Cybercrime
-
Conduent breach exposed personal data of nearly 17,000 Volvo employees
Nearly 17,000 US Volvo employees had personal data exposed after a Conduent breach. A Maine Attorney General filing shows 16,991 people were affected, with intruder access dated October 21, 2024 to January 13, 2025.
-
China-linked UNC3886 targeted Singapore telcos, agency says
Singapore’s Cyber Security Agency said UNC3886 targeted all four major telcos using a zero-day and rootkits. Authorities closed access points and expanded monitoring and found no evidence of customer data loss.
-
SecurityScorecard: 135,000 plus internet-exposed OpenClaw instances found
SecurityScorecard’s STRIKE team found more than 135,000 internet-exposed OpenClaw instances and tens of thousands vulnerable to a known RCE bug. Users are urged to restrict network bindings and limit agent access.
-
Ivanti EPMM zero-days exploited in breach affecting Dutch data protection authority
A letter to the Dutch parliament said attackers exploited Ivanti EPMM vulnerabilities on 29 January, causing a breach that affected employees at the Dutch Data Protection Authority and the Council for the Judiciary with contact details possibly exposed.
-
Bloody Wolf campaign installs NetSupport RAT in Uzbekistan and Russia
A spear-phishing campaign installed NetSupport RAT on about 50 devices in Uzbekistan and 10 in Russia using PDF-based loaders that enforce install limits and set persistent autorun scripts while Mirai payloads were staged.
-
Worm-driven TeamPCP campaign compromises cloud native infrastructure at scale
A worm-driven campaign by TeamPCP exploited exposed Docker, Kubernetes, Ray and React vulnerabilities around Dec 25, 2025 to build proxy and scanning infrastructure for data theft, extortion and cryptocurrency mining, researchers report.
-
Spain Ministry of Science partially shuts electronic services after technical incident
A technical incident prompted a partial shutdown of Spain’s Ministry of Science electronic headquarters, suspending administrative procedures. A threat actor claims an IDOR exploit and leaked data samples, while the ministry says the closure is under assessment.
-
Sapienza University offline after cyberattack disrupts campus systems
Sapienza University in Rome shut down network systems after a cyberattack, taking its website offline and disrupting services for more than 112,500 students as technicians and national authorities work to restore systems.
-
Romanian oil pipeline operator reports cyberattack that took website offline
Conpet reported a cyberattack that disrupted its corporate IT systems and disabled its website on Tuesday. Operational technology remained unaffected and authorities were notified. A ransomware group using the Qilin name posted files presented as proof.
-
Substack notifies users after email and phone data stolen in October 2025
Substack says attackers accessed email addresses, phone numbers and metadata in October 2025 and discovered the issue on February 3 2026. A posted database claims 697,313 records were leaked. The company says no financial data was exposed.
