Tag: breach
-
When Trusted Systems Become Attack Paths
A hospital in Chicago is still dealing with stolen patient data. A major U.S. medical manufacturer is restoring order processing, manufacturing, and shipments after a destructive attack. A Washington-based employee benefits administrator is notifying 2,697,540 people that their data may have been exposed. Put those stories together and the same fault lines keep showing up,……
-
Hasbro Systems Nerfed by Data Breach; IT Recovery Underway
Transformers, Peppa Pig Toymaker Forecasts Delays, Says Product Shipping Continues. Toymaker Hasbro said its IT systems have been breached, leading to data being stolen and some operations being disrupted, and it warned that a full recovery may take weeks. The owner of such brands as Transformers, Peppa Pig and Monopoly said it’s still able to…
-
Alleged Starbucks Incident Exposes Code and Firmware
Threat actors claim to have stolen 10GB of Starbucks code and firmware from a misconfigured S3 bucket. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cloud-security/alleged-starbucks-incident-exposes-code-and-firmware/
-
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that >>hundreds of thousands of stolen secrets could potentially be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/02/supply-chain-hacks-data-theft/
-
Software supply chain hacks trigger wave of intrusions, data theft
After linking the Axios npm supply chain attack to North Korean hackers, Google researchers warned that >>hundreds of thousands of stolen secrets could potentially be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/02/supply-chain-hacks-data-theft/
-
Yurei Ransomware Uses Common Tools, Adds Stranger Things References
Team Cymru details the Yurei ransomware campaign, using standard tools and a few Stranger Thingsnamed payloads to breach and encrypt systems. First seen on hackread.com Jump to article: hackread.com/yurei-ransomware-tools-stranger-things-references/
-
New ‘Storm’ Infostealer Remotely Decrypts Stolen Credentials
This modern infostealer adopted server-side decryption of stolen credentials to bypass security controls First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/storm-infostealer-remotely/
-
Iranian Hacker Group Handal Claims Breach of Israeli Defense Firm
Tags: breach, cyber, cybersecurity, data, data-breach, defense, group, hacker, international, iran, military, threatThe international cybersecurity community was alerted to a major data breach involving Israeli military infrastructure. Handala, a recognized Iranian nation-state threat actor, claims to have successfully breached PSK Wind Technologies, a key Israeli defense contractor. The incident has resulted in the public release of highly classified military data, representing a significant compromise of sensitive operational…
-
Axios npm Supply Chain Breach: Microsoft Shares Mitigation Steps
Tags: breach, cyber, infrastructure, malicious, microsoft, mitigation, north-korea, supply-chain, threatMicrosoft has detailed how organizations can detect and mitigate a recent supply chain compromise involving malicious Axios npm releases and infrastructure attributed to the North Korean threat actor Sapphire Sleet. On March 31, 2026, two Axios npm versions (1.14.1 and 0.30.4) were published with a hidden malicious dependency that contacted attacker command”‘and”‘control (C2) infrastructure and…
-
Cisco Faces Alleged Data Leak as ShinyHunters Claims Responsibility
Cisco is actively dealing with a major cybersecurity incident after threat actors breached its internal development networks. The notorious hacking group ShinyHunters has claimed responsibility for the attack, alleging they stole sensitive source code and data affecting Cisco, Salesforce, Aura, and various AWS storage buckets. The breach stems from a recent supply chain attack involving…
-
Mazda Data Breach Exposing Employee and Partner Records Via System Vulnerability
Modern enterprises rely heavily on cloud platforms and interconnected systems to manage operations and customer data. While these technologies enable scale and efficiency, they also introduce new risks when configurations are not properly secured. New reporting from Cybersecurity News reveals a data exposure incident involving Mazda, where sensitive data was reportedly left accessible due to…
-
Iranian Handala Hackers Breach FBI Director Kash Patel’s Gmail Account
The digital landscape has reached a point where no one”, not even the head of the FBI, is immune to a well-timed exploit. New reporting from Cyber Security News reveals that FBI Director Kash Patel’s personal Gmail account was breached by the Iran-linked “Handala” hacker group. The hackers didn’t just take the data; they made…
-
9 ways CISOs can combat AI hallucinations
Tags: access, ai, breach, ciso, compliance, control, corporate, cybersecurity, data, defense, encryption, flaw, framework, GDPR, governance, identity, metric, penetration-testing, regulation, risk, soc, tool, trainingTreat AI outputs as drafts, not finished products: One of the biggest risks is over-trusting AI, according to security experts. Coté says her organization changed its policy so AI-generated content cannot go straight into compliance documentation without a human review.”The moment your team starts treating an AI-generated answer as a finished work product, you have…
-
AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM
Tags: ai, attack, breach, cyberattack, data, data-breach, malicious, open-source, risk, software, startup, supply-chainA recent Mercor cyberattack has brought renewed attention to the risks associated with open-source software dependencies, after the AI recruiting startup confirmed it was impacted by a broader supply chain compromise. The Mercor data breach, which is still under investigation, has been linked to a malicious incident involving the widely used LiteLLM project. First seen…
-
AI Startup Mercor Hit by Supply Chain Attack Linked to LiteLLM
Tags: ai, attack, breach, cyberattack, data, data-breach, malicious, open-source, risk, software, startup, supply-chainA recent Mercor cyberattack has brought renewed attention to the risks associated with open-source software dependencies, after the AI recruiting startup confirmed it was impacted by a broader supply chain compromise. The Mercor data breach, which is still under investigation, has been linked to a malicious incident involving the widely used LiteLLM project. First seen…
-
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
-
North Korean Hackers Breach Axios Package, Target Windows, macOS, and Linux Systems
A North Koreanexus threat actor has hijacked the popular Axios NPM package in a high”‘impact software supply chain attack that can silently backdoor Windows, macOS, and Linux systems. Between March 31, 2026, 00:21 and 03:20 UTC, attackers used a compromised maintainer account to push backdoored Axios releases 1.14.1 and 0.30.4 to NPM. The attackers changed…
-
New North Korean AI Hiring Scheme Targets US Companies
North Korean operatives are using AI-generated resumes and stolen identities to infiltrate US companies, turning hiring pipelines into a new attack vector. The post New North Korean AI Hiring Scheme Targets US Companies appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-north-korean-ai-hiring-scheme-us-companies/
-
Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack
Tags: ai, attack, breach, cloud, control, credentials, crypto, github, incident response, linux, LLM, macOS, malicious, malware, monitoring, open-source, openai, powershell, pypi, rat, spam, supply-chain, tool, windowspostinstall hook that would execute a dropper script when it was pulled in by a different package as a dependency.Shortly after midnight UTC on March 31 a new version of the Axios package, axios@1.14.1, was published on npm followed by axios@0.30.4 39 minutes later. Both listed plain-crypto-js@4.2.1 as a dependency in their package.json files, but…
-
TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials
The threat group’s shift to speedy attacks on AWS, Azure, and SaaS instances shows organizations need to respond quickly to compromised credentials. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/teampcp-breaches-cloud-saas-instances-stolen-credentials
-
Supply chain attack on Axios npm package: Scope, impact, and remediations
Tags: access, api, attack, breach, cloud, control, credentials, crypto, data, data-breach, defense, exploit, incident response, macOS, malicious, malware, open-source, rat, risk, security-incident, software, supply-chain, theft, threat, vulnerability, windowsThe Axios npm package has been compromised in a supply chain attack that uploaded new versions of the package containing malicious code. Any environment that downloaded these compromised Axios versions is at risk of severe data theft, including the loss of credentials and API keys. Scan your environment now. Key takeaways This incident is a…
-
Cisco source code stolen in Trivy-linked dev environment breach
Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-source-code-stolen-in-trivy-linked-dev-environment-breach/
-
Panera’s 5.1 Million User Breach: When ‘No Hack’ Becomes a Ransomware Business Model
ShinyHunters leaked 5.1M Panera accounts after extortion failed. Contact data can’t be changed like passwords”, it’s permanent exposure fueling years of scams. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/paneras-5-1-million-user-breach-when-no-hack-becomes-a-ransomware-business-model/
-
Iran actors claims raise questions about larger cyber threat to U.S., allies
Iran-linked group offers to sell data it claims to have stolen from Lockheed Martin. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/iran-actors-claims-cyber-threat-us-allies/816228/
-
Latest Xloader Obfuscation Methods and Network Protocol
Tags: api, automation, breach, cloud, communications, credentials, data, detection, email, encryption, framework, google, Internet, malicious, malware, microsoft, network, password, powershell, software, threat, tool, update, windowsIntroduction Xloader is an information stealing malware family that evolved from Formbook and targets web browsers, email clients, and File Transfer Protocol (FTP) applications. Additionally, Xloader may execute arbitrary commands and download second-stage payloads on an infected system. The author of Xloader continues to update the codebase, with the most recent observed version being 8.7. Since…
-
Panera’s 5.1 Million User Breach: When ‘No Hack’ Becomes a Ransomware Business Model
ShinyHunters leaked 5.1M Panera accounts after extortion failed. Contact data can’t be changed like passwords”, it’s permanent exposure fueling years of scams. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/paneras-5-1-million-user-breach-when-no-hack-becomes-a-ransomware-business-model/
-
New criminal service plans to monetize data stolen by ransomware gangs
A site called Leak Bazaar pitches itself as something closer to a data-processing business than a typical hacking or ransomware-as-a-service operation. First seen on therecord.media Jump to article: therecord.media/new-criminal-service-plans-to-monetize-ransomware-data
-
CareCloud Incident Exposes Patient Data, Disrupts EHR Systems
CareCloud breach exposed patient data and disrupted EHR systems, highlighting growing SaaS security risks in healthcare. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/carecloud-incident-exposes-patient-data-disrupts-ehr-systems/
-
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
TeamPCP is exploring ways to monetize the secrets harvested during supply chain attacks, with identified ties to the Lapsus$ and Vect ransomware gangs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/teampcp-exploit-stolen-supply/