--- title: "Attack Research Database" id: "987529050" type: "page" slug: "attack-research-database" published_at: "2024-06-21T07:03:52+00:00" modified_at: "2026-03-21T06:55:44+00:00" url: "https://accuknox.com/attack-research-database" markdown_url: "https://accuknox.com/attack-research-database.md" taxonomy_author: - "Mrinal" --- # The most devastating attacks are the ones you never saw coming ## Gain the upper hand with our **Attack Research Database** ## Did you Know? ### According to the latest IBM cloud attack report – each cloud attack costs $3.92M on an average Your browser does not support the video tag. ## Attack Research Attack Type Ransomwares Kubernetes Security Breaches Zero Day Join 18K+ community February 26, 2026### ManoMano breach impacts ~38M customers European e-commerce platform ManoMano suffered a breach via a compromised third-party Zendesk account, exposing names, emails, phone numbers, and customer service data of nearly 38 million users. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/european-dyi-chain-manomano-data-breach-impacts-38-million-customers/) ATTACK COST #### Not disclosed February 19, 2026### French National Bank Account Registry (FICOBA) breach Around 1.2 million banking records in France’s national bank account registry were compromised in a cyberattack on government financial infrastructure. [Security Week](https://www.securityweek.com/french-government-says-1-2-million-bank-accounts-exposed-in-breach/) ATTACK COST #### Not disclosed February 13, 2026### Figure Technology Solutions breach exposes ~967K fintech users Attackers used social engineering to access files containing personal data such as names, addresses, and dates of birth of nearly one million fintech customers. [Tech Crunch](https://techcrunch.com/2026/02/13/fintech-lending-giant-figure-confirms-data-breach/) ATTACK COST #### Not disclosed February 12, 2026### Odido telecom breach affects ~6M accounts Dutch telecom provider Odido confirmed unauthorized access to a customer system exposing names, phone numbers, bank details, birth dates, and identification data of more than six million users. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/odido-data-breach-exposes-personal-info-of-62-million-customers/) ATTACK COST #### Not disclosed February 11, 2026### Conduent breach affects Volvo Group employees A breach at Conduent exposed sensitive personal and employment information for employees of Volvo Group North America. [Security Week](https://www.securityweek.com/conduent-breach-hits-volvo-group-nearly-17000-employees-data-exposed/?utm_source=chatgpt.com) ATTACK COST #### Not disclosed January 20, 2026### Monroe University breach impacts ~320K individuals A university breach exposed sensitive personal information, including Social Security numbers, driver’s license numbers, and medical data. [Security Magazine](https://www.securitymagazine.com/articles/102086-lawsuit-filed-after-320-000-impacted-by-monroe-university-breach) ATTACK COST #### Not disclosed January 10, 2026### Instagram data leak hits ~17.5M accounts Personal details from millions of Instagram users were leaked and circulated. [Cyberpress](https://cyberpress.org/instagram-data-leak/) ATTACK COST #### Not disclosed January 10, 2026### Panera Bread breach exposes ~5.1M customers Contact info and other record details were compromised and released publicly. [Fox News](https://www.foxnews.com/tech/panera-bread-data-breach-exposes-5-1-million-customers) ATTACK COST #### Not disclosed January 5, 2026### ManageMyHealth patient portal breach (~120K patients) Hackers accessed and exfiltrated over 400,000 medical documents, exposing highly sensitive health records from a New Zealand healthcare portal. [RNZ](https://www.rnz.co.nz/news/political/583170/managemyhealth-breach-patients-at-risk-of-identity-theft-extortion-experts) ATTACK COST #### Not disclosed December 16, 2025### Millions Affected by Massive Credit Report Data Breach The credit check and identify verification services provider 700Credit is the latest company to suffer a massive data breach. [Tech.Co](https://tech.co/news/700credit-massive-data-breach) ATTACK COST #### Not disclosed December 10, 2025### VITAS Healthcare Breach Exposes 319K Patient Records Hackers maintained undetected access to patient systems for over a month, methodically downloading personal and medical information. [Tech Republic](https://www.techrepublic.com/article/news-vitas-healthcare-security-breach/) ATTACK COST #### Not disclosed December 5, 2025### Pharma firm Inotiv discloses data breach after ransomware attack American pharmaceutical firm Inotiv is notifying thousands of people that their personal information was stolen in an August 2025 ransomware attack. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/pharma-firm-inotiv-discloses-data-breach-after-ransomware-attack/) ATTACK COST #### Not disclosed December 1, 2025### E-commerce platform breach exposes nearly 34 million customers' data South Korea's largest online retailer, Coupang, has apologized for a massive data breach potentially involving nearly 34 million local customer accounts. [BBC](https://www.bbc.com/news/articles/c36zwywll02o) ATTACK COST #### Not disclosed November 27, 2025### Millions at risk after nationwide CodeRED alert system outage and data breach A nationwide cyberattack against the OnSolve CodeRED emergency notifications system has prompted cities and counties across the US to warn residents and advise them to change their passwords. CodeRED is used by local governments to deliver fast, targeted alerts during severe weather, evacuations, missing persons, and other urgent events. Both the data breach and the service outage have serious implications for communities. [Malware Bytes](https://www.malwarebytes.com/blog/news/2025/11/millions-at-risk-after-nationwide-codered-alert-system-outage-and-data-breach) ATTACK COST #### Not disclosed November 25, 2025### Multiple London councils 'hit by cyber-attacks' Several London councils are believed to have been targeted in cyber-attacks within the past few days. The Royal Borough of Kensington & Chelsea (RBKC) said that it and Westminster City Council were "responding to a cyber incident affecting some shared IT systems" and that some some systems, including phone lines, were disrupted. [BBC](https://www.bbc.com/news/articles/cdxwygkqrx0o) ATTACK COST #### Not disclosed November 12, 2025### University of Pennsylvania breach A reported data breach exposed info for over 1.2 million individuals. [Kaseya](https://www.kaseya.com/blog/the-week-in-breach-news-11-12-25/) ATTACK COST #### Not disclosed November 23, 2025### Harvard University data exposed A phishing attack led to unauthorized access of contact and donation records for students, alumni, and faculty. [Economic Times](https://economictimes.indiatimes.com/news/international/us/harvard-cyberattack-data-breach-exposes-alumni-donors-students-and-faculty-records-heres-complete-truth-what-happened-who-was-affected-harvards-response-phone-based-phishing-attack-university-personal-contact-information-donation-details-event-records-law-enforcement-alumni-affairs-and-development-office-systems-unauthorized-party/articleshow/125511613.cms) ATTACK COST #### Not disclosed November 7, 2025### Nevada government declined to pay ransom, says cyberattack traced to breach in May The state government of Nevada did not pay a ransom to cybercriminals who took down critical government systems in August, the state said in a post-mortem review of the attack. [The Record Media](https://therecord.media/nevada-declined-ransom-breach) ATTACK COST #### Not disclosed November 6, 2024### Snowflake cloud platform breach impacting multiple companies Attackers exploited weak security practices (e.g., missing MFA) and accessed data belonging to several organizations, including tens of millions of customer records from companies using the platform. [Cyber Security](https://cybersecuritynews.com/hacker-behind-snowflake-data-breach-arrested/) ATTACK COST #### Not disclosed November 3, 2025### Biggest Cyber Attacks, Ransomware Attacks Data Breaches October 2025 proved to be another intense and highly disruptive period in the cybersecurity landscape. Multiple high-profile enterprises across various sectors were impacted by advanced security breaches, targeted attacks, and widespread operational disruptions. [Synergy IT](https://blog.synergyit.ca/biggest-cyber-attacks-ransomware-attacks-data-breaches-october-2025/) ATTACK COST #### Not disclosed November 01, 2025### ‘We got hacked’ emails threaten to leak University of Pennsylvania data The attack resulted in mass “We got hacked (Action Required)” emails being sent from University of Pennsylvania systems, and the alleged threat actor claimed to have stolen data on approximately 1.2 million students, alumni and donors (names, birthdates, addresses, phone numbers, net worth estimates, donation history, demographic details) after compromising an employee’s SSO account and accessing systems like Salesforce, Qlik, SAP and SharePoint. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/offensive-we-got-hacked-emails-sent-in-penn-security-incident/) ATTACK COST #### Not disclosed October 22, 2025### This million-dollar leak from a Shopify rival went unnoticed for 2 years A major security lapse at Dukaan, one of India’s fastest-growing e-commerce platforms, may have exposed millions of merchants and shoppers to data theft and financial fraud. [Cyber News](https://cybernews.com/security/dukaan-ecommerce-data-leak-india/) ATTACK COST #### Not disclosed October 20, 2025### F5 cybersecurity firm intrusion A protracted digital intrusion tied to state-linked actors raised alarms across enterprises using F5 products. [Reuters](https://www.reuters.com/sustainability/boards-policy-regulation/cyber-defenders-sound-alarm-f5-hack-exposes-broad-risks-2025-10-20/) ATTACK COST #### Not disclosed October 20, 2025### Prosper Confirms Data Breach Impacting 17 Million Users Prosper confirmed a major data breach affecting 17 million people. Learn what happened, why it matters for fintech security, and how IT leaders can respond. [Tech Republic](https://www.techrepublic.com/article/news-prosper-data-breach/) ATTACK COST #### Not disclosed October 2, 2025### 1.5 Million Impacted by Allianz Life Data Breach Allianz data breach hack Insurance giant Allianz subsidiary Allianz Life Insurance Company of North America is notifying roughly 1.5 million people that their personal information was stolen in a July data breach. [Security Week](https://www.securityweek.com/1-5-million-impacted-by-allianz-life-data-breach/) ATTACK COST #### Not disclosed October 1, 2025### Data breach at Canadian airline WestJet affects 1.2M passengers Canada’s second largest airline WestJet said the personal information of 1.2 million passengers was stolen in a cyberattack and data breach earlier this year. [Tech Crunch](https://techcrunch.com/2025/10/01/data-breach-at-canadian-airline-westjet-affects-1-2m-passengers/) ATTACK COST #### Not disclosed September 16, 2025### Ongoing Supply Chain Attack Targets CrowdStrike npm Packages Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages. [Socket](https://socket.dev/blog/ongoing-supply-chain-attack-targets-crowdstrike-npm-packages) ATTACK COST #### Not Disclosed September 13, 2025### FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for orchestrating a string of data theft and extortion attacks. [The Hacker News](https://thehackernews.com/2025/09/fbi-warns-of-unc6040-and-unc6395.html) ATTACK COST #### Not Disclosed September 9, 2025### Ransomware Group play Hits: BDE Computer Services BDE Computer Services — a company operating in the BD — has fallen victim to a ransomware attack conducted by the group play. [HookPhish](https://www.hookphish.com/blog/ransomware-group-play-hits-bde-computer-services/) ATTACK COST #### Not Disclosed September 8, 2025### Increasingly structured attacks on remote work and distant access The fall of 2025 opens with a surge in cyber threats targeting remote work and critical services: municipalities, industries, schools, and large international groups have all been hit, often through ransomware or attacks on remote access chains. [Reemo](https://blog.reemo.io/september-2025-cyber-outlook) ATTACK COST #### Not Disclosed September 8, 2025### cGAS Data Breach In the latest cybersecurity news, https://gazomet.pl & https://cgas.pl — a company operating in the PL — has fallen victim to a ransomware attack conducted by the group alphalocker. This data breach, discovered on 2025-09-08 10:51:58.434565, underscores the increasing need for proactive cybersecurity defenses as we continue through 2025. [HookPhish](https://www.hookphish.com/blog/ransomware-group-alphalocker-hits-https-gazomet-pl-and-https-cgas-pl/) ATTACK COST #### Not Disclosed September 3, 2025### September’s First Week of Breaches: What Businesses Can Learn Some of the world’s biggest names—Google, Salesforce, WhatsApp, Apple, Jaguar Land Rover, and Microsoft Azure—were all forced to respond to new and very different cyber incidents. [Securafy](https://www.securafy.com/blog/september-2025-cyberattacks-google-workspace-breach-whatsapp-zero-day-jlr-cyber-incident-and-azure-ad-leak) ATTACK COST #### Not Disclosed August 21, 2025### Colt confirms customer data stolen as Warlock ransomware auctions files UK-based telecommunications company Colt Technology Services confirms that customer documentation was stolen as Warlock ransomware gang auctions files. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/colt-confirms-customer-data-stolen-as-warlock-ransomware-auctions-files/) ATTACK COST #### Not disclosed August 14, 2025### Tens of thousands of Italian hotel guests may be hit by cyber heist The Italian government warned on Wednesday that identity documents belonging to tens of thousands of people who had stayed at hotels in the country allegedly have been stolen and are being illegally sold online. [The Record](https://therecord.media/italy-hotel-guests-possible-data-breach-ids) ATTACK COST #### Not disclosed August 7, 2025 ### Bouygues Telecom confirms data breach impacting 6.4 million customers Bouygues Telecom warns it suffered a data breach after the personal information of 6.4 million customers was exposed in a cyberattack. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/bouygues-telecom-confirms-data-breach-impacting-64-million-customers/) ATTACK COST #### Not disclosed August 5, 2025### PBS confirms data breach after employee info leaked on Discord servers PBS has suffered a data breach exposing the corporate contact information of its employees and those of its affiliates, BleepingComputer has learned. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/pbs-confirms-data-breach-after-employee-info-leaked-on-discord-servers/) ATTACK COST #### Not disclosed August 1, 2025### 147,000 customer records affected following data breach at Cycle & Carriage In response to CNA's queries, a spokesperson from Cycle & Carriage said that it was alerted on Jul 14 to "unauthorised access" into its customer relationship management system by a threat actor who downloaded some customer information. [Channel News Asia](https://www.channelnewsasia.com/singapore/cycle-carriage-data-breach-cybersecurity-incident-customer-records-affected-5271746) ATTACK COST #### Not disclosed August 1, 2025### Cisco Event Response: Vishing Attack Impacting Third-Party CRM System Cisco is aware of the recent claims by the suspected actor regarding this event. We promptly assessed those claims, and have not seen any evidence that the actor obtained any information beyond what we initially assessed in July 2025. [Cisco](https://sec.cloudapps.cisco.com/security/center/resources/CRM-vishing) ATTACK COST #### Not disclosed August 1, 2025### Genoa Community Hospital discloses breach discovered in March Genoa learned of unusual activity involving one employee email account. The release does not indicate when the breach actually occurred or how the attacker gained access to the employee’s email account. They only reveal that unusual activity in the account was discovered in March. [DataBreaches.Net](https://databreaches.net/2025/08/01/genoa-community-hospital-discloses-breach-discovered-in-march/) ATTACK COST #### Not disclosed July 11, 2025### McDonald’s Chatbot Recruitment Platform Exposed 64 Million Job Applications Vulnerabilities in the McDonald’s chatbot recruitment platform McHire exposed the personal information of over 64 million job applicants, security researchers Ian Carroll and Sam Curry discovered. [Security Week](https://www.securityweek.com/mcdonalds-chatbot-recruitment-platform-leaked-64-million-job-applications/) ATTACK COST #### NA July 11, 2025### CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild. [The Hacker News](https://thehackernews.com/2025/07/cisa-adds-citrix-netscaler-cve-2025.html) ATTACK COST #### Not disclosed July 8, 2025### Suspected contractor for China’s Hafnium group arrested in Italy U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers. [Cybersecurity Dive](https://www.cybersecuritydive.com/news/suspected-contractor-for-chinas-hafnium-group-arrested-in-italy/752533/) ATTACK COST #### Not Disclosed July 3, 2025### Europol’s $540M Crypto Fraud Bust Europol, working alongside Spanish, French, Estonian, and U.S. authorities, has dismantled a cryptocurrency fraud network responsible for defrauding victims of over $540 million dollars (€460 million euros). [RSI Security](https://blog.rsisecurity.com/weekly-cybersecurity-threat-report-540m-crypto-scams-and-more/) ATTACK COST #### $540M July 2, 2025### Qantas Airline Breach Qantas confirms cyber-attack exposed records of up to 6 million customers [The Guardian](https://www.theguardian.com/business/2025/jul/02/qantas-confirms-cyber-attack-exposes-records-of-up-to-6-million-customers) ATTACK COST #### Not disclosed June 30, 2025### International Criminal Court hit with cyber security attack THE HAGUE, Netherlands (AP) — The International Criminal Court has been targeted by a “sophisticated” cyberattack and is taking measures to limit any damage, the global tribunal announced. [AP News](https://apnews.com/article/international-court-cyberattack-hague-netherlands-50ac8b2f53928fc1f05163c67b09c4bf) ATTACK COST June 25, 2025### AT&T agrees to $177 million settlement over data breach Current and former AT&T customers may be eligible for a payout from a $177 million settlement connected to two data breaches. [Cyber Security Review](https://www.cybersecurity-review.com/att-agrees-to-177-million-settlement-over-data-breach/) ATTACK COST #### $177 million June 21, 2025### 16 Billion Passwords Leaked Online Yes, 16 billion passwords leaked online. No, it's not what you think. Think of the leak as a hacker's version of a "Best of" list. [Mashable](https://in.mashable.com/tech/95984/yes-16-billion-passwords-leaked-online-no-its-not-what-you-think) ATTACK COST #### Not disclosed June 20, 2025### M&S Cyber Attack M&S cyber attack deepens as tech partner TCS denies blame [Cyber Security Review](https://www.cybersecurity-review.com/ms-cyber-attack-deepens-as-tech-partner-tcs-denies-blame/) ATTACK COST #### Not disclosed June 17, 2025### Cyberattacks hit retailers at the worst time Cyberattacks are the latest crisis for U.S. retailers as they continue to weather tariff uncertainties and labor strife. [AXIOS](https://www.axios.com/2025/06/17/whole-foods-cartier-cyberattacks) ATTACK COST #### Not disclosed June 9, 2025### ⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks Behind every security alert is a bigger story. Sometimes it's a system being tested. Sometimes it's trust being lost in quiet ways—through delays, odd behavior, or subtle gaps in control. ATTACK COST #### Not disclosed June 6, 2025### Scattered Spider Uses Tech Vendor Impersonation and Phishing Kits to Target Helpdesks Scattered Spider, the ransomware collective believed to be behind recent retail hacks in the UK, including those targeting Marks & Spencer (M&S) and Harrods, has evolved its arsenal to incorporate more sophisticated tactics. [Info Security Magazine](https://www.infosecurity-magazine.com/news/scattered-spider-tech-vendor/) ATTACK COST #### Not disclosed May 26, 2025### GitHub MCP Exploited: Accessing private repositories via MCP GitHub MCP Exploited: Accessing private repositories via MCP (via) GitHub's official MCP server grants LLMs a whole host of new abilities, including being able to read and issues in repositories the user has access to and submit new pull requests. [Simon Willison.net](https://simonwillison.net/2025/May/26/github-mcp-exploited/) ATTACK COST #### Not disclosed May 26, 2025### Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. [The Hacker News](https://thehackernews.com/2025/05/over-70-malicious-npm-and-vs-code.html) ATTACK COST #### Not disclosed May 22, 2025### Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. [The Hacker News](https://thehackernews.com/2025/05/chinese-hackers-exploit-ivanti-epmm.html) ATTACK COST #### Not disclosed May 21, 2025### Microsoft says 394,000 Windows computers infected by Lumma malware globally Microsoft said Wednesday that it broke down the Lumma Stealer malware project with the help of law enforcement officials across the globe. [CNBC](https://www.cnbc.com/2025/05/21/microsoft-malware-windows.html) ATTACK COST #### Not disclosed May 20, 2025### Krebs on Security Hit With Near-Record 6.3 Tbps DDoS KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). [KrebsOnSecurity](https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/) ATTACK COST #### Not disclosed May 20, 2025### M&S Cyber Attack: retail operations crippled, trust eroded The M&S cyber attack reveals a shift from data theft to operational disruption, highlighting vulnerabilities in legacy systems. [World Wide Technology](https://www.wwt.com/blog/cyber-insights-report-may-19-2025) ATTACK COST #### Not disclosed May 18, 2025### Coinbase Security Breach Leaks User Data and Government IDs In a significant cybersecurity incident, Coinbase has confirmed that cybercriminals, aided by a group of bribed rogue overseas support agents, stole sensitive customer data in an attempt to extort the company for $20 million. [Tech Worm](https://www.techworm.net/2025/05/coinbase-breach-leaks-personal-info-government-ids.html) ATTACK COST #### $20 million May 15, 2025### Misconfigured Cloud Storage HireClick Exposes 5.7 Million Resume Files Due to Misconfigured Cloud Storage [Daily Security Review](https://dailysecurityreview.com/security-spotlight/hireclick-exposes-5-7-million-resume-files-due-to-misconfigured-cloud-storage/) ATTACK COST #### Not disclosed May 15, 2025### Alleged Leak of 89 Million Steam User Records Tied to Supply Chain Breach Hackers are selling 89 million Steam user records in an apparent supply chain breach involving vendor access. Valve denies a direct Steam breach but continues investigating. [Daily Security Review](https://dailysecurityreview.com/security-spotlight/alleged-leak-of-89-million-steam-user-records-tied-to-supply-chain-breach/) ATTACK COST #### Not disclosed May 13, 2025### China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide "Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE)," EclecticIQ researcher Arda Büyükkaya said in an analysis published on March 13.. [The Hacker News](https://thehackernews.com/2025/05/china-linked-apts-exploit-sap-cve-2025.html) ATTACK COST #### Not disclosed April 30, 2025### Nova Scotia Power Cyber Attack Impacts Customer Billing Accounts Canada's Nova Scotia Power, the region’s leading electrical supplier, announced it is “actively responding” to a cybersecurity incident that has impacted its business IT networks and customer account access. [Cyber News](https://cybernews.com/news/nova-scotia-power-cyberattack-customer-data-breach-emera/) ATTACK COST #### Not disclosed April 26, 2025### Ransomware Group nitrogen Hits: Stadtwerke Schwerte GmbH In the latest cybersecurity news, Stadtwerke Schwerte GmbH — a company operating in the DE — has fallen victim to a ransomware attack conducted by the group nitrogen. This data breach, discovered on 2025-04-25 21:53:42.237269, underscores the increasing need for proactive cybersecurity defenses as we continue through 2025. [HookPhish](https://www.hookphish.com/blog/ransomware-group-nitrogen-hits-stadtwerke-schwerte-gmbh/) ATTACK COST #### Not disclosed April 10, 2025### South African telecom provider serving 7.7 million confirms data leak following cyberattack South Africa’s fourth-largest mobile network operator, Cell C, has confirmed that its data was leaked on the dark web following a cyberattack last year. [The Record](https://therecord.media/south-african-telecom-provider-discloses-data-breach-ransomware) ATTACK COST #### Not disclosed April 10, 2025### Industrial tech manufacturer Sensata says ransomware attack is impacting production A ransomware attack on Massachusetts-based manufacturer Sensata Technologies last weekend has seriously disrupted the company’s systems. [The Record](https://therecord.media/sensata-technologies-ransomware-attack) ATTACK COST #### Not disclosed April 7, 2025### Port of Seattle Says 90,000 People Impacted by Ransomware Attack The incident occurred on August 24 and forced the Port to isolate critical systems, which impacted the Seattle-Tacoma International Airport (SEA Airport), Fishermen’s Terminal, and public marinas it operates. [Security Week](https://www.securityweek.com/port-of-seattle-says-90000-people-impacted-by-ransomware-attack/) ATTACK COST #### Not disclosed April 4, 2025### Texas city warns thousands of utility payment site breach At least 12,000 people had sensitive financial information stolen by hackers who secretly implanted malicious code into the utility payment website of the city of Lubbock, Texas. [The Record](https://therecord.media/texas-city-warns-thousands-of-utility-site-breach) ATTACK COST #### Not disclosed Mar 25, 2025### Chinese hackers are getting bigger, better and stealthier Experts say it is the main shift in the cyber-threat landscape in a decade [The Economist](https://www.economist.com/china/2025/03/25/chinese-hackers-are-getting-bigger-better-and-stealthier) ATTACK COST #### Not disclosed March 24, 2025### GitHub Advisory Database - Attackers Discover Secrets tj-actions changed-files through 45.0.7 allows remote attackers to discover secrets by reading actions logs. [GitHub](https://github.com/advisories/GHSA-mrrh-fwg8-r2c3) ATTACK COST #### Not disclosed Mar 23, 2025### Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope. [The Hacker News](https://thehackernews.com/2025/03/github-supply-chain-breach-coinbase.html) ATTACK COST #### Not disclosed Mar 10, 2025### North Korean hackers cash out hundreds of millions from $1.5bn ByBit hack Hackers thought to be working for the North Korean regime have successfully converted at least $300m (£232m) of their record-breaking $1.5bn crypto heist to unrecoverable funds. [BBC](https://www.bbc.com/news/articles/c2kgndwwd7lo) ATTACK COST #### $1.5bn Mar 3, 2025 ### Legacy Professionals, LLP Data Breach Alert: Issued by Wolf Haldenstein Adler Freeman & Herz LLP Wolf Haldenstein Adler Freeman & Herz LLP, a preeminent national consumer rights law firm, is investigating claims on behalf of people who have been impacted by the Legacy Professionals, LLP (“Legacy Professionals”) data breach. [Morning Star](https://www.morningstar.com/news/globe-newswire/9387425/legacy-professionals-llp-data-breach-alert-issued-by-wolf-haldenstein-adler-freeman-herz-llp) ATTACK COST #### Not disclosed Feb 13, 2025### APT43 Hackers Targeting Academic Institutions Using Exposed Credentials APT43, also known by aliases such as Black Banshee, Emerald Sleet, and Kimsuky, is a North Korean state-sponsored cyber threat actor linked to the Reconnaissance General Bureau (RGB). [gbhackers](https://gbhackers.com/apt43-hackers-targeting-academic-institutions/) ATTACK COST Feb 10, 2025### Massive OpenAI Leak, WordPress Admin Exploit, Inkafarma Data Breach SOCRadar’s Dark Web Team has detected a wave of cyber threats on hacker forums this week, including an alleged leak of millions of OpenAI user accounts. Meanwhile, a WordPress admin exploit script, WPU 2.0, is being sold, offering features to bypass security measures and manipulate websites. [SOC Radar](https://socradar.io/openai-leak-wordpress-admin-exploit-inkafarma-breach/) ATTACK COST #### Not disclosed Feb 10, 2025### BadIIS Malware Exploits IIS Servers for SEO Fraud A newly uncovered cyber campaign has been observed exploiting Internet Information Services (IIS) vulnerabilities to distribute malware known as BadIIS. [Infosecurity Magazine](https://www.infosecurity-magazine.com/news/badiis-malware-iis-servers-seo/) ATTACK COST #### Not disclosed Feb 7, 2025### IntelBroker is Allegedly Selling the Data of InkaFarma A hacker known as IntelBroker claims to have breached InkaFarma, Peru’s largest pharmaceutical retail chain, leaking a massive 3.9 million-record database. The alleged breach, which surfaced on February 6, 2025, was posted on a well-known cybercrime forum, with the attacker providing sample data to prove authenticity. [Dark Web Informer](https://darkwebinformer.com/intelbroker-is-allegedly-selling-the-data-of-inkafarma/) ATTACK COST #### Not disclosed Jan 17, 2025### New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. [The Hacker News](https://thehackernews.com/2025/01/new-sneaky-2fa-phishing-kit-targets.html) ATTACK COST #### Not disclosed Jan 17, 2025### Chinese Hackers Accessed Yellen's Computer in US Treasury Breach US Treasury Secretary Janet Yellen’s computer was infiltrated and unclassified files were accessed as part of a broader breach of the agency by Chinese state-sponsored hackers, according to two people familiar with the matter. [Bloomberg](https://www.bloomberg.com/news/articles/2025-01-16/chinese-hacked-us-treasury-secretary-yellen-s-computer-in-breach) ATTACK COST #### Not disclosed Jan 2025### Belsen Group Leaks 15,000+ FortiGate Firewall Configurations FortiGate firewall leak exposes 15,000+ configurations, impacting organizations globally. The actor behind the leak is Belsen Group. Learn how to mitigate risks and protect your systems. [HACK READ](https://hackread.com/belsen-group-leaks-fortigate-firewall-configurations/) ATTACK COST #### Not disclosed Jan 24, 2025### UnitedHealth confirms 190 million Americans affected by Change Healthcare data breach UnitedHealth has confirmed the ransomware attack on its Change Healthcare unit last February affected around 190 million people in America — nearly double previous estimates. [TechCrunch](https://techcrunch.com/2025/01/24/unitedhealth-confirms-190-million-americans-affected-by-change-healthcare-data-breach/) ATTACK COST #### Not disclosed Dec 27, 2024### VW Suffers Major Breach Exposing Location of 800,000 Electric Vehicles A massive data leak involving over 800,000 Volkswagen electric vehicles (EVs) has left sensitive user information, including location data and personal contact details, unprotected on the internet. [Cyber Insider](https://cyberinsider.com/vw-suffers-major-breach-exposing-location-of-800000-electric-vehicles/#:~:text=Discovered%20by%20a%20whistleblower%20and%20reported%20by%20Der,Cariad%2C%20exposing%20vulnerabilities%20in%20modern%20vehicle%20data%20handling.) [AccuKnox](https://accuknox.com/blog/prevent-volkswagen-breach-with-cnapp) ATTACK COST #### Not disclosed Dec 23, 2024### AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case Cybersecurity researchers have found that it's possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. [The Hacker News](https://thehackernews.com/2024/12/ai-could-generate-10000-malware.html) ATTACK COST #### Not disclosed Dec 17, 2024### Governments need to work as one to counter cyber threats in 2025 The report warns that AI will be used to develop highly sophisticated, personalized phishing campaigns using deepfake technology, making them harder to detect. [The New Indian Express](https://www.newindianexpress.com/editorials/2024/Dec/16/governments-need-to-work-as-one-to-counter-cyber-threats-in-2025) ATTACK COST #### Not disclosed Dec 16, 2024### NoviSpy Spyware Installed on Journalist's Phone After Unlocking It With Cellebrite Tool A Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty International. [The Hacker News](https://thehackernews.com/2024/12/novispy-spyware-installed-on.html) ATTACK COST #### Not disclosed Dec 16, 2024### DeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA Pages Cybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. [The Hacker News](https://thehackernews.com/2024/12/deceptionads-delivers-1m-daily.html) ATTACK COST #### Not disclosed Dec 12, 2024### How China Hacked America’s Phone Network An alarming new hack by China has penetrated the nerve center of the United States: its telephone network. [New York Times Podcast](https://www.youtube.com/watch?v=G3CL4l3AUhE) ATTACK COST #### c Dec 5, 2024 ### Romania's election systems targeted in over 85,000 cyberattacks A declassified report from Romania’s Intelligence Service says that the country’s election infrastructure was targeted by more than 85,000 cyberattacks. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/romanias-election-systems-targeted-in-over-85-000-cyberattacks/?&web_view=true) ATTACK COST #### Not disclosed Dec 02, 2024### WotNot exposes 346K sensitive customer files Hello, this is your chatbot leaking: WotNot exposes 346K sensitive customer files [Cyber News](https://cybernews.com/security/wotnot-exposes-346k-sensitive-customer-files/) ATTACK COST #### Not disclosed Nov. 25, 2024### Starbucks Hit by Ransomware Attack via Third-Party Software Supplier Ransomware Attack on Software Supplier Disrupts Operations for Starbucks and Other Retailers A ransomware attack that hit a major software provider last week caused disruptions for a handful of companies over recent days, from Starbucks to U.K. grocery giant Morrisons [U.S. News](https://www.usnews.com/news/business/articles/2024-11-26/ransomware-attack-on-software-supplier-disrupts-operations-for-starbucks-and-other-retailers#google_vignette) ATTACK COST #### Not disclosed Nov 22, 2024### Russian Spies Jumped From One Network to Another Via Wi-Fi in an Unprecedented Hack In a first, Russia's APT28 hacking group appears to have remotely breached the Wi-Fi of an espionage target by hijacking a laptop in another building across the street. [Wired](https://www.wired.com/story/russia-gru-apt28-wifi-daisy-chain-breach/) ATTACK COST #### Not disclosed Nov. 21, 2024 ### The AI Effect: Amazon Sees Nearly 1 Billion Cyber Threats a Day The technology has spawned a surge in hacking attempts, says cyber chief CJ Moses, while Amazon is also using it to powerfully amp up its threat-analysis capability [WSJ](https://www.wsj.com/articles/the-ai-effect-amazon-sees-nearly-1-billion-cyber-threats-a-day-15434edd) ATTACK COST #### Not disclosed November 6, 2024### Ransomware Gang demands $125,000 A new ransomware player opted to ask a victim for payment in French bread. But don’t be fooled by the apparent humor, the Hellcat crime group is deadly serious and wants $125,000 in the cryptocurrency Monero as well. [Forbes](https://www.forbes.com/sites/daveywinder/2024/11/06/ransomware-gang-demands-125000-payment-in-french-bread-and-crypto/) ATTACK COST #### $125,000 October 24, 2024### The Rhysida group targeting Easterseals demanding 20 bitcoins Ransomware gang stoops to new low, targets prominent nonprofit for disabled people A notorious ransomware gang previously responsible for attacks on multiple hospitals has now claimed a new victim: disability nonprofit Easterseals. [The Record](https://therecord.media/easterseals-central-illinois-data-breach) ATTACK COST #### $1.3 million October 24, 2024### Russia-based ransomware gang that demanded $22 million on Healthcare system Change Healthcare cyber attack affected 100 million individuals. Senate Finance Committee Chair seeks further information on Change Healthcare cyber attack. [The HIPAA Journal](https://www.hipaajournal.com/change-healthcare-responding-to-cyberattack/) ATTACK COST #### $22 million October 18, 2024### Providence Students’ Data Exposed in Cyberattack The Providence, Rhode Island, school district fell victim to a cyberattack last month. A ransomware gang uploaded sensitive student information to an instant messaging service after Providence Public Schools did not pay their $1 million extortion demand. [Yahoo!news](https://www.yahoo.com/news/providence-students-sensitive-data-exposed-103000777.html?guccounter=1) ATTACK COST #### $1 million October 11, 2024### The Rhysida gang demand $1.5M for patient data targeting Colorado based health system Axis Health System, a network of 13 behavioral health facilities in Colorado, followed incident response protocol after identifying the attack and its investigation is ongoing. The system has not confirmed whether patient data was affected. [Beckers Health IT](https://www.beckershospitalreview.com/cybersecurity/hackers-demand-1-5m-for-patient-data-after-colorado-system-breach.html) ATTACK COST #### $1.58 million October 7, 2024### AT&T, Verizon reportedly hacked to target US govt wiretapping platform Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/atandt-verizon-reportedly-hacked-to-target-us-govt-wiretapping-platform/) ATTACK COST #### Not disclosed September, 2024### Detailed Microsoft research based on ransomware at Healthcare sector US Healthcare at risk: Strengthening resiliency against ransomware attacks. The healthcare sector faces a rapidly increasing range of cybersecurity threats, with ransomware attacks emerging as one of the most significant. [Security Insider](https://www.microsoft.com/en-us/security/security-insider/emerging-threats/US-healthcare-at-risk-strengthening-resiliency-against-ransomware-attacks#Chapter-One-article) ATTACK COST #### $4.4 million August 16, 2024### Ransomware attack on Indian payment system traced back to Jenkins bug Researchers have discovered that a damaging ransomware attack on a digital payment system used by many of India’s banks began with a vulnerability in Jenkins — a widely used open-source automation system for software developers. [The Record](https://therecord.media/jenkins-vulnerability-india-npci-ransomware-attack) ATTACK COST #### Not disclosed July 19, 2024### WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets. [The Hacker News](https://thehackernews.com/2024/07/wazirx-cryptocurrency-exchange-loses.html) ATTACK COST #### $230 million June, 2024### CVE-2024-5655 Allows attackers to run pipelines as any user, which can lead to unauthorized access and potentially harmful actions within the GitLab CI/CD environment. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/critical-gitlab-bug-lets-attackers-run-pipelines-as-any-user/) ATTACK COST #### Not disclosed May 8, 2024### Change Healthcare Ransomware Attack A DDoS attack by Anonymous Sudan targeted over 300 web domains and 177,000 IP addresses, disrupting major public service websites. [Security Intelligence](https://securityintelligence.com/news/change-healthcare-cyberattack-exceeds-1-billion-costs/) ATTACK COST #### $1.6 billion May 7, 2024### UK Ministry of Defence Payroll Hack Personal data of nearly 270,000 current and former staff members, including identities, bank details, and addresses, were exposed due to a hack on the payroll system managed by SSCL. [Reuters](https://www.reuters.com/technology/cybersecurity/uk-military-personnels-data-accessed-hack-bbc-reports-2024-05-06/) ATTACK COST #### 270K PII Disclosed ### xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs An employee at Elon Musk’s artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk’s companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned. [KrebsOnSecurity](https://krebsonsecurity.com/2025/05/xai-dev-leaks-api-key-for-private-spacex-tesla-llms/) ATTACK COST April 24, 2024### CrushFTP Zero-Day Cloud Exploit Unauthenticated attackers exploit a sandbox escape flaw in the CrushFTP server (CVE-2024-4040) to download system files and potentially achieve Remote Code Execution (RCE). [Dark Reading](https://www.darkreading.com/cloud-security/patch-crushftp-zero-day-cloud-exploit-targets-us-orgs) [How AccuKnox Defends this](https://accuknox.com/blog/crushftp-under-attack) ATTACK COST #### Not disclosed April 18, 2024### Kubernetes RCE Attack Microsoft discovered critical vulnerabilities in OpenMetadata versions 1.2.4 and 1.3.1, exploited by attackers to execute remote code on Kubernetes clusters. These vulnerabilities allowed hackers to gain access to vulnerable environments and deploy cryptocurrency mining malware. [Petri](https://petri.com/openmetadata-flaws-kubernetes-clusters/) ATTACK COST #### Not disclosed April 17, 2024### Palo Alto Networks Zero-day Exploit Proof-of-concept (PoC) exploits released for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways. Attackers can achieve remote code execution by exploiting a chain of vulnerabilities, including directory traversal and command injection. [The Register](https://www.theregister.com/2024/04/17/researchers_exploit_code_for/) ATTACK COST #### Not disclosed April 17, 2024### Supply Chain Attack A sophisticated attack targeting the Kubernetes supply chain, where attackers injected malicious code into container images used by various organizations. This code allowed attackers to access deployment configurations and sensitive data. [BleepingComputer](https://www.bleepingcomputer.com/news/security/hackers-hijack-openmetadata-apps-in-kubernetes-cryptomining-attacks/) ATTACK COST #### $2 million March 11, 2024### French State DDoS Attack A DDoS attack by Anonymous Sudan targeted over 300 web domains and 177,000 IP addresses, disrupting major public service websites. [France 24](https://www.france24.com/en/europe/20240311-french-state-services-hit-intense-cyberattacks-hacking-france) ATTACK COST #### Not disclosed March 2024### Rhysida Ransomware MarineMax (luxury yacht dealer and boating lifestyle brand) earnings reports, balance sheets, bank account wire transfers, customer databases, and other financial documents compromised [Blog from Cybernews](https://cybernews.com/news/marinemax-yachts-ransomware-attack-rhysida-gang/) ATTACK COST #### 15BTC (roughly $919k) March 2024### Medusa Ransomware Illinois’ Monmouth College system were compromised giving access to info like driver’s licenses and ID cards among a host of other information [Blog from Record Media](https://www.bleepingcomputer.com/news/security/leaky-vessels-flaws-allow-hackers-to-escape-docker-runc-containers/) ATTACK COST #### $500 k February 2024### Russian website builder data leak 54 million users of the uID.me website builder had their data exposed due to a misconfigured MongoDB database. [Cyber Daily](https://www.cyberdaily.au/security/10218-54m-affected-in-russian-website-builder-data-leak#:~:text=Users%20of%20a%20Russian%20website,left%20a%20database%20publicly%20accessible.&text=Fifty%2Dfour%20million%20users%20of,dating%20from%202012%20to%20now.) ATTACK COST #### Not disclosed February 4, 2024### Container Escape Vulnerability Attackers exploited a container escape vulnerability within the Kubernetes environment of a healthcare provider, gaining access to host systems and compromising patient data. The vulnerability allowed attackers to break out of the container and execute commands on the host operating system. [Cybernews](https://www.bleepingcomputer.com/news/security/leaky-vessels-flaws-allow-hackers-to-escape-docker-runc-containers/) ATTACK COST #### $5 million February 22, 26 & 28, 2024### BlackCat Ransomware 6TB of data stolen from Change Healthcare's network belonging to "thousands of healthcare providers, insurance providers, pharmacies, etc.” [Blog from BleepingComputer](https://www.bleepingcomputer.com/news/security/ransomware-gang-claims-they-stole-6tb-of-change-healthcare-data/) ATTACK COST #### $22 million February 11, 2024### Hipocrate Information System (HIS) Ransomware attack forces 100 Romanian hospitals to go offline [Blog from CM-Alliance](https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-february-2024) ATTACK COST #### 3.5 BTC (roughly $167 k) January 2024### ArcaneDoor hackers exploit Cisco zero-days to breach govt networks Exploitation of two zero-day vulnerabilities (CVE-2024-20353 and CVE-2024-20359) in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defence (FTD) firewalls, leading to cyber-espionage activities targeting government networks worldwide. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/) ATTACK COST #### Not disclosed January 2024### MITRE was breached through Ivanti zero-day vulnerabilities MITRE Corporation breached by nation-state hackers utilizing zero-day vulnerabilities in Ivanti Connect Secure products. Attackers performed reconnaissance through VPNs and laterally moved into VMware infrastructure. Compromised systems used for storage, computing, and networking resources. [The Record](https://therecord.media/mitre-breached-ivanti-zero-days) ATTACK COST #### Not disclosed January 2024### Sophisticated state-sponsored attackers believed to be based out of North Korea Orbit Chain's balance went from $115 M to $29 M instantly [BleepingComputer](https://www.bleepingcomputer.com/news/security/orbit-chain-loses-86-million-in-the-last-fintech-hack-of-2023/) ATTACK COST #### $86 million November 15, 2023### DarkBeam Misconfiguration A misconfigured Elasticsearch and Kibana interface exposed 3.8 billion data records, including user emails and passwords, making them vulnerable to phishing campaigns. [Cyber News](https://cybernews.com/security/darkbeam-data-leak/) ATTACK COST #### Not disclosed November 16, 2023### Zimbra Zero-Day A zero-day vulnerability in the Zimbra Collaboration Suite was exploited to gain unauthorized access to email accounts, leading to data theft and espionage. [SecurityWeek](https://www.securityweek.com/zimbra-zero-day-exploited-to-hack-government-emails/) ATTACK COST #### Not disclosed November 1, 2023### ICMR Data Breach The personal data of 815 million Indian residents was compromised, including names, ages, genders, addresses, passport numbers, and Aadhaar numbers. [Times of India](https://timesofindia.indiatimes.com/india/government-probing-data-breach-of-8-crore-indians-from-icmr-covid-site/articleshow/104835828.cms) ATTACK COST #### Not disclosed October 6, 2023### 23andMe Credential Stuffing Attack Credential stuffing attacks resulted in the leakage of data from 20 million genetic profiles. Initial leaks included data on Ashkenazi Jews, with subsequent leaks affecting UK and German residents. [23andMe](https://blog.23andme.com/articles/addressing-data-security-concerns) ATTACK COST #### Not disclosed September 2023### Scattered Spider Guest info (social security number and passport number) stolen [Blog from Inzone Insurance](https://inszoneinsurance.com/blog/cyberattack-mgm-resort-explained) ATTACK COST #### $100 million hit to the Q3 revenue August 9, 2023 ### Cryptocurrency Mining Attack Aqua Security uncovered that misconfigurations in Kubernetes clusters led to significant security breaches. Attackers exploited these misconfigurations to deploy cryptocurrency mining operations within compromised clusters. [The New Stack](https://thenewstack.io/aqua-security-uncovers-major-kubernetes-attacks/) ATTACK COST #### Not disclosed August 5, 2023### Salesforce Zero-Day Exploited to Phish Facebook Credentials Guardio researchers detected cyberattackers sending targeted phishing emails with @salesforce.com addresses using the legitimate Salesforce infrastructure. An investigation revealed that they were able to exploit a Salesforce email-validation flaw to hide behind the domain's trusted status with users and email protections alike. [Dark Reading](https://www.darkreading.com/application-security/salesforce-zero-day-exploited-phish-facebook-credentials) ATTACK COST #### Not disclosed June 28, 2023### MOVEit Transfer Zero-Day Exploited a zero-day vulnerability in the MOVEit Transfer software, compromising sensitive data transfers and resulting in large-scale data breaches. [Forbes](https://www.forbes.com/sites/davidchou/2023/06/28/moveit-attack-highlights-security-principles-for-healthcare-cios/) ATTACK COST #### Not disclosed December 10, 2022### Log4Shell This zero-day vulnerability in the Apache Log4j library allowed attackers to execute arbitrary code on affected systems. It compromised critical infrastructure, including cloud services, financial institutions, and government agencies. [Wired](https://www.wired.com/story/log4j-log4shell-one-year-later/) ATTACK COST #### Not disclosed April 20, 2022### Spring4Shell This zero-day vulnerability in the Spring Framework allowed attackers to execute remote code on affected servers. It was exploited to deploy malware and gain unauthorized access to sensitive information. [CSO Online](https://www.csoonline.com/article/572561/spring4shell-assessing-the-risk.html) ATTACK COST #### Not disclosed December 2021### Log4j Hack on ONUS Significant financial and reputational damage to ONUS; Nearly 2 million customer records put up for sale, including E-KYC information and hashed passwords. [Bleeping Computer](https://www.bleepingcomputer.com/news/security/fintech-firm-hit-by-log4j-hack-refuses-to-pay-5-million-ransom/) ATTACK COST #### $5 million September 2, 2021### QakBot attacks with Windows zero-day (CVE-2024-30051) In early April 2024, researchers discovered a new zero-day vulnerability (CVE-2024-30051) in the Windows Desktop Window Manager (DWM). The vulnerability allows for privilege escalation to gain system privileges. It was found while investigating a previous zero-day (CVE-2023-36033). By mid-April, an exploit for CVE-2024-30051 was detected being used in conjunction with QakBot malware and potentially by multiple threat actors. Microsoft released a patch for this vulnerability on May 14, 2024, as part of Patch Tuesday. [Kaspersky](https://www.kaspersky.com/about/press-releases/2021_qakbot-banking-malware-is-on-the-rise-number-of-attacked-users-grew-65-in-2021) ATTACK COST #### Not disclosed AccuKnox Zero Trust CNAPP ## “I had a very good initial conversation with the sales team and had a successful demo. The solution is very capable.” Manager, Tech Services/Infosec - Healthcare and Biotech AccuKnox Zero Trust CNAPP ## “I really like the zero-trust architecture of the product. It gives the strong visibility and control across the cloud native workload as it is a built-in security model.” IT Manager - Services (non-Government) AccuKnox Zero Trust CNAPP ## “Working with AccuKnox Zero Trust CNAPP was a great experience. It was a seamless integration with our cloud infrastructure.” Director, Information Security - Banking AccuKnox Zero Trust CNAPP ## “I am quite impressed by the product and believe it’s currently the only fit for all my worries over the cloud.” CISO - Banking AccuKnox Zero Trust CNAPP ## “Real-time security for my cloud native application. This solution is a huge benefit for any emerging threats and identifying vulnerabilities.” CISO - Banking Get a LIVE Tour ## Ready For A Personalized Security Assessment? “Choosing AccuKnox was driven by opensource KubeArmor’s novel use of eBPF and LSM technologies, delivering runtime security” Golan Ben-Oni Chief Information Officer “At Prudent, we advocate for a comprehensive end-to-end methodology in application and cloud security. AccuKnox excelled in all areas in our in depth evaluation.” Manoj Kern CIO “Tible is committed to delivering comprehensive security, compliance, and governance for all of its stakeholders.” Merijn Boom Managing Director