Why Simple Breach Monitoring is No Longer Enough
Infostealers are harvesting credentials and session cookies at scale, bypassing traditional defenses. Lunar explains why simple breach monitoring alone can't...
Data Breach
20 articles
6th April – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 30th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Europ...
Hackers Breach ILSpy WordPress Domain to Deliver Malware
The official WordPress website for ILSpy, a highly popular open-source tool used by software developers to examine .NET code, has been compromised.
Qilin ransomware group claims the hack of German political party Die Linke
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransom...
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack
Hackers stole over 300GB of data from the Commission’s AWS environment, including personal information. The post European Commission Confirms Data Breach Lin...
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targ...
European Commission breach exposed data of 30 EU entities, CERT-EU says
CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commi...
Brokk purportedly hacked by Play ransomware, data leaked
Brokk, a leading Swedish global remote-controlled demolition machinery manufacturer, had a 4 GB dataset allegedly stolen from its systems exposed by the Russ...
Multiple EU entities impacted by European Commission breach, CERT-EU says
At least 29 other European Union entities were disclosed by CERT-EU to have had their data compromised following the TeamPCP supply chain attack against the ...
Claude Code leak leveraged to distribute malware
Researchers at Zscaler's ThreatLabz discovered a GitHub repository disguised as a leaked TypeScript source code for Anthropic's Claude Code CLI.
Internet-connected coffee machine reportedly led to data breach
A digital forensics investigator, identified only as TR, was called in when a client suspected a rival had infiltrated their systems after a data breach.
EU cyber agency attributes major data breach to TeamPCP hacking group
The European Union’s cybersecurity agency said the hacking group TeamPCP was behind a massive recent data breach at the European Commission.
Hims & Hers warns of data breach after Zendesk support ticket breach
Telehealth giant Hims & Hers Health is warning that it suffered a data breach after support tickets were stolen from a third-party customer service platform. [.
Die Linke German political party confirms data stolen by Qilin ransomware
The Qilin ransomware group has claimed responsibility for an attack against Die Linke ('The Left'), forcing an IT systems outage at the political party, and ...
CERT-EU blames Trivy supply chain attack for Europa.eu data breach
The European Union’s Computer Emergency Response Team, CERT-EU, has traced last week’s theft of data from the Europa.eu platform to the recent supply chain a...
AI Firm Mercor Confirms Breach as Hackers Claim 4TB of Stolen Data
AI firm Mercor confirms a breach linked to a LiteLLM supply chain attack, as hackers claim to have stolen 4TB of sensitive data and internal systems.
ShinyHunters issues final warning to Cisco over alleged data theft
ShinyHunters alleges access to data from three breach paths: UNC6040, Salesforce Aura, and compromised AWS accounts, claiming over three million Salesforce r...
Hims & Hers data breach exposes customer support data
The breach was a result of a social engineering attack, where hackers tricked employees into granting system access.
TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)
This is the sixth update to the TeamPCP supply chain campaign threat intelligence report,&#;x26;#;xc2;&#;x26;#;xa0;"When the Security Scanner Became the Weap...
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Other noteworthy stories that might have slipped under the radar: Symantec vulnerability, anti-ClickFix mechanism added to macOS, FBI hack classified as majo...