Tag: leak
-
Harvard hit in Oracle EBS cyberattack, 1.3 TB of data leaked by Cl0p group
Harvard University confirmed being targeted in the Oracle EBS campaign after the Cl0p ransomware group leaked 1.3 TB of data. Harvard University confirmed it was targeted in the Oracle E-Business Suite campaign after the Cl0p ransomware group listed it on its leak site. The cybercrime group claimed to have leaked 1.3 TB of data allegedly…
-
2 Radiology Practices Disclose Hacks Affecting 1.5M Patients
Medusa Group Tied to Attack on SimonMed and Threats to Leak Stolen Data. Two radiology practices are notifying nearly 1.5 million people of separate hacking incidents compromising their sensitive health information. Cybercrime gang Medusa claimed credit for attacking Arizona-based SimonMed Imaging in January and threatened to leak the stolen data of nearly 1.3 million patients…
-
2 Radiology Practices Disclose Hacks Affecting 1.5M Patients
Medusa Group Tied to Attack on SimonMed and Threats to Leak Stolen Data. Two radiology practices are notifying nearly 1.5 million people of separate hacking incidents compromising their sensitive health information. Cybercrime gang Medusa claimed credit for attacking Arizona-based SimonMed Imaging in January and threatened to leak the stolen data of nearly 1.3 million patients…
-
Clevo UEFI Leak Allows Signing of Malicious Firmware with BootGuard Keys
Clevo accidentally exposed private keys used in its Intel Boot Guard implementation, allowing attackers to sign malicious firmware that would be trusted during the earliest boot stages. The issue is tracked as Vulnerability Note VU#538470 and was published on October 13, 2025. Researchers warn that this leak can enable stealthy and persistent compromise on systems…
-
2 Radiology Practices Notifying Nearly 1.5 Million of Hacks
Medusa Group Tied to Attack on SimonMed and Threats to Leak Stolen Data. Two radiology practices are notifying nearly 1.5 million people of separate hacking incidents compromising their sensitive health information. Cybercrime gang Medusa claimed credit for attacking Arizona-based SimonMed Imaging in January and threatened to leak the stolen data of nearly 1.3 million patients…
-
ShinyHunters Leak Alleged Data from Qantas, Vietnam Airlines and Other Major Firms
ShinyHunters and its affiliate hackers have leaked data from 6 firms, including Qantas and Vietnam Airlines, after claiming to breach 39 companies via a Salesforce vulnerability. First seen on hackread.com Jump to article: hackread.com/shinyhunters-leak-data-qantas-vietnam-airlines-others/
-
Salesforce Extortion Group Leaks Data After FBI Disruption
Criminals Claim Leak of Customer Data From Six Victims, Including Qantas Airlines. A ransomware group that’s been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the rebranded Scattered Lapsus$ Hunters group, after leaking data from six victims, declared its Salesforce customer shakedown over. First seen on…
-
Harvard investigating breach linked to Oracle zero-day exploit
Tags: breach, business, data, data-breach, exploit, leak, oracle, ransomware, vulnerability, zero-dayHarvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/harvard-investigating-breach-linked-to-oracle-zero-day-exploit/
-
Harvard investigating breach linked to Oracle zero-day exploit
Tags: breach, business, data, data-breach, exploit, leak, oracle, ransomware, vulnerability, zero-dayHarvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/harvard-investigating-breach-linked-to-oracle-zero-day-exploit/
-
Invoicely Database Leak Exposes 180,000 Sensitive Records
Cybersecurity researcher Jeremiah Fowler discovered nearly 180,000 files, including PII and banking details, left exposed on an unprotected database linked to the Invoicely platform. Read about the identity theft and financial fraud risks for over 250,000 businesses worldwide. First seen on hackread.com Jump to article: hackread.com/invoicely-database-leak-expose-sensitive-records/
-
Five million Qantas customers have had personal information leaked on the dark web. Here’s what you need to know
One expert warns frequent flier points could be used to create fake flight rescheduling emails or fraudulent redemption offers<ul><li><a href=”https://www.theguardian.com/australia-news/live/2025/oct/13/australia-news-live-qantas-hack-data-leak-scam-warning-nsw-sydney-potholes-social-media-ban-anika-wells-albanese-sussan-ley-labor-liberal-coalition-ntwnfb”>Follow our Australia news live blog for latest updates</li><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>The number of scams is expected to rise after the personal information of millions of…
-
Clop Ransomware group claims the hack of Harvard University
The notorious Clop Ransomware group claims the hack of Harvard University and added the prestigious institute to its Tor data leak site. The Clop Ransomware group announced the hack of the prestigious Harvard University. The cybercrime group created a page for the university on its Tor data leak site and announced it will leak the…
-
BreachForums seized, but hackers say they will still leak Salesforce data
Read more in my article on the Hot for Security blog. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/breachforums-seized-hackers-will-leak-salesforce-data
-
Strafverfolger beschlagnahmen BreachForums wurde für Salesforce-Leak genutzt
Strafverfolger rund um das FBI und das US-Justizministerium haben die sogenannten BreachForums beschlagnahmen lassen. Diese Seite im Internet wurde von Cyberkriminellen der Gruppe ShineyHunters genutzt, um Daten, die beim Salesforce-Hack erbeutet wurden, zu veröffentlichen und somit die Opfer zu erpressen. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/11/strafverfolger-beschlagnahmen-breachforums-wurde-fuer-salesforce-leak-genutzt/
-
Hackers leak Qantas data containing 5 million customer records after ransom deadline passes
Hacker collective Scattered Lapsus$ Hunters demanded payment in return for preventing the stolen data of nearly 40 companies from being shared<ul><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>Hackers leaked the personal records of five million Qantas customers on the dark web on Saturday afternoon after a ransom deadline set…
-
FBI seizes BreachForums servers as threatened Salesforce data release deadline approaches
Tags: attack, dark-web, data, detection, extortion, governance, infrastructure, intelligence, leak, least-privilege, radius, ransomware, risk, saas, serviceTargeting SaaS: Rik Ferguson, VP security intelligence at Forescout, agreed that any disruption was likely to be a temporary setback.”It burns infrastructure, yields intelligence, and sows distrust among criminals. But the gang’s dark-web leak site is still up, and they explicitly say the campaign continues,” he told CSO Online by email.”That tells you everything about…
-
FBI takedown banner appears on BreachForums site as Scattered Spider promotes leak
As part of its plan to extort high-profile customers of Salesforce, the Scattered Spider group had revived the BreachForums platform. The site now bears an FBI seizure notice. First seen on therecord.media Jump to article: therecord.media/breachforums-fbi-france-takedown-banner-scattered-spider-salesforce-leak
-
Cops nuke BreachForums (again) amid cybercrime supergroup extortion blitz
US and French fuzz pull the plug on Scattered Lapsus$ Hunters’ latest leak shop targeting Salesforce First seen on theregister.com Jump to article: www.theregister.com/2025/10/10/cops_seize_breachforums/
-
GitHub Copilot Chat Flaw Let Private Code Leak Via Images
Researcher Found Bug Could Exfiltrate Secrets Via Camo Images. A now-patched flaw in GitHub Copilot Chat could have allowed attackers to steal private source code and secrets by embedding hidden prompts that hijacked the artificial intelligence assistant’s responses. The exploit also used the code hosting platform’s image proxy to leak the stolen data. First seen…
-
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions
Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpnCritical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
-
LockBit, DragonForce, and Qilin form a ‘cartel’ to dictate ransomware market conditions
Tags: access, attack, breach, control, credentials, cybercrime, data, firewall, group, infrastructure, law, leak, lockbit, network, ransomware, service, technology, vpnCritical infrastructure declared fair game: As part of LockBit’s return announcement, the group revealed that critical infrastructure sectors previously considered off-limits would now be permissible targets for its affiliates. “It is permissible to attack critical infrastructure such as nuclear power plants, thermal power plants, hydroelectric power plants, and other similar organizations,” the group stated, according…
-
Terraform Secrets Management Best Practices: Secret Managers and Ephemeral Resources
👉 TL;DR: Use a secrets manager and variables”, never hardcode secrets. Mark outputs sensitive and store state remotely with encryption and strict access. Traditional data sources can leak to state; use Terraform 1.10 ephemeral resources to fetch/generate secrets at apply time without persisting them. Terraform Secrets First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/terraform-secrets-management-best-practices-secret-managers-and-ephemeral-resources/
-
Terraform Secrets Management Best Practices: Secret Managers and Ephemeral Resources
👉 TL;DR: Use a secrets manager and variables”, never hardcode secrets. Mark outputs sensitive and store state remotely with encryption and strict access. Traditional data sources can leak to state; use Terraform 1.10 ephemeral resources to fetch/generate secrets at apply time without persisting them. Terraform Secrets First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/terraform-secrets-management-best-practices-secret-managers-and-ephemeral-resources/
-
Terraform Secrets Management Best Practices: Secret Managers and Ephemeral Resources
👉 TL;DR: Use a secrets manager and variables”, never hardcode secrets. Mark outputs sensitive and store state remotely with encryption and strict access. Traditional data sources can leak to state; use Terraform 1.10 ephemeral resources to fetch/generate secrets at apply time without persisting them. Terraform Secrets First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/terraform-secrets-management-best-practices-secret-managers-and-ephemeral-resources/
-
The ultimate business resiliency test: Inside Kantsu’s ransomware response
set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
-
The ultimate business resiliency test: Inside Kantsu’s ransomware response
set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
-
The ultimate business resiliency test: Inside Kantsu’s ransomware response
set up a new group email system and secure emergency contact pointsestablish a dedicated contact point for business partners to handle inquiriesprohibit internal internet accesscheck the operational status of major systemsAll shipping operations came to a halt. The company explained the situation to all employees at 9:00 a.m., and began assessing the damage and taking…
-
Data-Leak Sites Surge to Record Levels Amid Scattered Spider RaaS and LockBit 5.0 Rise
Ransomware threats reached a tipping point in Q3 2025 as data-leak sites surged to a record 81 active platforms, driven by major developments across the ecosystem. English-speaking hacking collective Scattered Spider teased its first ransomware-as-a-service (RaaS) offering, “ShinySp1d3r RaaS,” while long-standing operator LockBit returned with “LockBit 5.0,” explicitly authorizing affiliates to target critical infrastructure. A…