September 6, 2025

Qilin Ransomware Strikes Osaki Medical in Japan

The ransomware group Qilin carried out a major cyberattack targeting Osaki Medical Co., Ltd., a prominent Japanese company established in 1936, specializing in medical supplies, sanitary products, cosmetics, and healthcare and nursing equipment. The attack commenced with Qilin issuing official warnings, urging the organization to establish immediate contact. The group further warned that non-compliance could lead to the theft and […]
August 30, 2025

Nigerian Government Ministry Breaches

Nigeria continued to face a challenging cybersecurity landscape, marked by persistent threats to both public institutions and private organizations. While no confirmed breaches of government ministries were publicly reported during this period, multiple sources highlighted the country’s ongoing vulnerability to cyberattacks, including phishing campaigns, malware, and botnet activity. According to Kaspersky, Nigerian users encountered nearly 6.5 million cyber threats in […]
August 2, 2025

Google’s Salesforce CRM Breach by ShinyHunters

Google disclosed that its Salesforce CRM environment had been compromised by the cybercriminal group ShinyHunters, exposing customer contact data from its small- and medium-sized business clients. The breach, which occurred in June 2025 but was revealed publicly in August, was executed through social engineering tactics, particularly voice phishing (vishing). Attackers impersonated trusted personnel to trick an employee into granting access, […]
July 25, 2025

Akira Group Attacks U.S. Defense Contractor

The Akira ransomware group carried out a significant cyberattack against a U.S. defense contractor, highlighting the growing risks to organizations involved in national security and defense. The attackers claimed to have stolen a substantial collection of sensitive data, including corporate records, contracts, nondisclosure agreements, and nearly 200 identification documents such as passports and driver’s licenses.The incident was linked to the […]
July 22, 2025

Dell demonstration platform breached by World Leaks extortion group

Dell Technologies disclosed that its Customer Solution Centers demonstration platform had been compromised by the cyber-extortion group known as World Leaks, formerly Hunters International. The platform in question is used exclusively for showcasing Dell products, running proofs of concept, and testing configurations for prospective clients. Dell emphasized that this environment is fully segmented from internal networks, production systems, partner environments, […]
July 17, 2025

BigONE Cryptocurrency Exchange Hot Wallet Exploit

Seychelles-based cryptocurrency exchange BigONE suffered a significant hot-wallet exploit resulting in losses estimated at $27 million across multiple blockchains, including Bitcoin, Ethereum, BNB Chain, Solana, and TRON. The exchange confirmed the incident on 16 July, reporting that abnormal withdrawals had been detected and that hot-wallet operations were immediately suspended. Importantly, BigONE emphasized that its cold storage reserves remained secure and […]
July 10, 2025

Qilin Ransomware Dominates the Month

The Qilin ransomware group emerged as the most dominant player in the global ransomware landscape, consolidating its position as a formidable cyber extortion actor. The group was responsible for approximately 73 confirmed victims, accounting for nearly 17% of the 423 ransomware disclosures tracked worldwide during the month. This marks the third time in four months that Qilin has led in […]
June 18, 2025

Lee Enterprises says cybersecurity incident cost millions

Lee Enterprises, a major U.S. regional newspaper publisher, continued to grapple with the aftermath of a ransomware attack attributed to the Qilin gang that disrupted operations across more than 75 newspapers and exfiltrated nearly 350 GB of sensitive data. The breach compromised information of about 39,779 individuals, including names, Social Security numbers, driver’s license details, financial and medical records, and […]
June 17, 2025

Supply Chain Attack on NPM Packages

In June 2025, a significant supply chain attack on the NPM ecosystem was uncovered, primarily affecting multiple React-Native Aria packages that had been tampered with to distribute a Remote Access Trojan (RAT). The malicious code was embedded in seemingly routine updates, beginning with @react-native-aria/focus version 0.2.10 and quickly spreading across related packages, many of which collectively record hundreds of thousands […]