Les Automotive
March 17, 2025
•[ supply chain attack, malware ]
Supply-chain compromise at vendor led dealership sites to serve malicious clickfix.
Tj-Actions
March 14, 2025
•[ data leak, supply chain attack, credential exposure ]
A popular GitHub Action called tj-actions/changed-files was compromised: an attacker modified its code and version tags so that when used in CI/CD workflows it executed a script that dumped runner memory and exposed secrets (AWS keys, GitHub PATs, npm tokens, private RSA keys) in publicly accessible logs. The incident, tracked as CVE-2025-30066 (and linked to CVE-2025-30154 for a related Action), affected thousands of repositories across many organizations. Users are advised to stop using the impacted versions, rotate all credentials, and review any workflows that ran between March 1415, 2025.
The House of Dior
January 26, 2025
•[ data leak, personally identifiable information, supply chain attack ]
Dior disclosed that a database was accessed on Jan 26, 2025 exposing data that includes names, contact details, address, DOB, and in some cases passport/ID or SSN. Believed to be related to broader LVMH/ShinyHunters vendor breach cluster.
Union Health System
January 22, 2025
•[ data leak, supply chain attack ]
Union Health reported that an unknown party accessed Oracle Health/Cerners data migration environment sometime after January 22, 2025; Union Health systems werent breached but patient data held by the vendor was exposed; notifications issued in May 2025.
LG Energy Solution
January 11, 2025
•[ ransomware, data leak, supply chain attack ]
LG Energy Solution confirmed that an overseas facility was hit by a ransomware incident in November 2025, which briefly affected operations before systems were restored. The Akira ransomware group listed LG on its leak site, claiming to have stolen around 1.7 TB of data, including corporate documents and an employee database with personal information. LG stated that the incident was contained to the single facility and that production had resumed, while it continued to investigate the scope of the data theft. The case underscores the risk to global manufacturing supply chains from targeted ransomware operations.
SmartTube
January 11, 2025
•[ malware, supply chain attack, data leak ]
Reporting indicates SmartTubes build/signing environment was compromised, allowing attackers to distribute officially signed builds containing malware (notably in versions identified in coverage). The malware was described as collecting device and app telemetry including IP addresses, and the project took affected builds offline while issuing a newly signed clean version. The incident reflects a supply-chain style compromise with malicious code distributed to users, with no confirmed account credential capture in the cited reporting.
Merck Sharp & Dohme LLC
December 19, 2024
•[ data leak, supply chain attack ]
Merck stated it was informed that its data was found within files impacted by a security incident at vendor Graebel Companies, Inc. After internal review, Merck determined certain current and former employees personal information was included in the impacted data and began notifying affected individuals. Reported potentially impacted elements included names and financial account information. The underlying vendor incident involved unauthorized access to or taking of certain files from the vendors network during a defined window in December 2024, with subsequent file review and customer notifications occurring later.
Hertz Global Holdings
December 1, 2024
•[ data leak, supply chain attack, vulnerability exploit ]
Hertz confirmed that customer personal data was stolen through exploitation of zero-day vulnerabilities in its vendor Cleo Communications managed file transfer platform between October and December 2024. The company completed analysis on April 2 2025 and disclosed the breach publicly on April 10 2025. The compromised data included names, contact information, drivers license numbers, and limited payment and identification information. No encryption or operational disruption was reported.
Mutua Madrileña
September 27, 2024
•[ cyber attack, data leak, third-party breach ]
Mutua Madrilea suffers a cyber attack on its home customer base, through an external provider, which affects thousands of customers.
Korrespondent.net
June 27, 2017
•[ NotPetya, ransomware, malware ]
Threat actors deploy a tool, called NotPetya, with the purpose of encrypting data on victims' machines and rendering it unusable. The malware was spread through tax software that companies and individuals require for filing taxes in Ukraine and spread globally.'Australia, Estonia,'Denmark, Lithuania, Ukraine, the United Kingdom, and the United States issued statements attributing NotPetya to Russian state-sponsored actors.
