Breaches
75 articles
Confirmed breaches, data leaks, exposed records, and disclosure fallout.
HIGHGrafana GitHub Token Breach Lets Attacker Download Full Codebase
An attacker used a compromised GitHub token to download Grafana's entire private codebase. The company says no customer data was accessed and the incident involved an extortion...
HIGHChrome 148 Patches ANGLE Data Leak, Google Lens UAF
Google fixed CVE-2026-8556 (ANGLE cross-origin leak) and CVE-2026-8550 (Google Lens use-after-free) in Chrome 148.0.7778.168 for Windows. Both flaws require a compromised renderer.
HIGHOpenAI Breached in TanStack Supply Chain Attack
OpenAI says two employees' devices were compromised in the TeamPCP Mini Shai-Hulud campaign, forcing rotation of code-signing certificates across macOS, Windows, iOS, and Android.
HIGHAI-Driven Attacks Compromise Systems in 73 Seconds, Outpacing Patching
Picus Security analysis shows AI-powered attackers exploit CVEs in ~10 hours and breach systems in 73 seconds, while patching still takes 24 hours.
HIGHFoxconn Confirms Ransomware Attack on North American Factories
Nitrogen ransomware gang claims 8TB of stolen data from Foxconn's North American factories, including technical files from major tech clients.
CRITICALThe Gentlemen RaaS Internal Leak Exposes Admin, Affiliates, Tactics
A leaked backend database from The Gentlemen RaaS operation reveals 9 accounts, admin TOX ID, initial access via Fortinet/Cisco edge flaws, and a 190,000 USD ransom payout.
CRITICALInstructure Pays Ransom to ShinyHunters After Canvas Breach
Instructure paid ShinyHunters after two Canvas intrusions stole data from 9,000 institutions. Congress launched an investigation into the ed-tech vendor's incident response.
HIGHInstructure Pays ShinyHunters to Halt 3.65TB Canvas Data Leak
ShinyHunters agreed to delete 3.65TB of stolen Canvas data after Instructure paid an undisclosed ransom. The breach affects thousands of schools and universities worldwide.
HIGHŠkoda Discloses Customer Data Breach After Online Shop Hack
Škoda Auto disclosed a data breach after attackers exploited a vulnerability in its e-commerce portal, stealing customer names, addresses, and password hashes.
HIGHUK Fines South Staffordshire Water $1.3M for 2022 Breach
ICO fined South Staffordshire Water £963,900 after Cl0p ransomware gang leaked data of 663,887 customers — phishing attack went undetected for 20 months.
HIGHSailPoint Discloses GitHub Repo Breach via Third-Party App
SailPoint reported to the SEC that attackers accessed a subset of its GitHub repositories on April 20 via a third-party app vulnerability.
HIGHBraintrust Breach Exposes AI Provider API Keys, Urges Rotation
Braintrust disclosed a breach on May 4 where attackers accessed an AWS account, compromising AI provider API keys for firms like Box and Stripe. At least one customer affected.
HIGHShinyHunters Breaches Vimeo, Leaks 119K User Records
ShinyHunters leaked a 106GB archive of Vimeo data after breaching Anodot, exposing emails and names of 119,200 users. No credentials or payment info compromised.
HIGHTrellix Source Code Breach Exposes Security Product Internals
Attackers stole source code from Trellix, exposing detection logic and control locations in its security products. The breach amplifies supply chain risks for enterprise customers.
MEDIUMCyber Tax Raises Consumer Prices After Breaches, Podcast Warns
Malwarebytes Lock and Code podcast: Eva Velasquez details how small business cyberattacks create a 'cyber tax' that raises prices for all consumers — no sector immune.
HIGHInfrastructure Breach: Hackers Steal Student Data from Canvas Platform
Infrastructure confirmed hackers accessed Canvas user data — names, emails, student IDs, messages — from educational institutions.
HIGHInstructure Breach: Student Data Stolen, Services Disrupted
Instructure disclosed a breach where hackers stole names, emails, student IDs, and messages, and disrupted Canvas platform services. Data leak threats follow.
HIGHMedtronic Discloses Cyberattack on Corporate IT Systems
Medtronic reported unauthorized access to its corporate IT systems in a cyberattack, with no impact on medical devices or patient care operations. Data was compromised.
HIGHPro-Orbán Media Firm Mediaworks Breached by Ransomware Group
Ransomware group claims breach of Mediaworks, a pro-Orbán Hungarian media conglomerate. The firm confirmed unauthorized access and potential data exfiltration on Friday.
HIGHInstructure Data Breach: ShinyHunters Claims Theft
ShinyHunters claims to have stolen data from Instructure, the edtech firm behind Canvas LMS. Instructure confirms a breach involving unauthorized access to certain systems and…
HIGHInstructure Probes Cyber Incident Impacting Canvas Platform
Instructure, maker of the Canvas LMS used by over 30 million students, disclosed a cybersecurity incident and is investigating potential data exposure across its infrastructure.
HIGHTrellix Breach: Source Code Repository Compromised
Trellix confirmed attackers accessed a portion of its source code repository. The firm engaged forensic experts and notified law enforcement. No customer data impact disclosed.
HIGHBrazilian DDoS Firm Behind Botnet Attacks on ISPs
Brazilian anti-DDoS firm's infrastructure used to launch massive botnet attacks against rival ISPs. CEO claims breach by competitor caused the abuse.
HIGHCISA Details FCEB Agency Breach Response Lessons Learned
CISA's incident response at a U.S. federal agency uncovered gaps in EDR alert triage, credential hygiene, and network segmentation — three lessons for all defenders.
HIGHFrench Police Arrest 15-Year-Old in ANTS Data Breach Probe
French authorities detained a 15-year-old on April 25 for allegedly hacking ANTS, the national ID agency handling passports and driver's licenses.
HIGHInc Ransom Breach at Sandhills Medical Exposes 170K Records
Inc Ransom group breached Sandhills Medical in 2025; the South Carolina healthcare provider took nearly a year to disclose the incident, affecting 170,000 patients.
MEDIUMMoldova Health Agency Breach: Possible Data Theft Confirmed
Moldova's National Health Insurance Company reported a cyberattack that may have exposed limited personal data from its systems, weeks after initial compromise.
HIGHEU Accuses Meta of Breaching DSA Child Safety Rules
European Commission finds Meta violated Digital Services Act by failing to protect minors under 13 on Facebook and Instagram — risks not assessed or mitigated.
HIGHShinyHunters Breaches Medtronic, Steals 9M Records
ShinyHunters claims to have stolen 9 million records from medical device maker Medtronic, including personal information. The group threatens to leak the data.
MEDIUMVimeo Breach Tied to Anodot Vendor Hack, No Video Data Exposed
Vimeo attributed a security incident to a breach at analytics vendor Anodot; hackers accessed internal systems but not video content, logins, or payment data.
HIGHComburglar Intrusion: BHIS Details Stealthy C2 Persistence
Black Hills Information Security uncovers Comburglar intrusion technique enabling persistent C2 via compromised COM hijacking during a breach assessment engagement.
HIGHRival Ransomware Gangs 0APT, KryBit Leak Each Other's Data
0APT and KryBit ransomware groups leaked each other's infrastructure data after a feud, exposing C2 servers, panel credentials, and victim lists to defenders.
HIGHADT Breach: ShinyHunters Steals Data of 5.5 Million
ShinyHunters breached ADT, stealing personal data of 5.5 million individuals — names, emails, phone numbers, and addresses — from internal systems. No payment data compromised.
HIGHCheckmarx Confirms GitHub Data Leak After March 23 Supply Chain Attack
Checkmarx confirmed a cybercriminal group published GitHub repository data on the dark web, traced to a March 23 supply chain attack.
HIGHVercel Breach via Context.ai OAuth Token Theft
Vercel disclosed a breach after stolen OAuth tokens from Context.ai enabled unauthorized access to internal systems via a connected app. No customer data exposed.
HIGHItron Breach: Utility Firm Discloses Internal IT Network Intrusion
Itron disclosed a cybersecurity incident in an SEC 8-K filing: an unauthorized third party accessed internal IT systems.
HIGHIranian Handala Hack Breaches FBI Director Patel's Gmail
Iranian state-affiliated group Handala Hack breached FBI Director Patel's personal Gmail account, leaking personal photos and documents after the FBI seized the group's domains.
HIGHADT Breach Exposes Customer Data in Cyber Intrusion
ADT confirmed cybercriminals breached its systems on April 20, 2026, stealing a limited set of customer and prospect data. No financial info or credentials compromised.
HIGHADT Confirms Breach as ShinyHunters Leaks Customer Data
ADT confirmed a data breach after ShinyHunters leaked 30,000+ customer records including names, emails, and account details from a compromised Salesforce instance.
HIGHDORA Mandates Credential Management as Financial Risk Control
EU's DORA Article 9 legally requires financial firms to enforce authentication and access controls. A breach at a UK bank shows the cost of non-compliance.
CRITICALCheckmarx KICS Supply-Chain Breach Hits Docker, VS Code
Attackers compromised Checkmarx KICS Docker images and VS Code extensions to steal cloud credentials, API keys, and source code from developer environments.
MEDIUMCyberattacks on Firms Cascade to Consumers, Malwarebytes Warns
Malwarebytes analysis shows corporate breaches expose customer PII, enable follow-on fraud, and inflate insurance premiums — affecting even unaffected individuals.
HIGHRituals Cosmetics Breach Exposes Customer Membership Data
Attackers stole personal data from Rituals Cosmetics' My Rituals membership database — names, emails, addresses, and loyalty points. Number of affected customers undisclosed.
HIGHChina-Linked GopherWhisper Hits 12 Mongolian Gov Systems
ESET identified GopherWhisper, a China-aligned APT, breaching 12 Mongolian government systems with Go-based backdoors, injectors, and loaders since early 2026.
HIGHFrench Police Arrest Hacker Behind Dozens of Data Breaches
French authorities arrested a 20-year-old suspected of 48 data breaches targeting public institutions, sports federations, and private companies, seizing equipment and…
BreachLock Named in Gartner Market Guide for Adversarial Exposure Validation
BreachLock is named a representative vendor in Gartner's 2026 Market Guide for Adversarial Exposure Validation, a category focused on AI-driven, continuous security testing.
INFORMATIONALOfcom Investigates Telegram for CSAM Sharing and Encryption Non-Compliance
UK regulator Ofcom launches a formal investigation into Telegram over evidence of child sexual abuse material (CSAM) sharing and potential breaches of the Online Safety Act's encryption reporting rules.
HIGHFrance Titres Data Breach Exposes Citizen Information for Sale
France Titres, the French government agency for ID documents, confirms a data breach after a threat actor offers to sell stolen citizen information, including names, addresses, and passport numbers.
HIGHHealthcare Data Breaches in Illinois and Texas Expose 600,000 Patients
Southern Illinois Dermatology, Saint Anthony Hospital, and North Texas Behavioral Health Authority disclose breaches affecting over 600,000 patients, exposing names, SSNs, and medical data.
HIGHIdentity-Based Attacks Dominate Breaches as Attackers Bypass Exploits
The Hacker News reports identity-based attacks, using stolen credentials and MFA bypass, are the dominant initial access vector in modern breaches, rendering sophisticated exploits unnecessary for initial entry.
HIGHSeiko USA Website Defaced, Customer Data Stolen in Ransom Attack
Seiko USA's website was defaced by a hacker claiming theft of its Shopify customer database, including names, emails, and order details for 30,000 individuals, with a ransom demand to prevent public leak.
HIGHVercel Breach Exposes Customer Credentials via Compromised AI Tool
Vercel confirms a breach exposing limited customer credentials after attackers compromised an employee's account via a third-party AI tool, Context.ai. The cloud platform is resetting passwords and API tokens for affected users.
CRITICALInterlock Ransomware Exploits Cisco FMC Zero-Day in Global Attacks
The Interlock ransomware group is actively exploiting a zero-day vulnerability in Cisco Firepower Management Center to breach networks. Recorded Future identified 31 high-impact flaws in March 2026, a 139% monthly increase.
HIGHLos Angeles Police Department Reports 7.7 TB Data Breach
The Los Angeles Police Department reports a breach of 7.7 terabytes and 337,000 files from a city attorney's digital storage system, exposing sensitive law enforcement data.
HIGHVercel Confirms Data Breach After Hackers Attempt to Sell Stolen Information
Vercel disclosed a security breach after threat actors attempted to sell stolen data, including customer account information and internal project details, on a hacking forum. The cloud platform is investigating the scope of the incident.
HIGHFake Data Breach Notifications Deploy Malware, Steal Credentials
Threat actors are weaponizing data breach notifications, sending fake alerts that trick users into downloading malware or entering credentials on phishing sites, according to ESET research.
HIGHMcGraw Hill Breach: ShinyHunters Leaks 13.5M User Records
ShinyHunters published data from 13.5 million McGraw Hill accounts — names, emails, institutional affiliations — stolen from a misconfigured Salesforce instance.
HIGHUnmanaged Non-Human Identities Fuel Majority of Cloud Breaches
A 2024 analysis reveals 68% of cloud breaches stem from compromised, orphaned non-human identities like service accounts and API keys, not phishing or weak passwords, highlighting a critical gap in automated credential lifecycle management.
HIGHBooking.com Breach Fuels Sophisticated Hotel Impersonation Scams
A data breach at Booking.com is providing threat actors with detailed guest reservation data, enabling highly convincing scams where attackers impersonate hotels to steal payment details and credentials.
HIGHMcGraw-Hill Data Breach Exposes 13.5 Million Users via Salesforce
Education publisher McGraw-Hill confirms a data breach exposing 13.5 million users' personal data, linked to a misconfigured Salesforce environment. Over 100GB of stolen data has been publicly distributed online following an extortion attempt.
HIGHRansomware Attack Disrupts Automotive Data Giant Autovista Group
Autovista Group, a major European automotive data and analytics firm, confirms a ransomware attack disrupting operations. The company is investigating with external experts, but impact on customer data remains unclear.
HIGHRhysida Ransomware Group Breaches Tennessee Hospital, Exposes 337,000
Cookeville Regional Medical Center confirms a 2025 ransomware attack by the Rhysida group compromised the data of 337,000 individuals after the theft of 500GB of files.
INFORMATIONALZero Trust Architecture as a Critical Defense Against Credential-Based Attacks
Specops analysis details how an identity-first Zero Trust model counters the primary breach vector of stolen credentials by enforcing least privilege, device trust, and blocking lateral movement.
HIGHKraken Faces Extortion After Insider Breach Exposed Bug Bounty Flaw
Kraken's security team discovered an insider breach where a researcher exploited a zero-day flaw to steal $3 million in crypto, then demanded a bug bounty payment.
MEDIUMMcGraw-Hill Data Breach Linked to Exploited Salesforce Misconfiguration
McGraw-Hill breached via a misconfigured Salesforce instance — ShinyHunters claim 13.5M user records exposed. Root cause, scope of access, and what educators and SaaS admins should check now.
MEDIUMBasic-Fit Data Breach Exposes Member Data Across European Operations
Basic-Fit, Europe's largest budget fitness chain, confirmed a data breach impacting ~1 million members. Unauthorized access to membership systems exposed personal data across multiple countries.
HIGHBasic-Fit Data Breach Exposes 1 Million Member Records
Hackers breached European gym chain Basic-Fit, accessing personal data of approximately one million members, including names, birthdates, and email addresses.
HIGHBooking.com Confirms Data Breach Exposing Reservation and User Data
Booking.com confirms a data breach exposing sensitive reservation and user data, forcing PIN resets for affected customers.
MEDIUMBooking.com Confirms Data Breach via Social Engineering Attack
Booking.com confirms a data breach where attackers used social engineering to compromise employee accounts and access customer travel booking information. The company states the incident has been contained.
HIGHLAPD Data Breach Exposes 7.7 TB of Sensitive Files via Third-Party System
A data breach at a digital storage system used by the L.A. City Attorney's Office exposed 7.7 TB and over 337,000 files, including sensitive LAPD records. The incident stemmed from a third-party vendor's misconfiguration.
HIGHShinyHunters Breaches Rockstar Games via Third-Party SaaS Platform
ShinyHunters breached Rockstar Games by exploiting the Anodot SaaS platform, accessing the company's Snowflake data environment and threatening to leak stolen data unless a ransom is paid.
HIGHAI-Powered Threat Actor Breaches Mexican Government, Exposes Citizen Data
A sophisticated attacker leveraged AI tools like Claude and ChatGPT to breach nine Mexican government agencies, exfiltrating hundreds of millions of citizen records in a multi-month campaign.
HIGHCredential-Based Attacks Blur Line Between Breach and Normal Activity
Modern attackers are exploiting valid credentials and living-off-the-land techniques to make breaches indistinguishable from legitimate user activity, rendering traditional perimeter and anomaly detection ineffective.
HIGHHims Data Breach Exposes Sensitive Medical and Prescription Data
A breach at telehealth provider Hims & Hers exposed highly sensitive patient health information, including details on prescriptions for weight loss, hair loss, and erectile dysfunction.
HIGHStryker Hit by Cyberattack, Windows Zero-Day Exploited, China Supercomputer Hacked
Medical device giant Stryker confirms a cyberattack, while a patched Windows zero-day is actively exploited and a Chinese supercomputer cluster is breached.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.