CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws

The latest confirmed cyber intrusion hit a utility billing software provider and its customers.

By Eric Geller • June 13, 2025

UNFI’s operations remain hobbled following cyberattack

The grocery company had to entirely shut down its network following the intrusion and is serving customers on only a “limited basis” as it works to recover, CEO Sandy Douglas said.

By Sam Silverstein • June 11, 2025

Marks & Spencer restores some online-order operations following cyberattack

The department store chain six weeks ago was one of the first targets in an international spree of attacks disrupting retailers.

By David Jones • June 10, 2025

Data security is a CX issue, too

A string of cyberattacks have targeted retailers like Adidas and North Face. Incidents like these can weaken customer trust and lead to lost business, experts say.

By Kristen Doerer • June 9, 2025

SentinelOne rebuffs China-linked attack — and discovers global intrusions

The security firm said the operatives who tried to breach it turned out to be responsible for cyberattacks on dozens of critical infrastructure organizations worldwide.

By Eric Geller • Updated June 9, 2025

Main distributor to Whole Foods hit by cyberattack

UNFI, a grocery retailer and wholesaler, is working to resume full operations following “unauthorized activity” involving its IT systems.

By Sam Silverstein • June 9, 2025

Hackers abuse malicious version of Salesforce tool for data theft, extortion

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials.

By David Jones • June 4, 2025

Victoria’s Secret postponing release of report earnings amid breach impact

The intrusion follows a string of attacks that appear to be the work of the cybercrime gang Scattered Spider.

By David Jones • June 3, 2025

ConnectWise warns of threat activity linked to suspected nation-state hackers

The company said suspicious activity has affected a limited number of ScreenConnect customers.

By David Jones • Updated May 30, 2025

CFOs, financial execs in crosshairs of ‘highly targeted’ spearphishing campaign

Hackers are preying on senior corporate leaders at banks, investment firms, utilities and insurance companies worldwide.

By Eric Geller • Updated May 29, 2025

Microsoft, Dutch government discover new Russian hacking group

The findings highlight the vulnerability of all critical infrastructure firms to similar attack methods.

By Eric Geller • Updated May 28, 2025

Ohio’s Kettering Health hit by cyberattack

Elective inpatient and outpatient procedures at the health system’s facilities were canceled Tuesday.

By Emily Olsen • Updated May 21, 2025

How hospitality companies can stay ahead of cyberattacks this summer

Hotels are a popular target for cyberattacks, but industry collaboration and intelligence sharing can serve as defense mechanisms.

By Pam Lindemoen • May 20, 2025

Hack could cost Coinbase up to $400M: filing

The crypto exchange is offering a $20 million reward for information leading to the hackers’ arrest. Coinbase terminated customer support agents who leaked customer data.

By Gabrielle Saulsbery • May 16, 2025

Tennessee’s largest school district sues PowerSchool over data breach

Memphis-Shelby County Schools’ federal lawsuit against the ed tech giant is among the latest that have been filed by over 100 other districts nationwide.

By Anna Merod • May 16, 2025

UK retailer Co-op restoring systems following major cyberattack

The company is carefully ramping up systems and is boosting deliveries to its 2,300 food stores after stock issues.

By David Jones • May 14, 2025

M&S says hackers gained access to customer data in April cyberattack

The UK retailer said the payment data was masked and therefore not usable.

By David Jones • May 13, 2025

PowerSchool data breach leads to school extortion attempts

A threat actor has contacted multiple school districts demanding payments related to student and staff data stolen in a December breach.

By Anna Merod • May 13, 2025

Ransomware claims dipped slightly in 2024, cyber insurer says

A major cyber insurer’s annual report lays out how hackers are trying to steal money and how its policyholders responded.

By Eric Geller • May 7, 2025

UK authorities warn of retail-sector risks following cyberattack spree

Three major retail brands, including Harrods and M&S, have been targeted in recent weeks.

By David Jones • May 5, 2025

Zero-day exploitation drops slightly from last year, Google report finds

Google’s threat intelligence team said software vendor security practices are making it harder for hackers to find flaws in some platforms.

By Eric Geller • April 29, 2025

FBI seeks public tips about Salt Typhoon

The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

By Eric Geller • April 28, 2025

BEC scams, investment fraud accounted for biggest cybercrime losses in 2024

Americans lost $16.6 billion to cyber fraud last year, according to an FBI report, with phishing, spoofing and extortion topping the list of complaints.

By Eric Geller • April 23, 2025

AI impact on data breach outcomes remains ‘limited’: Verizon

While AI-generated text in malicious emails has doubled, the rate of successful phishing breaches is stable.

By Lindsey Wilkinson • April 23, 2025

Conduent warns January breach impacted a ‘significant’ number of people

The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.

By David Jones • April 22, 2025