Nikki‑Universal Co. Ltd
January 1, 2025
•[ ransomware, malware, manufacturing ]
Nikki-Universal Co. Ltd., produsen kimia asal Jepang jadi korban serangan ransomware pada Desember 2024. Data dicuri, server tak berfungsi
Private individuals (elderly victims in Encino, California)
January 1, 2025
•[ malware, phishing, ransomware ]
Malware infection launched by phishing email locked elderly victims computer, prompting payment of 25,000 USD to scammers; suspect Tai Su was arrested when he arrived to collect another 35,000 USD and later sentenced to 10 months in federal prison.
Jamnagar cyber-fraud case (farmers targeted)
January 1, 2025
•[ fraud, malware ]
Two men arrested by Jamnagar cybercrime police for siphoning 6.4 lakh INR through a fraudulent mobile app scam targeting farmers phones in Gujarat
Fondo Genesis (MetLife)
December 31, 2024
•[ ransomware, malware, finance ]
The ransomware group RansomHub claims responsibility for a breach of MetLife's operations in Latin America. MetLife denies the allegations, acknowledging a separate cyber incident involving Fondo Genesis, a subsidiary operating solely in Ecuador. Claims to have exfiltrated 1TB of data.
Fraunhofer Institute for Industrial Engineering IAO
December 27, 2024
•[ ransomware, malware, technology ]
On December 27, 2024, Fraunhofer IAO in Stuttgart suffered a ransomware attack that encrypted and disrupted internal systems. The institute reported the incident to the Bavarian Data Protection Authority and law enforcement within statutory deadlines. While research data is typically anonymized, unauthorized disclosure cannot be ruled out, though no confirmed exfiltration has been identified.
CyberHaven
December 24, 2024
•[ hack, malware, technology ]
Data-loss prevention startup Cyberhaven says threat actors published a malicious update to its Chrome extension that was capable of stealing customer passwords and session tokens.
Multiple Organizations
December 19, 2024
•[ hack, malware, technology ]
The developers of Rspack reveal that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware.
Pittsburgh Regional Transit
December 19, 2024
•[ ransomware, malware ]
Pittsburgh Regional Transit (PRT) is hit with a ransomware attack.
Undisclosed Malaysian educational institution
December 19, 2024
•[ financial, malware, education ]
Researchers from Trend Micro discover a Python-Based NodeStealer version targeting Facebook Ads Manager.
Military personnel in Ukraine
December 18, 2024
•[ social, malware, government ]
The Computer Emergency Response Team of Ukraine (CERT-UA) discloses that a threat actor tracked as UAC-0125 is leveraging Cloudflare Workers to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless.
Kaiser Permanente employees
December 15, 2024
•[ social, malware, healthcare ]
Researchers at Malwarebytes detect a malicious campaign targeting Kaiser Permanente employees via Google Search Ads.
Concession Peugeot
December 15, 2024
•[ ransomware, malware, retail ]
Cicada3301 ransomware group claims responsibility for a data breach targeting Concession Peugeot (concessions.peugeot.fr), a prominent French automotive dealership linked to the Peugeot brand. The group claims to have stolen 35GB of sensitive data
Two individuals in Serbia
December 15, 2024
•[ hack, malware ]
A Serbian journalist and an activist have their phones hacked by local authorities using a cellphone-unlocking device made by forensic tool maker Cellebrite.
RIBridges (Rhode Island's Integrated Eligibility System)
December 13, 2024
•[ ransomware, malware, government ]
Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents' personal information after the Brain Cipher ransomware gang hacked its systems.
Thai Government Officials
December 13, 2024
•[ espionage, malware, government ]
Researchers at Netskope discover a campaign targeting Thai government officials through DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai.
Telecom Namibia
December 11, 2024
•[ ransomware, malware, technology ]
Namibia Telecom is hit with a ransomware attack by the Hunters International gang.
Mortgage Investors Group
December 11, 2024
•[ ransomware, malware, finance ]
Mortgage Investors Group (MIG), one of the largest mortgage lenders in the Southeast U.S. says it suffered a cybersecurity incident last month that exposed troves of customer information. The Black Basta ransomware group claims responsibility for the attack.
Robeson County Government
December 10, 2024
•[ ransomware, malware, government ]
Robeson County, North Carolina confirmed that a December 2024 LockBit ransomware incident encrypted county servers and exfiltrated HR and payroll data. County operations were disrupted for about three weeks before full restoration in January 2025.
Electrica Group
December 9, 2024
•[ ransomware, malware, energy ]
Electrica Group, a key player in the Romanian electricity distribution and supply market, is investigating a ransomware attack.
