DataBreachToday.com

Data Defense Startup Focuses on Unstructured Data and On-Device Endpoint Protection
Backed by Paladin and Crosspoint, Seattle-based data security startup Mind aims to double its team and develop small language models that power endpoint classification. The company is carving a niche in data loss prevention by prioritizing unstructured data and actionable enforcement.

BladedFeline Hackers Spying on Kurdish Officials Since at Least 2017
An Iranian state espionage group stayed hidden for more than half-a-decade until security researchers spotted it in 2023, researchers said Thursday in a report detailing a growing arsenal of hacking tools it deployed against Kurdish and Iraqi government officials.

Hackers Impersonate IT Support Staff
A hacking collective linked to recent British retailer attacks is targeting cloud companies through or voice phishing scams for data theft from European hospitality, retail and education sectors. Hackers impersonate IT support staff.

Enterprise Browsers Provide Increased Visibility, Robust Access Control, Encryption
In a world where 85% of work happens in the browser, it is the new enterprise front door - and attackers are knocking. Amid this changing dynamic, secure browsers can step in and prevent threats from unmanaged devices and SaaS sprawl, delivering enterprise-grade security without slowing teams down.

Invest in Preparation and Training During the Calmer Times Between Attacks
Cyberattacks may make headlines, but the daily discipline of security - patching routines, threat hunting, tabletop exercises and user education campaigns - is where resilience is forged. These tasks might not feel heroic, but they build technical and human infrastructure to handle the next crisis.

While healthcare organizations often know in general what they need to do in case they're faced with a ransomware attack, the devil is in the details of how comprehensive and well-rehearsed that incident preparedness plan is for optimal response, said Rick Doten, vice president and healthplan CISO at Centene Corp.

Identity security is still one of the most underinvested areas of cybersecurity across the healthcare sector, regardless of the depth of cyber resources available to many different types and sizes of entities, said Hugo Lai, CISO at Temple University Health System.

Onslought Also Paved Way for Rise of English-Speaking Hackers
An international law enforcement crackdown on the LockBit ransomware group caused fragmentation and distrust among Russian-speaking cybercrime groups, paving the way for English-speaking hacking groups to gain prominence, experts said Tuesday during a London conference.

BidenCash Was Notorious for Posting Free Tranches of Stolen Card Data
An online carder marketplace with a flair for publicity is now offline following a U.S. and Dutch law enforcement seizure. The site, BidenCash, began operations in March 2022, growing to 117,000 customers who facilitated the trafficking of more than 15 million payment card numbers.

Top Trump Official Touts Enforcement Wins as Firms Warn China Is Gaining Ground
Despite pushback from tech leaders like Nvidia, Commerce Secretary Howard Lutnick told Congress that expanded export controls, seizures and arrests are safeguarding U.S. innovation, as the Trump administration scraps Biden-era AI policies and targets Chinese access to chips.

Banking Sector Faces Challenges in Meeting March 2026 Compliance Deadline
The Central Bank of UAE has issued a directive asking financial institutions to eliminate weak authentication methods including SMS and email OTPs. Banks are also expected to implement real-time fraud monitoring and suspend sessions when malicious activity is detected.

Web-to-App Pipeline Uses Meta Pixel and Yandex Metrica
American social media giant Meta and Russian counterpart Yandex each found methods to break through privacy protections enabled by Android users, say academics in newly disclosed research. A Meta spokesperson in a prepared statement said it stopped the tracking "upon becoming aware of the concerns."

Malware Operation Shows Signs of Regrouping
Just days after a global takedown disrupted over 2,300 Lumma-linked domains, the info-stealing malware-as-a-service operation resurfaced, exposing how modular malware and resilient infrastructure allow cybercriminals to rapidly rebound and evade law enforcement.

Number of Reports Is Down, But Citizens Lost AU$60 Million to Investment Scams
While the number of reported fraud cases is down, Australians lost 28% more money to online scams in the first four months of the year, compared to the same period in 2024. The Australian government's National Anti-Scam Center said Monday that Australians lost just over AU$119 million to fraudsters.

Florida Vendor Set to Reach $100M ARR by 2027 With Identity Segmentation, ZTNA Push
With $55 million in Series C funding led by Highland Europe, Zero Networks aims to expand its zero trust architecture through identity segmentation and zero trust network access. The Orlando, Fla.-based microsegmentation startup aims to double headcount and target a $100 million ARR goal by 2027.

Context-Driven Insights, Automation Fuel Faster, Clearer Decisions for Cyber Teams
With its acquisition of San Francisco-based startup Fletch, F5 is embedding agentic AI into its security platform to automate threat detection and response. The technology provides real-time context, filters irrelevant alerts and helps security teams prioritize urgent risks and mitigation tasks.

Dutch Semiconductor Sector Among Chinese Targets
Chinese nation state groups ramped up espionage campaigns against Dutch critical infrastructure in recent months, said a state official who added that discussions are underway in the European Union on how to minimize Chinese threats.