Data Breach News, News, Vendor News
October 19, 2025
312 views 35 secs 0

Russian hackers ‘steal HUNDREDS of U.K. Ministry of Defence files and leak them to dark web’ in ‘catastrophic’ attack

The Sun reports: RUSSIAN cybercriminals have stolen hundreds of military documents and posted them on the dark web in a ‘catastrophic’ hack. The security breach compromised eight RAF and Royal Navy bases as well as emails and names of Ministry of Defence staff, as reported in The Mail on Sunday. The breach has been labelled ‘catastrophic’ and the MoD are investigating the […]

Data Breach News, Legal News, Malware Ransomware, Vendor News
October 16, 2025
254 views 32 secs 0

Capita given record £14 million fine over ransomware attack security failings

The Record reports: Capita, the United Kingdom’s largest outsourcing company, was on Wednesday fined £14 million ($18.7 million) over security failings that saw attackers compromise the personal information of 6.6 million people in a ransomware attack in 2023. The voluntary settlement is for less than a third of the £45 million ($60 million) Britain’s data […]

Education Sector, Data Breach News, Vendor News, Vulnerabilities
October 14, 2025
213 views 9 secs 0

Harvard investigating breach linked to Oracle zero-day exploit

Bleeping Computer reports: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. “Harvard is aware of reports that data associated with the University has been obtained […]

News, Legal News, Vendor News
October 10, 2025
243 views 2 mins 0

Policyholder Plot Twist: Cyber Insurer Sues Policyholder’s Cyber Pros

Hunton Andrews Kurth writes: When a cyber incident occurs and the insurer pays out the claim, they often face the frustrating reality that pursuing the actual criminals – the threat actors – for indemnification is virtually impossible. Thus, insurers are now turning to subrogation claims against the very cybersecurity vendors entrusted by policyholders to protect […]

Data Breach News, News, Vendor News
October 09, 2025
248 views 53 secs 0

Hackers claim Discord breach exposed data of 5.5 million users

Bleeping Computer reports: Discord says they will not be paying threat actors who claim to have stolen the data of 5.5 million unique users from the company’s Zendesk support system instance, including government IDs and partial payment information for some people. The company is also pushing back on claims that 2.1 million photos of government IDs […]

Vulnerabilities, News, Vendor News
October 08, 2025
261 views 42 secs 0

Critical Vulnerability Alert: Oracle E-Business Suite

The FBI Cyber Division has posted the following on LinkedIn to emphasize this critical alert and the need to patch and hunt promptly: Oracle just issued a Security Alert for CVE-2025-61882, a remote code execution vulnerability (CVSS 9.8 – Critical) affecting Oracle E-Business Suite versions 12.2.3 through 12.2.14. The vulnerability allows unauthenticated attackers to execute […]

Data Breach News, Vendor News, Vulnerabilities
September 13, 2025
1039 views 45 secs 0

FBI FLASH: Cyber Criminal Groups UNC6040 and UNC6395 Compromising Salesforce Instances for Data Theft and Extortion

The FBI has issued an alert, FLASH-20250912-001. Summary The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate Indicators of Compromise (IOCs) associated with recent malicious cyber activities by cyber criminal groups UNC6040 and UNC6395, responsible for a rising number of data theft and extortion intrusions. Both groups have recently been observed targeting […]

Data Breach News, Vendor News
September 12, 2025
776 views 19 secs 0

Sen. Wyden seeks FTC probe into Microsoft over Ascension cyberattack

Becker’s Health IT reports: U.S. Sen. Ron Wyden is urging the Federal Trade Commission to investigate Microsoft, saying weak security practices at the tech company helped enable a 2024 ransomware attack on St. Louis-based Ascension hospitals, Bloomberg reported Sept. 10. In a letter sent Sept. 10 to FTC Chairman Andrew Ferguson, Sen. Wyden accused Microsoft of “gross […]

Data Breach News, Vendor News
September 04, 2025
991 views 16 secs 0

Cloudflare Confirms Data Breach – Customer Data Exposed via Salesforce Attack

GBHackers reports: Cloudflare has disclosed a significant data breach affecting customer information following a sophisticated supply chain attack targeting its Salesforce integration with Salesloft Drift. The incident, which occurred between August 12-17, 2025, resulted in the exposure of customer support case data and potentially sensitive credentials shared through support channels. The cybersecurity company became aware […]