Collecting Cyber-News from over 60 sources

Tag: breach

CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions

May 15, 2026 1:00 PM

Tags: breach, exploit, hacker, mfa, phishing, scam

Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts. First seen on hackread.com Jump to article: hackread.com/calphishing-eviltokens-kit-outlook-invites-m365/
The economics of ransomware 3.0

May 15, 2026 12:00 PM

Tags: alphv, attack, backup, breach, ceo, citrix, control, country, cyber, cyberattack, cybersecurity, data, data-breach, detection, encryption, endpoint, extortion, finance, framework, group, healthcare, HIPAA, incident response, insurance, moveIT, network, nist, office, privacy, ransom, ransomware, risk, russia, service, social-engineering, strategy, supply-chain, technology, threat

Triple extortion mechanism. Ashish Mishra What the Change Healthcare case tells you about real costs: Consider what happened to Change Healthcare in early 2024. The ALPHV group’s attack on this healthcare payments processor didn’t just encrypt systems, it exposed the personal health information of potentially over 100 million Americans and disrupted pharmacy services across the…
The economics of ransomware 3.0

May 15, 2026 12:00 PM

Tags: alphv, attack, backup, breach, ceo, citrix, control, country, cyber, cyberattack, cybersecurity, data, data-breach, detection, encryption, endpoint, extortion, finance, framework, group, healthcare, HIPAA, incident response, insurance, moveIT, network, nist, office, privacy, ransom, ransomware, risk, russia, service, social-engineering, strategy, supply-chain, technology, threat

Triple extortion mechanism. Ashish Mishra What the Change Healthcare case tells you about real costs: Consider what happened to Change Healthcare in early 2024. The ALPHV group’s attack on this healthcare payments processor didn’t just encrypt systems, it exposed the personal health information of potentially over 100 million Americans and disrupted pharmacy services across the…
Breach Roundup: US Lawmakers Sound Alarm on AI Bug Hunters

May 15, 2026 12:00 AM

Tags: ai, attack, breach, iran, nvidia, ransomware, ukraine, update

Also, YellowKey Bypasses BitLocker, Å koda Breach, Kingdom Market Operator Jailed. This week, U.S. lawmakers urged action on AI, a BitLocker exploit. Å koda, Nvidia’s GeForce NOW partner and telehealth firm OpenLoop reported breaches. Patch Tuesday. A dark market operator sentenced and pro-Ukraine and Iranian-linked hacking. Nitrogen ransomware attack on Foxconn. First seen on govinfosecurity.com Jump to…
OpenAI confirms security breach in TanStack supply chain attack

May 14, 2026 10:00 PM

Tags: attack, breach, openai, pypi, supply-chain

OpenAI says two employees’ devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/
West Pharmaceutical starts restoring operations after ransomware attack

May 14, 2026 6:00 PM

Tags: attack, breach, data, ransomware

The company confirmed data was stolen and encrypted by the attackers. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/west-pharmaceutical-restoring-operations-ransomware-attack/820250/
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight

May 14, 2026 6:00 PM

Tags: breach, credentials, crime, cyber, cybercrime, email, phishing, theft

Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber-enabled cargo crime is changing transportation security. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cyber-enabled-cargo-crime-how-cybercrime-tradecraft-is-used-to-steal-freight/
Sandworm Hackers Shift From IT Breaches to Critical OT Targets

May 14, 2026 4:00 PM

Tags: breach, cyber, group, hacker, network, russia, technology, threat

A new wave of cyber activity linked to the notorious Sandworm group is raising fresh alarms across global critical infrastructure. Security researchers warn that the Russian state-backed threat actor is no longer just infiltrating IT networks it is actively pivoting into operational technology (OT) environments where real-world disruption becomes possible. The findings are based on…
KongTuke hackers now use Microsoft Teams for corporate breaches

May 14, 2026 3:00 PM

Tags: access, attack, breach, corporate, hacker, microsoft, social-engineering

Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kongtuke-hackers-now-use-microsoft-teams-for-corporate-breaches/
Chinese APT Exploits Microsoft Exchange to Breach Energy Sector Network

May 14, 2026 3:00 PM

Tags: access, apt, backdoor, breach, china, cyber, espionage, exploit, hacker, microsoft, network, rat

Chinese state-aligned hackers compromised a Microsoft Exchange server at a major energy firm. They repeatedly reused that same entry point to run a months”‘long espionage operation, deploying the Deed RAT and Terndoor backdoors to maintain deep access across the network. The activity is attributed with moderate”‘to”‘high confidence to FamousSparrow, a China”‘aligned APT cluster that overlaps…
Hackers accessed BWH Hotels reservation system for months

May 12, 2026 11:23 PM

Tags: access, breach, data, data-breach, hacker, threat

BWH Hotels says hackers accessed guest reservation data, including names and contacts, for over six months across multiple hotel brands. BWH Hotels disclosed a data breach, with threat actors having had access to guest reservation data for more than six months. The incident exposed names and contact details of an undisclosed number of guests. BWH…
Mistral AI SDK, TanStack Router hit in npm software supply chain attack

May 12, 2026 8:19 PM

Tags: ai, api, attack, breach, cloud, credentials, data, data-breach, exploit, github, kubernetes, malicious, malware, network, open-source, password, router, service, software, supply-chain, switch, vulnerability

pull_request_target. This allows third-party workflows to run automatically, a way of avoiding maintainer approval fatigue, but means that the maintainer’s short-lived OIDC tokens become vulnerable to scraping.Armed with these tokens, the attacker were able to compromise the packages by injecting the malicious Mini Shai-Hulud malware, which propagated to other projects.The purpose is to steal developer…
Å koda warns of customer data breach after online shop hack

May 12, 2026 8:19 PM

Tags: breach, data, data-breach, group

Å koda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/skoda-warns-of-customer-data-breach-after-online-shop-hack/
Instructure claims hackers returned stolen Canvas data after an extortion standoff

May 12, 2026 6:19 PM

Tags: breach, cybercrime, data, extortion, group, hacker, leak

ShinyHunters, a prolific cybercrime group, threatened to leak data from more than 8,800 school systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/
Instructure took a risky approach to recover stolen Canvas data

May 12, 2026 5:19 PM

Tags: breach, data, extortion, group

Instructure, the company behind the online learning platform Canvas, said it reached an agreement with the extortion group ShinyHunters to prevent data stolen in a recent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/instructure-canvas-data-breach-shinyhunters-agreement/
Cushman and Wakefield Confirms Data Breach Impacting Over 310,000 Accounts

May 12, 2026 3:19 PM

Tags: attack, breach, corporate, cyber, data, data-breach, identity, threat

Global real estate powerhouse Cushman & Wakefield is the latest casualty in an escalating war of corporate extortion. Following a tense >>pay or leak<< standoff, the notorious ShinyHunters threat syndicate has carried out its threat, dumping hundreds of thousands of corporate records online. This massive exposure highlights the growing danger of identity-based attacks targeting massive…
Instructure reaches ‘agreement’ with ShinyHunters to stop data leak

May 12, 2026 12:19 PM

Tags: breach, data, data-breach, extortion, group, leak

Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an “agreement” with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instructure-reaches-agreement-with-shinyhunters-to-stop-data-leak/
South Staffordshire Water Fined £1m After Data Breach

May 12, 2026 11:19 AM

Tags: breach, data, data-breach

The ICO has fined South Staffordshire Water nearly £1m for a series of data protection failings First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/south-staffordshire-water-fined-1m/
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

May 12, 2026 10:19 AM

Tags: breach, cybercrime, extortion, group, leak, network, ransom, technology, unauthorized, update

American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities.In an update shared on Monday, the Utah-based firm said it “reached an agreement with the unauthorized actor…
84 npm Packages Linked to TanStack Hit by Supply-Chain Breach

May 12, 2026 8:18 AM

Tags: breach, credentials, cyber, github, malicious, router, supply-chain, threat, tool

A massive supply chain breach affecting 84 npm packages within the widely used TanStack ecosystem. Malicious actors compromised these packages by injecting a sophisticated credential-stealing tool designed to target continuous integration environments such as GitHub Actions. Packages such as React Router, which sees over 12 million weekly downloads, were modified, posing a severe threat to…
ICO fines Cl0p victim South Staffs Water over data breach

May 12, 2026 1:19 AM

Tags: attack, breach, cyber, data, data-breach, ransomware

The ICO has levied a reduced fine on South Staffordshire Water following cyber improvements in the wake of a Cl0p ransomware attack First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642957/ICO-fines-Cl0p-victim-South-Staffs-Water-over-data-breach
Identity security firm SailPoint discloses GitHub repository breach

May 11, 2026 9:19 PM

Tags: access, breach, control, cybersecurity, data, github, governance, identity

SailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected. SailPoint is a cybersecurity company that provides identity security and identity governance solutions for enterprises. Its products help organizations manage and control user access to systems, applications, and sensitive data. SailPoint revealed a cybersecurity…
Cops Shutter Rebooted German Language Cybercrime Market

May 11, 2026 8:19 PM

Tags: breach, cybercrime, data, offense

Spanish Police Bust German Accused of Relaunching ‘Crimenetwork’ Cybercrime Forum. Spanish police have arrested a German national suspected of a string of cybercrime offenses, including remotely administering from the sunny island of Mallorca a relaunched version of Crimenetwork, a German-language cybercrime market for stolen data, forged documents and drugs. First seen on govinfosecurity.com Jump to…
Second Canvas data breach causes major disruptions for schools, colleges

May 11, 2026 7:19 PM

Tags: breach, data, data-breach, threat, unauthorized

The Instructure-owned learning management system went offline on May 7 after a threat actor once again gained unauthorized access. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/a-2nd-canvas-data-breach-causes-major-disruptions-for-schools-colleges/819784/
A 2nd Canvas data breach causes major disruptions for schools, colleges

May 11, 2026 6:18 PM

Tags: breach, data, data-breach, threat, unauthorized

The Instructure-owned learning management system went offline on May 7 after a threat actor once again gained unauthorized access. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/a-2nd-canvas-data-breach-causes-major-disruptions-for-schools-colleges/819784/
1,800+ MCP servers exposed without authentication: How zero trust can secure the AI agent revolution

May 11, 2026 5:20 PM

Tags: ai, attack, authentication, breach, cloud, control, credentials, data, data-breach, defense, exploit, framework, governance, identity, infrastructure, Internet, LLM, malicious, monitoring, network, risk, service, supply-chain, threat, tool, vulnerability, zero-trust

The epistemological chasm: What renders MCP vulnerabilities particularly vexatious is the fundamental asymmetry they exploit between machine cognition and human oversight.Tool poisoning attacks insert malevolent instructions into tool metadata that LLMs process with complete fidelity but that remain utterly invisible to human operators. The machine perceives everything; its ostensible supervisors perceive nothing. We have unwittingly…
Healthcare Data Breach: Cybercriminals Attacked Health Insurance Agency in Ecuador

May 11, 2026 5:20 PM

Tags: breach, cybercrime, data, data-breach, healthcare, insurance

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/healthcare-data-breach-cybercriminals-attacked-health-insurance-agency-in-ecuador
11th May Threat Intelligence Report

May 11, 2026 5:20 PM

Tags: breach, cloud, data, data-breach, intelligence, technology, threat

Instructure, the US education technology company behind the Canvas learning platform, has confirmed a major data breach affecting its cloud-hosted environment. Exposed data reportedly includes student and staff records and private messages, while […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/11th-may-threat-intelligence-report/
Hackers Hijack JDownloader Site to Deliver Malware Through Installers

May 11, 2026 5:20 PM

Tags: breach, hacker, malicious, malware

JDownloader confirms a security breach where hackers manipulated official download links to distribute malicious files between 6 and 7 May 2026. First seen on hackread.com Jump to article: hackread.com/hackers-hijack-jdownloader-site-malware-installers/
Week in review: cPanel vulnerability actively exploited, DigiCert breach, LinkedIn job scams

May 11, 2026 5:20 PM

Tags: breach, data, exploit, jobs, linkedin, office, scam, vulnerability, WeeklyReview

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Your work apps are quietly handing 19 data points to someone Office work in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/10/week-in-review-cpanel-vulnerability-actively-exploited-digicert-breach-linkedin-job-scams/