The Breach News

Phorpiex Botnet Distributing Millions of Sextortion Emails via Compromised Computers

In a significant turn of events, a decade-old botnet named Phorpiex, which currently controls over 450,000 computers globally, has pivoted from its previous activities—namely deploying ransomware and cryptominers—to orchestrating sextortion campaigns. This shift involves sending millions of fraudulent emails intended to extort money from unsuspecting individuals. The rise in email…

Read MorePhorpiex Botnet Distributing Millions of Sextortion Emails via Compromised Computers

AI Applications in Healthcare: Opportunities, Governance, and Risks

Growing Use of AI in Healthcare Raises Security and Compliance Concerns The landscape of artificial intelligence (AI) in healthcare is set to expand significantly in 2026, with applications that range from back-office automation to clinical decision support systems. This surge in use cases brings along heightened concerns regarding privacy, security,…

Read MoreAI Applications in Healthcare: Opportunities, Governance, and Risks

Marquis Software Ransomware Attack Affects Customer Data of Two Additional Banks

Summary of Recent Data Breach Incident Two U.S. banks, Artisans’ Bank and VeraBank, have disclosed their involvement in a significant ransomware attack linked to their third-party service provider, Marquis Software. This incident has indicated a glaring vulnerability within the supply chain of banking services, as attackers exploited weaknesses in the…

Read MoreMarquis Software Ransomware Attack Affects Customer Data of Two Additional Banks

SideCopy Exploiting WinRAR Vulnerability in Attacks on Indian Government Entities

The Pakistan-based cyber threat group known as SideCopy has recently exploited a critical vulnerability in WinRAR to conduct targeted attacks against Indian governmental institutions, deploying various remote access trojans (RATs) such as AllaKore RAT, Ares RAT, and DRat. This strategy aligns with SideCopy’s longstanding focus on espionage against entities in…

Read MoreSideCopy Exploiting WinRAR Vulnerability in Attacks on Indian Government Entities

Russian Hackers Attack Anti-Doping Agencies Before the 2020 Tokyo Olympics

As Japan prepares for the 2020 Summer Olympics in Tokyo, concerns are escalating regarding potential sophisticated cyberattacks from state-sponsored hackers. Microsoft has issued a warning about a recent surge in targeted attacks attributed to a group of Russian state-sponsored hackers, known as Strontium, or more widely recognized as Fancy Bear…

Read MoreRussian Hackers Attack Anti-Doping Agencies Before the 2020 Tokyo Olympics

Companies Risk $22 Million Fines for Failing to Safeguard Against Hackers

Recent years have witnessed an alarming surge in data breaches, with reports surfacing almost weekly about organizations falling victim to cyberattacks that expose millions of user records. Despite the pervasive nature of these incidents, many businesses continue to underestimate the critical importance of data protection, leaving sensitive information vulnerable to…

Read MoreCompanies Risk $22 Million Fines for Failing to Safeguard Against Hackers

Hypervisors: The Major Target for 2026

Cloud Security, Security Operations, Video AI Adoption Elevating Hypervisors as Targets, According to Google Cloud’s Jamie Collier Akshaya Asokan (asokan_akshaya) • December 29, 2025 Jamie Collier, Lead Threat Intelligence Advisor for EMEA, Google Cloud Recent insights from Jamie Collier, Google Cloud’s lead threat intelligence advisor for the EMEA region, reveal…

Read MoreHypervisors: The Major Target for 2026

KT Waives Contract Cancellation Penalties for Customers After Data Breach – Yonhap News Agency

KT Corp., a prominent South Korean telecommunications company, has announced it will forgo penalties associated with contract cancellations following a significant data breach. This decision, communicated by the Yonhap News Agency, aims to alleviate concerns for affected customers amidst rising anxiety over cybersecurity in both consumer and business sectors. The…

Read MoreKT Waives Contract Cancellation Penalties for Customers After Data Breach – Yonhap News Agency

CISA Alerts: Critical SLP Vulnerability Currently Being Actively Exploited

On November 8, 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) formally recognized a critical vulnerability in the Service Location Protocol (SLP) by adding it to its Known Exploited Vulnerabilities (KEV) catalog. This entry highlights the agency’s concerns regarding active exploitations of the flaw, which has been assigned the…

Read MoreCISA Alerts: Critical SLP Vulnerability Currently Being Actively Exploited