Cyberattack
Telus Digital confirms breach after hacker claims 1 petabyte data theft
Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach. Telus Digital is the digital services and business process outsourcing (BPO) arm of Canadian telecommunications provider Telus, providing customer support, content moderation, AI […]
ShinyHunters claims ongoing Salesforce Aura data theft attacks
Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users access to more data than intended. However, the ShinyHunters extortion gang claims to be actively exploiting a new bug to steal data from instances. Salesforce has shared guidance for its customers to defend against hackers actively targeting […]
Mississippi medical center reopens clinics hit by ransomware attack
The University of Mississippi Medical Center (UMMC) says it has resumed normal operations, nine days after a ransomware attack blocked access to electronic medical records and took down many of its IT systems. “The University of Mississippi Medical Center’s clinics resumed normal operations today following a nine-day ordeal caused by a cyberattack,” the UMMC said in […]
UK warns of Iranian cyberattack risks amid Middle-East conflict
The United Kingdom’s National Cyber Security Centre (NCSC) alerted British organizations to a heightened risk of Iranian cyberattacks amid the ongoing conflict in the Middle East. While there is no significant change in the direct cyber threat from Iran to the UK, the NCSC said this could change at any time, given how quickly the […]
Olympique Marseille confirms ‘attempted’ cyberattack after data leak
French professional football club Olympique de Marseille has confirmed a cyberattack after a threat actor claimed on Monday that it breached the club’s systems earlier this month. Founded 126 years ago, Olympique Marseille competes in the Ligue 1, the top tier of the French football league system, and was the first French club to win […]
Fake Next.js job interview tests backdoor developer’s devices
A coordinated campaign targeting software developers with job-themed lures is using malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests. The attacker’s goal is to achieve remote code execution (RCE) on developer machines, exfiltrate sensitive data, and introduce additional payloads on compromised systems. Multiple execution triggers Next.js is a popular […]
Spain arrests suspected hacktivists for DDoSing govt sites
Spanish authorities have arrested four alleged members of a hacktivist group believed to have carried out cyberattacks targeting government ministries, political parties, and various public institutions. The group, which called itself “Anonymous Fénix” and claimed they were affiliated with the Anonymous hacker collective, conducted distributed denial-of-service (DDoS) attacks against targets in Spain and several South […]
Mississippi medical center closes all clinics after ransomware attack
The University of Mississippi Medical Center (UMMC) closed all its clinic locations statewide on Thursday following a ransomware attack. UMMC has over 10,000 employees and, as one of the largest employers in Mississippi, operates seven hospitals, 35 clinics, and more than 200 telehealth sites statewide. The medical center includes the state’s only children’s hospital, only Level I […]
Romania’s oil pipeline operator Conpet confirms data stolen in attack
Romania’s national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. In a press release the day following the incident, the company said that the threat actor breached its corporate IT infrastructure, but operations remained unaffected. Conpet S.A. published an update today about the incident, saying that […]
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. The Commission said on Friday that it detected traces of a cyberattack targeting infrastructure that manages its staff’s mobile devices. While the attackers may have accessed some staff members’ personal information, including names and phone numbers, the […]