May 15, 2026

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

One of the largest cybersecurity incidents to impact the education sector came to light in May 2026 after learning platform Canvas LMS confirmed that it had suffered a significant data breach. According to Instructure, the company behind Canvas, unauthorized access to its systems occurred on April 25. The intrusion was detected several days later, and the company publicly disclosed the […]
May 1, 2026

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

In a case that has shocked the cybersecurity community, two former cybersecurity professionals have been sentenced to four years in federal prison after helping the notorious ALPHV/BlackCat ransomware group carry out cyber extortion attacks.Ryan Goldberg, an incident response manager at Sygnia, and Kevin Martin, a ransomware negotiator at DigitalMint, used their industry knowledge to assist cybercriminals rather than protect organizations […]
January 30, 2026

Cl0p Mass Exploiting Zero-day Vulnerability in Oracle E-Business Suite

One of the biggest cybersecurity stories affecting organizations in January 2026 was the ongoing Oracle E-Business Suite (EBS) breach linked to the Cl0p ransomware group. The attackers took advantage of a critical security vulnerability in Oracle’s BI Publisher Integration component, allowing them to gain unauthorized access to vulnerable systems and potentially execute malicious code remotely.According to security researchers, the vulnerability […]
January 7, 2026

Dire Wolf Ransomware Attack Hits Malaysian Energy Firm

Malaysian energy services company Perdana Petroleum Berhad became the latest victim of a major ransomware attack after the Dire Wolf ransomware group claimed responsibility for breaching the organization’s network.According to reports, the attackers used a double-extortion strategy, a tactic that has become increasingly common among modern ransomware groups. In addition to encrypting company systems and disrupting business operations, the group […]
December 25, 2025

Kuaishou Cyberattack Disrupts Livestreaming, Triggers Sharp Stock Decline

Chinese short-video and livestreaming platform Kuaishou, a leading competitor to TikTok, experienced a highly coordinated cyberattack on December 22, 2025, around 10 p.m. local time, which significantly disrupted its core livestreaming operations. Organized criminal groups, often referred to as “black and grey industries,” used nearly 17,000 automated bots and AI-driven tools to overwhelm the platform. These bots flooded popular live […]
December 17, 2025

PDVSA Cyberattack Disrupts Administrative Systems, Oil Cargo Deliveries Suspended

Venezuela’s state-owned oil company, Petróleos de Venezuela S.A. (PDVSA), faced a major ransomware cyberattack detected days before December 15, 2025, severely disrupting its centralized administrative systems. Although PDVSA publicly insisted that oil production, refining, and domestic fuel distribution remained operational thanks to isolated security protocols the incident halted all oil cargo deliveries, stranding millions of barrels on tankers bound for […]
November 10, 2025

Critical vulnerability found in 7-Zip archiving tool

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-11001 (CVSS 7.0), was disclosed in the popular open-source 7-Zip archiving tool, affecting all versions before 25.00 released in July 2025. The flaw stems from improper handling of symbolic links in ZIP archives, enabling attackers to craft malicious files that allow directory traversal outside the intended extraction folder. When a user […]
November 9, 2025

Chinese Hackers Used Anthropic’s AI to Automate Cyberattacks

Anthropic, the developer of the Claude AI model, disclosed in mid-November 2025 that it disrupted the first documented large scale cyber-espionage campaign orchestrated primarily by artificial intelligence, attributed with high confidence to a Chinese state sponsored hacking group. Detected in mid-September 2025, the operation dubbed GTG-1002 involved hackers manipulating Anthropic’s Claude Code tool to automate intrusions against approximately 30 high-value […]
October 16, 2025

US Air Force warns of SharePoint data breach

The U.S. Air Force publicly acknowledged a significant data breach involving Microsoft SharePoint, which potentially exposed sensitive personal and health information of service members. According to an official notification circulated by the Air Force Personnel Center, the breach stemmed from misconfigured SharePoint permissions, resulting in the unauthorized access to Personally Identifiable Information (PII) and Protected Health Information (PHI). To mitigate […]
123456789101112131415161718192021222324252627282930313233343536
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.