

Data Breach News, News
October 04, 2025
32 views 4 secs 0

Discord customer service data breach leaks user info and scanned photo IDs

The Verge reports: One of Discord’s third-party customer service providers was compromised by an “unauthorized party,” the company says. The unauthorized party gained access to “information from a limited number of users who had contacted Discord through our Customer Support and/or Trust & Safety teams” and aimed to “extort a financial ransom from Discord.” The unauthorized […]