Intel

Pro-Iranian hacking group APT IRAN has claimed responsibility for a massive breach of Lockheed Martin, alleging exfiltration of 375 terabytes of sensitive defense data — including technical drawings, source code, missile

The European Commission — the executive body of the European Union, responsible for proposing legislation, enforcing EU law, and managing the bloc's day-to-day operations — is investigating a confirmed data breach after

Ransomware group Interlock has added Goodwill Industries of North Central Pennsylvania to its dark web leak site, claiming 80GB of stolen data following a confirmed attack that caused operational disruptions extending be

Nova Scotia Power, the province's largest electrical utility and primary power provider for approximately 500,000 Nova Scotian households and businesses, has confirmed that roughly 900,000 current and former customers we

Dutch football club AFC Ajax has confirmed a hacker exploited vulnerabilities in its IT systems, accessing fan personal data and gaining the ability to transfer, reassign, and manipulate tickets at scale. RTL journalists

Iranian government-backed hacking group Handala has claimed and partially confirmed the breach of FBI Director Kash Patel's personal Gmail account, publicly releasing a cache of files including photographs and emails dat

Navia Benefit Solutions, a Washington-based employee benefits administrator serving more than 10,000 employers nationwide, has confirmed a data breach exposing the personal and protected health information of 2,697,540 i

Viva Ticket, a French ticketing and event management platform, was hit by a ransomware attack in early March 2026 that disrupted approximately 3,500 partner organizations — including the Louvre, one of the world's most v

Ransomware group ALP-001 has claimed responsibility for a major breach of Esprinet, one of Southern Europe's largest wholesale IT and consumer electronics distributors, operating across Italy and Spain with approximately

New Zealand private healthcare provider IntraCare confirmed a cyberattack on March 20, 2026, forcing a complete IT shutdown and deferral of 28 patient surgical procedures. The company — which performs over 2,000 image-gu

This one doesn't meet the INCLUDE bar. OVHcloud's founder has flatly denied the breach, researchers doubt its authenticity (only one line of sample data provided, no proof of exfiltration), and the claim is assessed by s

The incident is SATS *Sports Club* Sweden (Nordic fitness chain) — not SATS Singapore (the aviation ground handling company). The source slug was misleading. Now I have the full picture.

This is a confirmed duplicate of the Ajax brief already written (same slug, same incident). No new article needed — the BleepingComputer brief covers this fully. The NL Times source adds one detail worth noting: Amsterda

LiteLLM, one of the most widely used open-source AI proxy libraries for routing calls across OpenAI, Anthropic, Google, and dozens of other LLM providers, has been compromised in a supply chain attack that injected malic

Monmouth University in New Jersey has been hit by the PEAR (Pure Extraction and Ransom) cybercriminal group, which claims to have stolen 16 terabytes of institutional data — 28 times the average volume exfiltrated in com

Hightower Holding, the parent company of Hightower Advisors — one of the largest independent wealth management platforms in the United States — has confirmed a data breach affecting 131,483 individuals. Attackers used co

A Guardian investigation has confirmed that confidential health and genetic data from UK Biobank (one of the world's largest medical research repositories, holding records on 500,000 British volunteers) has been exposed

A hacker using the name "Internet Yiff Machine" claims to have breached P3 Global Intel (a law enforcement tip intelligence platform operated by Navigate360, a US safety and school security company) and stolen 93 gigabyt

UK Companies House confirmed in March 2026 that a critical vulnerability in its WebFiling system exposed personal data for directors across all 5 million registered UK companies for approximately five months. The flaw, i

Trivy, one of the most widely deployed open-source vulnerability scanners in the world, has been compromised in a sophisticated supply chain attack. Threat actor TeamPCP injected credential-stealing malware into official

Canadian business process outsourcing giant Telus Digital has confirmed a major cybersecurity breach after the ShinyHunters extortion group claimed to have stolen nearly one petabyte of data during a months-long intrusio

Telekom Serbia, the country's dominant state-owned telecommunications provider, has confirmed a data breach affecting approximately 700,000 customers; roughly 10% of Serbia's total population. The company's CEO Vladimir

A threat actor tracked as TeamPCP has compromised two GitHub Actions workflows maintained by Checkmarx, a major application security vendor, in a confirmed supply chain attack detected around March 19, 2026. The attack u

A threat actor calling itself ByteToBreach posted a large dataset on the Breached cybercrime forum claiming to contain source code, passwords, and encryption keys stolen from CGI's Swedish division, CGI Sverige AB, a maj

Fortune 500 medical technology manufacturer Stryker has been crippled by one of the most operationally destructive cyberattacks ever leveled at a U.S. corporation. On March 11, 2026, the Iran-linked hacktivist group Hand

Starbucks has confirmed a data breach affecting 889 employees after attackers used phishing sites impersonating the company's internal HR portal to steal login credentials and access sensitive employment records. The bre

Southwire, one of North America's largest wire and electrical cable manufacturers with annual revenue exceeding $7 billion, has been listed as a ransomware victim by the Qilin (elf.qilin) ransomware-as-a-service group as

South Africa's Land and Agricultural Development Bank (Land Bank) was struck by a ransomware attack on January 12, 2026, confirmed by Finance Minister Enoch Godongwana in a formal parliamentary response. Attackers exploi

SoundCloud, the audio streaming and distribution platform hosting over 400 million tracks from 40 million creators worldwide, has confirmed a data breach affecting approximately 29.8 million user accounts; roughly 20% of

ShinyHunters is running an active, large-scale extortion campaign against hundreds of organizations whose Salesforce Experience Cloud instances were misconfigured to allow unauthenticated data access. As of March 9, 2026

Symantec and Carbon Black have confirmed that Seedworm, the Iran-linked threat group also tracked as MuddyWater and operating under Iran's Ministry of Intelligence and Security (MOIS), maintained active footholds inside

QualDerm Partners, one of the largest multi-site dermatology practice groups in the United States, has disclosed a data breach potentially affecting millions of patients. The incident represents one of the most significa

The Qilin ransomware group has claimed simultaneous attacks against two firms in different industries and continents: Ruhnau Clarke, a US-based architecture firm, and Biogel, a Swiss medical and biotechnology manufacture

Spain's Port of Vigo, the largest fishing port in Europe and a critical node in the continent's seafood supply chain, has been struck by ransomware, forcing authorities to disconnect cargo management systems and revert t

The Payload ransomware group has claimed responsibility for a breach of Royal Bahrain Hospital, a 70-bed private medical facility in Bahrain serving patients from across the Gulf region including Saudi Arabia, Qatar, Oma

ShinyHunters has confirmed a sustained data extortion campaign against Odido, the Netherlands' third-largest telecom provider with roughly 5 million mobile subscribers. Odido acknowledged that 6.2 million current and for

Nike disclosed a ransomware incident in early 2026 that the company's public statements framed as a contained operational disruption; systems encrypted, backups restored, minimal downtime. The real story is what happened

Navia Benefit Solutions, a third-party employee benefits administrator serving hundreds of U.S. organizations, has disclosed a data breach affecting nearly 2.7 million individuals across its client base. Attackers mainta

The University of Mississippi Medical Center (UMMC), Mississippi's only academic medical center and a system accounting for approximately 2% of the state's economy, has been hit by a ransomware attack that forced the shu

Mazda Motor Corporation confirmed on March 19, 2026 that an external threat actor exploited unpatched vulnerabilities in an internal warehouse management system, exposing 692 records of employee, group company, and busin

Marquis, a Plano, Texas-based fintech company providing customer data analytics and marketing compliance tools to hundreds of community and regional banks, has confirmed that a ransomware attack from August 2025 exposed

A pro-Iran threat actor tracked as APT Iran claims to have breached Lockheed Martin, the world's largest defense contractor, exfiltrating 375 terabytes of data including alleged blueprints of the F-35 fighter jet. The gr

Loblaw Companies Limited, Canada's largest grocery and retail group, has confirmed a data breach after its security team detected unauthorized access to a portion of its internal IT network. A third-party threat actor ga

Cybercrime group Lapsus$ has claimed responsibility for breaching AstraZeneca, one of the world's largest pharmaceutical companies, alleging theft of approximately 3GB of sensitive internal data including source code rep

Kaplan, the Florida-based educational services company serving approximately 1.2 million students annually, reported a data breach to state regulators in at least seven US states confirming that Social Security numbers a

Kaplan, the Graham Holdings-owned educational services giant serving approximately 1.2 million students and 15,000 corporate clients globally, has confirmed a data breach that ultimately affected 1.4 million individuals;

IDMerit, an AI-powered identity verification provider processing know-your-customer (KYC) checks for banks and cryptocurrency exchanges, left a MongoDB database publicly accessible without authentication for 99 days; exp

**Intelligence confidence: LOW.** ALP-001 ransomware claims carry documented fabrication warnings across threat intelligence platforms, and Hikvision has not issued a public statement confirming any breach. This brief co

France's Centre national des œuvres universitaires et scolaires (Cnous) (the government body managing student welfare services including housing, dining, and financial aid for the national university system) has confirme

France's tax authority (DGFiP) confirmed on February 18, 2026 that an attacker spent 16 days inside FICOBA, the national registry of every bank account opened in France, using a single stolen civil servant's credentials.

Cybernews researchers have confirmed the discovery of a publicly exposed cloud database containing approximately 45 million French citizens' records; one of the largest data exposures in French history. The archive is no

Foster City, California (a Bay Area municipality of approximately 34,000 residents) has declared a formal state of emergency following a ransomware attack that took down the city's entire network. The city council approv

The FBI has confirmed that a foreign hacker infiltrated a server at its New York field office in February 2023, gaining unauthorized access to sensitive investigative files related to Jeffrey Epstein. The breach, charact

The Dutch Ministry of Finance confirmed on March 24, 2026 that its systems were breached in a cyberattack detected the previous Thursday, March 19. Unauthorized access was gained to systems supporting primary processes w

The Social Security Administration's inspector general is investigating a whistleblower complaint alleging that a former U.S. DOGE Service software engineer exfiltrated two of the federal government's most sensitive citi

The DOJ has unsealed charges against Angelo John Martino III, a former ransomware negotiator at DigitalMint, accusing him of conducting at least 10 ransomware attacks while simultaneously negotiating ransom payments on b

Crunchyroll, the Sony-owned anime streaming platform with tens of millions of subscribers globally, has confirmed a data breach stemming from a malware infection on a third-party vendor employee's device. A single threat

Conduent, a business process services giant that administers healthcare eligibility, Medicaid, SNAP benefits, and other government programs for hundreds of US agencies, suffered a covert network intrusion between October

Cognizant's healthcare IT subsidiary TriZetto Provider Solutions has disclosed a data breach affecting more than 3.4 million patients across the United States. Unauthorized access began in November 2024 and went undetect

Canada's Investment Regulatory Organization (CIRO) has confirmed a data breach affecting up to 750,000 investors, stemming from a phishing attack that occurred in August 2025. The breach, initially disclosed as limited t

An unidentified threat actor claims to have breached Chile's official Ley del Lobby platform, the government's mandatory lobbying transparency registry, and exfiltrated 250 gigabytes of lobbying records spanning 2018 to

The full source code of Sweden's e-government platform has been leaked to the dark web following a confirmed breach of CGI Sverige, the Swedish subsidiary of CGI Group; one of the world's largest IT and business consulti

CarGurus, one of the largest online automotive marketplaces in the United States with over 30 million monthly visitors, has suffered a confirmed data breach linked to the ShinyHunters threat group. Approximately 12.4 mil

A threat actor tracked as **xpl0itts**, collaborating with groups DarkRomance and teamPCP, claims an ongoing and expanding data exfiltration campaign against BMW and at least 35 additional automakers (including Toyota, M

Bell Ambulance, a US emergency medical services provider offering ambulance transport and paramedic care, confirmed a ransomware attack that exposed the personal and healthcare data of 237,830 individuals. The Medusa ran

Aura, a consumer digital safety company selling identity theft protection, credit monitoring, and fraud protection services, confirmed on March 18, 2026 that ShinyHunters stole approximately 900,000 customer records via

AkzoNobel, the Dutch multinational paints and coatings company behind Dulux, Sikkens, International, and Interpon, confirmed a cyberattack at one of its US facilities after the Anubis ransomware gang published sample dat

Google Chromium V8 contains a memory buffer vulnerability allowing remote code execution via crafted HTML pages, affecting multiple web browsers.

CISA has added a Google Skia out-of-bounds write vulnerability to its Known Exploited Vulnerabilities catalog, mandating remediation by late March 2026.

This high-severity vulnerability in ingress-nginx allows attackers to inject configuration via Ingress fields, resulting in arbitrary code execution and potential secret disclosure.

This critical vulnerability in Fortinet FortiOS and FortiProxy allows unauthenticated remote code execution and is currently listed as a known exploited vulnerability by CISA.

A critical unauthenticated remote code execution vulnerability in SolarWinds Web Help Desk AjaxProxy is now listed on CISA’s Known Exploited Vulnerabilities catalog.

Hikvision IP cameras contain a critical improper authentication flaw allowing privilege escalation and unauthorized data access.

A command injection in GlobalProtect portal/gateway on Palo Alto PAN-OS.