Cyberattacks


  • Crypto regulation
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    Hack could cost Coinbase up to $400M: filing

    The crypto exchange is offering a $20 million reward for information leading to the hackers’ arrest. Coinbase terminated customer support agents who leaked customer data.

    By Gabrielle Saulsbery • May 16, 2025
  • A legal technology concept
    Image attribution tooltip
    Dmitry Nogaev via Getty Images
    Image attribution tooltip

    Tennessee’s largest school district sues PowerSchool over data breach

    Memphis-Shelby County Schools’ federal lawsuit against the ed tech giant is among the latest that have been filed by over 100 other districts nationwide.

    By Anna Merod • May 16, 2025
  • Harrods is one of three UK-based retail companies responding to a spree of attacks beginning in April 2025.
    Image attribution tooltip
    Hollie Adams via Getty Images
    Image attribution tooltip

    Researchers warn threat actors in UK retail attacks are targeting US sector

    Google Threat Intelligence researchers say the hackers behind intrusions at multiple British retailers are launching similar social engineering attacks against American companies. 

    By May 15, 2025
  • nucor-eaf
    Image attribution tooltip
    Courtesy of Nucor
    Image attribution tooltip

    Steelmaker Nucor discloses cyberattack on IT network

    The company halted production at various locations and took potentially affected systems offline.

    By May 14, 2025
  • A Co-op supermarket worker loads a Starship delivery robot with groceries during a visit from the Labour Leader Keir Starmer on July 23, 2020 in Milton Keynes, England.Co-op is restoring systems in May 2025 after a major cyberattack led to major disruptions at the UK food retailer.
    Image attribution tooltip
    Darren Staples via Getty Images
    Image attribution tooltip

    UK retailer Co-op restoring systems following major cyberattack

    The company is carefully ramping up systems and is boosting deliveries to its 2,300 food stores after stock issues.

    By May 14, 2025
  • A general view of the exterior of the branch of retailer Marks and Spencer at Westfield White City on October 20, 2020 in London, England. Marks & Spencer said customer data was accessed in an April 2025 cyberattack.
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    M&S says hackers gained access to customer data in April cyberattack

    The UK retailer said the payment data was masked and therefore not usable.

    By May 13, 2025
  • The St. Louis cityscape of buildings, bridges and Gateway Arch are shown from afar.
    Image attribution tooltip
    Art Wager via Getty Images
    Image attribution tooltip

    Lee Enterprises spent $2M for ransomware recovery

    The newspaper chain said the attack will have lingering impacts on its balance sheet, and its lender waived certain payments.

    By May 12, 2025
  • exclamation point depicted hovering above network infrastructure
    Image attribution tooltip
    Just_Super/Getty Images via Getty Images
    Image attribution tooltip

    Ransomware claims dipped slightly in 2024, cyber insurer says

    A major cyber insurer’s annual report lays out how hackers are trying to steal money and how its policyholders responded.

    By May 7, 2025
  • A picture of Masimo's headquarters building.
    Image attribution tooltip
    Mario Tama / Staff via Getty Images
    Image attribution tooltip

    Masimo says cyberattack has impacted its ability to fulfill orders

    The maker of patient monitoring devices does not currently expect to change its earnings guidance.

    By May 7, 2025
  • Harrods is one of three UK-based retail companies responding to a spree of attacks beginning in April 2025.
    Image attribution tooltip
    Hollie Adams via Getty Images
    Image attribution tooltip

    UK authorities warn of retail-sector risks following cyberattack spree

    Three major retail brands, including Harrods and M&S, have been targeted in recent weeks.

    By May 5, 2025
  • chief legal officer serving as corporate secretary
    Image attribution tooltip
    rorodenkoff via Getty Images
    Image attribution tooltip

    Operational impacts top list of vendor risk worries, study finds

    The report comes as years of supply chain cyberattacks shine a spotlight on third-party risks.

    By May 1, 2025
  • A text bubble labeled "AI" alludes to an image of ChatGPT.
    Image attribution tooltip
    Stock Photo via Getty Images
    Image attribution tooltip

    AI-fueled cybercrime may outpace traditional defenses, Check Point warns

    The security firm said in a new report that defenders should begin using AI to counter cyber criminals’ adoption of the technology.

    By April 30, 2025
  • SAP logo displayed on a building in Walldorf, Germany on July 29, 2024.
    Image attribution tooltip
    Victor Golmer via Getty Images
    Image attribution tooltip

    Critical vulnerability in SAP NetWeaver Visual Composer leads to confirmed compromises

    Thousands are exposed and potentially vulnerable as researchers warn of widespread exploitation.   

    By Updated April 30, 2025
  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    FBI seeks public tips about Salt Typhoon

    The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

    By April 28, 2025
  • The FBI seal
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Image attribution tooltip

    BEC scams, investment fraud accounted for biggest cybercrime losses in 2024

    Americans lost $16.6 billion to cyber fraud last year, according to an FBI report, with phishing, spoofing and extortion topping the list of complaints.

    By April 23, 2025
  • A 2018 photo of the Wisconsin state capitol building. The state was among a number of states impacted by a 2025 data breach at Conduent, a payments technology vendor.
    Image attribution tooltip
    Andy Manis via Getty Images
    Image attribution tooltip

    Conduent warns January breach impacted a ‘significant’ number of people

    The company incurred a material amount of nonrecurring expenses during Q1 related to potential notification requirements.

    By April 22, 2025
  • Close up of a machine with several tubes, some of which are red.
    Image attribution tooltip
    saengsuriya13 via Getty Images
    Image attribution tooltip

    DaVita hit by ransomware attack

    The kidney dialysis firm doesn’t have an estimate for how long disruption from the attack will last, though it stressed patients are still receiving care.

    By Emily Olsen • April 15, 2025
  • words zero day highlighted in code
    Image attribution tooltip
    JUN LI via Getty Images
    Image attribution tooltip

    Attackers exploit zero-day flaw in Gladinet CentreStack file-sharing platform

    Critical vulnerability affects both CentreStack and Gladinet’s on-premises file-sharing server, Triofox.

    By April 15, 2025
  • Rendered image depicting global networks.
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    Over 14K Fortinet devices compromised via new attack method

    Fortinet warned last week that a threat actor was using a novel post-exploitation trick to maintain access to devices after they were patched.

    By April 14, 2025
  • The red lock and its structure explode in a digital computer setting.
    Image attribution tooltip
    TU IS via Getty Images
    Image attribution tooltip

    Fortinet warns of threat activity against older vulnerabilities

    Researchers discovered a technique that allows threat actors to maintain read-only access to vulnerable FortiGate devices after they are patched.

    By April 11, 2025
  • Microsoft AI antitrust concerns
    Image attribution tooltip
    jeenah Moon via Getty Images
    Image attribution tooltip

    Windows CLFS zero-day exploited in ransomware attacks

    A threat actor tracked as Storm-2460 has used PipeMagic malware to facilitate the attacks.

    By April 9, 2025
  • Photograph depicts a security scanner extracting virus from a string of binary code.
    Image attribution tooltip
    Hailshadow via Getty Images
    Image attribution tooltip

    Over 5K Ivanti VPNs vulnerable to critical bug under attack

    China-linked threat actors last month began exploiting CVE-2025-22457, a critical stack buffer-overflow flaw.

    By April 8, 2025
  • A sign reads Cisco in bright red letters outside a corporate office.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Cisco confirms cyberattacks on Smart Licensing Utility flaw

    CISA earlier this week added CVE-2024-20439, a static credential vulnerability in the license management app, to its known exploited vulnerabilities catalog.

    By April 3, 2025
  • 23andMe
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    FTC chief flags data privacy concerns in 23andMe bankruptcy

    The company filed for bankruptcy after financial challenges over the past few years and a massive data breach in 2023.

    By Alexei Alexis • April 2, 2025
  • Creative image depicting a ransomware attack.
    Image attribution tooltip
    bin kontan / Getty Images via Getty Images
    Image attribution tooltip

    Ransomware gangs increasingly brandish EDR bypass tools

    Custom tool developed by RansomHub, dubbed “EDRKillShifter,” is used by several other rival ransomware gangs.

    By March 27, 2025