February 28, 2026

Iranian Prayer App Turned Into a Cyber Weapon During Airstrikes

Millions of people across Iran experienced an unusual and alarming situation on the morning of February 28, 2026, as military strikes and a major cyber incident unfolded at the same time.The incident involved BadeSaba Calendar, one of Iran’s most widely used prayer and religious applications, with more than five million downloads. Instead of delivering its normal prayer reminders and religious […]
February 12, 2026

Japan Airlines Hit by Unauthorized Access – 28,000 Passengers’ Data at Risk

Japan Airlines (JAL), one of Asia’s most respected airlines, disclosed a cybersecurity incident in February 2026 involving its Same-Day Baggage Delivery Service reservation platform. While the breach did not affect flight operations or core booking systems, it exposed personal information belonging to customers who had used the service over the past 18 months.The issue first came to light on the […]
February 2, 2026

NYC Health + Hospitals Data Breach: 1.8 Million Records Compromised in One of 2026’s Worst Healthcare Cyberattacks

New York City Health + Hospitals (NYCHHC), the largest public healthcare network in the United States, has disclosed a major data breach that affected approximately 1.8 million patients and employees. The incident is now being viewed as one of the most significant healthcare cyberattacks reported in 2026.According to the organization’s investigation, the attackers first gained access to the network around […]
January 30, 2026

Cl0p Mass Exploiting Zero-day Vulnerability in Oracle E-Business Suite

One of the biggest cybersecurity stories affecting organizations in January 2026 was the ongoing Oracle E-Business Suite (EBS) breach linked to the Cl0p ransomware group. The attackers took advantage of a critical security vulnerability in Oracle’s BI Publisher Integration component, allowing them to gain unauthorized access to vulnerable systems and potentially execute malicious code remotely.According to security researchers, the vulnerability […]
January 29, 2026

January’s biggest data breaches exposed

January 2026 started with two major cybersecurity concerns that quickly gained attention across the security community. One involved a large-scale data breach affecting Match Group, while the other centered on a critical vulnerability discovered in the SmarterMail email platform.On January 28, the threat actor group known as ShinyHunters claimed responsibility for a breach involving Match Group services, including Hinge, Match.com, […]
January 22, 2026

Nike Hit by Major Cyberattack, 1.4TB of Internal Data Leaked

Nike has become the latest global brand to face a significant cybersecurity incident after a hacking group known as WorldLeaks claimed responsibility for stealing and publishing a massive amount of the company’s internal data.The group first added Nike to its dark web leak site on January 22, giving the company a deadline to respond to ransom demands. When no payment […]
December 25, 2025

Kuaishou Cyberattack Disrupts Livestreaming, Triggers Sharp Stock Decline

Chinese short-video and livestreaming platform Kuaishou, a leading competitor to TikTok, experienced a highly coordinated cyberattack on December 22, 2025, around 10 p.m. local time, which significantly disrupted its core livestreaming operations. Organized criminal groups, often referred to as “black and grey industries,” used nearly 17,000 automated bots and AI-driven tools to overwhelm the platform. These bots flooded popular live […]
December 17, 2025

PDVSA Cyberattack Disrupts Administrative Systems, Oil Cargo Deliveries Suspended

Venezuela’s state-owned oil company, Petróleos de Venezuela S.A. (PDVSA), faced a major ransomware cyberattack detected days before December 15, 2025, severely disrupting its centralized administrative systems. Although PDVSA publicly insisted that oil production, refining, and domestic fuel distribution remained operational thanks to isolated security protocols the incident halted all oil cargo deliveries, stranding millions of barrels on tankers bound for […]
December 11, 2025

Google Fixes GeminiJack Zero-Click Flaw in Gemini Enterprise

Google has fixed a critical zero-click vulnerability, named “GeminiJack,” affecting its Gemini Enterprise AI tools and Vertex AI Search, which could allow silent exfiltration of sensitive corporate data. The issue was discovered in June 2025 by Noma Security researchers and responsibly disclosed to Google. The vulnerability abused Retrieval-Augmented Generation (RAG) behavior, enabling attackers to inject malicious instructions into seemingly harmless […]