Matagorda County
January 24, 2025
•[ hack, malware, government ]
Matagorda County discloses a cyber attack involving a virus that has affected several internal systems.
HCF Management
January 24, 2025
•[ ransomware, malware, healthcare ]
HCF Management healthcare facilities confirm a ransomware attack from the RansomHun group, with more than 70,000 patients affected.
Hospital El Cruce
January 24, 2025
•[ ransomware, malware, healthcare ]
The Hospital El Cruce is hit with a Medusa ransomware attack.
Manpower
January 20, 2025
•[ ransomware, leak, malware ]
Manpower disclosed that a ransomware attack by RansomHub led to the theft of 500GB of files and the exposure of personal data from roughly 140000 individuals. The attackers listed Manpower on their leak site but later removed it, suggesting a ransom settlement.
Medical Associates of Brevard
January 18, 2025
•[ ransomware, malware, healthcare ]
{"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"BianLian claimed MAB in Jan 2025; MABs review (by 07/07/2025) identified affected individuals and data types; HHS breach portal lists "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"246,711"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" affected in a "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Hacking/IT Network Server"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" incident reported "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"09/05/2025"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"; no outage confirmed."}]}
Town of Ulster
January 16, 2025
•[ ransomware, malware, government ]
The Town of Ulster discloses a ransomware attack.
Apex Custom Software
January 16, 2025
•[ ransomware, malware, technology ]
Apex Custom Software is hit with a ransomware attack.
Heart Centre
January 16, 2025
•[ ransomware, malware, healthcare ]
Heart Centre in Australia is hit with a DragonForce ransomware attack.
Undisclosed Organization
January 15, 2025
•[ ransomware, malware ]
Researchers at Guidepoint Security detail an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network.
International AIDS Vaccine Initiative (IAVI)
January 15, 2025
•[ ransomware, malware, healthcare ]
The International AIDS Vaccine Initiative (IAVI) discloses a ransomware attack. The INC Ransom group claims responsibility.
Stealer Logs, Jan 2025
January 13, 2025
•[ leak, malware ]
In January 2025, stealer logs with 71M email addresses were added to HIBP. Consisting of email address, password and the website the credentials were entered against, this breach marks the launch of a new HIBP feature enabling the retrieval of the specific websites the logs were collected against. The incident also resulted in 106M more passwords being added to the Pwned Passwords service.
Teton Orthopaedics
January 12, 2025
•[ ransomware, malware, healthcare ]
Teton Orthopaedics discloses a DragonForce ransomware attack. A total of 13,409 people are affected by the incident.
SmartTube
January 11, 2025
•[ malware, supply chain attack, data leak ]
Reporting indicates SmartTubes build/signing environment was compromised, allowing attackers to distribute officially signed builds containing malware (notably in versions identified in coverage). The malware was described as collecting device and app telemetry including IP addresses, and the project took affected builds offline while issuing a newly signed clean version. The incident reflects a supply-chain style compromise with malicious code distributed to users, with no confirmed account credential capture in the cited reporting.
At least one individual in Singapore
January 11, 2025
•[ malware, extortion, data leak ]
Singapore Police warned of a malware-enabled sextortion scam in which victims were lured via social media offers of online sexual services and deceived into downloading a malicious application. Police said the malware enabled scammers to remotely access victims photo galleries and contact lists, and in some cases capture or retrieve compromising content. Attackers then threatened to send the images to the victims contacts unless payments were made. Police reported at least six cases since November 2025 with total losses of at least S$20,000.
Slovakian Geodesy, Cartography and Cadastre Office (UGKK)
January 10, 2025
•[ ransomware, malware, government ]
A cyber attack targets the Slovakian Geodesy, Cartography and Cadastre Office (UGKK), which manages land and property data. The agencys systems are shut down, and its physical offices closed following an alleged ransomware attack. According to local media reports, the attackers are demanding millions of euros in ransom.
Excelsior Orthopaedics
January 7, 2025
•[ ransomware, malware, healthcare ]
Excelsior Orthopaedics notifies approximately 357,000 people that their personal and health information was compromised in a data breach resulting from a ransomware attack that came to light in June 2024.
Laramie County Library System
January 7, 2025
•[ ransomware, malware, education ]
CHEYENNE Early Tuesday morning, the Laramie County Library System was the victim of a ransomware attack that shut down library servers and immobilized most digital services.
Green Bay Packers (Online Store)
January 6, 2025
•[ financial, hack, malware ]
The Green Bay Packers American football team notifies fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers' personal and payment information.
Kong Inc.
January 2, 2025
•[ hack, malware, technology ]
An attacker accesses Kong's DockerHub account and replaces the legitimate Kong Ingress Controller v.3.4.0 image with a malicious version containing malicious code that enabled cryptojacking.
Unnamed high-profile Ukrainian entities
January 2, 2025
•[ espionage, malware, government ]
{"richText":[{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"ESET observed coordination where "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Gamaredon tools (PteroGraphin/PteroOdd/PteroPaste)"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" deployed or restarted "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"Turlas Kazuar"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" on Ukrainian systems during "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"FebApr 2025"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":", marking the first documented collaboration between these FSB-linked groups; focus is "},{"font":{"bold":true,"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":"espionage access"},{"font":{"size":11,"color":{"theme":1},"name":"Aptos Narrow"},"text":" rather than disruption."}]}
