May 15, 2026

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

One of the largest cybersecurity incidents to impact the education sector came to light in May 2026 after learning platform Canvas LMS confirmed that it had suffered a significant data breach. According to Instructure, the company behind Canvas, unauthorized access to its systems occurred on April 25. The intrusion was detected several days later, and the company publicly disclosed the […]
May 1, 2026

Two Cybersecurity Professionals Get 4-Year Sentences in BlackCat Ransomware Attacks

In a case that has shocked the cybersecurity community, two former cybersecurity professionals have been sentenced to four years in federal prison after helping the notorious ALPHV/BlackCat ransomware group carry out cyber extortion attacks.Ryan Goldberg, an incident response manager at Sygnia, and Kevin Martin, a ransomware negotiator at DigitalMint, used their industry knowledge to assist cybercriminals rather than protect organizations […]
March 10, 2026

APT28 (FancyBear) OPSEC Failure Exposes Espionage Pipeline

In an unusual turn of events, a cyber espionage campaign linked to Russia’s notorious hacking group FancyBear (also known as APT28) was exposed because of a simple security mistake made by the attackers themselves.Researchers at Hunt.io discovered that the group had left one of its servers publicly accessible on the internet for more than 500 days. The exposed server contained […]
February 12, 2026

Japan Airlines Hit by Unauthorized Access – 28,000 Passengers’ Data at Risk

Japan Airlines (JAL), one of Asia’s most respected airlines, disclosed a cybersecurity incident in February 2026 involving its Same-Day Baggage Delivery Service reservation platform. While the breach did not affect flight operations or core booking systems, it exposed personal information belonging to customers who had used the service over the past 18 months.The issue first came to light on the […]
January 30, 2026

Cl0p Mass Exploiting Zero-day Vulnerability in Oracle E-Business Suite

One of the biggest cybersecurity stories affecting organizations in January 2026 was the ongoing Oracle E-Business Suite (EBS) breach linked to the Cl0p ransomware group. The attackers took advantage of a critical security vulnerability in Oracle’s BI Publisher Integration component, allowing them to gain unauthorized access to vulnerable systems and potentially execute malicious code remotely.According to security researchers, the vulnerability […]
January 7, 2026

Dire Wolf Ransomware Attack Hits Malaysian Energy Firm

Malaysian energy services company Perdana Petroleum Berhad became the latest victim of a major ransomware attack after the Dire Wolf ransomware group claimed responsibility for breaching the organization’s network.According to reports, the attackers used a double-extortion strategy, a tactic that has become increasingly common among modern ransomware groups. In addition to encrypting company systems and disrupting business operations, the group […]
December 25, 2025

Kuaishou Cyberattack Disrupts Livestreaming, Triggers Sharp Stock Decline

Chinese short-video and livestreaming platform Kuaishou, a leading competitor to TikTok, experienced a highly coordinated cyberattack on December 22, 2025, around 10 p.m. local time, which significantly disrupted its core livestreaming operations. Organized criminal groups, often referred to as “black and grey industries,” used nearly 17,000 automated bots and AI-driven tools to overwhelm the platform. These bots flooded popular live […]
December 20, 2025

Cisco Email Security Products Under Active Attack

Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances are currently being actively exploited by a China-linked advanced persistent threat (APT) group tracked as UAT-9686, with known associations to APT41 and UNC5174. Cisco’s Product Security Incident Response Team (PSIRT) identified the activity during a Technical Assistance Center (TAC) support investigation, with evidence indicating the campaign had […]
November 10, 2025

Critical vulnerability found in 7-Zip archiving tool

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-11001 (CVSS 7.0), was disclosed in the popular open-source 7-Zip archiving tool, affecting all versions before 25.00 released in July 2025. The flaw stems from improper handling of symbolic links in ZIP archives, enabling attackers to craft malicious files that allow directory traversal outside the intended extraction folder. When a user […]
1234567891011121314151617181920212223242526272829303132333435
Next page

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.