The Gentlemen Ransomware Gang Hit
The Gentlemen ransomware gang suffered an internal breach in May 2026, exposing victim data, affiliate activity, and backend operations.
Latest Disclosures
Congress Learns of Prescription Data
Ben Smith reports: Lawmakers are only now learning that hackers breached a congressional medical contractor more than two months ago. RXNT, a healthcare software company used by the Office of the Attending Physician (OAP
CISA Admin Leaked AWS GovCloud
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts a
⚡ Weekly Recap: Exchange 0-Day,
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: t
Grafana Labs
The company, which operates a widely used observability platform, is refusing to pay an extortion demand.
Public Amazon bucket
A hotel check-in system exposed over 1 million passports, IDs, and selfies online due to a misconfigured cloud storage bucket. A security lapse in the Reqrea’s Tabiq hotel check-in system exposed over 1 million pas
ShinyHunters hack 7-Eleven: franchisee data
7-Eleven confirmed a breach after ShinyHunters claimed theft of over 600,000 Salesforce records and franchisee data. 7-Eleven has confirmed a data breach after the ShinyHunters hacking group claimed it stole more than 60
Grafana Says It Rejected Ransom
Grafana says hackers stole its source code after accessing a GitHub token, but no customer data or systems were affected.
Grafana GitHub Token Breach Led
Grafana has disclosed that an "unauthorized party" obtained a token that granted them the ability to access the company's GitHub environment and download its codebase. "Our investigation has determined that no custom
OpenAI
OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices
Welcome to BlackFile
Google’s Threat Intelligence Group writes: Google Threat Intelligence Group (GTIG) has continued to track an expansive extortion campaign by UNC6671, a threat actor operating under the “BlackFile” brand
Illuminate wins another round in
The Supreme Court of California has ruled in J.M. v. Illuminate Education, Inc., a case closely watched by those concerned about holding edtech vendors liable in the event of a data breach. As background on the case: In
Microsoft Microsoft
Microsoft Exchange Server Cross-Site Scripting Vulnerability — Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditi
Expired domain leads to supply
A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The root cause of the compromise was an expired domain name that attackers m
Inside the REMUS Infostealer: Session
Stolen browser sessions and authentication tokens are becoming more valuable than stolen passwords. Flare explains how the REMUS infostealer evolved around session theft and operational scalability. [...]
American Lending Center Data Breach
The non-bank lender discovered a ransomware attack nearly one year ago, but only recently completed its investigation. The post American Lending Center Data Breach Affects 123,000 Individuals appeared first on SecurityWe
In Other News
Other noteworthy stories that might have slipped under the radar: Nvidia cloud gaming data breach, Android 17 security upgrades, FBI warning after ShinyHunters hacks Canvas. The post In Other News: Big Tech vs Canada Enc
TanStack Supply Chain Attack Hits
OpenAI has disclosed that two of its employee devices in its corporate environment were impacted via the Mini Shai-Hulud supply chain attack on TanStack, but noted that no user data, production systems, or intellectual p
Congress Puts Heat on Instructure
The House Committee on Homeland Security sent a letter about the Canvas cyberattack, the same day that the edtech company said it reached an "agreement" with the ShinyHunters cybercriminals.
Microsoft Exchange, Windows 11 hacked
During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft Exchange, and Red Hat
UK: Hospital workers inappropriately accessed
On the Spot News reports: An investigation has revealed than nearly 50 staff at a Merseyside hospital group accessed horrific details of the condition of those attacked in Southport. The investigation has only just come
Cisco Catalyst SD-WAN
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability — Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass a
West Pharmaceutical starts restoring operations
The company confirmed data was stolen and encrypted by the attackers.
Abrigo
711,099 records exposed — Email addresses, Employers, Job titles, Names and 2 more