EigenLayer
October 4, 2024
•[ hack, phishing, finance ]
EigenLayer team says it is investigating an unapproved selling activity of about 1.6 million of EigenLayers EIGEN tokens, worth about $5.7 million. In a subsequent update the company reveals that the unapproved token-selling incident was due to a hack, after a malicious attacker compromised an email thread involving an investors token transfer into custody.
Charleston Area Medical Center
October 2, 2024
•[ phishing, data leak ]
Phishing attack on multiple email users; unauthorized access to one mailbox between Oct 23, 2024, possibly exposing personal and health information. No other systems impacted.
Heartland Community Health Center
October 1, 2024
•[ phishing, data leak ]
Clinic reported email account breach exposing sensitive patient and insurance information.
Onsite Mammography
October 1, 2024
•[ phishing, data leak ]
Phishing attack compromised a single employees email account, enabling exfiltration of PII and PHI data affecting over 350,000 individuals; no encryption involved.
Hunter Health Clinic
September 30, 2024
•[ phishing, data leak ]
Clinic said an unauthorized party accessed one employee mailbox around Sept 30, 2024; on May 1, 2025 it confirmed files with PHI/PII may have been accessed; notices issued May 15.
Dove Healthcare
September 29, 2024
•[ phishing, data leak ]
Healthcare provider disclosed email account compromise containing patient and employee information.
Senator Ben Cardin
September 26, 2024
•[ espionage, phishing, government ]
An advanced deepfake operation targets Sen. Ben Cardin, the Democratic chair of the Senate Foreign Relations Committee, who is involved in a Zoom conversation with a fake Dymtro Kuleba, the former Ukrainian Minister of Foreign Affairs.
AultCare Corporation
September 25, 2024
•[ phishing, data leak ]
An unauthorized party accessed an employee email account and a SharePoint instance on 2024-09-25. AultCare reviewed affected content and began notifying brokers and affected individuals by 2025-01-21.
Ukrainian government and critical infrastructure organizations
September 25, 2024
•[ phishing, malware, espionage ]
Russian nation-state operators exploited a zero-day vulnerability in 7-Zip (CVE-2025-0411) beginning in September 2024 to deliver SmokeLoader malware through spearphishing campaigns targeting Ukrainian government and critical infrastructure entities. The campaign bypassed Windows Mark-of-the-Web protections to execute payloads and conduct espionage activities. No specific victims or data volumes have been disclosed.
Multiple Ukrainian government and municipal organizations
September 25, 2024
•[ vulnerability, phishing, malware ]
A zero-day vulnerability in 7-Zip (CVE-2025-0411) was exploited beginning September 25, 2024, by undetermined Russian-speaking cybercriminal actors via phishing and homoglyph-lure archives. Trend Micro and SecurityWeek confirmed at least nine Ukrainian government and public-service entities (including the Ministry of Justice, Kyiv Public Transportation, and water-utility systems) were compromised. The campaign delivered SmokeLoader malware through malicious archives bypassing Windows Mark-of-the-Web protections.
Equiniti Trust Company, formerly known as American Stock Transfer & Trust Company
September 19, 2024
•[ financial, phishing, finance ]
Equiniti Trust Company agrees to pay $850K after an unknown threat actor, pretending to be an employee of a U.S.-based public issuer client of American Stock Transfer, instructed the Company to issue millions of new shares, liquidate those shares, and send the proceeds to an bank in Hong Kong, leading to a loss of roughly $4.78 million.
Zenith American Solutions, Inc.
September 6, 2024
•[ phishing, data leak ]
Unauthorized access to Zenith American Solutions network discovered September 6 2024 after an employee email account was compromised via phishing; over 12,000 individuals names, dates of birth, Social Security numbers, and benefit-plan documents potentially accessed. The firm notified regulators January 2025 and publicly disclosed in June 2025. No actor attribution or ransom demand reported.
Numotion
September 2, 2024
•[ phishing, data leak ]
Email account compromises exposed customer information at numotion.
Fur Affinity
August 22, 2024
•[ hack, phishing, technology ]
Fur Affinity, a popular social networking website for the furry community, is compromised, after threat actors successfully gained control of the websites domain, redirecting users to phishing sites, crypto scams and other malicious content.
Locata
July 29, 2024
•[ social, phishing, technology ]
A cyber attack on software company Locata spreads across councils across Greater Manchester, leaving thousands of residents vulnerable to a phishing scam.
Connally Memorial Medical Center
July 29, 2024
•[ phishing, data leak ]
Unauthorized access to an employee email led to confirmation of broader file access; notice posted 27-09-2024; continued notifications.
Bloom Health Centers
June 28, 2024
•[ hack, phishing, healthcare ]
Psych Associates of Maryland LLC d/b/a Bloom Health Centers ("Bloom Health") discloses a security breach after the compromise of an employee's email.
Domestic flight in Australia
June 28, 2024
•[ hack, phishing ]
The AFP charges an Australian man (42) with operating a fake Wi-Fi access point on a domestic flight to steal user credentials and data.
The Ambulatory Surgery Center of Westchester
June 26, 2024
•[ social, phishing, healthcare ]
The Mount Kisco Surgery Center LLC d/b/a The Ambulatory Surgery Center of Westchester ("ASCW") discloses a security breach after the compromise of an employee's email.
