Breaches

GitHub breach of 3,800 repos linked to malicious Nx Console extension in TanStack npm supply-chain attack

RetoSwap loses 7,000 XMR ($2.7M) due to Haveno protocol vulnerability.

LAPSUS$ Group collaborates with TeamPCP to sell GitHub internal repositories.

TeamPCP steals 3,800 GitHub repositories via poisoned VS Code extension, demands $95K

Verizon DBIR 2026: AI exploited software vulnerabilities in 31% of breaches, compressing exploit timelines from months

Banana RAT malware targets 16 Brazilian banks via fake invoices, stealing data with QR code fraud.

GitHub confirms employee device compromise via malicious VS Code extension.

ShinyHunters targets cybersecurity firm that advises ransomware victims against paying.

CISA administrator accidentally exposed AWS GovCloud credentials on GitHub.

Multiple US healthcare organizations report data breaches affecting millions, tracked by HHS.

Ícaro Cloud breach exposes firewall configs, VPN keys, and TLS certs for 20 Spanish firms.

TeamPCP hackers demand $25K for stolen Mistral AI source code via supply-chain compromise.

Daily dark web threat intelligence digest reporting multiple breaches, CVEs, and exposed credentials across global

Brazilian identity verification provider Nuvidio allegedly breached; 40K files with KYC, biometrics, private keys

OpenAI confirms two employee devices breached in TanStack supply chain attack via Mini Shai-Hulud malware.

Xacria XNO telecom platform allegedly breached; 446 service orders and Italian subscriber PII exposed.

Weekly threat roundup: PAN-OS RCE exploited, Mythos cURL bug, AI tokenizer attacks, and 10+ security stories.

Ransomware group Nitrogen claims cyberattack on Foxconn's North American factories, alleges theft of 8TB from Apple,

Dark Web Informer daily digest reports multiple breaches, ransomware hits, and supply chain attacks across global

'The Gentlemen' RaaS gang exposed via OPSEC failure revealing affiliate model.

PayoutsKing ransomware gang claims 596 GB theft from NTN Bearing, including US Army JLTV documents.

NTN Bearing Corporation of America hit by PayoutsKing ransomware; 596 GB exfiltrated including US Army JLTV docs.

Foxconn hit by Nitrogen ransomware; 8TB of data and 11M files compromised.

Foxconn confirms North American factories hit by Nitrogen ransomware; 8TB stolen.

Akitatek French IT services firm breached; 5,400 customer records leaked by ChimeraZ.

Foxconn confirms cyberattack by Nitrogen ransomware gang; 8TB data and 11M documents stolen.

Spain's AEPD fined sports retailer €120K for data breach affecting 300K+ people

Dark Web Informer daily digest reports multiple breaches, ransomware claims, and threat actor activity.

Nitrogen ransomware group claims 8TB theft from Foxconn, affecting Apple, Google, Dell, Nvidia data.

ShinyHunters' clearnet domain suspended after Canvas LMS attacks; group relocates to dark web.

UK ICO fines water supplier £963,900 for 2020-2022 cyberattack exposing 664k customers.

Threat actor selling 988.7 GB collection of stealer logs with credentials.

BWH Hotels discloses 6-month unauthorized access to guest reservation data.

West Pharmaceutical Services hit by ransomware attack with data exfiltration on May 4.

Instructure pays ransom to ShinyHunters to prevent leak of 3.65TB Canvas data from 9,000 organizations.

ShinyHunters extorts Instructure/Canvas over stolen K-12 data; company reaches settlement amid widespread outages.

Daily dark web threat digest covering breaches, ransomware claims, and law enforcement actions.

ShinyHunters clearnet domain possibly seized by FBI.

Threat actor claims 77.56 GB breach of Iranian nuclear program data with extortion demand.

Two US men sentenced to 18 months for operating laptop farms enabling North Korean hackers to infiltrate 70+ US firms.

JDownloader website compromised to distribute malware via modified installers on May 6-7, 2026.

Genesis ransomware group lists CarePoint Health with 70GB data and 4-day publication countdown.

JDownloader official website compromised to distribute Python RAT malware via Windows and Linux installers.

Credilink Brazilian credit bureau allegedly breached; 243M records sold by Blastoize threat actor.

AEPD fines Spanish sports retailer €120K for data breach affecting 300K+ customers

RansomHouse claims responsibility for breach of Trellix source code repository.

Canvas education platform suffers breach by ShinyHunters, causes nationwide school disruptions.

Canvas education platform suffers ransomware attack affecting 275M students/faculty across 9K institutions.

Threat actor offers Azure AD admin access to Indian real estate firm for sale.

ShinyHunters defaced Canvas login portals for 330 schools in extortion campaign.