May 17, 2025

Peter Green Chilled Supply Chain Attack

UK-based logistics firm Peter Green Chilled, a key distributor of chilled, frozen, and ambient foods to major supermarkets including Tesco, Sainsbury’s, M&S, Aldi, Waitrose, Co-op, Asda, and Morrisons, suffered a significant ransomware attack. The incident began on the evening of 14 May, when malicious actors encrypted the company’s systems. By 15 – 16 May, order processing was fully disrupted, though […]
May 8, 2025

Coinbase Ransomware Attack Insider Participation

Coinbase publicly disclosed that cybercriminals had orchestrated a major insider-mediated extortion attempt. These attackers had bribed overseas customer support agents to access and steal sensitive customer data—including names, addresses, phone numbers, emails, images of government-issued IDs, masked Social Security and bank account details, account balances, transaction histories, and certain internal corporate documents.Coinbase estimated that less than 1% of its monthly […]
April 15, 2025

Zero-Day Supply Chain Breach Hits Real Estate Sector

Microsoft disclosed a critical zero-day vulnerability (CVE-2025-29824) in the Windows Common Log File System (CLFS) driver. The flaw was actively exploited by a threat group known as Storm-2460, which deployed PipeMagic malware to gain elevated privileges, harvest credentials, and execute ransomware attacks. While the broader campaign mainly impacted IT and technical service providers, the real estate sector was among the […]
April 10, 2025

Supply Chain Email Breach Hits Marketing Giants

A notable supply-chain email breach impacted marketing giants through the compromise of OAuth tokens associated with Salesloft’s Drift platform. This breach propagated through integrations such as Salesforce, affecting hundreds of companies, including high-profile security enterprises like Cloudflare, Zscaler, Palo Alto Networks, SpyCloud, and Tanium. Attackers exploited the interconnected nature of modern SaaS ecosystems, leveraging downstream trust to access sensitive credentials […]
April 5, 2025

 Massive Cyber-Attack Halts Marks & Spencer Operations

Marks & Spencer experienced a massive cyberattack that completely halted its online operations, including website and app transaction processing. While customers could still browse products, all new orders were suspended as a precautionary measure stores remained open for in-person shopping.The breach, which began during the Easter weekend, also disrupted click-and-collect services, contactless payments, and other in-store functionalities. M&S relied on […]
March 25, 2025

Alarming Emergence of Fake Banking App Targeting Android Users via Telegram

Cybersecurity researchers discovered a troubling surge in cyberattacks involving a fake banking app specifically crafted to target Android users using Telegram as the primary distribution channel. The fake app was engineered to closely mimic authentic banking apps, meticulously replicating user interface elements and official logos to instill false trust among unsuspecting users. The app was disseminated through Telegram groups and […]
March 5, 2025

Oracle Cloud Breach 6 Million Records Exposed

A major breach targeted Oracle Cloud in March 2025, with the threat actor “rose87168” claiming to have stolen 6 million records containing sensitive credentials, including SSO passwords and Java KeyStore files, impacting over 140,000 tenant organizations worldwide. The attacker attempted to extort Oracle, demanding $20 million in exchange for technical information. Oracle initially denied the breach but later began notifying […]
February 10, 2025

Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack

The government of Kazakhstan announced a comprehensive audit of its Ministry of Foreign Affairs in response to a significant cybersecurity breach believed to be orchestrated by Russia-linked threat actors. The cyberattack, which reportedly targeted internal communications and sensitive diplomatic data, raised immediate concerns regarding national security and the integrity of Kazakhstan’s foreign policy apparatus.According to official statements released by the […]
February 2, 2025

Casio UK online store hacked to steal customer credit cards

Casio Computer Co., Ltd., a globally recognized manufacturer of electronic products, confirmed that its UK online store was the target of a sophisticated cyberattack aimed at stealing customer payment information. The breach, which specifically affected the e-commerce segment of Casio’s UK operations, raised serious concerns about the security of online retail platforms and the safety of consumer financial data.According to […]
Prev page
1234
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.