February 25, 2026

European Commission & Dutch Authorities Hacked via Ivanti Zero-Day Vulnerabilities

In one of the most significant cybersecurity incidents of February 2026, several high-profile European organizations confirmed that their systems had been compromised after hackers exploited previously unknown vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM).Among the affected organizations were the European Commission, the Dutch Data Protection Authority (AP), and the Dutch Council for the Judiciary. The attacks were linked to two […]
February 12, 2026

Japan Airlines Hit by Unauthorized Access – 28,000 Passengers’ Data at Risk

Japan Airlines (JAL), one of Asia’s most respected airlines, disclosed a cybersecurity incident in February 2026 involving its Same-Day Baggage Delivery Service reservation platform. While the breach did not affect flight operations or core booking systems, it exposed personal information belonging to customers who had used the service over the past 18 months.The issue first came to light on the […]
February 2, 2026

NYC Health + Hospitals Data Breach: 1.8 Million Records Compromised in One of 2026’s Worst Healthcare Cyberattacks

New York City Health + Hospitals (NYCHHC), the largest public healthcare network in the United States, has disclosed a major data breach that affected approximately 1.8 million patients and employees. The incident is now being viewed as one of the most significant healthcare cyberattacks reported in 2026.According to the organization’s investigation, the attackers first gained access to the network around […]
February 1, 2026

INTERPOL Operation Red Card 2.0: A Major Blow to African Cybercrime Networks

In one of the biggest cybercrime enforcement actions of the year, INTERPOL worked alongside law enforcement agencies from 16 African countries to launch Operation Red Card 2.0, a coordinated effort aimed at disrupting online fraud networks operating across the region.The eight-week operation, which ran from December 8, 2025, to January 30, 2026, resulted in 651 arrests and the seizure of […]
January 30, 2026

Cl0p Mass Exploiting Zero-day Vulnerability in Oracle E-Business Suite

One of the biggest cybersecurity stories affecting organizations in January 2026 was the ongoing Oracle E-Business Suite (EBS) breach linked to the Cl0p ransomware group. The attackers took advantage of a critical security vulnerability in Oracle’s BI Publisher Integration component, allowing them to gain unauthorized access to vulnerable systems and potentially execute malicious code remotely.According to security researchers, the vulnerability […]
January 29, 2026

January’s biggest data breaches exposed

January 2026 started with two major cybersecurity concerns that quickly gained attention across the security community. One involved a large-scale data breach affecting Match Group, while the other centered on a critical vulnerability discovered in the SmarterMail email platform.On January 28, the threat actor group known as ShinyHunters claimed responsibility for a breach involving Match Group services, including Hinge, Match.com, […]
January 22, 2026

Nike Hit by Major Cyberattack, 1.4TB of Internal Data Leaked

Nike has become the latest global brand to face a significant cybersecurity incident after a hacking group known as WorldLeaks claimed responsibility for stealing and publishing a massive amount of the company’s internal data.The group first added Nike to its dark web leak site on January 22, giving the company a deadline to respond to ransom demands. When no payment […]
December 20, 2025

Cisco Email Security Products Under Active Attack

Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances are currently being actively exploited by a China-linked advanced persistent threat (APT) group tracked as UAT-9686, with known associations to APT41 and UNC5174. Cisco’s Product Security Incident Response Team (PSIRT) identified the activity during a Technical Assistance Center (TAC) support investigation, with evidence indicating the campaign had […]
December 11, 2025

Google Fixes GeminiJack Zero-Click Flaw in Gemini Enterprise

Google has fixed a critical zero-click vulnerability, named “GeminiJack,” affecting its Gemini Enterprise AI tools and Vertex AI Search, which could allow silent exfiltration of sensitive corporate data. The issue was discovered in June 2025 by Noma Security researchers and responsibly disclosed to Google. The vulnerability abused Retrieval-Augmented Generation (RAG) behavior, enabling attackers to inject malicious instructions into seemingly harmless […]
Prev page
123456789101112131415161718192021222324
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.