Breached Company

CrowdStrike Confirms Insider Threat Linked to Scattered Lapsus$ Hunters Cybercrime Alliance

Breaking: Cybersecurity Giant Terminates Employee Who Allegedly Sold Screenshots to Notorious Hacking Collective Executive Summary In a stark reminder that insider threats remain one of the most challenging security vulnerabilities, CrowdStrike has confirmed it terminated an employee last month who allegedly shared internal system screenshots with the notorious Scattered Lapsus$

Salesforce-Gainsight Breach: ShinyHunters Strike Again with Third-Party Attack Affecting 200+ Companies

Executive Summary: Salesforce has disclosed yet another major security incident affecting customer data, this time involving compromised Gainsight applications. The breach, attributed to the notorious ShinyHunters cybercrime collective, has impacted over 200 Salesforce instances and represents the latest chapter in a devastating year of supply chain attacks that have exposed

Former IT Contractor Pleads Guilty to $862K Revenge Hack: A Cautionary Tale on Insider Threats

When a termination turns into a cyber catastrophe—the Maxwell Schultz case exposes the critical vulnerabilities in offboarding procedures Executive Summary In a stark reminder that insider threats remain one of cybersecurity's most persistent challenges, Maxwell Schultz, a 35-year-old IT contractor from Columbus, Ohio, has pleaded guilty to

The Bulletproof Fortress: Inside the Shadowy World of Cybercrime Hosting Infrastructure

How 'bulletproof' hosting providers enable billions in ransomware attacks—and why law enforcement is finally fighting back In the ongoing war against cybercrime, there's a critical battlefield that rarely makes headlines: the digital infrastructure that keeps criminal operations running. While ransomware gangs like LockBit and malware

Educational Institutions Under Siege: New Haven Phishing Attack Highlights Growing Cybersecurity Crisis

Executive Summary A sophisticated phishing campaign has struck New Haven Public Schools, with attackers compromising at least four student accounts to distribute over 10,000 fraudulent emails seeking personal banking information. More than half of the student body received these malicious emails, and approximately 1,000 students—representing 10% of

City of Attleboro Under Cyber Siege: Latest in Wave of Municipal Ransomware Attacks

November 20, 2025 - The City of Attleboro, Massachusetts became the latest American municipality to fall victim to a sophisticated cyberattack, joining a growing list of cities and towns struggling against an unprecedented surge in ransomware operations targeting local governments. Smart City Cybersecurity Assessment | CyberSafe.CityComprehensive security assessment for smart

The DDoS Arms Race: How 2025 Became the Year of Record-Breaking Cyber Assaults

Executive Summary In September 2025, Cloudflare mitigated an 11.5 terabits per second (Tbps) distributed denial-of-service (DDoS) attack—a record that stood for just three weeks before being shattered by a 22.2 Tbps assault. These unprecedented attacks represent the culmination of a multi-year escalation that has seen volumetric DDoS

When Cloudflare Sneezes, Half the Internet Catches a Cold: The November 2025 Outage and the Critical Need for Third-Party Risk Management

Executive Summary On the morning of November 18, 2025, a configuration error at Cloudflare triggered a cascading failure that rendered significant portions of the internet inaccessible for several hours. ChatGPT, X (formerly Twitter), Spotify, League of Legends, and countless other services went dark, exposing an uncomfortable truth: our modern digital

The Ransomware-as-a-Service Ecosystem in Late 2025: From LockBit's Disruption to the Rise of Qilin, Akira, and DragonForce

The ransomware landscape has undergone a dramatic transformation throughout 2025, with law enforcement disruptions creating both chaos and opportunity within the cybercriminal ecosystem. While Operation Cronos dismantled LockBit's infrastructure in early 2024, the void left by the once-dominant group has spawned a more fragmented, competitive, and paradoxically more

Critical Alert: Cybercriminals Actively Exploiting Vulnerabilities in Fortinet, Cisco, VMware, and WatchGuard Systems

Executive Summary Organizations worldwide face an unprecedented wave of actively exploited vulnerabilities affecting critical network infrastructure from major cybersecurity vendors. As of November 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added multiple high-severity vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, with threat actors demonstrating sophisticated

DoorDash Data Breach Exposes Customer Information After Employee Falls for Social Engineering Attack

Just in: DoorDash breached… On November 13, 2025, DoorDash began notifying users of a security incident that occurred on October 25, 2025, involving "an unauthorized third party gaining access to and taking certain user contact information." According to the company's disclosure, the compromised data "may

Operation Endgame Continues: CrazyRDP Bulletproof Hoster Dismantled as Dutch Police Seize Thousands of Servers in Coordinated Cybercrime Crackdown

THE HAGUE — In a major escalation of the international Operation Endgame cybercrime offensive, Dutch police have seized thousands of servers owned by CrazyRDP, a notorious bulletproof hosting provider implicated in 80 law enforcement investigations spanning cybercrime operations and child sexual abuse material (CSAM) distribution. The operation marks the latest and