The Breach News

New Supply Chain Attack ‘Revival Hijack’ Poses Significant Threat to PyPI Takeovers

New Supply Chain Attack Threatens Thousands of Python Packages Cybersecurity firm JFrog has identified a novel attack method that poses a serious threat to the Python Package Index (PyPI) repositories, affecting over 22,000 software packages and potentially endangering a vast number of users. Dubbed “Revival Hijack,” this technique exploits a…

Read MoreNew Supply Chain Attack ‘Revival Hijack’ Poses Significant Threat to PyPI Takeovers

Ransomware Attack Forces Schoolchildren to Leave; Veeam Backup Vulnerability Exposed

The recent surge in ransomware incidents has underscored the vulnerabilities of both public and private sector organizations, with the latest attack impacting the Charles Darwin School in the UK. After experiencing a severe cyber assault on Thursday, the school was compelled to send students home and declare a prolonged holiday…

Read MoreRansomware Attack Forces Schoolchildren to Leave; Veeam Backup Vulnerability Exposed

China-Supported Earth Baku Expands Cyber Attacks Across Europe, the Middle East, and Africa

The China-supported hacking group known as Earth Baku has expanded its operational focus, shifting from mainly Indo-Pacific targets to include nations across Europe, the Middle East, and Africa since late 2022. Countries recently identified as potential targets of this group include Italy, Germany, the United Arab Emirates, and Qatar, with…

Read MoreChina-Supported Earth Baku Expands Cyber Attacks Across Europe, the Middle East, and Africa

RansomHub Claims Responsibility for Planned Parenthood Hack, Acquires 93GB of Confidential Data

RansomHub has announced a significant breach of Intermountain Planned Parenthood, claiming the theft of 93GB of sensitive data. As the healthcare provider conducts an investigation into this cyber attack, experts are sounding the alarm about increasing ransomware threats targeting essential sectors. The RansomHub cybercrime group has asserted responsibility for infiltrating…

Read MoreRansomHub Claims Responsibility for Planned Parenthood Hack, Acquires 93GB of Confidential Data

Ransomware Attacks on U.S. Financial Firms Surge in 2024

Recent ransomware attacks have escalated, impacting organizations across the globe and leaving no sector untouched. A report from Trustwave SpiderLabs reveals a substantial uptick in attacks, particularly in the United States, where the financial sector, including banks and credit unions, has experienced an alarming concentration of incidents. This year alone…

Read MoreRansomware Attacks on U.S. Financial Firms Surge in 2024

23andMe Settles Lawsuit Over Major Data Breach with $30 Million Payment – StartupNews.fyi

23andMe has announced a settlement of $30 million to resolve a lawsuit linked to a significant data breach that has raised serious concerns within the tech community. The lawsuit was triggered by a data breach that exposed sensitive user information, impacting numerous individuals who had entrusted their genetic and health…

Read More23andMe Settles Lawsuit Over Major Data Breach with $30 Million Payment – StartupNews.fyi

New RAMBO Attack Leverages RAM Radio Signals to Extract Data from Air-Gapped Networks

A new side-channel attack method has been uncovered, utilizing radio signals emitted from a device’s random access memory (RAM) to extract sensitive data, thereby posing significant risks to air-gapped networks. This technique, referred to as RAMBO—short for “Radiation of Air-gapped Memory Bus for Offense”—was developed by Dr. Mordechai Guri, the…

Read MoreNew RAMBO Attack Leverages RAM Radio Signals to Extract Data from Air-Gapped Networks

Lazarus Group Aims at Blockchain Professionals with Phony Video Conferencing and Job Scams

A recent report from Group-IB has drawn attention to the ongoing cyber campaign led by North Korea’s Lazarus Group, referred to as the “Eager Crypto Beavers” initiative. This group utilizes advanced strategies, including deceptive job postings and malicious video conferencing software, to spread malware effectively. The Lazarus Group, infamous for…

Read MoreLazarus Group Aims at Blockchain Professionals with Phony Video Conferencing and Job Scams

Feeld Dating App’s Lenient Security Exposes Private Data to Public Scrutiny – DataBreaches.net

In a recent disclosure, the Feeld dating app has come under scrutiny due to significant vulnerabilities that have compromised the privacy of its users. Reports indicate that sensitive user data has become unexpectedly accessible, raising alarms about the app’s security protocols. As a platform designed to facilitate connections between individuals…

Read MoreFeeld Dating App’s Lenient Security Exposes Private Data to Public Scrutiny – DataBreaches.net