Algerian hackers leak sensitive data from Morocco's CNSS and Ministry of Employment. Tensions between Algeria and Morocco are spilling over into the realm of cyber warfare. The Algerian hacker group JabaRoot DZ has claimed responsibility for an unprecedented series of intrusions into the computer systems of several
Targets of the cyberattacks include electronics and home appliances store Boulanger and the retailer Cultura.
Just days after reporting on the Samsung Tickets data breach, another massive leak has surfaced, this time targeting Royal Mail Group, a British institution with over 500 years of history.
On April 2, 2025, a threat actor known as “GHNA” posted on BreachForums, announcing the release of 144GB of data stolen from Royal Mail Group. The breach, once again facilitated through Spectos, a third-party service provider, exposes personally identifiable information (PII) of customers, confidential documents, internal Zoom meeting video recordings, delivery location datasets, a WordPress SQL database for mailagents.uk, Mailchimp mailing lists, and more.
Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company's Oracle Cloud federated SSO login servers
Zapier is notifying customers about a “security incident,” which involved an unauthorized user gaining access to the company’s code repositories and “certain custom information.”
Another little-known phone monitoring outfit has quietly amassed half a million customers, whose email addresses are now in Have I Been Pwned.
A travers la caisse de compensation de Swissmem, la faîtière de l’industrie des machines et des technologies, les données des employés de 180 firmes travaillant pour la Confédération et l’armée ont été mises en ligne. Une faille de sécurité majeure pour la Suisse
A bug in the Android and iPhone monitoring operations allows anyone to access private data exfiltrated from a victim's device.
Habib Mohammadi reports:
A group of unidentified hackers has breached the Taliban’s databases, leaking documents from 21 ministries and government agencies, some of which appear to be classified, according to reports circulating online.
The leaked files reportedly include documents from the Taliban-controlled ministries of finance, justice, foreign affairs, information and culture, telecommunications, and mining, as well as the Supreme Court and the Ministry for the Promotion of Virtue and Prevention of Vice.
The hackers have published hundreds of these documents on a website called “Talibleaks.”
After a ransomware attack on the state's health and social services system, Deloitte is giving Rhode Island $5 million to help cover expenses.
A publicly accessible database belonging to DeepSeek allowed full control over database operations, including the ability to access internal data. The exposure includes over a million lines of log streams with highly sensitive information.
Personal data of nearly 100,000 individuals that have participated in trainings organized by EU CEPOL has potentially been compromised.
The Japanese electronics giant says it did not negotiate with the hackers responsible for the attack.
Rhode Island officials said they're still analyzing the impact of a ransomware gang's breach of state health and social services systems. Some are still down.
InfoCert, uno dei principali fornitori di identità digitale, ha confermato la violazione annunciata sui forum da criminali informatici. I dati rubati potrebbero essere usati per attacchi phishing mirati
Following disclosure, Postman implemented additional safeguards
The sensitive information of VW, Audi, Seat, and Skoda EV owners was stored on a poorly secured Amazon cloud account for months
IntelBroker has leaked 2.9 Gb of data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total.
ConnectOnCall.com, LLC provides a product (“ConnectOnCall”) that healthcare providers purchase to improve their after-hours call process and enhance communications between the providers and their patients. ConnectOnCall discovered an incident that involved personal information related to communications between patients and healthcare providers that use ConnectOnCall.
On May 12, 2024, ConnectOnCall learned of an issue impacting ConnectOnCall and immediately began an investigation and took steps to secure the product and ensure the overall security of its environment. ConnectOnCall’s investigation revealed that between February 16, 2024, and May 12, 2024, an unknown third party had access to ConnectOnCall and certain data within the application, including certain information in provider-patient communications.
