Nasir Security, an Iran-aligned hacktivist group operating under the name "Sons of Al-Naseer" in its latest post, has claimed to have breached Kuwait's Ministry of...
A large-scale automated credential harvesting campaign has been actively exploiting CVE-2025-55182, the critical React Server Components vulnerability known as React2Shell, compromising at least 766 hosts...
Also Known As: PCPcat, ShellForce, DeadCatx3, PersyPCP, CanisterWorm First Observed: September 2025 Primary Operations: Supply chain compromise, credential theft, ransomware staging, cryptomining, destructive wiping Motivation:...
CERT-EU has attributed the European Commission cloud breach to TeamPCP, the same threat group behind the Trivy and LiteLLM supply chain attacks, and confirmed the...
Mercor, a $10 billion AI recruiting and training data startup whose clients include OpenAI, Anthropic, and Meta, confirmed on March 31 that it was compromised...
Hims & Hers, the San Francisco-based telehealth company with nearly $1 billion in annual revenue, has confirmed a data breach affecting its third-party customer service...
A China-linked intrusion into an FBI surveillance system first reported in early March has been upgraded to a major incident under the Federal Information Security...
A compliance technology vendor trusted with some of the most sensitive communications in financial services has allegedly been gutted. FulcrumSec, a threat actor with 13...
A threat actor appeared on a cybercrime forum this week claiming to have breached Xtium, a U.S.-based managed service provider formerly known as ATSG that...
Handala Hack announced a mass destructive operation on April 2, claiming to have wiped 22 terabytes of data across 14 Israeli organizations in what the...
Check your email against 12 billion+ leaked records — then set up alerts so you're the first to know if you appear in a new breach.
Powered by BreachNews
