Breach Intelligence

168 breach intelligence articles by ZERO|TOLERANCE covering data breaches, ransomware, nation-state threats, regulatory enforcement, and vulnerabilities across MENA, EU, and US.

Browse by Category

  • Data Breaches
  • Ransomware
  • Nation-State & Espionage
  • Regulatory Enforcement
  • Supply Chain
  • Threat Briefs

All Articles

  • Cisco Systems: ShinyHunters Claim 3M Salesforce Records, 300+ GitHub Repos, and AWS Data in Triple-Vector Extortion 2026-03-31 CRITICAL
  • USPTO GovDelivery Scam: How Fraudsters Weaponize Real .gov Emails to Steal From Trademark Filers 2026-04-01 HIGH
  • Oracle's Dual Breach: 6M Cloud SSO Records Stolen, 80 Hospitals Compromised - and a Denial That Collapsed Under Evidence 2025-03-21 CRITICAL
  • Conduent/SafePay: 25M Americans Exposed in 84-Day Ransomware Dwell - Largest US Government Data Breach 2025-01-13 CRITICAL
  • TriZetto/Cognizant: 3.4M Patient Records Stolen in 11-Month Healthcare Supply Chain Breach 2026-02-06 CRITICAL
  • Axios npm Hijack: North Korea's UNC1069 Weaponized 100M Weekly Downloads via Social Engineering and WAVESHAPER.V2 RAT 2026-03-31 CRITICAL
  • GlassWorm: 433 Compromised Components Across VSCode, GitHub, and npm - Self-Propagating Worm Spans Four Developer Ecosystems 2026-03-31 CRITICAL
  • Infinite Campus: ShinyHunters Breach K-12 Platform Serving 11M Students via 10-Minute Vishing Attack 2026-03-18 HIGH
  • Crunchyroll: 6.8M Users Exposed After Infostealer Malware Compromises TELUS Support Agent's Okta Credentials 2026-03-12 CRITICAL
  • Lloyds Banking Group: API Race Condition Exposes 447,936 Customers' NI Numbers, Account Data in 4-Hour Mobile App Failure 2026-03-12 HIGH
  • UK Companies House: Browser Back Button Exposes 5.43M Companies' Directors' Addresses and Dates of Birth for Five Months 2026-03-13 HIGH
  • Aura: The Identity Protection Company That Couldn't Protect Its Own Data - 903K Records Stolen by ShinyHunters 2026-03-11 HIGH
  • Google Disrupts UNC2814: Chinese Espionage Group Breached 53 Telecoms and Governments Across 42 Countries Using Google Sheets C2 2026-02-25 CRITICAL
  • Intoxalock: Cyberattack Bricks 150,000 Court-Mandated DUI Devices Across 46 States for 8 Days 2026-03-14 HIGH
  • Woflow: One SaaS Vendor Breach Exposes Walmart, DoorDash, Uber, and Deliveroo - 326GB Archive Published by ShinyHunters 2026-03-03 CRITICAL
  • APT IRAN's 375TB Lockheed Martin Claim: Fabricated Data Dump, Real Information Operation 2026-03-30 HIGH
  • F5 BIG-IP: Critical RCE Exploited in the Wild After Five-Month Misclassification 2026-03-30 CRITICAL
  • VoidStealer v2.0: First Infostealer to Bypass Chrome ABE via Hardware Breakpoints - No Injection, No Escalation 2026-03-29 HIGH
  • FBI Director Patel: Handala Publishes 300+ Emails from Personal Gmail - 11 Prior Breaches on HIBP 2026-03-29 CRITICAL
  • Telnyx SDK Backdoored on PyPI: TeamPCP Hides Credential Stealer in WAV Audio Files 2026-03-29 CRITICAL
  • European Commission: ShinyHunters Claim 350GB AWS Cloud Breach - Second Hack in Under Two Months 2026-03-29 CRITICAL
  • Infiniti Stealer: First macOS Infostealer Combining ClickFix Delivery with Nuitka-Compiled Python Payload 2026-03-28 HIGH
  • MuddyWater Pre-Positions Dindoor and Fakeset Backdoors on US Bank, Airport, Defense Networks 2026-03-05 CRITICAL
  • Navia Benefit Solutions: 2.7M Records Exposed via BOLA API Flaw 2026-03-26 HIGH
  • NasirSecurity: Pro-Iranian Group Targets Gulf Energy Supply Chains 2026-03-26 HIGH
  • DarkSword: iOS Zero-Day Exploit Chain Targets Four Countries, Full Kit Leaked 2026-03-26 CRITICAL
  • March 2026 Threat Brief: 29 Incidents Across MENA, EU, UK & US 2026-03-19 CRITICAL
  • 149 Hacktivist DDoS Attacks Hit 110 Organizations Across 16 Countries 2026-02-28 HIGH
  • UAE Foils AI-Powered Ransomware Campaign - 200,000 Attacks/Day Intercepted 2026-02-18 HIGH
  • LexisNexis: 400K Users Exposed Including Federal Judges - Hardcoded Password 2026-02-24 HIGH
  • SitusAMC Supply Chain Breach Hits JPMorgan, Citi, Morgan Stanley 2025-11-01 HIGH
  • French National Bank Registry (FICOBA): 1.2 Million Accounts Exposed 2026-02-18 HIGH
  • European Commission MDM Breach - Staff Data Exposed via Ivanti Vulnerability 2026-01-30 HIGH
  • University of Mississippi Medical Center: 35 Clinics Shut Down 9 Days by Ransomware 2026-02-19 CRITICAL
  • Passaic County, NJ: Medusa Ransomware Disables Government Services for 526,000 Residents 2026-03-04 HIGH
  • Figure Technology: 967,000 Accounts Breached via Voice Phishing 2026-01-28 HIGH
  • Omrania & Associates: INC Ransom Publishes 4TB of Saudi Critical Infrastructure Drawings 2026-01-09 CRITICAL
  • Infutor: 676 Million Records Including SSNs Exposed via Misconfigured Elasticsearch 2026-03-08 CRITICAL
  • TELUS Digital: ShinyHunters Steal 1 Petabyte via Stolen GCP Credentials 2026-03-11 CRITICAL
  • LiteLLM Backdoored on PyPI: TeamPCP Supply Chain Attack Targets AI Framework With 480M Downloads 2026-03-24 CRITICAL
  • Trivy Supply Chain Attack: Security Scanner Weaponized, 1,000+ Cloud Environments Infected 2026-03-19 CRITICAL
  • Operation Olalampo: MuddyWater Deploys AI-Assisted Rust Malware Across MENA 2026-01-26 HIGH
  • Interlock Ransomware Exploits Cisco FMC Zero-Day (CVE-2026-20131) - CVSS 10.0 2026-03-04 CRITICAL
  • Cisco SD-WAN Zero-Day (CVE-2026-20127) Exploited Since 2023 by Sophisticated APT 2026-02-25 CRITICAL
  • AkzoNobel: Anubis Ransomware Steals 170GB - Passports, Client Agreements, Financial Records Leaked 2026-03-01 HIGH
  • Salford City College: DragonForce Exfiltrates 256GB Including Mental Health Records 2026-03-06 HIGH
  • Chrome Zero-Day CVE-2026-2441 Exploited in the Wild - Use-After-Free in CSS Engine 2026-02-01 HIGH
  • Odido: 6.2 Million Dutch Customers Breached by ShinyHunters 2026-02-01 CRITICAL
  • Abu Dhabi Finance Week: 700+ VIP Passports Exposed via Cloud Misconfiguration 2026-02-01 HIGH
  • ACWA Power: INC Ransom Exfiltrates 400GB from PIF-Backed Energy Giant 2026-02-01 CRITICAL
  • Bahrain National Security Agency: Claimed 200GB Email Server Exfiltration 2026-02-01 HIGH
  • Free Mobile Fined EUR 42M After 24.6 Million Customer Records Stolen 2026-01-16 HIGH
  • Illuminate Education: FTC Action Over 10.1 Million Student Records Breach 2025-12-01 HIGH
  • Predator in Egypt: Intellexa Leaks Expose State Spyware Operations Against Activists 2025-12-01 HIGH
  • DU Emirates: 371K Customers Exposed in Telecom Breach 2025-11-01 MEDIUM
  • NAMA Group: Clop Ransomware Targets Oman's Electricity Utility 2025-11-01 HIGH
  • Capita Fined £14M After Black Basta Ransomware Exposes 6.6M Records 2025-10-01 CRITICAL
  • Prosper Marketplace: 17.6M Loan Applicants' Financial Data Exposed in Three-Month Breach 2025-09-01 CRITICAL
  • Society of Engineers UAE: 417K Files Including Emirates IDs and Passports Leaked 2025-09-01 MEDIUM
  • Dubai PCFC: 1.94TB of Port Worker Data Exfiltrated and Sold for $50K 2025-09-01 HIGH
  • Emirates NBD: 700K Credit Card Holder Records Sold for $430 on Dark Web 2025-07-01 HIGH
  • Saudi Bank Accounts: 690,000 High-Value Records Sold for $420 2025-07-01 HIGH
  • SHEIN Fined €150M for Cookie Consent Violations 2025-01-23 MEDIUM
  • American Hospital Dubai: 450M Patient Records Claimed by Gunra Ransomware 2025-06-01 HIGH
  • Saudi Games 2024: Iran-Linked Cyber Fattah Leaks 6,000+ Participant Records 2025-06-01 MEDIUM
  • TikTok Fined €530M for Sending EU Data to China 2025-05-01 HIGH
  • Jordan Kuwait Bank: Everest Ransomware Steals 11.7GB of Employee Data 2025-05-01 MEDIUM
  • Yale New Haven Health: 5.6M Patient Records Stolen in Ivanti VPN Exploit 2025-03-01 CRITICAL
  • Oracle Cloud SSO Breach: 634 UAE Entities Compromised in Global Attack 2025-03-01 CRITICAL
  • Saudi Intelligence Agency: 11GB Classified Data Leak 2025-03-01 CRITICAL
  • Al Bawani: DragonForce Ransomware Exfiltrates 7TB Including Defense Documents 2025-02-01 CRITICAL
  • PowerSchool: 72M Student and Teacher Records Stolen in Largest Education Breach 2025-01-07 CRITICAL
  • NEOM Job Portal: 280,000 Applicants' Data Exposed in Recruitment Breach 2025-01-23 MEDIUM
  • Four Lebanese Hospitals: Patient Records with Cleartext Passwords on Dark Web 2025-01-15 MEDIUM
  • Meta Fined €251M for 2018 Facebook Breach 2024-12-01
  • OpenAI Fined €15M for ChatGPT Data Processing 2024-12-01
  • EgyptAir: FunkSec Ransomware Targets National Carrier 2024-12-01
  • Egyptian Tax Authority: Money Message Ransomware Attack 2024-11-01
  • OQ (Oman Oil Company): Termite Ransomware Attack 2024-11-01
  • SolarWinds: SEC Fines Four Companies for Disclosure Failures 2024-10-01
  • LinkedIn Fined €310M for Behavioral Ad Targeting 2024-10-01
  • Bahrain Government Portals: 15,500 Accounts Leaked on Dark Web 2024-10-01
  • T-Mobile: Four Breaches in Three Years - 76M+ Customers 2024-09-01
  • QFC Issues First-Ever Data Protection Fine: $150,000 Penalty 2024-09-01
  • Towell Engineering Group: RansomHub Exfiltrates 490GB 2024-09-01
  • National Public Data: 272M Americans' SSNs Exposed - Company Files Bankruptcy 2024-08-01
  • Uber Fined €290M for Transferring Driver Data to US 2024-08-01
  • Saudi Government Portal: Pryx Exploits IDOR to Leak 40GB of Citizen Data 2024-08-01
  • Lulu Hypermarket: 196K Customer Records Stolen 2024-07-01
  • Orange SA Fined €50M for Email Marketing Violations 2024-01-01
  • Dubai Municipality: 2M+ Records in Daixin Ransomware Attack 2024-01-01
  • Habib Bank AG Zurich: 2.5TB Stolen by Qilin Ransomware 2024-01-01
  • UAE Banking Sector: Coordinated DDoS Campaign 2024-01-01
  • UAE Government Portals Breached by Multiple Threat Actors 2024-01-01
  • SDAIA's First Year: 48 PDPL Enforcement Decisions 2024-01-01
  • r1z: Jordanian Initial Access Broker Behind 50+ Corporate Breaches 2024-01-01
  • Jordan NCSC 2024: 6,758 Cyber Incidents Mark 175% Annual Surge 2024-01-01
  • Kuwait Ministry of Health: Ransomware Attack Disrupts Healthcare Systems 2024-01-01
  • Saudi Pharma Health Platform: 7 Million Patient Records Sold on Dark Web 2024-05-01
  • Riyadh Airports Company: 864 Employee Records Published on Cybercrime Forum 2024-05-01
  • 85 Million Egyptians: Health Insurance Database on BreachForums 2024-04-01
  • Special Oilfield Services: Double-Hit by LockBit 3.0 & Meow Ransomware 2024-04-01
  • AT&T: 73M Customer Records Including SSNs Published on Dark Web 2024-03-01
  • QatarLiving.com: Expat Community Database Leaked on Dark Web 2024-03-01
  • Change Healthcare: 190M Patient Records Breached in $2.87B Ransomware Attack 2024-02-01
  • Apotheka Pharmacy Fined €3M After 750K Patient Records Stolen 2024-02-01
  • Abdali Hospital: Rhysida Ransomware Targets Jordan's Premier Healthcare Provider 2023-12-01
  • Fawry: LockBit 3.0 Ransomware Hits Egypt's Largest Payment Platform 2023-11-01
  • 23andMe: 6.9M Users' Genetic Data Stolen - Company Bankrupted 2023-10-01
  • TikTok Fined €345M for Children's Data Violations 2023-09-01
  • Jordan Cybercrime Law 2023: New Rules, Broader Powers, Unresolved Gaps 2023-09-01
  • Kuwait Ministry of Finance: Rhysida Ransomware Hits Government Systems 2023-09-01
  • Egypt Ministry of Health: 2M Patient Records for Sale 2023-07-01
  • Wizz Air Abu Dhabi: 22GB Stormous Ransomware Attack 2023-01-01
  • Saudi Ministry of Foreign Affairs: 1.4M Employee Records on Dark Web 2023-01-01
  • Kuwait MOCI: LockBit 3.0 Ransomware Targets Commerce Ministry 2023-01-01
  • Zain Group: Clop Ransomware Targets Major Gulf Telecom Operator 2023-01-01
  • Meta Fined €1.2B for Illegal EU-to-US Data Transfers 2023-05-01
  • CC Energy Development: Clop/MOVEit Zero-Day Data Theft 2023-05-01
  • Egypt Leaks: Multi-Bank Financial Data Hacktivist Leak 2022-10-01
  • Google Fined €325M for Cookie Consent Violations 2025-09-01 MEDIUM
  • Clearview AI Fined €30.5M for Illegal Facial Recognition 2024-09-01
  • GlobeMed Saudi: 201GB Healthcare Ransomware Attack 2022-01-01
  • Kuwait Airways: LockBit 2.0 Breach Exposes 600K Passenger Records 2022-01-01
  • Bahrain Pegasus Campaign: 12+ Activists Hacked with Zero-Click Exploits 2021-08-01
  • Bank of Bahrain & Kuwait: Server Breach and $739K Financial Fraud 2021-08-01
  • Saudi Ministry of Health: Patient Data for Sale on Dark Web 2021-01-01
  • Saudi Aramco: 1TB Third-Party Data Leak 2021-06-01
  • Qatar Airways: Privilege Club Data Exposed in SITA Supply Chain Breach 2021-02-01
  • Lebanese Cedar APT: Hezbollah Hackers Breach 250+ Telecom Servers 2021-01-01
  • Al Jazeera: 36 Journalists Hacked with NSO Pegasus Spyware 2020-12-01
  • British Airways Fined £20M for Magecart Payment Card Breach 2020-10-01
  • Virgin Mobile KSA: Employee and Customer Data Breach 2020-01-01
  • Jordan ISPs: Five Providers Caught Collecting Intrusive User Data 2020-01-01
  • KUNA: Kuwait News Agency Twitter Hijacked for Disinformation Attack 2020-01-01
  • BeAware Bahrain: COVID App Mass Surveillance & Public Data Exposure 2020-06-01
  • Ehteraz COVID App: 1M+ Users' Health Data at Risk 2020-05-01
  • Oman United Insurance: New Year's Day Ransomware Attack 2020-01-01
  • BAPCO: Iranian Dustman Wiper Malware Destroys Oil Company Systems 2019-12-01
  • Meta/Facebook: $5 Billion FTC Fine for Cambridge Analytica 2019-07-01
  • Capital One: 106M Records Stolen via AWS Misconfiguration 2019-07-01
  • Bahrain Electricity & Water Authority: Iranian ICS Intrusion 2019-07-01
  • Dalil App: 5 Million Users Exposed via Open MongoDB 2019-01-01
  • Marriott/Starwood: 344M Guest Records Across Three Breaches 2018-11-01
  • DNSpionage: Lebanese Finance Ministry DNS Hijacked 2018-11-01
  • Krypton Security: 'Largest Hack in Lebanon's History' 2018-07-01
  • Careem: 14.5 Million Users and Drivers Data Stolen 2018-01-01
  • Dark Caracal: Lebanese Intelligence's Global Spyware Campaign 2018-01-01
  • Uber: 57M Users Breached, CSO Convicted for Cover-Up 2017-11-01
  • Equifax: 147M Americans' SSNs Stolen - $700M Settlement 2017-09-01
  • Qatar News Agency: Hack Triggers Gulf Diplomatic Crisis 2017-05-01
  • Qatar National Bank: 1.4GB Data Leak Exposes 465K Accounts 2016-04-01
  • Anthem: 78.8M Patient Records Stolen by Chinese APT 2015-02-01
  • Bank Muscat: $40M Global ATM Cash-Out Heist 2013-02-01
  • RasGas: Shamoon Wiper Malware Takes LNG Giant Offline 2012-08-01
  • Gauss: Nation-State Banking Trojan Targeting 6 Lebanese Banks 2012-08-01
  • Al-Toufan: Multi-Wave Hacktivist Campaign Against Bahraini Government 2023-01-01
  • Egyptian Scholastic Test: 72K+ Children's PII on Open AWS S3 2022-01-01
  • Telecom Egypt: State DPI Traffic Hijacking via Sandvine 2017-01-01
  • Oman Administrative Court: APT34 (OilRig) Espionage Breach 2016-01-01
  • Pegasus in Jordan: 35+ Journalists and Activists Targeted with NSO Spyware 2019-01-01
  • Orange Jordan: 92% Telecom Credential Leakage Rate Exposed 2017-01-01
  • Kuwait Smishing Triad: Rogue Cell Towers Target Banks and Telecoms 2025-02-01 HIGH
  • xHunt: Targeted Campaign Against Kuwait's Shipping and Transport Sector 2019-01-01
  • Chafer APT39: Iranian Espionage Campaign Targets Kuwait Government 2018-01-01
  • Lebanon Ministry of Education: 83,000 Student and Teacher Records Leaked 2022-01-01
  • Lacoste: Lapsus$ Returns from Law Enforcement Dismantlement to Breach French Luxury Giant 2026-01-07 HIGH
  • INTERPOL Operation Synergia III: 45,000 Malicious IPs Dismantled, 94 Arrested Across 72 Countries 2026-03-13 HIGH