Turin Public Transport
December 27, 2024
•[ hack, ddos, government ]
Pro-Russia threat actors from Noname057(16) target Italian ministries, institutions, critical infrastructure websites and private organizations in coincidence with the visit of Ukrainian President Volodymyr Zelensky to Italy.
Japan Airlines
December 26, 2024
•[ hack ]
Japans flag carrier announces that it has restored its systems following a cyber incident that delayed some domestic and international flights.
Mi Argentina
December 25, 2024
•[ hack, government ]
The Mi Argentina site and the SUBE card app, two of the governments most important digital platforms, suffer a cyber attack.
ArdyssLife
December 24, 2024
•[ hack, manufacturing ]
The threat actor known as 0mid16B claims to have successfully attacked Ardyss[.]com and ArdyssLife[.]com, stealin 596 GB of data from United States ArdyssLife[.]com and Ardyss[.]com server network.
CyberHaven
December 24, 2024
•[ hack, malware, technology ]
Data-loss prevention startup Cyberhaven says threat actors published a malicious update to its Chrome extension that was capable of stealing customer passwords and session tokens.
European Space Agency
December 23, 2024
•[ hack, xss, government ]
The European Space Agency's official web shop is hacked as it started to load a piece of JavaScript code that generates a fake Stripe payment page at checkout.
Ukrainian State Registers
December 19, 2024
•[ hack, government ]
Suspected Russian threat actors from the XakNet collective launch one of the largest cyberattacks on Ukraines state services in recent months.
Multiple Organizations
December 19, 2024
•[ hack, malware, technology ]
The developers of Rspack reveal that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware.
PowerSchool
December 19, 2024
•[ hack, education ]
Education software firm PowerSchool confirms it suffered a cybersecurity incident that allowed a threat actor to steal the personal information of students and teachers from school districts using its PowerSchool SIS platform.
Sturgis Hospital
December 18, 2024
•[ hack, healthcare ]
Sturgis Hospital reported that unauthorized access was detected in part of its network in December 2024. The hospital determined that files containing personal and medical data may have been viewed or copied. No encryption or operational disruption was reported.
French Governmental and Critical Infrastructure
December 16, 2024
•[ hack, ddos, government ]
The hacktivist collective Holy League launches a DDoS campaign against French governmental and critical infrastructure.
Undisclosed Targets in Germany
December 16, 2024
•[ hack, ddos ]
The hacktivist collective Holy League launches a DDoS campaign against undisclosed targets in Germany.
Two individuals in Serbia
December 15, 2024
•[ hack, malware ]
A Serbian journalist and an activist have their phones hacked by local authorities using a cellphone-unlocking device made by forensic tool maker Cellebrite.
Microsoft/Google
December 15, 2024
•[ hack, sqlinjection, technology ]
The GhostRedirector group stealthily hijacked Windows servers using malwareRungan and Gamshento inject SEO content visible only to Googlebot, boosting gambling site rankings without user impact. Servers were targeted via SQL injection and privilege escalation exploits.
Kokomo Solutions Inc. (telehealth & reporting vendor for LAUSD)
December 11, 2024
•[ hack, education ]
An unauthorized third party accessed files on Kokomo Solutions' network on December 11, 2024. The breach potentially compromised a range of sensitive student data (PII, health info, IDs), though exact scope wasn't disclosed; notification occurred on August 5, 2025.
Peruvian University of Applied Sciences
December 9, 2024
•[ hack, education ]
The Peruvian University of Applied Sciences investigates a data breach, stating that hackers stole student data including names, emails and copies of university IDs.
BeyondTrust
December 8, 2024
•[ hack, technology ]
Privileged access management company BeyondTrust suffers a cyberattack after threat actors breached some of its Remote Support SaaS instances.
Fota Wildlife Park
December 5, 2024
•[ financial, hack, leak ]
People who purchased tickets to visit Fota Wildlife Park in Cork, Ireland, are warned to cancel their bank cards following the discovery of a cyberattack that may have exposed the data on those cards.
Express Services
December 4, 2024
•[ hack ]
Express Services experiences a data breach when an unauthorized party accessed internal user accounts.
Watsonville Community Hospital
December 4, 2024
•[ hack, healthcare ]
Watsonville Community Hospital continues operations amid ongoing investigation into a cyberattack.
