The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. King Edward VII’s Hospital is a private hospital located on Beaumont Street in the Marylebone district of central London. It is a leading provider of acute and specialist medical care, with a focus on musculoskeletal health, urology, women’s health, and d

An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine. A joint law enforcement operation led by Europol and Eurojust, with the support of the police from seven nations, has arrested in Ukraine the core members of a ransomware group. Today EUROPOL in conjunction with the Ukraine National Police arre

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The North Texas Municipal Water District (NTMWD) is a regional water district that provides wholesale water, wastewater treatment, and solid waste services to a group of member cities and customers in North Texas, United State

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. It is a for-profit health system with a focus on acquiring, managing, and improving hospitals. Ardent Health Services

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site.

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign. Atomic Stealer (AMOS) macOS information stealer is now being delivered via a fake browser update chain tracked as ClearFake, Malwarebytes researchers warn. The malware focuses on macOS, designed to pilfer sensitive in

North Korea-linked APT group Diamond Sleet is distributing a trojanized version of the CyberLink software in a supply chain attack. Microsoft Threat Intelligence researchers uncovered a supply chain attack carried out by North Korea-linked APT Diamond Sleet (ZINC) involving a trojanized variant of a CyberLink software. The attackers used a malware-laced v

Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S. Welltok is a company that specializes in health optimization solutions. It provides a platform that leverages data-driven insights to engage individuals in their health and well-being. The platform aims to personalize and optimize health pro

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States. AutoZone operates 7,140 stores acr

Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers discovered the botnet in Oc

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The Carbon Black Managed Detection & Response team is warning of a surge in the number of new infections related to NetSupport RAT in the last few weeks. The most impacted sectors are education, government, and business services. NetSupp

The Canadian government discloses a data breach after threat actors hacked two of its contractors.  The Canadian government declared that two of its contractors,Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, have been hacked, resulting in the exposure of sensitive information belonging to an undiscl

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage. The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. The British Library is a research library in London that is the national library of the United Kingdom. It is one of the

US teenager Joseph Garrison pleads guilty to carrying out a credential stuffing attack on a betting website. US teenager Joseph Garrison (19) has pleaded guilty to his involvement in a credential stuffing campaign that targeted user accounts at a fantasy sports and betting website.3 On or about November 18, 2022, the man launched a credential stuffing

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks. Cisco Talos researchers observed 8Base ransomware operators using a variant of the Phobos ransomware in recent attacks. Phobos variants are usually distributed by the SmokeLoader, but in 8Base campaigns, it has the ransomware component embedde