Cybercrime
-
Monroe University data breach exposed information on 320,973 people
Monroe University said a December 2024 cyberattack exposed personal, financial, and health data for 320,973 people. Notifications began in January and affected individuals are offered one year of free credit monitoring.
-
CERT-UA advisory outlines PLUGGYAPE campaign using Signal and WhatsApp against Ukrainian forces
A CERT-UA advisory says PLUGGYAPE was used in October to December 2025 attacks on Ukrainian defense forces. Delivery used Signal and WhatsApp links to passworded archives that installed a PyInstaller executable and a Python backdoor.
-
Belgian hospital shuts down servers and cancels procedures after cyberattack
A Belgian hospital operating in Antwerp and Deurne disconnected servers at 6:32 AM after a cyberattack, cancelling scheduled procedures and transferring seven critical patients. Authorities have been notified and an investigation is under way.
-
Long running web skimmer targeted major payment networks since 2022
A technical analysis found a web skimming campaign active since January 2022 that targeted major payment networks and used obfuscated JavaScript to harvest payment and personal data from checkout pages.
-
New SHADOW#REACTOR campaign uses text only stagers and MSBuild to deploy Remcos RAT
A technical report from Securonix details SHADOW#REACTOR, a campaign that stages text only fragments and in memory loaders to deliver the Remcos RAT and achieve persistent access, using MSBuild and other legitimate Windows binaries.
-
Apex Legends players report character hijacks during live matches
Players reported Apex Legends characters being controlled remotely during live matches, causing disconnects and name changes. The developer acknowledged and then resolved the incident after about six hours while saying there was no evidence of remote code execution.
-
BreachForums database of 323,986 user accounts leaked in January
A database of 323,986 BreachForums accounts was published January 9. The dump is dated August and includes hashed passwords, private messages, a password protected PGP key and a 4,400 word manifesto titled Doomsday.
-
Ransomware breach at Cancer Center exposes participant files including 1990s Social Security numbers
A ransomware attack on August 31, 2025 breached the Cancer Center in Honolulu and stole study participant files including 1990s documents with Social Security numbers, the university said in a report to the state legislature.
-
Endesa discloses customer data breach affecting contract and payment details
Endesa and operator Energía XXI disclosed that hackers accessed a commercial platform and obtained customer contract information, including identity and payment details. The firm serves about 22 million clients and is notifying affected customers.
-
GoBruteforcer botnet targets crypto and blockchain databases with credential brute force
A technical analysis found GoBruteforcer campaigns since mid 2025 that turn exposed Linux servers into botnet nodes to brute force FTP and database credentials and to probe blockchain accounts for funds.
