HIGH

Mass database extortion causes significant damage despite low payment rates

SC Media • May 27, 2026

MEDIUM

WantToCry ransomware remotely encrypts files

Sophos News • May 19, 2026

MEDIUM

CrowdStrike, Google Take Down Glassworm Botnet

Infosecurity Magazine • May 27, 2026

HIGH

‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems

SecurityWeek • May 27, 2026

HIGH

When ransomware shutters the ER, cyber resilience can help teams mitigate the damage

SC Media • May 26, 2026

HIGH

Megalodon chums the waters in 5.5K+ GitHub repo poisonings

The Register Security • May 22, 2026

HIGH

Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem

The Hacker News • May 20, 2026

HIGH

FBI warns students and staff that ShinyHunters may come knocking after Canvas breach

Graham Cluley • May 20, 2026

HIGH

The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised

Snyk • May 19, 2026

HIGH

GitHub Actions workflow compromised to steal CI/CD credentials

SC Media • May 19, 2026

MEDIUM

Spotify outage caused by DDoS attack claimed by hacking group

SC Media • May 18, 2026

HIGH

First Shai-Hulud Worm Clones Emerge

SecurityWeek • May 18, 2026

MEDIUM

American Lending Center data breach impacts over 123,000 individuals

SC Media • May 15, 2026

HIGH

Major tech manufacturer Foxconn confirms cyberattack hit North American factories

CyberScoop • May 14, 2026

HIGH

West Pharmaceutical says hackers stole data, encrypted systems

BleepingComputer • May 13, 2026

HIGH

RubyGems pauses new account sign-ups amid major malicious attack

SC Media • May 13, 2026

HIGH

West Pharmaceutical Services hit by ransomware attack

SC Media • May 13, 2026

HIGH

Foxconn confirms cyberattack claimed by Nitrogen ransomware gang

BleepingComputer • May 13, 2026

HIGH

Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files

The Register Security • May 12, 2026

MEDIUM

Defending consumer web properties against modern DDoS attacks

Microsoft Security Blog • May 12, 2026

HIGH

West Pharmaceutical Services Hit by Disruptive Ransomware Attack

SecurityWeek • May 12, 2026

CRITICAL

Cache-poisoning caper turns TanStack npm packages toxic

The Register Security • May 12, 2026

HIGH

TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack

SecurityWeek • May 12, 2026

MEDIUM

Stolen Canvas data was “returned” after hacker agreement, Instructure says

Malwarebytes Labs • May 12, 2026

HIGH

JDownloader website compromised to distribute malicious installers

SC Media • May 11, 2026

MEDIUM

New GhostLock tool abuses Windows API to block file access

BleepingComputer • May 11, 2026

HIGH

Official CheckMarx Jenkins package compromised with infostealer

BleepingComputer • May 11, 2026

MEDIUM

Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged

The Register Security • May 11, 2026

MEDIUM

Former govt contractor convicted for wiping dozens of federal databases

BleepingComputer • May 08, 2026

CRITICAL

The Canvas Hack Is a New Kind of Ransomware Debacle

Wired Security • May 08, 2026

CRITICAL

Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940)

Help Net Security • May 04, 2026

CRITICAL

Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks

BleepingComputer • May 02, 2026

HIGH

Supply chain attack against SAP npm packages facilitates credential theft

SC Media • May 01, 2026

HIGH

Illicit AI-assisted commit-linked npm dependency compromises crypto wallets

SC Media • May 01, 2026

HIGH

Two US Security Experts Sentenced to Prison for Helping Ransomware Gang

SecurityWeek • May 01, 2026

HIGH

Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks

Infosecurity Magazine • May 01, 2026

HIGH

The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables

Trend Micro Research • Apr 20, 2026

HIGH

US ransomware negotiators get 4 years in prison over BlackCat attacks

BleepingComputer • May 01, 2026

HIGH

Former incident responders sentenced to 4 years in prison for committing ransomware attacks

CyberScoop • Apr 30, 2026

HIGH

TeamPCP-linked VECT 2.0 ransomware unintentionally destroys files larger than 128 KB

SC Media • Apr 29, 2026

HIGH

Broken VECT 2.0 ransomware acts as a data wiper for large files

BleepingComputer • Apr 28, 2026

HIGH

Don't pay Vect a ransom - your data's likely already wiped out

The Register Security • Apr 28, 2026

CRITICAL

VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi

The Hacker News • Apr 28, 2026

CRITICAL

VECT: Ransomware by design, Wiper by accident

Check Point Research • Apr 28, 2026

CRITICAL

Cisco ASA and FTD Firewall RCE

FortiGuard Outbreak Alerts • Apr 27, 2026

HIGH

ShinyHunters Claims Sale of Anthropic Claude Mythos AI Model Data and Internal Documents

Reddit r/netsec • Apr 24, 2026

HIGH

Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet

Wired Security • Apr 23, 2026

MEDIUM

In a first, a ransomware family is confirmed to be quantum-safe

Ars Technica Security • Apr 23, 2026

HIGH

Bitwarden CLI npm package compromised to steal developer credentials

BleepingComputer • Apr 23, 2026

HIGH

Kyber ransomware targets Windows and ESXi with post-quantum encryption claims

SC Media • Apr 23, 2026

HIGH

Checkmarx Docker Hub repository compromised with malicious images

SC Media • Apr 23, 2026

HIGH

New npm supply-chain attack self-spreads to steal auth tokens

BleepingComputer • Apr 22, 2026

HIGH

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

SecurityWeek • Apr 22, 2026

CRITICAL

Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack

The Hacker News • Apr 22, 2026

HIGH

Former DigitalMint ransomware negotiator pleads guilty to extortion scheme

CyberScoop • Apr 21, 2026

HIGH

New Lotus data wiper used against Venezuelan energy, utility firms

BleepingComputer • Apr 21, 2026

CRITICAL

Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk

Dark Reading • Apr 21, 2026

MEDIUM

Mastodon hit by DDoS attack, disrupting flagship server

SC Media • Apr 21, 2026

CRITICAL

Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023

The Hacker News • Apr 21, 2026

HIGH

Third US Security Expert Admits Helping Ransomware Gang

SecurityWeek • Apr 21, 2026

HIGH

The Gentlemen Ransomware Expands With Rapid Affiliate Growth

Infosecurity Magazine • Apr 21, 2026

CRITICAL

Uptick in Bomgar RMM Exploitation

Huntress • Apr 17, 2026

HIGH

Prompt injection turned Google’s Antigravity file search into RCE

CSO Online • Apr 21, 2026

MEDIUM

Bluesky Disrupted by Sophisticated DDoS Attack

SecurityWeek • Apr 20, 2026

HIGH

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

SecurityWeek • Apr 20, 2026

HIGH

The Gentlemen ransomware now uses SystemBC for bot-powered attacks

BleepingComputer • Apr 20, 2026

CRITICAL

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

The Hacker News • Apr 17, 2026

HIGH

ZionSiphon malware designed to sabotage water treatment systems

BleepingComputer • Apr 16, 2026

HIGH

Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack

Infosecurity Magazine • Apr 16, 2026

HIGH

Automotive Ransomware Attacks Double in a Year

Infosecurity Magazine • Apr 16, 2026

HIGH

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

SecurityWeek • Apr 15, 2026

MEDIUM

Automotive data biz Autovista blames ransomware for service disruption

The Register Security • Apr 15, 2026

INFO

Axios npm Package Compromised

Fortinet PSIRT • Apr 14, 2026

CRITICAL

Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum

The Register Security • Apr 13, 2026

HIGH

Medusa Ransomware Attack

FortiGuard Threat Signal • Apr 10, 2026

CRITICAL

Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes

CSO Online • Apr 10, 2026

HIGH

Healthcare IT solutions provider ChipSoft hit by ransomware attack

BleepingComputer • Apr 09, 2026

HIGH

Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long

SecurityWeek • Apr 09, 2026

HIGH

Iran-linked hackers disrupt operations at US critical infrastructure sites

Ars Technica Security • Apr 08, 2026

HIGH

Dutch healthcare software vendor goes dark after ransomware attack

The Register Security • Apr 08, 2026

CRITICAL

N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust

The Hacker News • Apr 08, 2026

CRITICAL

Iran-Linked Hackers Disrupt US Critical Infrastructure via PLC Attacks

SecurityWeek • Apr 08, 2026

HIGH

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Wired Security • Apr 07, 2026

CRITICAL

Critical Flowise Vulnerability in Attacker Crosshairs

SecurityWeek • Apr 07, 2026

CRITICAL

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

The Hacker News • Apr 07, 2026

CRITICAL

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

The Hacker News • Apr 06, 2026

HIGH

Axios NPM supply chain incident

Cisco Talos • Apr 03, 2026

HIGH

Die Linke German political party confirms data stolen by Qilin ransomware

BleepingComputer • Apr 03, 2026

HIGH

Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting

Dark Reading • Apr 03, 2026

HIGH

Evolution of Ransomware: Multi-Extortion Ransomware Attacks

BleepingComputer • Apr 03, 2026

HIGH

Man admits to locking thousands of Windows devices in extortion plot

BleepingComputer • Apr 03, 2026

HIGH

Weaponizing the Protectors: TeamPCP’s Multi-Stage Supply Chain Attack on Security Infrastructure

Unit 42 • Mar 31, 2026

CRITICAL

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

CSO Online • Mar 31, 2026

HIGH

Attack on axios software developer tool threatens widespread compromises

CyberScoop • Mar 31, 2026

MEDIUM

Iran Deploys 'Pseudo-Ransomware,' Revives Pay2Key Operations

Dark Reading • Mar 31, 2026

HIGH

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

SecurityWeek • Mar 31, 2026

HIGH

Axios supply chain attack chops away at npm trust

Malwarebytes Labs • Mar 31, 2026

HIGH

Elastic releases detections for the Axios supply chain compromise

Elastic Security Labs • Mar 31, 2026

CRITICAL

HUGE supply chain attack

John Hammond • Mar 31, 2026

HIGH

Fahndung nach Cyberkriminellen – 130 Firmen attackiert

CSO Online • Mar 31, 2026