Executive Summary In October 2025, the extortion group Crimson Collective breached Red Hat's consulting GitLab instance, claiming to have exfiltrated 570GB of compressed data from over 28,000 internal repositories. The breach exposed approximately 800 Customer Engagement Reports (CERs) containing sensitive infrastructure details, authentication credentials, and network configurations
In a significant escalation of ransomware attacks targeting financial institutions, the notorious Qilin ransomware group has claimed responsibility for breaching Habib Bank AG Zurich, allegedly stealing over 2.5 terabytes of data comprising nearly 2 million files from the Swiss-based international bank. The Attack Unveiled On November 5, 2025, the
Newly unsealed search warrant reveals Iranian cyber actors taunted former National Security Advisor John Bolton about compromised classified documents, highlighting the human element of state-sponsored cyber extortion campaigns Executive Summary Newly unsealed FBI affidavits reveal that Iranian hackers who breached former National Security Advisor John Bolton's personal AOL
Google's latest threat intelligence reveals a critical truth: AI is making hackers more efficient, but not more innovative The Bottom Line Google's Threat Intelligence Group just dropped a reality check for the cybersecurity industry. Despite the apocalyptic predictions flooding security conferences in 2025, threat actors using
Bottom Line Up Front: The notorious Cl0p ransomware group has orchestrated another devastating zero-day exploitation campaign, this time targeting Oracle E-Business Suite (EBS) customers through CVE-2025-61882. With confirmed victims including American Airlines subsidiary Envoy Air, Schneider Electric, Cox Enterprises, Pan American Silver Corp, Emerson, Harvard University, and South Africa'
The Breach That Shook Healthcare and Government Services Across 46 States In what has become the largest healthcare data breach of 2025, business process outsourcing giant Conduent Business Solutions has confirmed that a sophisticated ransomware attack by the emerging SafePay cybercrime group compromised the sensitive personal and medical information of
The Shocking Case That's Rocking the Cybersecurity Industry In a stunning turn of events that reads like a cybercrime thriller, three former employees of cybersecurity incident response companies have been indicted for allegedly conducting the very ransomware attacks they were supposedly hired to prevent. The case has sent
In the evolving landscape of digital privacy, security, and internet regulation, several legislative frameworks have significantly shaped the discourse in the United States. These include the Foreign Intelligence Surveillance Act (FISA) along with Section 702, the House Permanent Select Committee on Intelligence (HPSCI) bill, Net Neutrality, the Internet Bill of
Introduction: In an unexpected move that further underscores the tensions on the international stage, the European Union (EU) has proposed imposing sanctions on certain Chinese companies for their alleged role in supporting Russian activities. This decision highlights the EU's commitment to address perceived violations of international norms through
Key Takeaway The key takeaway from the web page content is that digital security in 2030 will revolve around the ability of societies to match the speed of trust with the speed of innovation, with a focus on trust, data privacy, technology adoption, and the US-China relationship. wefcybersecuritytrendswefcybersecuritytrends.pdf1 MBdownload-circle
Introduction The cyberattacks on MGM Resorts International and Caesars Entertainment, two titans in the casino and hospitality industry, represent a significant episode in the annals of cybercrime. These incidents not only led to considerable financial losses but also exposed sensitive customer data, underscoring the escalating threat of cyberattacks in the
Website highlighting all the recent hacking attempts at companies and technology providers.
Executive Summary Water infrastructure has emerged as one of the most vulnerable and strategically important targets in the global cybersecurity landscape. Recent data from Britain's Drinking Water Inspectorate reveals five cyberattacks on UK water suppliers since January 2024, marking a record number in any two-year period. This alarming
The Latest Attack in an Unrelenting Campaign On October 23, 2025, Western Sydney University (WSU) made a public notification about yet another significant data breach—the latest in a series of cyberattacks that have plagued the institution throughout 2025. This breach, which occurred between June 19 and September 3, 2025,
A Chinese state-sponsored threat actor has launched a calculated cyber espionage operation targeting European diplomatic entities, weaponizing a long-exploited Windows vulnerability that Microsoft has declined to patch. Executive Summary Between September and October 2025, the China-affiliated threat group UNC6384 executed a targeted cyber espionage campaign against diplomatic organizations across Hungary,
SK Telecom faces catastrophic financial fallout from cyberattack that exposed 27 million customers, ending unprecedented profit run South Korea's telecommunications giant SK Telecom has revealed the staggering financial toll of a massive data breach, reporting a 90.9% collapse in operating profit for the third quarter of 2025—
Regional Gas Station Chain Falls Victim to Double Extortion Attack Executive Summary Super Quik, a multi-state convenience store and gas station chain operating across Kentucky, Ohio, West Virginia, and Florida with an annual revenue of $124.8 million, has been compromised by the Russia-linked Play ransomware group. The attackers have
Japanese retail giant Askul Corporation has confirmed a significant data breach following a ransomware attack that disrupted operations across its e-commerce platforms and compromised sensitive customer and supplier information. The Russia-linked extortion group RansomHouse has claimed responsibility for the attack, asserting it exfiltrated approximately 1.1 terabytes of data from
Critical Infrastructure Alert: Iranian-linked threat actors demonstrate unprecedented access to sensitive defense systems Executive Summary A sophisticated cyber operation targeting Israeli defense contractor Maya has exposed classified weapons development programs, including surveillance camera footage from meeting rooms and workshops captured over an 18-month period. The breach, attributed to the Cyber
Date: November 1, 2025 Location: Philadelphia, PA Incident Type: Email System Compromise / Marketing Platform Security Incident Severity: High Executive Summary The University of Pennsylvania experienced a significant email security incident on October 31, 2025, when threat actors gained access to the institution's Salesforce Marketing Cloud platform and sent
A joint investigation reveals troubling details about Project Nimbus and the extraordinary measures tech giants took to secure a $1.2 billion cloud contract Executive Summary A bombshell investigation by The Guardian, +972 Magazine, and Local Call has exposed alarming details about Project Nimbus—a $1.2 billion cloud computing
The $150 Million Cybercrime Operation That Spanned 47 States In a significant victory for international cybercrime prosecution, Ukrainian national Oleksii Oleksiyovych Lytvynenko, 43, has been extradited from Ireland to face charges related to his alleged role in the notorious Conti ransomware operation. The case represents a watershed moment in cross-border
October 29, 2025 - Just one week after AWS's DNS failure brought down thousands of services, Microsoft experienced a strikingly similar cascading failure. An inadvertent configuration change to Azure Front Door triggered a global outage affecting Azure, Microsoft 365, Xbox Live, and thousands of customer-facing services. The incident,
A catastrophic cloud misconfiguration left one of the world's largest accounting firms vulnerable to complete database exfiltration In a breach that underscores the persistent danger of cloud misconfigurations, Ernst & Young (EY), one of the Big Four accounting giants, accidentally exposed a massive 4-terabyte SQL Server backup file