DataBreachToday.com

Foundation for Defense of Democracies Warns Against Aligning With New Cyber Treaty
The United Nations' cybercrime treaty, shaped by Russian and Chinese influence, could legitimize global digital repression by enabling prosecutions of journalists, activists and researchers under vague terms - despite U.S. opposition and mounting civil society alarm, analysts warned Thursday.

AI agents are reshaping how we buy and pay online. Discover how agentic commerce is redefining trust, transparency, and control in the next era of digital payments.

Microsoft Says Hackers Pivoting to Identity Compromise
Hackers are as likely to log in as break in, warns Microsoft in an annual assessment of cyberthreats. During the first half of 2025, identity-based attacks rose by 32% due to credentials stolen by infostealers or password and email combinations plucked from bulk data breaches.

Cyber Professionals Can Follow 2 Different Careers Paths to Training and Education
When I first began working in cybersecurity education, my background was in teaching, not security operations. Over time, I came to appreciate that this field attracts professionals from both directions - those who begin in education and learn cybersecurity, and those who bring years of industry experience into the classroom.

Financial Loss Tied to the Hack Estimated at 1.9B Pounds
The hack of Jaguar Land Rover will likely cost the British economy 1.9 billion pounds, making it the single most expensive cyber incident to have occurred in the United Kingdom. That number could go up if hackers damaged the operational technology controlling assembly lines.

HITRUST's Tom Kellermann on Third-Party Risk, Defending Against Persistent Access
Island hopping, AI poisoning and access mining are reshaping cyber risk. Tom Kellermann of HITRUST says organizations must modernize third-party risk management practices and assess AI environments to stop attackers from using trusted infrastructure as a launch pad for broader campaigns.

2023 Data Theft Affected Nearly 887,000 Patients
A radiology practice that has been serving patients in North Carolina for about 70 years agreed to pay more than $3.4 million to settle proposed class action litigation filed in the wake of a 2023 hacking incident that compromised the sensitive information of nearly 887,000 individuals.

CISA Budget and Staffing Cuts Undermine National Cyber Readiness, Officials Warn
Federal cybersecurity reforms have regressed for the first time since 2020, as staffing cuts, diminished agency authority and lost momentum threaten U.S. cyber resilience, according to the Cyberspace Solarium Commission’s 2025 report, which urges immediate action from the White House and Congress.

Proposed Acquisition Would Create Unified View of AI-Ready Data Environments
Veeam's proposed acquisition of Securiti AI for $1.725 billion addresses a long-standing disconnect between where data runs and where it's protected. The move enhances AI governance and posture management while supporting Veeam's vision for end-to-end data control.

Pen Tests Find States Thwart Basic Attacks But Are Vulnerable to Sophisticated Ones
Pen testing of 10 Medicaid management and enrollment systems found that while the nine states and one territory implemented "generally effective" security controls to prevent limited cyberattacks, improvements are needed to protect against more sophisticated attacks, said a watchdog agency report.

Russian Intel Hackers Flexible in Face of Detection
Russia-linked threat group COLDRIVER rapidly replaced its exposed malware with a stealthier PowerShell variant, using fake CAPTCHA prompts and cryptographic key-splitting to evade detection and escalate surveillance on NGOs, dissidents and policy experts, according to new research.

NTLM Reflection Attack Strikes Again
A three-month old flaw in a network protocol for file sharing used by Microsoft is under active exploitation, warns the U.S. Cybersecurity and Infrastructure Security Agency. The flaw's exploitation bypasses mitigations Microsoft has built over the years to prevent NTLM reflection attacks.

Silicon Valley Startup Focuses on Discovery and Governance of Non-Human Identities
With $30.75 million in Series B funding, Defakto aims to strengthen non-human identity security across AI workloads and cloud platforms. The Silicon Valley-based startup plans to deepen discovery, governance and enterprise integrations, while expanding its go-to-market strategy.

Active Measures Teams Rapidly Springboarding From Current Events, Find Researchers
After Russian drones violated Polish airspace last month, multiple pro-Kremlin information operations teams sprang into action to advance pro-Moscow narratives that distorted the facts, as part of a hybrid operation designed to destabilize Poland, and NATO support for Ukraine, said experts.

Ransomware Group Lynx Reportedly Stole 4TB of Data
The U.K. Ministry of Defense is investigating an apparent data breach by Russian-speaking ransomware hackers of a building facilities contractor with ties to the military. The Lynx ransomware group posted on its darkweb site samples of what it says is 4 terabytes of data stolen from the Dodd Group.

IT Systems, Radiology Services Taken Offline; Ambulance Patients Diverted
A North Central Massachusetts nonprofit healthcare system with two community hospitals, a medical group and several other care facilities has taken its IT network offline and is diverting ambulance patients as it continues to respond to a cyberattack that hit last week.

Attack Began With Citrix NetScaler Gateway Compromise, Darktrace Said
The Chinese cyberespionage hackers commonly tracked as Salt Typhoon haven't stopped their campaign against global telecoms, says managed threat detection firm Darktrace. The group has made telecoms and other digital infrastructure a primary target.

NSO Group Blocked From WhatsApp and Must Destroy Code Used to Hack 1,400 Devices
A federal judge issued a permanent injunction barring NSO Group from using or retaining its WhatsApp spyware exploit, citing national security risks and business harm after the manufacturer's tools compromised 1,400 devices - some allegedly linked to journalists and officials.