Top Cyber Incidents

**Cybercrime in 2025: A Global Threat Surpassing National Economies** Cybercrime continues to escalate into one of the world’s most lucrative illicit industries, with damages projected to reach **$10.5 trillion USD globally in 2025** a figure that, if measured as a country, would rank as the **thir

**Ransomware Attacks Surge 30% in Q4 2025, Targeting Critical Sectors and Supply Chains** Ransomware activity has spiked sharply, with attacks increasing by **30% in the last four months of 2025** compared to the first nine months of the year. Cybersecurity firm **Cyble** recorded **2,018 claimed a

**Ransomware in 2025–2026: Evolving Threats, Rising Costs, and High-Profile Attacks** Ransomware remains a critical threat to governments, businesses, and critical infrastructure, disrupting healthcare, fuel distribution, retail, and identity security. Financial and operational impacts have intensi

**The "Mother of All Breaches": 26 Billion Records Exposed in Unprecedented Data Leak** Security researchers have uncovered what may be the largest compilation of stolen credentials in history a 12-terabyte database dubbed the **"Mother of All Breaches" (MOAB)**, containing **26 billion records** f

Broadcom, a global technology leader valued at hundreds of billions, was among the high-profile victims of **Cl0p’s ransomware attack** exploiting a **zero-day vulnerability in Oracle’s E-Business Suite (CVE-2025-61882 and CVE-2025-21884)**. The cybercriminal group **exfiltrated sensitive corporate

**Loblaw Faces Alleged Massive Data Breach as Threat Actor Demands Response** A threat actor operating under the handle *"igotafeeling"* on the *DarkWeb Informer* forum has claimed to have breached **Loblaw**, Canada’s largest food and pharmacy retailer, which owns brands like *President’s Choice,

**Cyber Retaliation Likely as U.S.-Israeli Strikes Trigger Iranian Digital Disruptions** On March 1, 2026, a series of cyber operations unfolded alongside joint U.S.-Israeli airstrikes targeting Iran, signaling potential escalation in digital warfare. Cybersecurity experts reported multiple breache

**Ransomware in 2025: A Systemic Threat Disrupting Global Supply Chains and Critical Services** In 2025, ransomware evolved from isolated IT disruptions into a systemic risk, threatening national supply chains, essential services, and entire industries. Cybersecurity Ventures projects the global co

**Volkswagen Faces Data Extortion Threat from 8Base Ransomware Group** Volkswagen Group is responding to claims by the ransomware group **8Base**, which alleges it stole and leaked sensitive data from the automaker. While Volkswagen maintains that its **core IT infrastructure remains unaffected**,

**FBI Network Breach Targets Surveillance Systems** Hackers have reportedly compromised an FBI network used to manage wiretaps and foreign intelligence surveillance warrants, according to a CNN report citing an anonymous source. The breach was confirmed by an FBI spokesperson, who stated that the b

**Cyberattacks Surge in the Automotive Industry: Key Incidents from 2024–2025** The automotive sector has become a prime target for cybercriminals, with attacks ranging from ransomware extortion to large-scale data breaches exposing sensitive customer and operational data. Between 2024 and 2025, ma

Brussels Airport experienced a cyberattack on Friday evening that crippled its passenger and baggage check-in systems, forcing manual processing and causing significant operational disruptions. The attack, which also affected other European airports, targeted a third-party service provider’s systems

The ransomware group **ShinyHunters (Scattered Lapsus$ Hunters)** breached **Salesforce** by exploiting stolen OAuth tokens from **Salesloft Drift’s AI chatbot integration**, compromising **1.5 billion records** across **760 companies** (including Cisco, Disney, and Marriott). The leaked data includ

In August 2021, T-Mobile experienced a significant cybersecurity breach, resulting in the theft of data from about 50 million existing and potential customers. The information compromised included customer addresses, drivers' licenses, and social security numbers. This breach was orchestrated by a 2

**VoidLink Malware Framework Exposes Critical Gaps in Kubernetes and AI Workload Security** In December 2025, Check Point Research disclosed *VoidLink*, a sophisticated Linux malware framework designed to infiltrate cloud-native and AI workloads, marking a shift in how threat actors target modern i

**UK Banking Sector Faces Relentless Cyber Threats as IT Failures Disrupt Services** The UK’s financial sector is grappling with escalating cybersecurity risks and frequent IT outages, with bank executives warning of the severe consequences for market stability and public trust. Speaking before the

For much of the summer, Snowflake, a cloud data storage provider, was targeted by a series of data breaches affecting over 165 customers, exposing hundreds of millions of records. These customers included large corporations such as AT&T, Santander, and Live Nation Entertainment. Despite the breach's

A cyber attack on **Collins Aerospace’s Muse software platform**—used for flight check-ins, baggage handling, and boarding coordination—disrupted operations at major European airports, including **Heathrow (UK), Berlin (Germany), and Brussels (Belgium)**. The attack forced airlines to manually proce

Kettering Health, a major healthcare provider, fell victim to a **ClickFix attack** linked to the **Interlock ransomware group**, resulting in a significant data breach. The attack exploited social engineering tactics, tricking employees into executing malicious scripts via browser-based lures (e.g.

Collins Aerospace, a critical supplier in the aerospace and defense industry, fell victim to a **ransomware attack** that disrupted European airports by targeting its digital supply chain dependencies. The incident, highlighted in ENISA’s *Threat Landscape 2025* report, exemplifies how cyber-attacks

The **Clop ransomware gang** exploited a **critical zero-day vulnerability (CVE-2025-61882)** in **Oracle E-Business Suite (EBS)**, specifically within the **BI Publisher Integration component**, to conduct **data theft attacks** since at least **August 2025**. The flaw allowed **unauthenticated rem

The **Clop ransomware gang** exploited a **zero-day vulnerability** in **Oracle’s E-Business Suite**, a critical enterprise software used for managing customer data, HR files, and corporate operations. The attack, active since at least **July 10**, allowed hackers to steal **significant amounts of s

**Russian National Linked to Conti and TrickBot Ransomware Operations Identified in Global Crackdown** Germany’s Federal Criminal Police Office (BKA) has accused Russian national **Vitaly Nikolaevich Kovalev**—also known by the alias **Stern**—of leading the **Conti and TrickBot (Wizard Spider) ran

**Ransomware Attacks Hit Record Highs in 2025 Despite Major Disruptions** A new study by Symantec and the Carbon Black Threat Hunter Team reveals that ransomware attacks surged to unprecedented levels in 2025, with threat actors adapting rapidly to law enforcement crackdowns and evolving their exto

**Ransomware and Supply Chain Attacks Hit Record Highs in 2025, Signaling Escalating Threats** 2025 marked a sharp escalation in cyber threats, with ransomware and supply chain attacks reaching unprecedented levels, according to a new report from threat intelligence firm Cyble. The year saw **6,604

**AI-Powered Hacker Exploits Anthropic’s Claude to Breach Mexican Government Agencies** An unknown threat actor leveraged Anthropic’s AI chatbot, Claude, to orchestrate a large-scale cyberattack against multiple Mexican government agencies, stealing 150 gigabytes of sensitive data, including taxpay

**China-Backed Storm-2603 Deploys Warlock Ransomware in Widespread SharePoint Attacks** On July 23, Microsoft reported that the China-linked threat group **Storm-2603** exploited on-premises **SharePoint servers** using **Warlock ransomware**, a ransomware-as-a-service (RaaS) operation that emerged

**GitHub, npm, and VS Code Repositories Compromised by Glassworm’s Invisible Unicode Attack** Researchers at Aikido Security uncovered a sophisticated campaign by the threat actor **Glassworm**, which compromised at least **151 GitHub repositories** between **March 3 and March 9** by embedding mali

**AWS Bedrock AI Platform Exposed to Eight Critical Attack Vectors, Research Reveals** Amazon’s AWS Bedrock a platform enabling developers to build AI-powered applications by integrating foundation models with enterprise data and systems has been identified as a high-value target for attackers. Sec

**Cisco Hit by Major Cyberattack Linked to Supply Chain Breach** Cisco is responding to a significant cybersecurity incident after threat actors breached its internal development networks, stealing sensitive source code and corporate data. The attack, claimed by the hacking group **ShinyHunters**,

**March 2026 Ransomware Surge: Critical Infrastructure Under Fire** March 2026 marked a sharp escalation in ransomware activity, with **780 attacks** recorded a **13% increase** from February and the second-highest monthly total since February 2025. The surge was driven by targeted campaigns agains

**ShinyHunters Breaches Anodot, Compromises Snowflake Customer Data in Supply Chain Attack** The ShinyHunters extortion group has claimed responsibility for a supply chain attack on Anodot, an AI-driven cloud analytics platform, resulting in the theft of authentication tokens for over a dozen Snowf

**Critical Telnetd Vulnerability (CVE-2026-32746) Exposes Legacy Systems to Remote Code Execution** A severe buffer overflow vulnerability (CVE-2026-32746) has been identified in the GNU InetUtils *telnetd* daemon, allowing unauthenticated attackers to execute arbitrary code with root privileges. T

**Iran-Linked Handala Claims Cyberattacks on Three Major UAE Organizations** On April 13, 2026, the Iran-aligned hacking group **Handala** announced a series of cyberattacks targeting three key UAE institutions: **Dubai Courts, Dubai Land Department, and Dubai Roads & Transport Authority**. The gro

**Everest Ransomware Group Claims Massive Data Breach at McDonald’s India** The Everest ransomware group has alleged a major cyberattack on McDonald’s India, claiming to have exfiltrated **861 GB of sensitive data**, including internal documents and customer personal information. The threat actors

**Global Ransomware Attacks Surge 32% in 2025, With Manufacturing and U.S. Organizations Hit Hardest** In 2025, global ransomware attacks reached **7,419 incidents**, marking a **32% increase** from the 5,631 recorded in 2024, according to a report by **Comparitech**. Of these, **1,173 attacks were

**DHS Warns of Escalating Cyber Threats from Iran-Backed Hackers Amid Rising Tensions** The U.S. Department of Homeland Security (DHS) issued a **National Terrorism Advisory System (NTAS) bulletin** on Sunday, warning of heightened cyberattack risks from **Iran-backed hacking groups and pro-Iranian

**Russian Dairy Supply Chain Disrupted by Cyberattack on Mercury Certification Platform** Major Russian retailers, including Lenta, Miratorg, and Yandex Lavka, have reported significant disruptions to their dairy supply chains following a cyberattack last week on the Mercury platform. The system, m

**Singapore’s Major Telcos Targeted by State-Linked Cyberespionage Group UNC3886** On February 9, Singapore’s Minister for Digital Development and Information, Josephine Teo, disclosed that all four of the country’s major telecommunications providers Singtel, StarHub, M1, and Simba Telecom were tar

**Exposed ICS/OT Devices Under Nation-State Threat: Key Findings from Team Cymru’s Research** Team Cymru’s latest research reveals alarming vulnerabilities in industrial control systems (ICS) and operational technology (OT) environments, highlighting how exposed devices remain prime targets for hos

**Cyberattacks on Critical Infrastructure Disproportionately Impact Women, Yet Policy Remains Gender-Blind** Cyberattacks on essential services healthcare, education, and transportation are increasing in frequency and severity, with consequences that extend far beyond technical disruptions. While t

**BePrime Cyberattack Exposes 12.6GB of Data, Highlights Critical Security Failures** A Mexico-based cybersecurity firm, BePrime, suffered a major breach after attackers allegedly exploited unprotected administrator accounts lacking multifactor authentication (MFA). The incident, disclosed by the t

**Confucius APT Expands Cyber Espionage Campaigns Against Pakistan with New Malware Tools** The threat group **Confucius**, active since at least **2013**, has launched a renewed phishing campaign targeting **Pakistan**, deploying advanced malware families including **WooperStealer** and the Python

**FancyBear’s OPSEC Blunder Exposes Russian Espionage Operations Targeting NATO-Aligned Governments** A critical operational security (OPSEC) failure by the Russian state-backed threat group **APT28 (FancyBear)** has exposed a live command-and-control (C2) server containing stolen credentials, two-

The **ShinyHunters** extortion group exploited compromised **Drift OAuth tokens** linked to **Salesloft** to steal over **1.5 billion Salesforce records** from **760 companies**. Attackers used **social engineering and malicious OAuth apps** to infiltrate Salesforce environments, exfiltrating massiv

The attack on **Salesloft** began with the compromise of an internal **GitHub repository**, where attackers stole a high-privilege **OAuth token** granting access to its **Drift cloud application**. Exploiting Drift’s trusted integrations, the attackers pivoted to **Salesforce instances** of multipl

A ransomware group, **J Group**, claimed a major breach of **Dimensional Control Systems (DCS)**, a Michigan-based provider of dimensional engineering software critical to manufacturing giants like **Boeing, Samsung, Volkswagen, and Airbus**. The attackers allegedly exfiltrated **11GB of sensitive d

US tech company **F5** confirmed a **data breach** in which **nation-state attackers** stole the **source code** and **vulnerability information** related to its **BIG-IP family of networking and security products**. BIG-IP is a critical infrastructure component used by enterprises for traffic manag

Hitachi Vantara, a subsidiary of Hitachi, suffered a disruptive **Akira ransomware attack** on **April 26, 2025**, forcing the company to take critical servers offline to contain the breach. The incident disrupted internal systems, manufacturing operations, and remote/support services, though cloud

The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. Although just about 10,000 of the exposed secrets were verified as valid by the open-so