Tag: breach
-
FBI and Europol Seize LeakBase Forum Used to Trade Stolen Credentials
A joint law enforcement operation has dismantled LeakBase, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools.The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members and more than 215,000 messages between members as of December 2025. Those attempting to access the…
-
Operation Leak: Authorities Dismantle LeakBase Forum, Secure User Data and IP Logs
The FBI, working alongside international law enforcement agencies, has successfully dismantled the notorious cybercriminal forum LeakBase. Dubbed >>Operation Leak,<< this coordinated global effort resulted in the seizure of the platform's domains and its underlying infrastructure. LeakBase was a prominent online destination where cybercriminals gathered to buy, sell, and trade stolen databases, corporate data, and personal…
-
What to Expect from Iran’s Digital Counterstrike
Tags: attack, breach, cloud, communications, cyber, cyberattack, cybersecurity, data, defense, espionage, exploit, extortion, finance, government, group, hacking, infrastructure, intelligence, international, iran, leak, middle-east, military, network, ransomware, risk, risk-assessment, service, tool, update, vulnerability, wormAfter the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber? Iran has a formidable offensive cybersecurity capability and is considered one of the four most aggressive…
-
How a Single Overprivileged Service Turned the LexisNexis Breach Into a Keysthe-Kingdom Moment
3 min readLegal AI solutions provider LexisNexis has confirmed a massive breach of its AWS environment According to reports, initial access was gained by exploiting the “React2Shell” vulnerability in an unpatched React frontend application a flaw the company had reportedly left unaddressed for months. Among the details reportedly posted by the attacker is the claim…
-
Fake Zoom, Teams Meeting Invites Use Compromised Certificates to Drop Malware
A new phishing campaign is using stolen certificates from TrustConnect Software PTY LTD to sign malware. By impersonating updates for Zoom and Microsoft Teams, hackers install RMM tools to gain persistent, privileged access to networks First seen on hackread.com Jump to article: hackread.com/fake-zoom-teams-invites-malware-certificates/
-
The Instagram API Scraping Crisis: When ‘Public’ Data Becomes a 17.5 Million User Breach
17.5 million Instagram accounts leaked through API scraping. Meta denies breach, but your data is on the dark web. Here’s what actually happened. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-instagram-api-scraping-crisis-when-public-data-becomes-a-17-5-million-user-breach/
-
US and EU police shut down LeakBase, a site accused of sharing stolen passwords and hacking tools
Authorities say LeakBase was “one of the world’s largest online forums for cybercriminals,” and maintained an archive of hacked databases containing hundreds of millions of passwords. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/04/u-s-and-eu-police-shut-down-leakbase-a-site-accused-of-sharing-stolen-passwords-and-hacking-tools/
-
FBI seizes LeakBase cybercrime forum, data of 142,000 members
The FBI has seized the LeakBase cybercrime forum, a major online forum used by cybercriminals buy and sell hacking tools and stolen data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-seizes-leakbase-cybercrime-forum-data-of-142-000-members/
-
Sprawling FBI, European operation takes down Leakbase cybercriminal forum
The FBI and European law enforcement agencies carried out a global crackdown on a cybercrime forum where criminals bought and sold stolen credentials and exploits of software vulnerabilities. First seen on therecord.media Jump to article: therecord.media/leakbase-cybercrime-fbi-europe-takedown
-
LexisNexis confirms data breach at Legal & Professional arm, some customer records affected
Crooks claim 2 GB haul from AWS instance via React2Shell exploit First seen on theregister.com Jump to article: www.theregister.com/2026/03/04/lexisnexis_legal_professional_confirms_data/
-
Ransomware Breach at University of Hawaii Cancer Center Affects 1.2M People
The University of Hawaii Cancer Centre has confirmed a massive ransomware attack affecting 1.24 million people. Sensitive data, including Social Security numbers and historical voter records dating back to 1993, was compromised. First seen on hackread.com Jump to article: hackread.com/ransomware-breach-university-of-hawaii-cancer-center/
-
Ransomware Breach at University of Hawaii Cancer Center Affects 1.2M People
The University of Hawaii Cancer Centre has confirmed a massive ransomware attack affecting 1.24 million people. Sensitive data, including Social Security numbers and historical voter records dating back to 1993, was compromised. First seen on hackread.com Jump to article: hackread.com/ransomware-breach-university-of-hawaii-cancer-center/
-
Cyber Defense Magazine – A New Bell Rings For K-12 Cloud Security After the Illuminate Settlement
This article was originally published in Cyber Defense Magazine on 02/09/26 by Charlie Sander. The Illuminate incident serves as a crucial reminder to edtech vendors of the potential backlash that can occur when privacy promises are not upheld In a recent complaint, the FTC addresses Illuminate Education’s need to strengthen its data security after a breach…
-
Shadow AI vs Managed AI: What’s the Difference? FireTail Blog
Tags: access, ai, api, attack, breach, chatgpt, ciso, cloud, computer, control, credentials, credit-card, data, data-breach, framework, google, injection, intelligence, Internet, law, LLM, malicious, mitre, monitoring, network, password, phishing, phone, risk, software, switch, threat, tool, training, vulnerabilityMar 04, 2026 – – Quick Facts: Shadow AI vs. Managed AIShadow AI is a visibility gap: It refers to any AI tool used by employees that the IT department doesn’t know about. Most companies have 10x more AI tools in use than they realize.Managed AI is a “Paved Path”: It uses approved, secure versions…
-
Telegram Increasingly Used to Sell Access, Malware and Stolen Logs
Cybercriminals are now increasingly using Telegram to sell corporate access, malware subscriptions, and stealer logs, turning the messaging app into a fast cybercrime hub. First seen on hackread.com Jump to article: hackread.com/telegram-used-sell-access-malware-stolen-logs/
-
Data breach at University of Hawaiʻi Cancer Center impacts 1.2 Million individuals
A ransomware attack on the University of HawaiÊ»i Cancer Center exposed personal data of 1.2 million people. A 2025 ransomware attack targeting the University of HawaiÊ»i Cancer Center compromised the personal information of about 1.2 million individuals. The attack hit the University of HawaiÊ»i Cancer Center on August 31, 2025, impacting servers that support research…
-
LexisNexis Faces Data Breach After 2.04 GB of Data Allegedly Stolen
A threat actor known as FulcrumSec has claimed responsibility for a data breach at LexisNexis Legal & Professional, the legal information division of RELX Group. The actor alleges they have stolen 2.04 GB of structured data from the company’s Amazon Web Services (AWS) cloud infrastructure. The incident highlights significant security flaws, particularly concerning access controls…
-
How to know you’re a real-deal CSO, and whether that job opening truly seeks one
Tags: access, ai, breach, business, communications, compliance, control, cyber, data, data-breach, finance, framework, governance, incident response, infosec, insurance, jobs, metric, privacy, radius, risk, skills, strategy, threat, training, vulnerabilityStriking the right balance of experience and responsibility: Mark G. McCreary, partner and chief AI and IT security officer at Boston-based legal firm Fox Rothschild LLP, has seen both extremes: security being completely sidelined and security professionals given excessive, unjustified authority.In some firms, a newly appointed CSO might be positioned as a gatekeeper without the…
-
Gamers furious as indie studio Cloud Imperium quietly admits to data breach
Slow disclosure and odd reassurance that exposing names and contact details won’t be a problem isn’t going down well First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/brit_games_studio_cloud_imperium/
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
LexisNexis Investigates Breach, Customer Data Access
LexisNexis confirmed a breach involving legacy servers and limited customer data. The company says there’s no impact to products or services. First seen on crn.com Jump to article: www.crn.com/news/security/2026/lexisnexis-investigates-breach-customer-data-accessed
-
LexisNexis says hackers accessed legacy data in contained breach
The breach emerged this week when a threat actor claimed they stole 2 GB worth of information from the company that included millions of records. First seen on therecord.media Jump to article: therecord.media/lexisnexis-says-hackers-accessed-legacy-data
-
One Foothold, 25 Million Victims: The Risk Inside Modern Breaches
In last month’s reporting cycle, we saw one of the largest healthcare data breaches in U.S. history, ransomware groups tied to North Korea targeting hospitals, and firewall vulnerabilities that allowed attackers to create rogue administrative accounts almost instantly. Taken together, these incidents raise a more important question than who was hit. They force us to……
-
Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked
Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York…
-
Hacktivists Claim DHS Breach, Leak 6,600+ ICE Contractor Records
Hacktivists claim they breached DHS systems, leaking records tied to 6,681 ICE contractor applicants, including major tech and defense firms. The post Hacktivists Claim DHS Breach, Leak 6,600+ ICE Contractor Records appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-dhs-ice-contractor-data-leak-hacktivist-claim/
-
Surviving Ransomware: Best practices to safeguard your business
By Robbie Ross, cyber security lead, Converged Communication Solutions It’s not if but when. This is a phrase that has been echoed across the cyber security industry for several years, but when it comes to ransomware the message is still not penetrating widely enough. The 2025 UK Government Cyber Breaches Survey highlighted that just 32%…
-
LexisNexis confirms data breach as hackers leak stolen files
American data analytics company LexisNexis Legal & Professional has confirmed to BleepingComputer that hackers breached its servers and accessed some customer and business information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lexisnexis-confirms-data-breach-as-hackers-leak-stolen-files/