DataBreachToday.com

ShinyHunters May Have Struck Again
Airlines Air France and KLM said they suffered a data breach involving a third-party service storing customer data. The alert comes as the ShinyHunters extortion group continues to target Salesforce-using organizations and trick them into sharing direct access to their customer data.

Also: Samourai Wallet Co-Founders' Guilty Plea, Coinbase Loss From Data Theft
This week, Tornado Cash co-founder convicted, Samourai Wallet guilty plea, Coinbase insider data theft, a U.S. court overturned an OpenSea executive's fraud conviction, AI-written malware stole crypto, Credix exploit, CZ sought dismissal of FTX claim, July hacks and a FinCEN crypto ATM warning.

CISA Issues Emergency Directive Requiring Federal Agencies to Fix Flaw
A vulnerability in Exchange hybrid deployments could allow attackers to escalate privileges and gain administrative access to cloud-based environments. Microsoft said Tuesday there is no evidence of its exploitation and "strongly" recommended installing hot fix updates made available in April.

OpenAI CEO Says AI Has Beaten Voice Recognition, But Experts Disagree
OpenAI CEO Sam Altman recently claimed that artificial intelligence has "fully defeated most of the ways that people authenticate currently, other than passwords." A host of security experts disagree and point out that passwords got us into this authentication mess to begin with.

Interlock Claims to Have 1.5TB of DaVita's Data as Expenses Mount
DaVita Inc., one of the largest kidney dialysis providers in the world, told regulators that an April cyberattack has cost the company $13.5 million so far and has affected more than one million people in the U.S., and counting. Interlock says it's behind the data theft and ransomware attack.

Inskit Researchers Uncover Clusters in Hungary, Saudi Arabia
Security researchers uncovered a previously unseen malware cluster associated with Israeli spyware maker Candiru. The company may have rebranded itself to evade sanctions to continue its operations. It continues to operate despite its inclusion in 2021 onto an exports blacklist by the United States.

Cyber Volunteers Can Gain Real-World Experience While Protecting Communities
When people think about a career in cybersecurity, they often picture certifications, technical exams and entry-level jobs that require years of preparation. For those coming from non-traditional backgrounds, the journey can feel like a dead end. But what if there were other ways to explore it?

Researchers See 'Acceleration' in Existing Threats, Ongoing Criminal Success
Cybercrime so far this year can be summarized as featuring "more of everything," with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light.

CISA Lists Flaws as Actively Exploited
Hackers are actively exploiting years-old flaws in obsolete Wi-Fi cameras and video recorders made by D-Link, warn U.S. cybersecurity authorities. Possibly Chinese hackers have used one of the flaws to implant HiatusRAT malware. "Attackers don’t care if a vulnerability is new or old."

Cursor Patched Flaw Days After Disclosure, Says Check Point
Check Point researchers found a RCE flaw in Cursor, an AI-powered code editor, by manipulating a previously approved model context protocol configuration. Once a developer approved a configuration file for an MCP server, any future changes to that file could be executed without further prompts.

AI Powerhouse Releases Its First Public Model in 6 Years
OpenAI released its first open-weight reasoning models since GPT-2, unveiling gpt-oss-120b and gpt-oss-20b under the Apache 2.0 license. With performance approaching o-series benchmarks, the models are designed specifically for reasoning tasks.

Voice Phishing Attacks on Salesforce Users Remains Repeat ShinyHunters Tactic
Technology giants Google and Cisco separately said they've both suffered recent data breaches after attackers socially engineered their employees via voice phishing attacks, leading to a breach of their customer relationship management software, exposing customer data.

Ransomware, Data Thefts, Other Attacks Continue to Plague Health Sector
Recent hacks on a provider of sleep disorder diagnostic gear and services, a network of medical imaging facilities and a multi-disciplinary cancer care center have affected nearly 800,000 patients. The breaches are among the latest rash of cybercriminal attacks plaguing the healthcare sector.

Dutch Servers Restored Following Moscow-Led Attack
The Dutch Public Prosecution Service on Monday began phased restoration of its networks after a cyberattack last month forced the agency to take down its services offline. The agency confirmed that hackers exploited a vulnerability in a Citrix device.

$100M State Cyber Grants Mark Major Drop in Federal Support Despite Growing Demand
The federal government announced a final $100 million round of cybersecurity grants aimed at boosting state and local defenses, but experts warn the funding signals a broader shift in responsibility to under-resourced governments facing escalating threats without sustained federal support.

Chip Manufacturer Shore Up Loose Server Ends
Artificial chip maker giant Nvidia published patches for its open-source platform allowing users to run models at scale after researchers found hackers could gain complete control of the underlying server - allowing them to steal the models, manipulate its responses and steal data.

Why do IT-Focused SOCs Fall Short in OT Environments today?