-
East Valley Institute of Technology
January 9, 2024
East Valley Institute of Technology ("EVIT") an Arizona-based technical school notifies nearly 209,000 current and former students, parents, guardians and faculty that their personal, health and financial information was potentially compromised in LockBit ransomware attack earlier this year.
-
Official X Account of Hyundai MEA
January 8, 2024
The official Hyundai MEA Twitter/X accounts is hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware.
-
Centennial Bank
January 8, 2024
•
[ hack, finance ]
Centennial Bank files a notice of data breach after discovering that information that had been provided to the company was subject to unauthorized access.
-
Zaporizhzhya
January 8, 2024
The pro-Russia NoName057(16) group hits multiple Ukrainian websites, including Accordbank, Zaporizhzhya Titanium-Magnesium Plant, State Tax Service, Central Interregional Tax Administration, Western Interregional Tax Administration, and the Main Directorate of the State Tax Service in Kyiv.
-
Official X Account of Netgear
January 8, 2024
•
[ hack, malware, manufacturing ]
The official NetgearTwitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware.
-
United States Department of Transportation (DOT)
January 8, 2024
•
[ hack, government ]
The threat actor known as IntelBroker claims responsibility for a data breach targeting the United States Department of Transportation (DOT), containing. 5.8 million flight logs from the year 2015.
-
Official X Account of Zack Polanski
January 7, 2024
Zack Polanski, the deputy leader of the United Kingdoms Green Party, has his account hijacked earlier to promote a cryptocurrency scam.
-
Beirut’s International Airport
January 7, 2024
Flight information display screens at Beiruts international airport are hacked to display politically motivated messages, and the incident also temporarily affects baggage inspection.
-
Ministry of Tourism
January 7, 2024
•
[ hack, ddos, government ]
The official websites of the Presidents office, Foreign Ministry, and Tourism Ministry in Maldives are taken down by a DDoS attack allegedly carried out by threat actors from China.
-
Bangladesh Election Commission
January 7, 2024
•
[ hack, ddos, government ]
An official at the Bangladesh Election Commission claims that a cyberattack from Ukraine and Germany caused an election information app, Smart Election Management BD, to crash as voters went to the polls.
-
Halara
January 7, 2024
•
[ leak, manufacturing ]
Popular athleisure clothing brand Halara investigates a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum.
-
loanDepot
January 6, 2024
•
[ ransomware, malware, finance ]
U.S. mortgage lender loanDepot suffers a ransomware attack that causes the company to take IT systems offline, preventing online payments against loans.
-
Danish Water Utility
January 6, 2024
•
[ cyberattack, state-sponsored, critical infrastructure ]
Danish authorities stated that Russia carried out a destructive and disruptive cyberattack against a Danish water utility in 2024. Reporting cited by Danish media said the incident involved manipulation of pump pressure, which caused pipes to burst and left some homes temporarily without water. The public reporting did not name the utility or provide precise dates beyond year-level timing.
-
At least one individual in Ukraine
January 6, 2024
•
[ phishing, credential harvesting, state-sponsored attack ]
The article reports researchers observed a months-long phishing/credential-harvesting operation targeting users of UKR.NET, a popular Ukrainian webmail and news service. The campaign ran from June 2024 through April 2025 and was attributed to Russian state-backed BlueDelta (APT28/Fancy Bear/Forest Blizzard). Researchers said the actors created multiple fake UKR.NET login pages and sent phishing emails with PDF attachments containing embedded links to the fraudulent portals, with more than 20 linked PDF lure files identified. The purpose was assessed as harvesting credentials and gathering intelligence supporting broader Russian objectives; the reporting did not quantify how many users were successfully compromised.
-
Bill Lou
January 5, 2024
•
[ social, phishing, finance ]
Bill Lou, co-founder of Nest Wallet, a cryptocurrency wallet startup, loses $125,000 to a crypto scam.
-
CertiK
January 5, 2024
The Twitter/X account of blockchain security firm CertiK is hijacked to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer.
-
Toronto Zoo
January 5, 2024
Toronto Zoo, the largest zoo in Canada, it is hit with a ransomware attack.
-
Multiple Chambers of Crafts in Germany
January 5, 2024
The websites and online services for multiple Chambers of Crafts in Germany are down following a security incident that appears to have impacted a managed service provider.
-
-
South Korean construction trade organization
January 5, 2024
The South Korea's National Cyber Security Center (NCSC) warns that state-backed threat actors DPRK hijacked flaws in a VPN's software update to deploy malware and breach networks. In the first case they compromised the website of a South Korean construction trade organization to disseminate malware to visitors.
