Vendors
-
Hackers breach Evertec’s Brazilian unit in $130 million Pix heist attempt
Hackers breached Evertec’s Brazilian subsidiary Sinqia to access the Pix real-time payments system, attempting a $130 million unauthorized transfer. Part of the funds was recovered, Pix access was revoked by the Central Bank of Brazil, and investigators are pursuing the case, with HSBC linked by local media reports.
-
MathWorks reports ransomware breach exposed data of 10,476 individuals
MathWorks disclosed that a ransomware group stole the data of 10,476 individuals after breaching its network in April, prompting outages affecting MFA, SSO, and other services. The company has not named the ransomware operator, and authorities note that a resolution or ransom payment, if any, remains undisclosed.
-
Sweden hit by cyberattack on municipal IT supplier Miljödata, disrupting services for more than 200 municipalities
A cyberattack on Miljödata disrupted access to municipal IT systems across more than 200 regions in Sweden, with reports of potential data leakage and a ransom demand tied to the incident.
-
Healthcare Services Group breach affects more than 624,000 individuals
Healthcare Services Group said a data breach exposed the personal information of more than 624,000 individuals, with unauthorized access occurring between Sept. 27 and Oct. 3, 2024 and notifications sent on Aug. 25, 2025. Data types varied but included identifiers and financial details; credit monitoring is being offered, and there is no current evidence of…
-
ZipLine phishing campaign uses public contact forms to drop in-memory MixShell malware, researchers say
Cybersecurity researchers warn of ZipLine, a social-engineering campaign that uses public-facing Contact Us forms to seed weeks-long conversations before delivering in-memory MixShell malware via a weaponized ZIP file, with DNS tunneling as the primary command-and-control channel.
-
Farmers Insurance says 1.1 million customers affected by data breach tied to Salesforce attack wave
Farmers Insurance says 1.1 million customers were affected by a data breach at a third‑party vendor, tied to a broader Salesforce data‑theft campaign. The incident exposed names, addresses, birth dates, driver’s licenses, and last‑four digits of SSNs, with notices issued starting in August and Maine officials confirming more than 1.1 million total affected across notices.
-
Data I/O reports ransomware attack disrupts operations; SEC filing indicates ongoing investigation
Data I/O, a major electronics maker with high-profile clients, disclosed a ransomware infection that began August 16 and continues to disrupt operations. The company activated response protocols, hired cybersecurity experts, and is investigating, with no timetable for restoration.
-
Inotiv ransomware attack disrupts operations as Qilin claims data theft
Inotiv, an Indiana-based contract research organization, disclosed a ransomware incident on August 8, 2025 that encrypted some systems and data, disrupting operations. The company engaged external security experts, notified law enforcement, and said it is restoring networks while a Qilin ransomware gang claims to have stolen hundreds of thousands of files and published data samples.
-
Colt Technology Services says cyber incident disrupted customer portal and Voice API; no evidence of data breach reported
Colt Technology Services disclosed a cyber incident that disrupted its customer portal and internal systems, with no confirmed evidence of data breach. The company has engaged cyber experts and is restoring services, while updating customers via its status page. Separately, a ransomware group claimed to have stolen Colt documents, a claim awaiting verification.
-
CISA Adds Two N-able N-central Vulnerabilities to KEV; MSP Patch Push Underway
U.S. authorities added two vulnerabilities in N-able N-central to the Known Exploited Vulnerabilities catalog, while noting no public exploitation has been reported. The flaws—CVE-2025-8875 (insecure deserialization) and CVE-2025-8876 (command injection)—require authentication and have been patched in N-central versions 2025.3.1 and 2024.6 HF2, with upgrades urged for on-premises deployments.
