Collecting Cyber-News from over 60 sources

Tag: breach

25th May Threat Intelligence Report

May 25, 2026 6:00 PM

Tags: access, breach, intelligence, threat, unauthorized

7-Eleven, the global convenience store chain, confirmed a breach after an unauthorized access to systems used for franchisee documents. ShinyHunters claimed responsibility and said it stole more than 600,000 Salesforce records containing personal […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/25th-may-threat-intelligence-report/
Responding to Breaches With AI? Beware Cross-Contamination

May 25, 2026 3:00 PM

Tags: ai, breach, cybersecurity, incident response, intelligence, security-incident, tool

Separate Breach Details Can Bleed Into Each Other, Incident Responders Find. Cybersecurity investigators who use artificial intelligence tools to draft incident response reports, beware: Information tied to one security incident can contaminate a report into a separate incident, if both get drafted using the same AI tool in the same session, researchers warn. First seen…
Lessons for organizations from the Verizon 2026 Data Breach Investigations Report

May 25, 2026 8:01 AM

Tags: breach, data, data-breach

This is my favourite time of the year, not just because spring is here and the promise of summer is on the way. But also, because one of my must reads each year gets … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/25/lessons-from-verizon-dbir-2026-findings/
Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches

May 25, 2026 5:00 AM

Tags: breach, data, hacker

A hacker is selling a 340M OnlyFans user database allegedly built by matching old breach data and public profiles to real OnlyFans accounts. First seen on hackread.com Jump to article: hackread.com/hacker-selling-onlyfans-user-records-old-breaches/
Why pure extortion is replacing traditional ransomware

May 23, 2026 5:00 PM

Tags: breach, data, encryption, extortion, group, leak, ransomware, strategy

Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputational pressure, and stealthier attacks. Ransomware groups are quietly changing strategy in 2026. Instead of encrypting systems and causing immediate disruption, many attackers are now focusing on pure extortion: stealing sensitive data and threatening to leak it publicly if victims refuse to…
Iranian Hackers Using Fake Job Sites to Breach Defense Firms

May 23, 2026 1:00 AM

Tags: breach, communications, defense, government, hacker, iran, jobs, malware, network

Unit 42 Says Iranian Operators Target Aerospace and Government Staff. Palo Alto Networks’ Unit 42 said Iran-linked operators tied to Screening Serpens are using fake recruiting campaigns, cloned aerospace hiring portals and malware-laced job materials to infiltrate defense, satellite communications and government networks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/iranian-hackers-using-fake-job-sites-to-breach-defense-firms-a-31762
Carding forum B1ack’s Stash releases millions of stolen credit card records

May 22, 2026 10:00 PM

Tags: breach, credit-card

First seen on scworld.com Jump to article: www.scworld.com/brief/carding-forum-b1acks-stash-releases-millions-of-stolen-credit-card-records
AI-Driven Threats, Critical Vulnerabilities, and Supply Chain Breaches Define the Week in May 2026

May 22, 2026 7:02 PM

Tags: ai, breach, cybersecurity, supply-chain, threat, vulnerability

Weekly summary of Cybersecurity Insider newsletters for May 2026. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ai-driven-threats-critical-vulnerabilities-and-supply-chain-breaches-define-the-week-in-may-2026/
Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks

May 22, 2026 5:00 PM

Tags: attack, breach, data, data-breach, healthcare, ransomware, social-engineering, tactics

Ransomware and vendor breaches persist, but the 2026 Data Breach Investigations Report (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/verizon-dbir-healthcare-fends-off-increased-social-engineering-attacks
The Cyber Express Weekly Roundup: Supply Chain Breaches, AI Content Enforcement, And Event Disruption Attacks

May 22, 2026 3:00 PM

Tags: ai, attack, breach, cyber, cybercrime, cybersecurity, law, supply-chain

The global cybersecurity landscape continues to evolve rapidly as attackers expand their focus on developer ecosystems, public-facing institutions, and anonymization infrastructure. At the same time, regulators and law enforcement agencies are stepping up enforcement efforts around AI misuse and cybercrime-enabling services. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-cybersecurity-supply-chain/
The Cyber Express Weekly Roundup: Supply Chain Breaches, AI Content Enforcement, And Event Disruption Attacks

May 22, 2026 3:00 PM

Tags: ai, attack, breach, cyber, cybercrime, cybersecurity, law, supply-chain

The global cybersecurity landscape continues to evolve rapidly as attackers expand their focus on developer ecosystems, public-facing institutions, and anonymization infrastructure. At the same time, regulators and law enforcement agencies are stepping up enforcement efforts around AI misuse and cybercrime-enabling services. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-cybersecurity-supply-chain/
The Cyber Express Weekly Roundup: Supply Chain Breaches, AI Content Enforcement, And Event Disruption Attacks

May 22, 2026 3:00 PM

Tags: ai, attack, breach, cyber, cybercrime, cybersecurity, law, supply-chain

The global cybersecurity landscape continues to evolve rapidly as attackers expand their focus on developer ecosystems, public-facing institutions, and anonymization infrastructure. At the same time, regulators and law enforcement agencies are stepping up enforcement efforts around AI misuse and cybercrime-enabling services. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-cybersecurity-supply-chain/
Hackers steal patient and billing data from German hospitals via third-party provider

May 22, 2026 2:00 PM

Tags: breach, data, data-breach, hacker, healthcare, service

The large-scale data breach reportedly hit Unimed, a company that handles billing services for privately insured and self-paying patients on behalf of numerous German hospitals. First seen on therecord.media Jump to article: therecord.media/hackers-steal-patient-billing-data-german-hospitals
Processes & Culture Top Reasons Behind Data Breaches

May 22, 2026 10:00 AM

Tags: breach, cyber, data, government, law

Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls short. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/processes-and-culture-top-reasons-behind-data-breaches
Mythos-Level AI Is Creating a Tech Debt Crisis

May 22, 2026 5:00 AM

Tags: ai, breach, cio, ciso, intelligence, software, vulnerability, vulnerability-management

Advanced AI Models Find More Holes Than Enterprise Security Teams Can Plug. Artificial intelligence models such as Anthropic’s Mythos are rapidly exposing decades of hidden software security debt, forcing CIOs and CISOs to rethink vulnerability management, remediation capacity and the trade-offs between availability and breach prevention. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mythos-level-ai-creating-tech-debt-crisis-a-31750
Breach Roundup: Shai-Hulud Copycat Hits npm

May 22, 2026 12:00 AM

Tags: 2fa, ai, breach, cisco, cve, cvss, data, data-breach, linux, malware, microsoft, password

Also, YellowKey Gets CVE, 7-Eleven Breach, Linux Maintainers Warn on AI Bug Spam. This week, more incidents that we can here list. Among them: cloned Shai-Hulud malware, a new maximum CVSS Cisco flaw. Edge to stop loading passwords in plaintext. Tycoon 2FA offers a way around Microsoft multifactor. Convenience, taquitos and data breach: The 7-Eleven…
Defenders fall behind, as AI rewrites the rules of a data breach

May 21, 2026 8:00 PM

Tags: ai, breach, credentials, data, data-breach

For almost 20 years, stolen credentials have been the most common route for attackers into organizations, according to the Verizon Data Breach Investigations Report (DBIR). But that’s no longer the case. First seen on fortra.com Jump to article: www.fortra.com/blog/defenders-fall-behind-ai-rewrites-rules-data-breach
Grafana Labs links GitHub environment breach to TanStack npm supply chain attack

May 21, 2026 6:00 PM

Tags: attack, breach, extortion, github, supply-chain

The company behind the widely used observability platform refused an extortion demand and has since taken steps to harden its security. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/grafana-labs-github-environment-breach-tanstack-npm-supply-chain/820866/
GitHub Breach Traced to Malicious ‘Nx Console’ VS Code Extension

May 21, 2026 6:00 PM

Tags: breach, github, malicious, marketplace, threat

A threat actor compromised an Nx developer and posed as a legitimate maintainer to publish a malicious extension on Visual Studio Marketplace First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/github-breach-nx-console-vs-code/
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

May 21, 2026 5:00 PM

Tags: breach, ciso, github, group, malicious, supply-chain, threat

GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/github-grafana-breach-root-cause-nx-console/
Industry Reacts to Verizon DBIR 2026 as Vulnerability Exploitation Takes Top Spot

May 21, 2026 2:00 PM

Tags: access, ai, attack, breach, credentials, data, data-breach, exploit, risk, threat, vulnerability

The 2026 Verizon Data Breach Investigations Report (DBIR) has sparked widespread industry reaction, with security leaders warning that AI-enabled attacks, vulnerability exploitation, and third-party risk are reshaping the threat landscape faster than many organisations can respond. For the first time in the report’s history, vulnerability exploitation overtook stolen credentials as the leading initial access vector,…
Hackers Exploit Butter Network Bridge to Mint Massive MAPO Supply

May 21, 2026 12:00 PM

Tags: breach, crypto, exploit, finance, hacker, network, unauthorized

The cryptocurrency market witnessed another major security breach this week after the MAPO token collapsed by 96% following an exploit tied to the Butter Network cross-chain bridge. The incident resulted in the unauthorized minting of a quadrillion MAPO tokens, flooding the market with a supply vastly larger than the legitimate circulating amount and causing severe…
Grafana Labs Says Code Breach Stemmed from TanStack Attack

May 21, 2026 11:00 AM

Tags: attack, breach, data, data-breach, supply-chain

Grafana Labs has confirmed a recent data breach was caused by the TanStack supply chain attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/grafana-labs-code-breach-tanstack/
GitHub links repo breach to TanStack npm supply-chain attack

May 21, 2026 10:00 AM

Tags: access, attack, breach, github, hacker, malicious, supply-chain

GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week’s TanStack npm supply-chain attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/github-links-repo-breach-to-tanstack-npm-supply-chain-attack/
Verizon Data Breach Investigations Report 2026 – Exploits lösen Zugangsdaten als Einfallstor ab

May 21, 2026 9:00 AM

Tags: breach, data, data-breach, exploit

First seen on security-insider.de Jump to article: www.security-insider.de/verizon-dbir-2026-exploits-haeufigster-breach-einstieg-a-86fe2cc5cff58b28ab6ef23126ef6aa9/
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

May 21, 2026 8:00 AM

Tags: breach, github, malicious, microsoft

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code (VS Code) extension. The development comes as the Nx team revealed that the extension, nrwl.angular-console, was breached after one of its…
GitHub Hacked, Internal Repositories Offered for Sale

May 21, 2026 12:00 AM

Tags: breach, data, github, hacker, microsoft

A Single Developer Downloaded a Poisoned VS Code Extension, and Now Look. GitHub warned late Tuesday that hackers stole roughly 3,800 internal repositories from the Microsoft-owned platform after a developer used a poisoned VS Code script, which is developed by Microsoft. TeamPCP and Lapsus$ appear to be cooperating to sell the stolen data for $95,000.…
Ukraine identifies infostealer operator tied to 28,000 stolen accounts

May 21, 2026 12:00 AM

Tags: breach, law, malware, ukraine

The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation targeting users of an online store in California. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukraine-identifies-infostealer-operator-tied-to-28-000-stolen-accounts/
GitHub Confirms Breach, 4K Internal Repos Stolen

May 21, 2026 12:00 AM

Tags: breach, data, data-breach, github, open-source, software, theft, threat

Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor, TeamPCP, took credit. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/github-confirms-breach-4k-internal-repos-stolen
Processes and Culture Top Reasons Behind Data Breaches

May 20, 2026 11:02 PM

Tags: breach, cyber, data, government, law

Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls short. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/processes-and-culture-top-reasons-behind-data-breaches