Breaches

Breaches

RedLine Infostealer Administrator Extradited to US, Faces Up to 20 Years for Running MaaS Infrastructure

Armenian national Hambardzum Minasyan has been extradited to the United States for his alleged role in maintaining RedLine's command-and-control infrastructure, managing affiliate payments, and distributing the infostealer — one of the most prolific credential-stealing operations since 2020.

Breaches

ShinyHunters Claims 100 High-Profile Victims in Salesforce Data Heist Using Modified Mandiant Tool to Exploit Experience Cloud Misconfigurations

The ShinyHunters extortion gang claims to have stolen data from approximately 100 high-profile companies — including Salesforce itself, Snowflake, Okta, LastPass, Sony, and AMD — in a months-long campaign exploiting misconfigured Salesforce Experience Cloud sites using a weaponized version of an open-source tool originally developed by Mandiant for defensive purposes. Salesforce confirmed

Breaches

FBI Investigates Breach of Internal Surveillance System Containing Wiretap Data and Investigation Subject PII

The FBI has disclosed to Congress that it is investigating a breach of an internal system containing sensitive surveillance data — including wiretap-related records and personally identifiable information on subjects of FBI investigations. The bureau began investigating abnormal log activity on February 17, 2026, and notified members of Congress this week.

Breaches

Iranian Drone Strikes Hit Three AWS Data Centers in UAE and Bahrain — First Kinetic Attacks on Major Cloud Infrastructure

Iranian drone strikes have physically damaged three Amazon Web Services data centers across the Middle East — two in the United Arab Emirates that were "directly struck" and a third in Bahrain damaged when a drone landed nearby — marking the first time a major cloud infrastructure provider has suffered

Breaches

French Health Ministry Software Supplier Breached — 15.8 Million Patient Records Stolen Including Doctors' Notes on HIV and Sexual Orientation

Attackers breached Cegedim Santé, a software supplier to France's health ministry, stealing approximately 15.8 million administrative patient files — including 165,000 containing free-text notes written by doctors that in some cases documented HIV/AIDS status, sexual orientation, and other sensitive medical history. The breach, confirmed in late

Breaches

PayPal Confirms Six-Month Data Exposure After Loan System Code Error Leaked Social Security Numbers

PayPal has confirmed a data exposure incident affecting its Working Capital (PPWC) business loan service, where a software code change left sensitive customer information accessible for nearly six months before being detected. The exposure ran from 1 July 2025 to 12 December 2025, when the error was finally discovered and

Breaches

ShinyHunters Claims 600,000 Customer Records From Canada Goose as Third-Party Payment Processor Breach

Data extortion group ShinyHunters has published over 600,000 customer records from Canadian luxury outerwear brand Canada Goose, including personal information, partial payment card data, and detailed e-commerce order histories. Canada Goose, a Toronto-based brand founded in 1957 with a global retail footprint and nearly 4,000 employees, confirmed awareness

Breaches

Qilin Ransomware Gang Breaches Romania's National Oil Pipeline Operator Conpet, Claims 1TB Data Theft

Romania's national oil pipeline operator Conpet S.A. has confirmed that the Qilin ransomware group breached its corporate IT infrastructure and stole company data in an attack last week, marking another critical infrastructure target hit by the increasingly aggressive ransomware operation. Conpet S.A. is a strategic company

Breaches

30 Fake AI Chrome Extensions With 300,000 Installs Caught Stealing Credentials, Gmail Data, and Audio

Thirty malicious Chrome extensions with a combined 300,000 installations have been caught masquerading as AI assistants while stealing credentials, email content, browsing data, and even activating voice recognition to capture audio from victim environments. Researchers at browser security platform LayerX discovered the campaign, dubbed AiFrame, and confirmed all 30

Breaches

Comcast Agrees to $117.5M Settlement Over Citrix Bleed Breach That Exposed 31.6 Million Customers

Comcast has agreed to pay $117.5 million to settle a class action lawsuit stemming from the October 2023 data breach in which attackers exploited the Citrix Bleed vulnerability to compromise the personal information of 31.6 million customers. US District Judge John Milton Younge granted preliminary approval on January

Breaches

First Malicious Outlook Add-In Discovered in the Wild After Abandoned Domain Hijack Steals 4,000 Credentials

Researchers at Koi Security have discovered what they describe as the first known malicious Microsoft Outlook add-in detected in the wild — a supply chain attack that exploited an abandoned developer domain to serve a phishing kit directly inside Outlook, stealing over 4,000 Microsoft credentials. The campaign, codenamed AgreeToSteal, targeted

Breaches

Dutch Police Arrest Third Suspect Behind JokerOTP Phishing Platform That Caused $10M in Losses

Netherlands police have arrested a 21-year-old man from Dordrecht suspected of selling access to the JokerOTP phishing automation platform — a tool designed to intercept one-time passwords through automated voice calls that tricked victims into handing over their MFA codes. The arrest is the third in a three-year investigation that dismantled