[{"ai_confidence":0.85,"created_at":"2026-05-30T06:22:14.959727","entity":"Dutch intelligence agency","event_type":"national_security_assessment","id":"2376d496-5b67-4023-b913-58a2c05a3eb6","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"The Dutch intelligence agency stated that the Netherlands is facing its biggest security threat in decades."},{"ai_confidence":0.9,"created_at":"2026-05-30T06:22:14.959721","entity":"UK government","event_type":"regulatory_investigation","id":"273b8f3a-bd3a-4f95-ac4e-4f52ba06ec6b","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK is investigating how a health charity's dataset, including info from 500,000 people, was listed for sale on Alibaba."},{"ai_confidence":0.9,"created_at":"2026-05-30T06:22:14.959715","entity":"Jerry's Store","event_type":"data_leak","id":"bb77068c-ac75-47e2-84ca-d8bb5b8f0a8e","impact":"high","pub_date":"2026-04-29","source_url":"https://cybernews.com/security/jerrys-store-vibecode-exposes-stolen-credit-cards/","summary":"Jerry\u2019s Store, a marketplace for stolen credit cards, exposed an unprotected server revealing 345K card details and verification methods."},{"ai_confidence":0.8,"created_at":"2026-05-30T06:22:14.959710","entity":"N/A","event_type":"cyberattack_trend","id":"f487bfda-fe00-4c15-9232-e7d801741821","impact":"low","pub_date":"2026-04-29","source_url":"https://cybernews.com/security/a-sneaky-cyber-enemy-is-creeping-into-our-browsers-and-password-managers/","summary":"A low-noise, short-lived malicious software is causing significant damage by creeping into browsers and password managers."},{"ai_confidence":0.95,"created_at":"2026-05-30T06:22:14.959703","entity":"Four unnamed healthcare companies","event_type":"regulatory","id":"c565d441-355e-4a1a-b8dd-81a3c50c85e8","impact":"medium","pub_date":"2026-05-05","source_url":"https://www.youtube.com/watch?v=4w23_4kpZ6M","summary":"Regulators fined four healthcare companies $1.165 million for ransomware-related security failures and ignoring basic HIPAA requirements."},{"ai_confidence":0.95,"created_at":"2026-05-30T06:22:14.959697","entity":"Instructure","event_type":"data_breach","id":"5fb3c8bf-c4e7-44be-bf8a-f29f36815903","impact":"high","pub_date":"2026-05-05","source_url":"https://www.youtube.com/watch?v=4w23_4kpZ6M","summary":"ShinyHunters claimed to steal 275 million records from Instructure's Canvas learning platform, exposing student IDs and private messages."},{"ai_confidence":0.95,"created_at":"2026-05-30T06:22:14.959691","entity":"TSYS","event_type":"ransomware_attack","id":"6fd30cc3-ca7c-4814-b2f9-3045e59fdbd7","impact":"high","pub_date":"2026-05-05","source_url":"https://www.youtube.com/watch?v=4w23_4kpZ6M","summary":"TSYS, a major U.S. payment processor, was hit by the Everest ransomware group for the second time in five years."},{"ai_confidence":0.9,"created_at":"2026-05-30T06:22:14.959685","entity":"Iran","event_type":"internet_disruption","id":"5cf08cfa-1868-4783-b9c6-495dc7b3da22","impact":"high","pub_date":null,"source_url":"https://www.wired.com/story/internet-in-iran-starts-to-return-after-3-month-black","summary":"Internet service is starting to return in Iran after a three-month blackout."},{"ai_confidence":0.8,"created_at":"2026-05-30T06:22:14.959679","entity":"N/A","event_type":"cyberattack_trend","id":"7066c3ee-637b-42ff-adf0-d0ad2ddf3bfa","impact":"medium","pub_date":null,"source_url":"https://www.wired.com/story/hundreds-of-hotels-caught-up-in-vacation-booking-scams/","summary":"Scammers are using compromised hotel reservation data to conduct spear-phishing attacks, affecting hundreds of hotels."},{"ai_confidence":0.85,"created_at":"2026-05-30T06:22:14.959673","entity":"US military / Pentagon","event_type":"national_security_vulnerability","id":"bf724b5b-b3a6-471d-a23d-0384c6cb81e3","impact":"high","pub_date":null,"source_url":"https://www.wired.com/story/the-pentagon-knew-enemies-could-track-troops-phones-for-years-now-they-are/","summary":"The Pentagon knew for years that location data from troops' phones could be tracked by adversaries but failed to implement fixes."},{"ai_confidence":0.95,"created_at":"2026-05-30T06:22:14.959666","entity":"Foxconn","event_type":"ransomware_attack","id":"44254aaa-f362-42fb-97cd-26af93185c92","impact":"high","pub_date":"2026-05-06","source_url":"https://techjacksolutions.com/scc-intel/foxconn-confirms-cyber-attack-after-ransomware-crew-claims-stolen-confidential-apple-and-nvidia-files/","summary":"Foxconn confirmed a cyberattack after the Nitrogen ransomware group claimed intrusion and alleged theft of Apple and Nvidia proprietary data."},{"ai_confidence":0.7,"created_at":"2026-05-30T06:22:14.959640","entity":"N/A","event_type":"cyberattack_trend","id":"e05a6a4c-7baf-47a4-8eda-cf363e49c656","impact":"low","pub_date":"2026-05-28","source_url":"https://www.darkreading.com/cyberattacks-data-breaches/btmob-rat-spreads-across-brazil-latam-via-maas-model","summary":"BTMOB RAT malware is spreading across Brazil and Latin America using a Malware-as-a-Service (MaaS) model."},{"ai_confidence":0.8,"created_at":"2026-05-30T06:22:14.954907","entity":"Verizon","event_type":"announcement","id":"a611dab6-3acb-45cc-9304-f488ce2ec61c","impact":"low","pub_date":"2026-01-01","source_url":"https://www.darkreading.com/edge-articles/verizon-dbir-healthcare-fends-off-increased-social-engineering-attacks","summary":"Verizon's \"2026 Data Breach Investigations Report\" highlights increased social engineering attacks making the healthcare sector more vulnerable."},{"ai_confidence":0.7,"created_at":"2026-05-30T06:22:14.954902","entity":"Trump Mobile","event_type":"data_breach","id":"9d5bde50-1ad8-4c5c-a887-86f77fac6ca1","impact":"low","pub_date":"2026-05-29","source_url":"https://www.securityweek.com/in-other-news-trump-mobile-data-breach-fifa-world-cup-phishing-cisa-responds-to-supply-chain-attacks/","summary":"A data breach affecting Trump Mobile was reported among other cybersecurity news."},{"ai_confidence":0.85,"created_at":"2026-05-30T06:22:14.954897","entity":"NIST","event_type":"regulatory","id":"fef105ad-2f8e-4588-9132-2141f6dc4ad5","impact":"medium","pub_date":"2026-05-29","source_url":"https://cyberscoop.com/nist-nvd-federal-audit/","summary":"A federal audit revealed NIST's National Vulnerability Database (NVD) suffers from poor planning, duplication, and a 27,000-flaw backlog."},{"ai_confidence":0.9,"created_at":"2026-05-30T06:22:14.954891","entity":"St. Paul, Minnesota","event_type":"ransomware_attack","id":"3f43d828-0cdc-4fa0-9cee-0c54b9f8204f","impact":"high","pub_date":"2025-07-01","source_url":"https://www.govtech.com/security/how-st-paul-minn-recovered-from-a-ransomware-attack","summary":"St. Paul, Minnesota, recovered from a July 2025 ransomware attack by the Interlock gang that disrupted city systems."},{"ai_confidence":0.9,"created_at":"2026-05-30T06:22:14.954886","entity":"Microsoft","event_type":"announcement","id":"75967dd7-a2e4-49e3-ae05-5e2b0ef4d4ec","impact":"medium","pub_date":"2026-05-29","source_url":"https://www.computerweekly.com/news/3080319/Microsoft-hits-out-over-irresponsible-vulnerability-disclosure","summary":"Microsoft criticized a security researcher for irresponsibly disclosing six zero-day vulnerabilities without prior coordination, risking customers."},{"ai_confidence":0.95,"created_at":"2026-05-30T06:22:14.954880","entity":"Carnival Corporation","event_type":"data_breach","id":"ddafd43b-f528-4238-9619-01ce02c9336d","impact":"high","pub_date":"2026-04-14","source_url":"https://www.securityweek.com/carnival-data-breach-exposed-6-million-people/","summary":"A data breach at Carnival Corporation, identified April 14, 2026, exposed personal information of approximately 6 million customers via social engineering."},{"ai_confidence":0.9,"created_at":"2026-05-30T06:22:14.954865","entity":"Charter Communications","event_type":"data_breach","id":"58d203e8-57b1-40f6-b132-8a18e5bf0914","impact":"high","pub_date":"2026-05-29","source_url":"https://www.securityweek.com/charter-communications-data-breach-could-impact-nearly-5-million/","summary":"ShinyHunters group leaked 42 million records allegedly stolen from Charter Communications, potentially impacting nearly 5 million individuals."},{"ai_confidence":0.9,"created_at":"2026-05-28T05:54:30.321421","entity":"Microsoft","event_type":"announcement","id":"aa64ce4b-a5cb-4f1f-ae91-79ba978cbada","impact":"low","pub_date":"2026-05-01","source_url":"https://www.microsoft.com/en-us/msrc/blog/2026/05/a-shared-responsibility-protecting-customers-through-coordinated-vulnerability-disclosure","summary":"Microsoft emphasized the importance of Coordinated Vulnerability Disclosure (CVD) for protecting customers from zero-day vulnerabilities."},{"ai_confidence":0.85,"created_at":"2026-05-28T05:54:30.321407","entity":"Authorities in the Netherlands","event_type":"law_enforcement_action","id":"e88dc84e-35b9-4851-97ba-a8855acd1010","impact":"medium","pub_date":"2024-05-20","source_url":"https://www.ciodive.com/news/cisa-cve-vulnerability-exploitation-nominations/820925/","summary":"Dutch authorities arrested co-owners of two internet hosting companies for operating IT infrastructure used by Russia for cyberattacks."},{"ai_confidence":0.9,"created_at":"2026-05-28T05:54:30.321355","entity":"CISA","event_type":"data_leak","id":"6e987feb-b2a4-4183-8e88-5f3419bed2bd","impact":"high","pub_date":"2024-05-20","source_url":"https://www.ciodive.com/news/cisa-cve-vulnerability-exploitation-nominations/820925/","summary":"A CISA contractor exposed credentials to privileged AWS GovCloud accounts and internal CISA systems via a public GitHub repository."},{"ai_confidence":0.95,"created_at":"2026-05-28T05:54:30.321341","entity":"Radiology Associates of Richmond","event_type":"data_breach","id":"64c75612-0253-48f1-8ad4-be6d2c267fb3","impact":"high","pub_date":"2026-07-25","source_url":"https://www.hipaajournal.com/radiology-associates-of-richmond-data-breach/","summary":"Radiology Associates of Richmond announced a data breach affecting 266,183 individuals, with unauthorized access to health information."},{"ai_confidence":0.9,"created_at":"2026-05-28T05:54:30.321278","entity":"Grafana Labs","event_type":"vulnerability_exploitation","id":"b82bc85e-5a9d-4a7b-bb45-81347f17afa9","impact":"high","pub_date":"2026-05-27","source_url":"https://www.kaseya.com/blog/the-week-in-breach-news-05-27-26/","summary":"Grafana Labs disclosed a threat actor exploited a misconfigured GitHub Actions workflow, leading to source code exfiltration and extortion."},{"ai_confidence":0.9,"created_at":"2026-05-28T05:54:30.320428","entity":"Beacon Mutual Insurance Company","event_type":"ransomware_attack","id":"58104d31-1b76-4a56-9e14-d1d843da3b45","impact":"high","pub_date":"2026-05-27","source_url":"https://www.kaseya.com/blog/the-week-in-breach-news-05-27-26/","summary":"Beacon Mutual Insurance Company is notifying 162,000 individuals of a ransomware attack that copied sensitive information."},{"ai_confidence":0.9,"created_at":"2026-05-28T05:54:30.320410","entity":"American Lending Center","event_type":"ransomware_attack","id":"6ac3241a-2522-4318-be18-9cb569e5fbb5","impact":"high","pub_date":"2026-05-27","source_url":"https://www.kaseya.com/blog/the-week-in-breach-news-05-27-26/","summary":"American Lending Center suffered a ransomware attack, compromising data of 123,158 individuals."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.925042","entity":"MIT","event_type":"announcement","id":"6b6cb7b5-5310-49cb-9cb2-55d40c0c3602","impact":"medium","pub_date":"2024-02-01","source_url":"https://mitsloan.mit.edu/ideas-made-to-matter/mit-report-details-new-cybersecurity-risks","summary":"An MIT report, led by Professor Stuart Madnick, detailed new cybersecurity risks, highlighting a significant increase in data breaches and ransomware attacks in 2023."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.925033","entity":"CISA","event_type":"announcement","id":"367e261a-86ae-4e7a-a5eb-a733a0d23714","impact":"high","pub_date":"2025-07-01","source_url":"https://www.cisa.gov/stopransomware/official-alerts-statements-cisa","summary":"CISA issued Advisory (AA25-203A) #StopRansomware: Interlock, providing official guidance to stakeholders against evolving ransomware threats."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.925025","entity":"Microsoft","event_type":"vulnerability_patch","id":"b86964c6-2744-4ef0-bce6-adc45154e680","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.rapid7.com/blog/post/microsoft-patch-tuesday-may-2026/","summary":"Microsoft released software updates on May 2026 Patch Tuesday, fixing 167 vulnerabilities, including a SharePoint Server zero-day."},{"ai_confidence":0.85,"created_at":"2026-05-27T05:39:05.925017","entity":"Trend Micro","event_type":"announcement","id":"59ba747e-03cd-4d58-9340-90d115d036fe","impact":"low","pub_date":"2026-05-01","source_url":"https://www.trendmicro.com/en_us/research/26/b/trendai-state-of-ai-security-report.html","summary":"Trend Micro's TrendAI\u2122 State of AI Security Report highlights critical flaws and rising adversary targeting across the AI stack in late 2025."},{"ai_confidence":0.95,"created_at":"2026-05-27T05:39:05.925008","entity":"Canadian authorities","event_type":"regulatory","id":"88993a7e-b67b-436e-a808-172cdc2ac36e","impact":"high","pub_date":"2026-05-01","source_url":"https://krebsonsecurity.com/2026/05/alleged-kimwolf-botmaster-dort-arrested-charged-in-u-s-and-canada/","summary":"Canadian authorities arrested 'Dort', suspected of operating the Kimwolf IoT botnet responsible for massive DDoS attacks, facing charges in both countries."},{"ai_confidence":0.85,"created_at":"2026-05-27T05:39:05.925000","entity":"ArmorCode","event_type":"product_announcement","id":"30964eb4-b941-4e43-89a3-2ca3aa043c54","impact":"low","pub_date":"2026-05-22","source_url":"https://enterprisesecuritytech.com/2026/05/22/armorcode-unveils-agentic-ai-security-framework-to-tackle-surge-in-ai-discovered-vulnerabilities/","summary":"ArmorCode unveiled an Agentic AI Security Framework designed to address the increasing number of AI-discovered vulnerabilities."},{"ai_confidence":0.95,"created_at":"2026-05-27T05:39:05.924992","entity":"Charter Communications","event_type":"data_breach","id":"6c7a361c-3403-49a3-a673-d5723342c1c9","impact":"high","pub_date":"2026-05-01","source_url":"https://www.securityweek.com/charter-confirms-data-breach-after-shinyhunters-extortion-threat/","summary":"Charter Communications confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom was paid."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.924983","entity":"Digital Knowledge (KnowledgeDeliver LMS)","event_type":"vulnerability_exploitation","id":"fac21924-935d-4b67-85aa-08ead61f919f","impact":"high","pub_date":"2026-05-01","source_url":"https://www.securityweek.com/hackers-exploited-knowledgedeliver-zero-day-for-web-shell-deployment/","summary":"A now-patched zero-day vulnerability (CVE-2026-5426) in KnowledgeDeliver LMS was exploited to deploy Godzilla web shells and Cobalt Strike."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.924975","entity":"Ubiquiti","event_type":"vulnerability_patch","id":"7bdbbe0d-0860-47d7-9587-9dda1d3753f7","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities/","summary":"Ubiquiti released security updates to patch three maximum severity UniFi OS vulnerabilities exploitable by remote attackers without privileges."},{"ai_confidence":0.85,"created_at":"2026-05-27T05:39:05.924967","entity":"Verizon","event_type":"announcement","id":"9b8030d4-6b18-44bd-bcf5-3ff67bb02e0a","impact":"low","pub_date":"2026-05-01","source_url":"https://www.industrialcybersecuritypulse.com/featured/verizon-dbir-finds-vulnerability-exploitation-overtakes-stolen-credentials-as-top-breach-entry-point-for-critical-infrastructure/","summary":"Verizon's 2026 Data Breach Investigations Report (DBIR) highlights that vulnerability exploitation is now the leading breach entry point for critical infrastructure."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.924958","entity":"Ghost CMS","event_type":"vulnerability_exploitation","id":"ef5dc4f3-ce20-4717-9e0e-86d63953b2a6","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/","summary":"A critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS is being exploited in a large-scale campaign to inject malicious JavaScript."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.924949","entity":"Microsoft","event_type":"vulnerability_patch","id":"2bb038a0-81e9-40e4-8377-9ac75ea0b565","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.thehackernews.com/2026/05/microsoft-patches-sharepoint-rce-flaw.html","summary":"Microsoft released updates to fix a critical remote code execution vulnerability (CVE-2026-45659) in SharePoint, exploitable without special conditions."},{"ai_confidence":0.95,"created_at":"2026-05-27T05:39:05.924939","entity":"Netherlands","event_type":"regulatory","id":"a9d62ad2-ef6c-4b7f-b602-fe1ab086cbe4","impact":"high","pub_date":"2026-05-01","source_url":"https://krebsonsecurity.com/2026/05/netherlands-seizes-800-servers-arrests-2-for-aiding-cyberattacks/","summary":"Dutch authorities arrested two co-owners of hosting companies and seized 800 servers for aiding Russian cyberattacks and disinformation."},{"ai_confidence":0.9,"created_at":"2026-05-27T05:39:05.924927","entity":"Delano School District","event_type":"ransomware_attack","id":"4434b51f-3ec6-4b46-82f7-941476e98bee","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.cbsnews.com/minnesota/news/delano-becomes-latest-minnesota-school-district-hit-by-ransomware-attack/","summary":"Delano School District canceled classes after a \"cyber incident\" where their network was compromised and ransom messages were printed."},{"ai_confidence":0.95,"created_at":"2026-05-27T05:39:05.924900","entity":"7-Eleven","event_type":"data_breach","id":"41af762e-6f2c-48aa-a9cc-256fedfa8fd9","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/7-eleven-data-breach-exposes-personal-information-of-185-000-people/","summary":"7-Eleven confirmed a data breach in April 2026, exposing personal information of over 185,000 people after a hack by ShinyHunters."},{"ai_confidence":0.95,"created_at":"2026-05-26T05:22:53.052265","entity":"DocketWise","event_type":"data_breach","id":"966d4c9d-06ae-4a8e-9137-d8b04cec05be","impact":"high","pub_date":"2026-05-01","source_url":"https://www.securityweek.com/docketwise-data-breach-impacts-143000/","summary":"DocketWise is notifying 143,000 individuals about a data breach exposing names, SSNs, financial, and medical data."},{"ai_confidence":0.95,"created_at":"2026-05-26T05:22:53.052216","entity":"CISA","event_type":"announcement","id":"e6f99e48-386f-4e95-b187-83e90e4e2dc7","impact":"medium","pub_date":"2026-05-20","source_url":"https://www.cisa.gov/news-events/alerts/2026/05/20/cisa-adds-seven-known-exploited-vulnerabilities-catalog","summary":"CISA added seven new actively exploited vulnerabilities, including two Microsoft Defender flaws, to its KEV Catalog."},{"ai_confidence":0.9,"created_at":"2026-05-26T05:22:53.052207","entity":"CISA","event_type":"data_exposure","id":"70c39afa-8ed9-4eaa-9f68-509f97985aac","impact":"high","pub_date":"2026-05-01","source_url":"https://www.swktech.com/swk-technologies-may-2026-cybersecurity-news-recap/","summary":"A CISA contractor publicly exposed AWS GovCloud credentials and internal system passwords on GitHub."},{"ai_confidence":0.9,"created_at":"2026-05-26T05:22:53.052185","entity":"SEC","event_type":"regulatory_announcement","id":"79b68fbe-5830-422e-8dc8-e5dc52e21be8","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.swktech.com/swk-technologies-may-2026-cybersecurity-news-recap/","summary":"The SEC announced an upcoming compliance deadline for Regulation S-P."},{"ai_confidence":0.9,"created_at":"2026-05-26T05:22:53.050882","entity":"OpenAI","event_type":"litigation","id":"13bb9284-fc0e-4557-a562-d370c188bacd","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.swktech.com/swk-technologies-may-2026-cybersecurity-news-recap/","summary":"OpenAI is facing a lawsuit for allegedly sharing data."},{"ai_confidence":0.95,"created_at":"2026-05-26T05:22:53.050868","entity":"Foxconn","event_type":"cyberattack","id":"e3306f7c-b721-4029-b7be-bb53c72bdd4a","impact":"high","pub_date":"2026-05-01","source_url":"https://www.cpomagazine.com/cyber-security/cyber-attack-by-nitrogen-ransomware-hits-foxconn-disrupting-north-american-operations/","summary":"Foxconn's North American operations were hit by Nitrogen ransomware, stealing 8TB of data and destroying 30TB of backups."},{"ai_confidence":0.95,"created_at":"2026-05-25T05:07:04.613266","entity":"Cushman & Wakefield","event_type":"litigation","id":"f93b0a2f-28ad-49b7-bf12-48bbde977684","impact":"high","pub_date":"2026-05-15","source_url":"https://diesec.com/2026/05/top-5-cybersecurity-news-stories-may-15-2026/","summary":"ShinyHunters compromised credentials at Cushman & Wakefield, leading to data exfiltration and a proposed class action lawsuit."},{"ai_confidence":0.85,"created_at":"2026-05-25T05:07:04.613258","entity":"Mozilla","event_type":"vulnerability_disclosure","id":"dea0428f-c3f4-4846-acda-d084d5d7dfe6","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.brinqa.com/blog/may-2026-vulnerability-analysis-patch-tuesday-ai-security","summary":"Mozilla disclosed that running Mythos against Firefox 150 found 271 vulnerabilities, with a coordinated disclosure expected in July."},{"ai_confidence":0.95,"created_at":"2026-05-25T05:07:04.613249","entity":"Microsoft","event_type":"announcement","id":"5a4fcedf-8a3b-426b-8be4-c5c6d7609b7c","impact":"medium","pub_date":"2026-05-12","source_url":"https://www.netizen.net/news/post/7895/microsoft-may-2026-patch-tuesday-fixes-120-flaws-no-zero-days","summary":"Microsoft's May 2026 Patch Tuesday fixed 120 vulnerabilities, including 17 critical flaws and AI tooling patches, with no zero-days."},{"ai_confidence":0.95,"created_at":"2026-05-25T05:07:04.613231","entity":"Cisco","event_type":"vulnerability_disclosure","id":"57a63fff-1101-4ec3-a29a-9d182b0eb0b1","impact":"high","pub_date":"2026-05-18","source_url":"https://research.checkpoint.com/2026/18th-may-threat-intelligence-report/","summary":"Cisco addressed a critical authentication bypass vulnerability in Catalyst SD-WAN controllers that is being actively exploited."},{"ai_confidence":0.9,"created_at":"2026-05-25T05:07:04.613223","entity":"West Pharmaceutical Services","event_type":"ransomware_attack","id":"87d54125-4ef3-4528-ab57-35ba640f6bd3","impact":"high","pub_date":"2026-05-18","source_url":"https://research.checkpoint.com/2026/18th-may-threat-intelligence-report/","summary":"West Pharmaceutical Services suffered a ransomware attack disrupting shipping and manufacturing operations."},{"ai_confidence":0.95,"created_at":"2026-05-25T05:07:04.613209","entity":"THORChain","event_type":"data_breach","id":"bd1ddad4-223b-40a3-a1b2-be857f200d84","impact":"high","pub_date":"2026-05-18","source_url":"https://research.checkpoint.com/2026/18th-may-threat-intelligence-report/","summary":"Cryptocurrency platform THORChain experienced a security breach resulting in the theft of about $10.7 million."},{"ai_confidence":0.9,"created_at":"2026-05-25T05:07:04.613200","entity":"Vodafone","event_type":"data_breach","id":"0bd48ed5-27cb-4301-ae4d-a291739121b6","impact":"medium","pub_date":"2026-05-18","source_url":"https://research.checkpoint.com/2026/18th-may-threat-intelligence-report/","summary":"Vodafone sustained a source code leak claimed by the Lapsus$ extortion group, with limited access to GitHub files."},{"ai_confidence":0.85,"created_at":"2026-05-25T05:07:04.613182","entity":"Trellix","event_type":"vulnerability_disclosure","id":"55989b6c-4e4b-4045-b1ef-e7d4fd2a755c","impact":"medium","pub_date":"2026-05-01","source_url":"https://sharkstriker.com/blog/may-2026-data-breaches/","summary":"Trellix discovered unauthorized access to its code, which could be used to find weaknesses in their security solutions."},{"ai_confidence":0.9,"created_at":"2026-05-25T05:07:04.613173","entity":"\u0160koda Auto","event_type":"cyber_attack","id":"e196775e-ebb3-44e5-88d4-294f4ec91c20","impact":"medium","pub_date":"2026-05-01","source_url":"https://sharkstriker.com/blog/may-2026-data-breaches/","summary":"\u0160koda Auto experienced a cyber attack that temporarily disrupted its online shop, potentially compromising customer data."},{"ai_confidence":0.95,"created_at":"2026-05-25T05:07:04.613155","entity":"Foxconn","event_type":"ransomware_attack","id":"8d7e691b-d8ea-49ce-b5be-9aaf69c8f459","impact":"high","pub_date":"2026-05-15","source_url":"https://diesec.com/2026/05/top-5-cybersecurity-news-stories-may-15-2026/","summary":"Foxconn's North American facility suffered a ransomware attack by the Nitrogen group, exfiltrating over 8 TB of data."},{"ai_confidence":0.8,"created_at":"2026-05-24T04:54:30.744840","entity":"Breachsense","event_type":"information_report","id":"5c036c4e-1ddd-4ce1-b873-cbf402e5e24d","impact":"low","pub_date":"2026-04-01","source_url":"https://www.breachsense.com/breaches/","summary":"Breachsense provides a compilation of recent data breaches, categorized by month for 2024, 2025, and 2026."},{"ai_confidence":0.8,"created_at":"2026-05-24T04:54:30.744830","entity":"PKWARE","event_type":"information_report","id":"da0f6dd3-f01f-4002-af47-ebef33e8399b","impact":"low","pub_date":"2026-04-09","source_url":"https://www.pkware.com/blog/2026-data-breaches","summary":"PKWARE published a blog post explaining cybersecurity incidents and data breaches expected or occurring in 2026."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744819","entity":"NIST","event_type":"announcement","id":"08c8f9c6-fd61-4702-bca0-62d20f9ff181","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/","summary":"NIST revamped its CVE framework to prioritize high-impact vulnerabilities, streamlining its approach to critical security disclosures."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744808","entity":"NIST","event_type":"regulatory_change","id":"4d874458-9398-4c73-bbab-cb9728a103dd","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/","summary":"NIST's cutback on CVE handling is impacting cyber teams, signaling a shift in vulnerability management processes."},{"ai_confidence":0.8,"created_at":"2026-05-24T04:54:30.744786","entity":"The Hacker News","event_type":"information_report","id":"b4103271-f6ad-4783-bfe0-7d9a8be82992","impact":"low","pub_date":"2024-07-25","source_url":"https://thehackernews.com/","summary":"The Hacker News highlighted reports on rising application security risks from AI development and key AI security gaps for CISOs."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744224","entity":"AT&T","event_type":"data_breach","id":"871441e2-094c-46cb-a222-090c6ebf134b","impact":"high","pub_date":"2024-07-17","source_url":"https://www.youtube.com/watch?v=v6d6jDbJIic","summary":"AT&T experienced a data breach affecting its Snowflake customer environment, with an increase in attacks using legitimate credentials."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744216","entity":"Reliaquest","event_type":"information_report","id":"b3a25abb-94bc-4d8c-a488-e063e3a5bde1","impact":"medium","pub_date":"2024-07-17","source_url":"https://www.youtube.com/watch?v=v6d6jDbJIic","summary":"A Reliaquest report indicated a 20% surge in ransomware activity during Q2 2023, with LockBit being a major contributor."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744207","entity":"BlackFog","event_type":"information_report","id":"0391f684-63dd-4986-ae54-ecfcf044cc5b","impact":"medium","pub_date":"2024-07-25","source_url":"https://www.cybersecuritydive.com/news/ransomware-undisclosed-attacks-blackfog/819595/","summary":"A report by BlackFog revealed that most ransomware attacks against businesses go undisclosed."},{"ai_confidence":0.8,"created_at":"2026-05-24T04:54:30.744199","entity":"U.S. GAO","event_type":"information_report","id":"cca622f0-33f5-4884-ad5d-ca63c1970586","impact":"low","pub_date":"2023-02-01","source_url":"https://www.gao.gov/cybersecurity","summary":"The U.S. GAO published an overview on cybersecurity, detailing increasing risks to federal agencies and critical infrastructure."},{"ai_confidence":0.8,"created_at":"2026-05-24T04:54:30.744191","entity":"Trend Micro","event_type":"information_report","id":"6c80ebb3-91b0-49ba-abb8-b741161b94c9","impact":"low","pub_date":"2024-07-25","source_url":"https://www.trendmicro.com/vinfo/us/security/news","summary":"Trend Micro published its \"TrendAI\u2122 State of AI Security Report\" for 2H 2025, highlighting critical flaws and adversary targeting."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744183","entity":"Dell","event_type":"data_breach","id":"e60245be-95c2-422e-b851-85d7a5782636","impact":"medium","pub_date":"2024-05-12","source_url":"https://www.linkedin.com/pulse/cyber-security-news-weekly-round-up-vulnerabilities-vmdvc","summary":"Dell experienced a data breach, as reported in a weekly cybersecurity news round-up."},{"ai_confidence":0.8,"created_at":"2026-05-24T04:54:30.744174","entity":"Secureframe","event_type":"information_report","id":"de62e950-e429-4ca1-be22-2baed4e6eca9","impact":"low","pub_date":"2024-07-25","source_url":"https://secureframe.com/blog/recent-cyber-attacks","summary":"Secureframe published a blog post summarizing 30 recent cyber attacks from 2023-2026 and discussing cybersecurity trends."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744163","entity":"Drupal","event_type":"cyber_attack_warning","id":"e735e854-55db-45bb-9a55-270070ead386","impact":"high","pub_date":"2024-07-25","source_url":"https://www.securityweek.com/drupal-vulnerability-in-hacker-crosshairs-shortly-after-disclosure/","summary":"Drupal warned users about active exploitation attempts targeting CVE-2026-9082, a critical SQL injection vulnerability in its API."},{"ai_confidence":0.9,"created_at":"2026-05-24T04:54:30.744119","entity":"CISA","event_type":"announcement","id":"9d62d153-2665-4610-a754-a15784152997","impact":"medium","pub_date":"2024-07-25","source_url":"https://www.meritalk.com/articles/cisa-debuts-new-vulnerability-reporting-form/","summary":"CISA launched a new online form to streamline the reporting of known exploited cyber vulnerabilities, enhancing its disclosure program."},{"ai_confidence":0.8,"created_at":"2026-05-22T04:24:49.278198","entity":"N/A","event_type":"industry_trend","id":"43bc188d-4059-4390-b2c8-542d2bf1c716","impact":"low","pub_date":"2024-05-28","source_url":"https://www.scmagazine.com/news/apis-under-pressure-how-ai-is-rewriting-the-rules-of-enterprise-security","summary":"The rapid adoption of AI-powered tools and expanding API ecosystems are forcing organizations to rethink enterprise security."},{"ai_confidence":0.95,"created_at":"2026-05-22T04:24:49.278139","entity":"FTC","event_type":"regulatory","id":"57305c9d-6a77-47d8-8dca-cd264fde6e7d","impact":"medium","pub_date":"2026-05-28","source_url":"https://www.ftc.gov/news-events/news/press-releases/2026/05/ftc-require-cox-media-group-two-other-firms-pay-nearly-1-million-settle-charges-they-deceived","summary":"FTC will require Cox Media Group and two other firms to pay nearly $1 million to settle charges of deceiving customers."},{"ai_confidence":0.9,"created_at":"2026-05-22T04:24:49.278112","entity":"Canvas","event_type":"data_breach","id":"f46b3d8e-46ca-46d2-ba58-04c6af5cb40a","impact":"medium","pub_date":"2024-05-28","source_url":"https://www.cbc.ca/news/canada/northwestterritories/nwt-canvas-data-breach-1.7209033","summary":"Data of approximately 1,700 people potentially compromised in a data breach targeting the Canvas educational platform."},{"ai_confidence":0.95,"created_at":"2026-05-22T04:24:49.275809","entity":"CISA","event_type":"security_advisory","id":"2145bcc3-5c2e-4df9-a245-a038e03b29a4","impact":"high","pub_date":"2025-05-28","source_url":"https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-163a","summary":"CISA issued an advisory on ransomware actors exploiting unpatched SimpleHelp RMM to compromise a utility billing software provider."},{"ai_confidence":0.9,"created_at":"2026-05-22T04:24:49.275801","entity":"CISA","event_type":"announcement","id":"9af975e8-015a-48ee-aa1e-6252eef81e40","impact":"medium","pub_date":"2024-05-28","source_url":"https://www.cisa.gov/news-events/news/cisa-enhances-known-exploited-vulnerabilities-catalog-include-new-nomination-form","summary":"CISA announced a new Nomination Form for researchers to report known exploited vulnerabilities (KEV) to enhance national cybersecurity."},{"ai_confidence":0.95,"created_at":"2026-05-22T04:24:49.275793","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"f70b2e83-6bb8-4757-a30a-9c27e39d533a","impact":"high","pub_date":"2026-05-28","source_url":"https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html","summary":"Microsoft disclosed two actively exploited vulnerabilities in Defender, including a privilege escalation (CVE-2026-41091) and a DoS flaw."},{"ai_confidence":0.95,"created_at":"2026-05-22T04:24:49.275784","entity":"Microsoft","event_type":"cybercrime_disruption","id":"711e99ac-8704-4fbf-ad68-1b62acac38f4","impact":"high","pub_date":"2026-05-28","source_url":"https://www.industrialcybersecuritypulse.com/microsoft-dismantles-fox-tempest-cybercrime-platform-tied-to-ransomware-attacks-on-hospitals-critical-organizations/","summary":"Microsoft disrupted Fox Tempest, a malware-signing-as-a-service platform used by ransomware gangs to disguise malicious software."},{"ai_confidence":0.9,"created_at":"2026-05-22T04:24:49.275776","entity":"Drupal","event_type":"vulnerability_patch","id":"952b3ed4-a456-430e-a325-d3b6ef30792e","impact":"high","pub_date":"2026-05-28","source_url":"https://www.securityweek.com/drupal-patches-highly-critical-vulnerability-exposing-websites-to-hacking/","summary":"Drupal released patches for a highly critical vulnerability (CVE-2026-9082) exposing websites to hacking, allowing unauthenticated RCE."},{"ai_confidence":0.9,"created_at":"2026-05-22T04:24:49.275767","entity":"SonicWall","event_type":"security_incident","id":"257e8df6-6adb-404f-84ee-2fb47d4df834","impact":"high","pub_date":"2024-05-28","source_url":"https://www.bleepingcomputer.com/news/security/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/","summary":"Threat actors bypassed SonicWall VPN MFA on Gen6 SSL-VPN appliances due to incomplete patching, leading to ransomware attacks."},{"ai_confidence":0.9,"created_at":"2026-05-22T04:24:49.275750","entity":"Cisco","event_type":"vulnerability_patch","id":"61b6fa77-7264-4062-8e13-e66597ca8b11","impact":"high","pub_date":"2024-05-28","source_url":"https://www.securityweek.com/cisco-patches-critical-vulnerability-in-secure-workload/","summary":"Cisco released a patch for a critical vulnerability in Secure Workload that could allow remote attackers to gain Site Admin privileges."},{"ai_confidence":0.8,"created_at":"2026-05-21T04:10:20.968233","entity":"Rituals","event_type":"data_breach","id":"226cdb3e-2e80-473f-a486-2cd58b3498c6","impact":"medium","pub_date":"2024-04-23","source_url":"https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/","summary":"Cosmetics giant Rituals disclosed a data breach affecting its customers."},{"ai_confidence":0.8,"created_at":"2026-05-21T04:10:20.968224","entity":"ADT","event_type":"data_breach","id":"e86e8e14-0923-43f5-9e8d-c93097ee5302","impact":"medium","pub_date":"2024-04-24","source_url":"https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/","summary":"Home security giant ADT confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data."},{"ai_confidence":0.9,"created_at":"2026-05-21T04:10:20.968215","entity":"US Lawmakers","event_type":"regulatory","id":"587d4770-180e-46af-aa12-39c13508aa2c","impact":"low","pub_date":"2024-04-29","source_url":"https://www.meritalk.com/articles/lawmakers-plead-for-ai-vulnerability-disclosure-plan/","summary":"US lawmakers urged the ONCD to develop a federal-industry strategy for AI-discovered software vulnerability disclosure."},{"ai_confidence":0.8,"created_at":"2026-05-21T04:10:20.968207","entity":"Verizon","event_type":"announcement","id":"c2710bc1-7426-4333-b42c-cb553f447d94","impact":"low","pub_date":"2024-05-21","source_url":"https://www.bankinfosecurity.com/verizon-breach-report-vulnerability-exploitation-surges-a-31719","summary":"Verizon's 2026 Data Breach Investigations Report highlights a surge in vulnerability exploitation and ransomware actions."},{"ai_confidence":0.9,"created_at":"2026-05-21T04:10:20.968198","entity":"Delano Public Schools","event_type":"ransomware_attack","id":"a57f259e-e4b7-40b5-a83c-5b7c261eb97f","impact":"medium","pub_date":"2024-05-29","source_url":"https://www.cbsnews.com/minnesota/news/delano-schools-closed-cyber-incident/","summary":"Delano Public Schools canceled classes after a cyber incident involving unauthorized system access and a ransomware demand."},{"ai_confidence":0.9,"created_at":"2026-05-21T04:10:20.968181","entity":"Microsoft","event_type":"cybersecurity_incident_response","id":"8c28bd72-9483-40bc-b2f8-c649684e36ec","impact":"high","pub_date":"2024-05-30","source_url":"https://www.cybersecuritydive.com/news/microsoft-disrupts-cybercrime-hid-legitimate-software/820724/","summary":"Microsoft disrupted Fox Tempest, a malware-signing-as-a-service operation that disguised malware and enabled ransomware attacks."},{"ai_confidence":0.85,"created_at":"2026-05-20T03:55:25.345252","entity":"CSIS","event_type":"announcement","id":"4ba3f8f1-6b2f-45a4-8f9f-b77ae66208ad","impact":"low","pub_date":"2026-05-15","source_url":"https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents","summary":"CSIS maintains a timeline of significant cyber incidents since 2006, focusing on attacks on government, defense, high-tech, or economic crimes over $1M."},{"ai_confidence":0.9,"created_at":"2026-05-20T03:55:25.345245","entity":"Zara","event_type":"cybersecurity_incident","id":"e2ed97c3-9936-442b-819f-7d42a6201480","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.cybernews.com/news/zara-data-breach-shinyhunters/","summary":"A data breach in April 2026 exposed roughly 200,000 Zara customers after an alleged ransomware attack claimed by ShinyHunters."},{"ai_confidence":0.9,"created_at":"2026-05-20T03:55:25.345239","entity":"City of St. Paul","event_type":"cybersecurity_incident","id":"147558c0-5389-450e-8530-ef2bcd26e077","impact":"medium","pub_date":"2025-01-01","source_url":"https://www.pkware.com/blog/data-breaches-2025-biggest-cybersecurity-incidents-so-far/","summary":"A ransomware attack in St. Paul compromised sensitive data of over 45,000 residents and employees in 2025."},{"ai_confidence":0.9,"created_at":"2026-05-20T03:55:25.345232","entity":"McLaren Health Care","event_type":"cybersecurity_incident","id":"f0a136b5-dba4-4e05-95d1-3b5d114d260a","impact":"high","pub_date":"2025-06-01","source_url":"https://www.pkware.com/blog/data-breaches-2025-biggest-cybersecurity-incidents-so-far/","summary":"McLaren Health Care experienced a ransomware attack in June 2025, compromising sensitive data of over 743,000 patients."},{"ai_confidence":0.85,"created_at":"2026-05-20T03:55:25.345225","entity":"Comparitech","event_type":"announcement","id":"90c22cf6-efad-4aa3-af23-b80a958cd5c0","impact":"low","pub_date":"2026-05-15","source_url":"https://www.comparitech.com/blog/information-security/ransomware-attacks-us-map/","summary":"Comparitech provides a daily updated map visualizing US ransomware attacks, including location, records impacted, and ransom details."},{"ai_confidence":0.85,"created_at":"2026-05-20T03:55:25.345218","entity":"Industry-wide","event_type":"industry_analysis","id":"779f54de-96e2-40c8-a9c6-f2b75b1a04d0","impact":"low","pub_date":"2026-05-15","source_url":"https://www.ithome.com/0/812/923.htm","summary":"Experts warn that AI-assisted tools are accelerating vulnerability discovery and exploitation, making the 90-day disclosure policy obsolete."},{"ai_confidence":0.95,"created_at":"2026-05-20T03:55:25.345211","entity":"Drupal","event_type":"vulnerability_disclosure","id":"7bd47904-2e8c-4cd5-8fe4-a2cab4f0232b","impact":"medium","pub_date":"2026-05-20","source_url":"https://www.securityweek.com/drupal-to-patch-highly-critical-vulnerability-at-risk-of-quick-exploitation/","summary":"Drupal announced a 'core security release' for May 20, 2026, to patch a highly critical vulnerability at risk of quick exploitation."},{"ai_confidence":0.9,"created_at":"2026-05-20T03:55:25.345204","entity":"Foxconn","event_type":"cybersecurity_incident","id":"11eb2d62-8a16-499a-86be-60c0aff332b1","impact":"medium","pub_date":"2026-05-15","source_url":"https://www.cybersecuritydive.com/news/foxconn-confirms-cyberattack-north-american-facilities/716966/","summary":"Foxconn confirmed a cyberattack affecting some North American facilities, with a ransomware group claiming responsibility."},{"ai_confidence":0.95,"created_at":"2026-05-20T03:55:25.345197","entity":"Microsoft","event_type":"announcement","id":"53a71243-d2aa-4423-b3c3-766b78dba557","impact":"medium","pub_date":"2026-05-12","source_url":"https://www.krebsonsecurity.com/2026/05/microsoft-patch-tuesday-may-2026-edition/","summary":"Microsoft released May 2026 Patch Tuesday updates, fixing 167 vulnerabilities including a SharePoint Server zero-day and a Windows Defender weakness."},{"ai_confidence":0.95,"created_at":"2026-05-20T03:55:25.345190","entity":"CISA","event_type":"data_leak","id":"97cbf629-12f9-4f59-a5ea-7a38f96b4e6d","impact":"high","pub_date":"2026-05-01","source_url":"https://www.krebsonsecurity.com/2026/05/contractor-leak-exposes-credentials-for-internal-cisa-systems/","summary":"A CISA contractor publicly exposed highly privileged AWS GovCloud and internal CISA system credentials via a GitHub repository."},{"ai_confidence":0.9,"created_at":"2026-05-20T03:55:25.345183","entity":"Microsoft","event_type":"cybersecurity_incident","id":"2b00ec79-754d-4b86-9c2e-696610933ba4","impact":"high","pub_date":"2026-05-01","source_url":"https://www.krebsonsecurity.com/2026/05/russia-hacked-routers-to-steal-microsoft-office-tokens/","summary":"Russia-backed 'Forest Blizzard' siphoned authentication tokens from over 18,000 networks, affecting 200+ organizations and 5,000 consumer devices."},{"ai_confidence":0.85,"created_at":"2026-05-20T03:55:25.345176","entity":"Security Researcher","event_type":"vulnerability_disclosure","id":"de4fb387-c077-44b3-b04b-925c20916fba","impact":"low","pub_date":"2026-05-15","source_url":"https://www.thehackernews.com/","summary":"A security researcher disclosed new vulnerabilities, YellowKey, GreenPlasma, and MiniPlasma, adding to a growing list."},{"ai_confidence":0.9,"created_at":"2026-05-20T03:55:25.345169","entity":"Verizon","event_type":"announcement","id":"5c053592-e8c2-4494-8b42-202a52ea26fc","impact":"low","pub_date":"2026-05-01","source_url":"https://www.securityweek.com/verizon-dbir-2026-vulnerability-exploitation-overtakes-credential-theft-as-top-breach-vector/","summary":"Verizon's 2026 DBIR report highlights vulnerability exploitation as the top breach vector, with AI accelerating attacks and ransomware surging."},{"ai_confidence":0.95,"created_at":"2026-05-20T03:55:25.345161","entity":"NYC Health + Hospitals","event_type":"cybersecurity_incident","id":"32b293e8-a26a-44a9-ae8c-3c2eac374c59","impact":"high","pub_date":"2026-05-01","source_url":"https://www.malwarebytes.com/blog/news/2026/05/biometrics-diagnoses-and-bank-details-exposed-in-major-healthcare-breach","summary":"NYC Health + Hospitals reported a data breach affecting 1.8 million individuals, exposing sensitive patient and employee data due to a third-party vendor compromise."},{"ai_confidence":0.95,"created_at":"2026-05-20T03:55:25.345154","entity":"Instructure (Canvas)","event_type":"cybersecurity_incident","id":"3fa1d9ff-7700-4326-b39b-519e4c3b061f","impact":"high","pub_date":"2026-05-01","source_url":"https://www.krebsonsecurity.com/2026/05/canvas-breach-disrupts-schools-colleges-nationwide/","summary":"Instructure confirmed a data extortion attack by ShinyHunters on its Canvas platform, disrupting education and threatening 275 million student/faculty records."},{"ai_confidence":0.9,"created_at":"2026-05-20T03:55:25.345146","entity":"West Pharmaceutical","event_type":"cybersecurity_incident","id":"4d759da3-7937-4f7d-87ad-5196d251f50d","impact":"medium","pub_date":"2026-05-15","source_url":"https://www.cybersecuritydive.com/news/west-pharmaceutical-ransomware-attack/717199/","summary":"West Pharmaceutical is restoring operations following a ransomware attack that involved data theft and encryption."},{"ai_confidence":0.95,"created_at":"2026-05-20T03:55:25.345131","entity":"7-Eleven","event_type":"cybersecurity_incident","id":"53c6bf7d-0edd-4632-90ca-42c98807dc45","impact":"high","pub_date":"2026-04-08","source_url":"https://www.securityweek.com/7-eleven-data-breach-confirmed-after-shinyhunters-ransom-demand/","summary":"7-Eleven confirmed a data breach in April 2026, where ShinyHunters stole over 600,000 Salesforce records containing corporate data and PII."},{"ai_confidence":1.0,"created_at":"2026-05-17T03:08:50.825524","entity":"Foxconn","event_type":"cybersecurity_incident","id":"569b9c9a-ec34-4ebc-abc8-c979d32b44b5","impact":"high","pub_date":"2026-05-20","source_url":"https://www.securityweek.com/foxconn-confirms-north-american-factories-hit-by-cyberattack/","summary":"Foxconn confirmed a cyberattack on its North American factories by the Nitrogen ransomware group, resulting in 8TB of data theft."},{"ai_confidence":1.0,"created_at":"2026-05-17T03:08:50.825515","entity":"GTIG","event_type":"research_warning","id":"d29a43e8-f584-4e72-a941-2c4a5838f440","impact":"medium","pub_date":"2026-05-18","source_url":"https://www.cybersecuritydive.com/news/ai-used-develop-working-zero-day-exploit-researchers-warn/716302/","summary":"Researchers warned that AI was used to develop a working zero-day exploit, highlighting a growing threat for future cyberattacks."},{"ai_confidence":1.0,"created_at":"2026-05-17T03:08:50.825507","entity":"Quick. CMS","event_type":"vulnerability_disclosure","id":"14e2c83c-f945-45c6-93a3-274127541b4f","impact":"medium","pub_date":"2026-05-16","source_url":"https://www.tenable.com/cve","summary":"Quick. CMS 6.7 contains a cross-site scripting vulnerability in the sliders form, allowing authenticated attackers to inject malicious scripts."},{"ai_confidence":1.0,"created_at":"2026-05-17T03:08:50.825499","entity":"Funnel Builder","event_type":"vulnerability_disclosure","id":"49b1a01e-5813-4250-b2aa-07984bf13bd4","impact":"high","pub_date":"2026-05-14","source_url":"https://www.thehackernews.com/2026/05/funnel-builder-flaw-under-active.html","summary":"A critical vulnerability in the Funnel Builder WordPress plugin is actively exploited to steal payment data from WooCommerce checkout pages."},{"ai_confidence":1.0,"created_at":"2026-05-17T03:08:50.825490","entity":"Cisco","event_type":"vulnerability_disclosure","id":"864314c6-7714-47a0-81e9-cfd5f3cd2cb6","impact":"high","pub_date":"2026-05-12","source_url":"https://www.cybersecuritydive.com/news/attackers-exploit-critical-flaw-cisco-catalyst-sd-wan-controller/716538/","summary":"Attackers are exploiting CVE-2026-20182, a critical authentication bypass vulnerability in the Cisco Catalyst SD-WAN Controller."},{"ai_confidence":1.0,"created_at":"2026-05-17T03:08:50.825477","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"ef701ec7-a67b-4c7d-a853-aa28d297a6ef","impact":"medium","pub_date":"2026-05-10","source_url":"https://www.thehackernews.com/2026/05/on-prem-microsoft-exchange-server-cve.html","summary":"Microsoft disclosed CVE-2026-42897, a zero-day spoofing vulnerability in on-premise Exchange Server, actively exploited via crafted emails."},{"ai_confidence":1.0,"created_at":"2026-05-17T03:08:50.825431","entity":"West Pharmaceutical Services","event_type":"cybersecurity_incident","id":"deb25db3-28f0-4707-bc3d-b21c5be8c81c","impact":"high","pub_date":"2026-05-05","source_url":"https://www.securityweek.com/west-pharmaceutical-services-hit-by-disruptive-ransomware-attack/","summary":"West Pharmaceutical Services suffered a ransomware attack on May 4, 2026, causing global system shutdowns, data exfiltration, and ongoing restoration."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609282","entity":"Santa Barbara K-12 schools","event_type":"announcement","id":"bc452522-4ca2-4e5c-b65c-0d11d0f9e27f","impact":"medium","pub_date":"2026-05-15","source_url":"https://www.indystar.com/story/news/education/2026/05/15/santa-barbara-schools-back-online-after-cyberattack/11087234002/","summary":"Santa Barbara K-12 schools announced they are back online after a cyberattack on the Canvas learning platform by ShinyHunters."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609273","entity":"Linux Kernel","event_type":"vulnerability_disclosure","id":"c918a0ba-9106-45b2-bcb2-34820c4e7c1e","impact":"high","pub_date":"2026-05-15","source_url":"https://www.thn.news/2026/05/new-fragnesia-linux-kernel-lpe-grants.html","summary":"A new Linux Kernel vulnerability, Fragnesia, was disclosed, allowing local users to gain root privileges via privilege escalation."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609265","entity":"Long Beach Unified, Cal State Long Beach, Long Beach City College","event_type":"ransomware_attack","id":"7a4f4a74-bc5f-47cb-b4e8-e232a75991fb","impact":"high","pub_date":"2026-05-07","source_url":"https://www.longbeachpost.com/news/lbusd-cal-state-lbcc-grading-platform-hacked-in-apparent-ransomware-attack","summary":"Long Beach educational institutions experienced a ransomware attack by ShinyHunters on their Canvas grading platform, disrupting access."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609257","entity":"OpenLoop Health","event_type":"announcement","id":"dbb0b1dc-7fbe-400a-9a38-25dc299cacb5","impact":"high","pub_date":"2026-05-13","source_url":"https://www.securityweek.com/716000-impacted-by-openloop-health-data-breach/","summary":"OpenLoop Health announced a January 2026 data breach impacting 716,000 individuals, with personal information stolen."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609249","entity":"Instructure","event_type":"announcement","id":"b26c62d3-a5d4-4119-a27c-086d6ed2be8b","impact":"medium","pub_date":"2026-05-14","source_url":"https://www.cybersecuritydive.com/news/canvas-owner-reaches-agreement-with-threat-actors-after-data-breach/716754/","summary":"Instructure, Canvas's parent company, announced an agreement with threat actors after two cyberattacks, suspected to be a ransomware payment."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609241","entity":"Exim","event_type":"vulnerability_disclosure","id":"b9d49044-634f-4d8a-87c0-bd91bacc2314","impact":"high","pub_date":"2026-05-13","source_url":"https://www.bleepingcomputer.com/news/security/new-critical-exim-mailer-flaw-allows-remote-code-execution/","summary":"A critical vulnerability in Exim, an open-source mail transfer agent, was disclosed, allowing unauthenticated remote code execution."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609232","entity":"PraisonAI","event_type":"vulnerability_exploitation","id":"d0844e8b-e802-4b73-8721-090e91f697fd","impact":"high","pub_date":"2026-05-14","source_url":"https://www.securityweek.com/hackers-targeted-praisonai-vulnerability-hours-after-disclosure/","summary":"Hackers exploited an authentication bypass vulnerability (CVE-2026-44338) in PraisonAI within hours of its public disclosure."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609224","entity":"Foxconn","event_type":"ransomware_attack","id":"1f051784-4d20-4deb-bcd1-f9053e50479c","impact":"high","pub_date":"2026-05-13","source_url":"https://www.darkreading.com/cyberattacks-data-breaches/foxconn-attack-highlights-manufacturing-s-cyber-crisis","summary":"Foxconn's North American facilities experienced a ransomware attack by Nitrogen group, exfiltrating 11 million files including confidential data."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609215","entity":"Foxconn","event_type":"announcement","id":"16109f98-c926-4996-b3b2-7241d7221dbb","impact":"high","pub_date":"2026-05-13","source_url":"https://www.cyberscoop.com/foxconn-cyberattack-north-american-factories/","summary":"Foxconn announced a cyberattack impacted its North American facilities, with Nitrogen group claiming responsibility and data theft."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609204","entity":"Cisco","event_type":"vulnerability_disclosure","id":"4772fb75-a560-4d47-9505-b5219a2d7b3a","impact":"high","pub_date":"2026-05-15","source_url":"https://www.securityweek.com/cisco-patches-another-sd-wan-zero-day-the-sixth-exploited-in-2026/","summary":"Cisco disclosed and patched CVE-2026-20182, the sixth exploited zero-day vulnerability in its SD-WAN in 2026."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609161","entity":"OpenAI","event_type":"cyberattack","id":"f5c220f7-02ba-4891-99a6-cdbd6dd71876","impact":"medium","pub_date":"2026-05-15","source_url":"https://www.securityweek.com/openai-hit-by-tanstack-supply-chain-attack/","summary":"OpenAI was affected by a TanStack supply chain attack, compromising two employee devices and stealing credential material."},{"ai_confidence":0.9,"created_at":"2026-05-16T02:53:52.609103","entity":"West Pharmaceutical","event_type":"announcement","id":"ad09be28-5f87-403a-8b6c-22c5cbce37b0","impact":"high","pub_date":"2026-05-09","source_url":"https://www.bleepingcomputer.com/news/security/west-pharmaceutical-says-hackers-stole-data-encrypted-systems/","summary":"West Pharmaceutical announced a data breach involving data theft and encrypted systems, currently under investigation."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.582354","entity":"NIST","event_type":"regulatory","id":"34eef949-ac04-4160-a4d8-2746d1c00aac","impact":"low","pub_date":"2026-05-08","source_url":"https://www.helpnetsecurity.com/2026/05/08/may-2026-patch-tuesday-forecast/","summary":"NIST is changing its vulnerability analysis efforts to a risk or threat-based approach."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.582347","entity":"Microsoft","event_type":"security_update","id":"600b19db-175f-4227-bc83-24fc0bfee916","impact":"high","pub_date":"2026-05-08","source_url":"https://www.helpnetsecurity.com/2026/05/08/may-2026-patch-tuesday-forecast/","summary":"Microsoft issued OOB updates for an ASP.NET core vulnerability (CVE-2026-40372), an Escalation of Privilege vulnerability rated Critical."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.582339","entity":"Unspecified","event_type":"data_breach","id":"8238dfa1-540b-4a22-90cc-cbbeb635b763","impact":"high","pub_date":"2026-01-01","source_url":"https://www.acilearning.com/blog/biggest-cyber-breaches","summary":"A publicly exposed database containing 149 million records was discovered in January 2026 due to a misconfigured cloud environment."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.582332","entity":"Brightspeed","event_type":"ransomware_attack","id":"bbd469e7-9bb8-4d38-ba3e-a1ee70204614","impact":"high","pub_date":"2026-01-01","source_url":"https://www.acilearning.com/blog/biggest-cyber-breaches","summary":"The Crimson Collective ransomware group claimed to steal data of over a million Brightspeed customers in a ransomware attack."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.582324","entity":"Stryker","event_type":"cyberattack","id":"1f0434d0-5a04-4b67-b88b-661b6818c75f","impact":"high","pub_date":"2026-03-01","source_url":"https://www.acilearning.com/blog/biggest-cyber-breaches","summary":"Medical technology company Stryker experienced a large cyberattack in March 2026, linked to an Iran-aligned hacktivist group."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.582316","entity":"Industry-wide","event_type":"announcement","id":"a92022d4-a2b6-4f14-bc60-4dd1a9ade62b","impact":"low","pub_date":"2026-03-16","source_url":"https://quantumsafe.news/2026/03/16/vulnerability-exploits-dominate-cyber-intrusions-in-2026-trends/","summary":"Experts emphasize rapid patching as vulnerability exploits, including zero-days, are increasingly dominating cyber intrusions in 2026."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.582307","entity":"Nvidia (GeForce NOW service partner)","event_type":"data_breach","id":"9d71ff9c-9648-4c3c-b03a-df9a117f3beb","impact":"high","pub_date":"2026-05-09","source_url":"https://www.bankinfosecurity.com/breach-roundup-us-lawmakers-sound-alarm-on-ai-bug-hunters-a-24681","summary":"A third-party partner operating Nvidia's GeForce NOW service in Armenia disclosed a data breach, with millions of user records for sale."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.582285","entity":"DAEMON Tools Lite","event_type":"cyberattack","id":"f9c7fcc9-e0fb-4fcf-b3b8-9ffc78ad7032","impact":"high","pub_date":"2026-05-08","source_url":"https://www.diesec.com/top-5-cybersecurity-news-stories-may-08-2026/","summary":"Official DAEMON Tools Lite installers were compromised between April 8 and May 5, 2026, distributing malware."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.578730","entity":"Palo Alto Networks (PAN-OS)","event_type":"vulnerability_exploit","id":"555c43f5-3149-4cc2-9a40-2737f5d3deee","impact":"high","pub_date":"2026-05-08","source_url":"https://www.diesec.com/top-5-cybersecurity-news-stories-may-08-2026/","summary":"Palo Alto Networks confirmed active exploitation of CVE-2026-0300, a buffer overflow in PAN-OS User-ID Authentication Portal."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.578722","entity":"Adobe","event_type":"security_update","id":"7b25ba84-9a42-4b48-bd19-0dc2fbe89b85","impact":"medium","pub_date":"2026-05-09","source_url":"https://www.securityweek.com/microsoft-patches-137-vulnerabilities/","summary":"Adobe released patches for 52 vulnerabilities across 10 products."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.578714","entity":"Windows DNS Client","event_type":"vulnerability_disclosure","id":"f929edd7-b344-45bf-8779-55bb464c09a5","impact":"high","pub_date":"2026-05-09","source_url":"https://www.netizen.net/news/microsoft-may-2026-patch-tuesday-fixes-120-flaws-no-zero-days","summary":"Microsoft's May 2026 Patch Tuesday included CVE-2026-41096, a Windows DNS Client Remote Code Execution Vulnerability."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.578706","entity":"Microsoft SSO Plugin for Jira and Confluence","event_type":"vulnerability_disclosure","id":"43a74587-73d8-4e31-ba68-7c7003b0ece9","impact":"high","pub_date":"2026-05-09","source_url":"https://www.crowdstrike.com/blog/may-2026-patch-tuesday-30-critical-vulnerabilities-among-130-cves/","summary":"Microsoft's May 2026 Patch Tuesday addressed CVE-2026-41103, a critical elevation of privilege vulnerability in its SSO Plugin."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.578698","entity":"Microsoft Azure DevOps","event_type":"vulnerability_disclosure","id":"eb958f3b-6db7-4b9d-b730-1c692a1d5842","impact":"high","pub_date":"2026-05-09","source_url":"https://www.crowdstrike.com/blog/may-2026-patch-tuesday-30-critical-vulnerabilities-among-130-cves/","summary":"Microsoft's May 2026 Patch Tuesday included a critical vulnerability (CVE-2026-42826) in Azure DevOps with a CVSS score of 10."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.578687","entity":"Microsoft","event_type":"announcement","id":"7a8d74cd-609a-408f-acda-f38dffc255f0","impact":"medium","pub_date":"2026-05-09","source_url":"https://www.crowdstrike.com/blog/may-2026-patch-tuesday-30-critical-vulnerabilities-among-130-cves/","summary":"Microsoft released its May 2026 Patch Tuesday update, addressing 130-137 CVEs, including many critical vulnerabilities."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.578643","entity":"Microsoft Edge","event_type":"vulnerability_disclosure","id":"5adb1973-fd40-4f8e-bd51-722f46739b97","impact":"high","pub_date":"2026-05-04","source_url":"https://www.enterprisetimes.co.uk/2026/05/11/security-and-ai-news-from-the-week-beginning-4-may-2026/","summary":"A researcher revealed Microsoft Edge exposes passwords in clear text, which Microsoft stated is by design."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.578604","entity":"Instructure (Canvas)","event_type":"data_breach","id":"c55869c3-bc52-40eb-bbbd-a556f54c4cfc","impact":"high","pub_date":"2026-05-04","source_url":"https://www.enterprisetimes.co.uk/2026/05/11/security-and-ai-news-from-the-week-beginning-4-may-2026/","summary":"ShinyHunters confirmed a breach of Instructure (Canvas), stealing 275 million records and impacting over 40% of US colleges."},{"ai_confidence":0.8,"created_at":"2026-05-15T02:39:11.578564","entity":"Indiana University & Mizzou (Canvas users)","event_type":"data_breach","id":"b4f632d7-00de-48d3-945c-527fc0638e3a","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.upguard.com/blog/data-breach","summary":"ShinyHunters claimed responsibility for data breaches affecting Canvas users at Indiana University and Mizzou."},{"ai_confidence":0.8,"created_at":"2026-05-15T02:39:11.578525","entity":"University of California, Berkeley","event_type":"data_breach","id":"66368ed7-1b02-4fd6-bb48-61a845bf3bb6","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.upguard.com/blog/data-breach","summary":"University of California, Berkeley experienced a data breach where 600,000 records were reportedly stolen."},{"ai_confidence":0.9,"created_at":"2026-05-15T02:39:11.578486","entity":"Microsoft SharePoint","event_type":"vulnerability_exploit","id":"b642e112-98ef-4f60-90e8-11058b98257f","impact":"high","pub_date":"2026-05-01","source_url":"https://www.esecurityplanet.com/threats/this-week-in-cybersecurity/","summary":"A zero-day vulnerability (CVE-2026-32201) in Microsoft SharePoint, allowing remote code execution, is actively exploited."},{"ai_confidence":0.8,"created_at":"2026-05-15T02:39:11.578443","entity":"ADT","event_type":"data_breach","id":"64f5b833-5938-402b-b508-eed935b3449c","impact":"high","pub_date":"2026-05-01","source_url":"https://www.brightdefense.com/blog/recent-data-breaches/","summary":"ADT confirmed unauthorized access to customer data, with ShinyHunters claiming theft of over 10 million records including PII."},{"ai_confidence":0.8,"created_at":"2026-05-15T02:39:11.578401","entity":"Zara (Inditex)","event_type":"data_breach","id":"8f1cb403-f7e2-4be0-918f-e723d591aa49","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.securityaffairs.com/68246/data-breach/zara-data-breach.html","summary":"A third-party breach exposed data of nearly 200,000 Zara customers, including emails and purchase history, via Inditex's former tech provider."},{"ai_confidence":0.95,"created_at":"2026-05-15T02:39:11.578344","entity":"Foxconn","event_type":"cyberattack","id":"f1ec0a14-91e2-40ec-b810-824b9a16501d","impact":"high","pub_date":"2026-05-09","source_url":"https://www.cybersecuritydive.com/news/foxconn-cyberattack-ransomware-north-america-facilities/718281/","summary":"Foxconn confirmed a cyberattack on some North American facilities, with Nitrogen ransomware group claiming 8TB of data theft."},{"ai_confidence":0.9,"created_at":"2026-05-14T02:25:05.262379","entity":"CISA","event_type":"security_alert","id":"a84ad8bc-6d91-4819-99f9-e7b08fc070f8","impact":"medium","pub_date":"2026-05-07","source_url":"https://www.youtube.com/watch?v=ZFTSIUXUOcA","summary":"CISA issued a red alert for lidar mesh fusion controllers in autonomous ports due to a new exploit called phantom obstacle injection."},{"ai_confidence":0.9,"created_at":"2026-05-14T02:25:05.262371","entity":"EU","event_type":"regulatory_update","id":"11262093-76b9-4b76-9fc5-e791452f4132","impact":"medium","pub_date":"2026-05-07","source_url":"https://techmaniacs.com/2026/05/07/ai-security-daily-briefing-may-07-2026/","summary":"The EU agreed on an implementation timeline and bans for 'nudification' apps under updated AI rules, impacting AI security."},{"ai_confidence":1.0,"created_at":"2026-05-14T02:25:05.262363","entity":"Medtronic","event_type":"litigation","id":"98479f4d-7500-405e-a698-f446a807feed","impact":"high","pub_date":"2026-04-01","source_url":"https://www.classaction.org/news/medtronic-data-breach-class-action-lawsuit-alleges-negligence-to-blame-for-april-2026-incident","summary":"A class action lawsuit alleges Medtronic's negligence caused an April 2026 data breach exposing over nine million sensitive records."},{"ai_confidence":1.0,"created_at":"2026-05-14T02:25:05.262353","entity":"Instructure","event_type":"cyberattack","id":"1257347e-8260-4225-bdd7-dc7d6136b218","impact":"high","pub_date":"2026-05-08","source_url":"https://www.semafor.com/article/05/08/2026/cyberattack-disrupts-thousands-of-us-schools","summary":"ShinyHunters cyberattack on Instructure's Canvas platform disrupted US schools, threatening to leak 3.65TB of data from 275 million users."},{"ai_confidence":1.0,"created_at":"2026-05-14T02:25:05.262343","entity":"Microsoft","event_type":"security_update","id":"4f8f989d-1570-47e0-a128-38174c449de8","impact":"high","pub_date":"2026-05-12","source_url":"https://www.zerodayinitiative.com/blog/2026/5/12/the-may-2026-security-update-review","summary":"Microsoft released its May 2026 Patch Tuesday, fixing 120-138 flaws, including a critical zero-click Outlook vulnerability."},{"ai_confidence":1.0,"created_at":"2026-05-14T02:25:05.262318","entity":"Foxconn","event_type":"cyberattack","id":"b4f6e0de-3623-4c37-9149-bc017f69df55","impact":"high","pub_date":"2026-05-01","source_url":"https://www.cybersecuritydive.com/news/foxconn-confirms-cyberattack-affecting-some-north-american-facilities/820120/","summary":"Foxconn confirmed a cyberattack by the Nitrogen ransomware group on its North American facilities, leading to 8TB of data theft."},{"ai_confidence":0.95,"created_at":"2026-05-13T02:06:54.861506","entity":"Instructure","event_type":"regulatory","id":"983d0f34-4110-4b34-bfea-6e4d7211bba1","impact":"medium","pub_date":"2026-05-01","source_url":"https://therecord.media/instructure-pays-ransom-canvas-incident-congress-investigation","summary":"The House Homeland Security Committee announced an investigation into Instructure's recent cyberattack and ransom payment."},{"ai_confidence":0.95,"created_at":"2026-05-13T02:06:54.861492","entity":"Instructure","event_type":"data_breach","id":"e573527e-0ca2-4f5b-9182-d288595f8c15","impact":"high","pub_date":"2026-05-01","source_url":"https://thehackernews.com/2026/05/instructure-reaches-ransom-agreement.html","summary":"Instructure paid a ransom to ShinyHunters after a cyberattack stole 3.65TB of Canvas data, impacting nearly 9,000 organizations."},{"ai_confidence":0.95,"created_at":"2026-05-12T01:53:57.464091","entity":"Zara","event_type":"data_breach","id":"4a03a98b-5029-402b-8271-1bf80a9815ed","impact":"high","pub_date":"2024-05-15","source_url":"https://www.cybercrimemagazine.com/whos-hacked-latest-cyberattacks/","summary":"Personal information belonging to 197,000 people was exposed in a data breach affecting the fashion retailer Zara."},{"ai_confidence":0.95,"created_at":"2026-05-12T01:53:57.464083","entity":"Cushman & Wakefield","event_type":"data_breach","id":"10c7d8e4-be0f-4759-b3b4-6637a4418217","impact":"high","pub_date":"2024-05-15","source_url":"https://www.cybercrimemagazine.com/whos-hacked-latest-cyberattacks/","summary":"Real estate giant Cushman & Wakefield confirmed a data breach following claims from ShinyHunters and Qilin cybercrime groups."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.464076","entity":"Palo Alto Networks","event_type":"vulnerability_exploitation","id":"eb8d91ba-037b-4197-98cf-801f8bbd616f","impact":"high","pub_date":"2026-05-10","source_url":"https://www.securityweek.com/palo-alto-zero-day-exploited-in-campaign-bearing-hallmarks-of-chinese-state-hacking/","summary":"A Palo Alto Networks firewall zero-day is being exploited in a campaign bearing hallmarks of Chinese state-sponsored hacking."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.464068","entity":"Ivanti","event_type":"vulnerability_disclosure","id":"0dcb6f88-cfad-491b-9a9b-cea749fbf95c","impact":"high","pub_date":"2026-05-10","source_url":"https://www.securityweek.com/ivanti-patches-epmm-zero-day-exploited-in-targeted-attacks/","summary":"Ivanti patched a high-severity zero-day vulnerability (CVE-2026-6973) in its EPMM product, actively exploited in targeted attacks."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.464060","entity":"Checkmarx","event_type":"supply_chain_attack","id":"413645eb-81ea-4eb9-b548-ddd3b45787f9","impact":"high","pub_date":"2025-12-17","source_url":"https://www.securityweek.com/checkmarx-jenkins-ast-plugin-compromised-in-supply-chain-attack/","summary":"A malicious version of the Checkmarx Jenkins AST plugin was published to the Jenkins Marketplace in a supply chain attack."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.464052","entity":"SailPoint","event_type":"cyberattack","id":"2cfb6851-f022-43cc-9a58-d7cae8c08de3","impact":"low","pub_date":"2026-04-20","source_url":"https://www.securityweek.com/sailpoint-discloses-github-repository-hack/","summary":"SailPoint disclosed a hack of its GitHub repository on April 20, confirming no customer data in production environments was affected."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.464044","entity":"Skoda","event_type":"data_breach","id":"9d281ea4-414e-42e8-a552-e862fb70364b","impact":"medium","pub_date":"2026-05-10","source_url":"https://www.securityweek.com/skoda-data-breach-hits-online-shop-customers/","summary":"A data breach at Skoda exposed personal information of online shop customers by exploiting a vulnerability in the portal."},{"ai_confidence":1.0,"created_at":"2026-05-12T01:53:57.464037","entity":"Google","event_type":"cybersecurity_discovery","id":"541ae5d1-df90-456c-acd0-05cb0b611c2f","impact":"high","pub_date":"2026-05-10","source_url":"https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html","summary":"Google detected the first AI-generated zero-day exploit, developed by a cybercrime group to bypass 2FA for mass exploitation."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.464029","entity":"Linux","event_type":"vulnerability_disclosure","id":"9a9ddb9a-42b6-4889-9c4c-dd475ad0858f","impact":"high","pub_date":"2026-05-10","source_url":"https://www.securityweek.com/new-dirty-frag-linux-vulnerability-possibly-exploited-in-attacks/","summary":"A newly disclosed local privilege escalation vulnerability, 'Dirty Frag', affecting major Linux distributions may be exploited in the wild."},{"ai_confidence":1.0,"created_at":"2026-05-12T01:53:57.464022","entity":"Instructure (Canvas)","event_type":"ransomware_attack","id":"8246f692-b142-465c-bbc6-b3c78ceee943","impact":"high","pub_date":"2026-05-08","source_url":"https://www.newsobserver.com/news/local/education/article288403415.html","summary":"A global ransomware attack by ShinyHunters on Instructure's Canvas platform disrupted thousands of schools, affecting 30M users and exposing 275M records."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.464013","entity":"Zara","event_type":"data_breach","id":"bec3ccdb-d805-45f6-9b8a-c043434413f2","impact":"medium","pub_date":"2026-05-10","source_url":"https://www.bleepingcomputer.com/news/security/zara-data-breach-exposed-personal-information-of-197000-people/","summary":"Hackers gained access to Zara's databases, stealing personal data belonging to over 197,000 customers."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.463998","entity":"Trellix","event_type":"cyberattack","id":"92e5190e-7d28-4cd5-912c-25dcb4325f04","impact":"medium","pub_date":"2026-05-10","source_url":"https://www.bleepingcomputer.com/news/security/trellix-source-code-breach-claimed-by-ransomhouse-hackers/","summary":"RansomHouse hackers claimed responsibility for breaching Trellix's source code repository and leaked proof of intrusion."},{"ai_confidence":0.9,"created_at":"2026-05-12T01:53:57.463403","entity":"NVIDIA","event_type":"data_breach","id":"b81a0e98-f839-49d9-9edc-27beb1534511","impact":"medium","pub_date":"2026-05-10","source_url":"https://www.bleepingcomputer.com/news/security/nvidia-confirms-geforce-now-data-breach-affecting-armenian-users/","summary":"NVIDIA confirmed a data breach affecting GeForce NOW users in Armenia, exposing user information."},{"ai_confidence":0.95,"created_at":"2026-05-11T01:38:30.783678","entity":"Arup","event_type":"financial_fraud","id":"4e26d548-8e59-4fdc-ae74-dcb544faf82d","impact":"high","pub_date":"2026-01-01","source_url":"https://www.purplesec.us/recent-cyber-attacks/","summary":"Arup was defrauded of $25 million through an AI-generated deepfake video in 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783671","entity":"McGrawHill","event_type":"cyberattack","id":"ed290f0f-908b-42c2-9156-25dcd9d02a37","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.cm-alliance.com/major-cyber-attacks-data-breaches-ransomware-attacks-in-april-2026/","summary":"McGrawHill was targeted by various cyberattacks, data breaches, and ransomware incidents in April 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783664","entity":"Booking.com","event_type":"cyberattack","id":"c934c9ad-e02b-4eae-a0ad-91167796efae","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.cm-alliance.com/major-cyber-attacks-data-breaches-ransomware-attacks-in-april-2026/","summary":"Booking.com was targeted by various cyberattacks, data breaches, and ransomware incidents in April 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783656","entity":"EU Commission","event_type":"cyberattack","id":"46ab2446-99f2-462b-9b7c-fe60b20cb201","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.cm-alliance.com/major-cyber-attacks-data-breaches-ransomware-attacks-in-april-2026/","summary":"The EU Commission was targeted by various cyberattacks, data breaches, and ransomware incidents in April 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783649","entity":"TP-Link","event_type":"vulnerability_exploitation","id":"c3d88b1e-36c9-4453-b386-aa12b9f2cd8f","impact":"medium","pub_date":"2026-04-01","source_url":"https://krebsonsecurity.com/2026/05/patch-tuesday-april-2026-edition/","summary":"A botnet is actively targeting TP-Link devices vulnerable to CVE-2023-1389, an unauthenticated command injection vulnerability."},{"ai_confidence":0.95,"created_at":"2026-05-11T01:38:30.783641","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"766ff028-b3f4-4dd7-8bdf-19ba777c528b","impact":"medium","pub_date":"2026-04-09","source_url":"https://krebsonsecurity.com/2026/05/patch-tuesday-april-2026-edition/","summary":"Microsoft issued patches for multiple vulnerabilities, including an actively exploited CVE-2026-32201 in SharePoint Server."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783631","entity":"Stryker","event_type":"cyberattack","id":"dd214811-320e-49cf-80b1-fcbeae7870a1","impact":"high","pub_date":"2026-01-01","source_url":"https://www.acilearning.com/blog/biggest-cybersecurity-breaches-2023","summary":"Stryker suffered a cyberattack that caused a mass device wipe across its corporate systems in 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783597","entity":"Match Group","event_type":"data_breach","id":"55265999-e693-4fba-863e-64358541f6a6","impact":"high","pub_date":"2026-01-01","source_url":"https://www.acilearning.com/blog/biggest-cybersecurity-breaches-2023","summary":"Match Group experienced a data breach where 10 million records were allegedly exposed in 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783588","entity":"Medtronic","event_type":"ransomware_attack","id":"7890c4ae-3d1d-4a09-89e5-b4b5ce21b238","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.pkware.com/blog/2026-data-breaches-cybersecurity-incidents-explained/","summary":"Medtronic faced an extortion claim as part of a wave of cyberattacks and ransomware incidents in April 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783579","entity":"French government identity agency","event_type":"data_breach","id":"5b8f459d-a1ca-419b-b0c9-ec0f7427055f","impact":"high","pub_date":"2026-04-01","source_url":"https://www.pkware.com/blog/2026-data-breaches-cybersecurity-incidents-explained/","summary":"Millions of French citizens' records from a government identity agency were offered for sale following a breach in April 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783571","entity":"Frost Bank","event_type":"data_breach","id":"3ebca560-416a-4b28-9329-26fc48fe5101","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.pkware.com/blog/2026-data-breaches-cybersecurity-incidents-explained/","summary":"Frost Bank was affected by a supply-chain compromise through a shared third-party vendor in April 2026."},{"ai_confidence":0.9,"created_at":"2026-05-11T01:38:30.783563","entity":"Citizens Financial","event_type":"data_breach","id":"6bbf4d2d-4917-4f55-9cd7-7ce4abfd176c","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.pkware.com/blog/2026-data-breaches-cybersecurity-incidents-explained/","summary":"Citizens Financial was affected by a supply-chain compromise through a shared third-party vendor in April 2026."},{"ai_confidence":0.95,"created_at":"2026-05-11T01:38:30.783546","entity":"Instructure","event_type":"data_breach","id":"847e503a-7673-47b8-8f1e-31f64130c39f","impact":"high","pub_date":"2026-05-01","source_url":"https://krebsonsecurity.com/2026/05/canvas-breach-disrupts-schools-colleges-nationwide/","summary":"Instructure's Canvas platform suffered a data extortion attack by ShinyHunters, threatening 275M records including names, emails, and student IDs."},{"ai_confidence":0.95,"created_at":"2026-05-10T01:22:21.141816","entity":"Medtronic","event_type":"data_breach","id":"c11fbde6-5342-4973-82c0-fe6e09f5c738","impact":"high","pub_date":"2026-04-01","source_url":"https://securityboulevard.com/2026/04/top-10-data-breaches-of-april-2026/","summary":"Medtronic confirmed unauthorized access to its IT systems, resulting in ShinyHunters claiming the theft of over 9 million records."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.752499","entity":"Trellix","event_type":"cyberattack","id":"351b06c3-7d26-4320-8e49-f1471392f8ed","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/","summary":"RansomHouse hackers claimed responsibility for an attack on Trellix's source code repository."},{"ai_confidence":0.9,"created_at":"2026-05-09T01:09:35.752492","entity":"NVIDIA","event_type":"data_breach","id":"574c1258-5fb4-4b85-a164-c3d0ee06e625","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/","summary":"NVIDIA confirmed a data breach affecting GeForce NOW users in Armenia."},{"ai_confidence":0.98,"created_at":"2026-05-09T01:09:35.752484","entity":"CISA","event_type":"regulatory","id":"cf665290-31cd-4b4f-8775-29ac9b1f692f","impact":"high","pub_date":"2026-05-07","source_url":"https://www.cisa.gov/news-events/alerts/2026/05/07/cisa-adds-one-known-exploited-vulnerability-catalog","summary":"CISA officially added Ivanti EPMM vulnerability (CVE-2026-6973) to its Known Exploited Vulnerabilities Catalog on May 7, 2026."},{"ai_confidence":0.9,"created_at":"2026-05-09T01:09:35.752454","entity":"Mobile Trojan","event_type":"malware_update","id":"45b15287-e618-46fe-bb8f-f7025b884666","impact":"medium","pub_date":"2026-05-02","source_url":"https://www.youtube.com/watch?v=_kfMEZJuGH8","summary":"An updated mobile Trojan uses device magnetometers to detect smart lock magnetic signatures, alerting attackers when doors unlock."},{"ai_confidence":0.9,"created_at":"2026-05-09T01:09:35.752447","entity":"Delivery Robots","event_type":"vulnerability_discovery","id":"7d885ed5-6c2e-4895-8195-d740b8b32aaa","impact":"medium","pub_date":"2026-05-02","source_url":"https://www.youtube.com/watch?v=_kfMEZJuGH8","summary":"Backdoors were discovered in computer vision models for delivery robots, allowing attackers to bypass obstacle detection sensors."},{"ai_confidence":0.85,"created_at":"2026-05-09T01:09:35.752440","entity":"Automated Contract Builders","event_type":"threat_discovery","id":"036f80fd-091f-4000-99db-606a7cd56d09","impact":"medium","pub_date":"2026-05-02","source_url":"https://www.youtube.com/watch?v=_kfMEZJuGH8","summary":"A new AI-driven threat campaign targets supply chain managers by altering automated contract builders' logic flow, causing financial loss."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.752432","entity":"Ubuntu","event_type":"cyberattack","id":"2390a437-2f3c-492a-b720-83804aa2acec","impact":"high","pub_date":"2026-05-02","source_url":"https://coaio.com/news/2026/05/breaking-tech-news-on-may-2-2026-ai-innovations-security-outages-and-2ooc/","summary":"Ubuntu's infrastructure was crippled by a major DDoS attack, disrupting services and communication about a critical vulnerability."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.752422","entity":"CISA","event_type":"regulatory","id":"d763ea16-6baa-4be8-a78a-1e65e92fbc97","impact":"high","pub_date":"2026-05-01","source_url":"https://www.securityweek.com/over-40000-servers-compromised-in-ongoing-cpanel-exploitation/","summary":"CISA added cPanel vulnerability CVE-2026-41940 to its KEV catalog, urging federal agencies to patch it within four days."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.752405","entity":"cPanel","event_type":"vulnerability_exploitation","id":"7e923de0-271b-4abb-9b43-49b1c618adc3","impact":"high","pub_date":"2026-05-01","source_url":"https://www.securityweek.com/over-40000-servers-compromised-in-ongoing-cpanel-exploitation/","summary":"Over 40,000 servers were compromised due to attackers exploiting a recently patched cPanel zero-day vulnerability (CVE-2026-41940)."},{"ai_confidence":0.9,"created_at":"2026-05-09T01:09:35.751633","entity":"Ivanti","event_type":"vulnerability_disclosure","id":"f184351d-2059-4a48-a6df-3a63e425696b","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/cisa-gives-feds-four-days-to-patch-ivanti-flaw-exploited-as-zero-day/","summary":"Ivanti disclosed a high-severity zero-day vulnerability (CVE-2026-6973) in its EPMM product, allowing remote code execution."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.751626","entity":"CISA","event_type":"regulatory","id":"15844a0e-1fd7-4134-a94c-e7daf956885d","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/cisa-gives-feds-four-days-to-patch-ivanti-flaw-exploited-as-zero-day/","summary":"CISA directed U.S. federal agencies to patch a high-severity Ivanti EPMM zero-day vulnerability (CVE-2026-6973) within four days."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.751619","entity":"Chinese state-run supercomputer","event_type":"data_breach","id":"526802cc-03ea-4301-82b2-da4c40dcc3d9","impact":"high","pub_date":"2026-04-01","source_url":"https://www.securitymagazine.com/articles/102282-10-data-breaches-to-know-about-april-2026","summary":"A state-run Chinese supercomputer allegedly had 10 petabytes of data stolen in a breach in April 2026."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.751613","entity":"FBI","event_type":"data_breach","id":"fac5f5b8-33d3-4544-9322-1d807792f8ad","impact":"high","pub_date":"2026-04-01","source_url":"https://www.securitymagazine.com/articles/102282-10-data-breaches-to-know-about-april-2026","summary":"An FBI surveillance system was breached in April 2026, leading to the exposure of sensitive information."},{"ai_confidence":0.9,"created_at":"2026-05-09T01:09:35.751606","entity":"Mercor","event_type":"data_breach","id":"d22c25dc-1081-4deb-90c2-21c24002bab7","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.securitymagazine.com/articles/102282-10-data-breaches-to-know-about-april-2026","summary":"AI startup Mercor reportedly lost four terabytes of data in a breach that occurred in April 2026."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.751599","entity":"Los Angeles Police Department","event_type":"data_breach","id":"6da982f1-5b49-4684-bb08-794f0cb06841","impact":"high","pub_date":"2026-04-01","source_url":"https://www.securitymagazine.com/articles/102282-10-data-breaches-to-know-about-april-2026","summary":"The LAPD had sensitive records exposed after a breach of the L.A. City Attorney's Office in April 2026."},{"ai_confidence":0.95,"created_at":"2026-05-09T01:09:35.751592","entity":"ANTS","event_type":"data_breach","id":"f7afb095-ef95-405a-a6e5-b002fd740115","impact":"high","pub_date":"2026-04-01","source_url":"https://www.securitymagazine.com/articles/102282-10-data-breaches-to-know-about-april-2026","summary":"French government agency ANTS experienced a data breach in April 2026, potentially exposing millions of records."},{"ai_confidence":0.9,"created_at":"2026-05-09T01:09:35.751583","entity":"Verizon","event_type":"announcement","id":"154915a3-5cfc-4212-acf4-554f3d431002","impact":"medium","pub_date":"2026-05-01","source_url":"https://securityboulevard.com/2026/05/mean-time-to-exploit-has-gone-negative-security-strategy-has-to-change/","summary":"Verizon's 2025 DBIR reports vulnerability exploitation now accounts for 20% of all breaches, a 34% year-over-year increase."},{"ai_confidence":0.9,"created_at":"2026-05-09T01:09:35.751558","entity":"CrowdStrike","event_type":"announcement","id":"6897b82a-93f7-4e52-b48a-937a58de66b4","impact":"medium","pub_date":"2026-05-01","source_url":"https://securityboulevard.com/2026/05/mean-time-to-exploit-has-gone-negative-security-strategy-has-to-change/","summary":"CrowdStrike's 2026 Global Threat Report reveals a 42% increase in zero-day vulnerabilities exploited before public disclosure."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.152222","entity":"Small businesses","event_type":"cyberattack_trend","id":"0b6cf7f4-c7ae-4e19-9f31-318c2ea18688","impact":"medium","pub_date":"2026-04-06","source_url":"https://njbiz.com/?p=547063","summary":"Cyberattacks are surging, with hackers increasingly targeting small businesses."},{"ai_confidence":0.95,"created_at":"2026-05-08T00:54:47.152213","entity":"UK government","event_type":"regulatory_investigation","id":"09393e12-38e3-4d47-812b-90bbb89c8c3c","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK government is investigating a health charity after a large dataset of 500,000 people was listed for sale on Alibaba."},{"ai_confidence":0.95,"created_at":"2026-05-08T00:54:47.152203","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"c09df985-92c3-4985-bf1f-a317c6040aba","impact":"high","pub_date":"2026-04-22","source_url":"https://securityonline.info/dotnet-10-authentication-bypass-cve-2026-40372-remediation/","summary":"Microsoft released an emergency update for a critical .NET data protection flaw (CVE-2026-40372) allowing authentication forgery."},{"ai_confidence":0.9,"created_at":"2026-05-08T00:54:47.152177","entity":"D-Link","event_type":"vulnerability_disclosure","id":"c867a3ce-b5eb-4fe3-b044-aae403adeb11","impact":"high","pub_date":"2026-04-22","source_url":"https://securityonline.info/mirai-botnet-dlink-command-injection-cve-2025-29635/","summary":"An actively exploited command injection vulnerability (CVE-2025-29635) affecting D-Link devices has been detected."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.152169","entity":"NIST","event_type":"announcement","id":"c5ad630e-45c3-4f09-bb48-97ca0616bfa0","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST revamped its CVE framework to focus on high-impact vulnerabilities."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.152161","entity":"Coast Guard","event_type":"regulatory_announcement","id":"af630e93-0bdb-4c99-9f3f-059d241ed50d","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The Coast Guard introduced new cybersecurity rules, offering lessons for CISOs."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.152152","entity":"NIST","event_type":"regulatory_change","id":"663234de-df99-4df8-aaa0-cc86662d4de8","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST's cutback on NVD handling is impacting cyber teams, affecting how CVEs are managed."},{"ai_confidence":0.9,"created_at":"2026-05-08T00:54:47.152144","entity":"Anthropic","event_type":"unauthorized_access","id":"5a9d06c4-e35b-4a39-a59f-496186d06ae9","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic is investigating unauthorized access to its Mythos AI model by a small group of Discord users."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.152135","entity":"Hasbro","event_type":"cyberattack_impact","id":"214e1b8e-72bc-464e-8c7e-728b0eb654fb","impact":"medium","pub_date":"2026-03-01","source_url":"https://www.cybersecuritydive.com/","summary":"A March cyberattack on Hasbro is expected to impact the company's second-quarter revenue."},{"ai_confidence":0.95,"created_at":"2026-05-08T00:54:47.152126","entity":"Adobe","event_type":"data_breach","id":"3b5cd7d5-841e-42cb-9037-bb1cd489259d","impact":"high","pub_date":"2026-04-01","source_url":"https://www.cloudskope.com/insights/breaches","summary":"ShinyHunters breached Adobe's systems in April 2026 via a third-party, exposing 13 million customer records and internal documents."},{"ai_confidence":0.95,"created_at":"2026-05-08T00:54:47.152116","entity":"Schools and Universities","event_type":"cyberattack","id":"06d03bcc-100f-4acd-bf8a-01824a745265","impact":"high","pub_date":"2026-05-07","source_url":"https://knrs.iheart.com/content/2026-05-07-massive-cyberattack-hits-schools-and-universities-across-the-country/?pname=www.knrs.com&sc=dnsredirect","summary":"The ShinyHunters extortion group claimed responsibility for a massive cyberattack affecting millions of students nationwide."},{"ai_confidence":0.95,"created_at":"2026-05-08T00:54:47.152106","entity":"CISA","event_type":"regulatory","id":"2a207805-e20e-4209-a4c5-c647aa239561","impact":"high","pub_date":"2026-05-01","source_url":"https://www.cisa.gov/news-events/alerts/2026/05/01/cisa-adds-one-known-exploited-vulnerability-catalog","summary":"CISA added CVE-2026-31431, a Linux Kernel vulnerability, to its Known Exploited Vulnerabilities Catalog, urging remediation."},{"ai_confidence":0.9,"created_at":"2026-05-08T00:54:47.152094","entity":"Ivanti","event_type":"vulnerability_exploitation","id":"c3a951cb-0b97-4ec0-ad70-9d8cc5743e04","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bankinfosecurity.com/breach-roundup-microsoft-edge-turns-passwords-into-targets-a-31629","summary":"Ivanti warned that hackers have exploited a vulnerability (CVE-2026-6973) in its Endpoint Manager Mobile."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.152071","entity":"Microsoft Edge","event_type":"vulnerability_disclosure","id":"20acdc82-75c4-4444-bac2-417d184bcdf1","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.bankinfosecurity.com/breach-roundup-microsoft-edge-turns-passwords-into-targets-a-31629","summary":"Microsoft Edge loads saved passwords into memory in plaintext, potentially easing credential theft on compromised systems."},{"ai_confidence":0.9,"created_at":"2026-05-08T00:54:47.151074","entity":"cPanel","event_type":"vulnerability_exploitation","id":"d2ae3dc1-5fca-434e-936d-ac087a3f950c","impact":"high","pub_date":"2026-05-01","source_url":"https://thehackernews.com/2026/05/critical-cpanel-vulnerability.html","summary":"A critical cPanel vulnerability (CVE-2026-41940) is being exploited to target government, military, MSPs, and hosting providers."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.151066","entity":"N/A","event_type":"vulnerability_disclosure","id":"4c0e38ee-2a85-4941-b208-4fff62f014c7","impact":"medium","pub_date":"2026-03-31","source_url":"https://securelist.com/vulnerabilities-and-exploits-in-q1-2026/119733/","summary":"CVE-2026-21533 is a logic vulnerability enabling privilege escalation within Remote Desktop Services components."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.151058","entity":"N/A","event_type":"vulnerability_disclosure","id":"97c081f1-d4f4-4ba2-acd4-9c62eabb0c8e","impact":"medium","pub_date":"2026-03-31","source_url":"https://securelist.com/vulnerabilities-and-exploits-in-q1-2026/119733/","summary":"CVE-2026-22812, a vulnerability in AI-assisted coding software, allows attackers to execute malicious commands."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.151045","entity":"Cyber insurance provider","event_type":"industry_trend","id":"ed827874-f2b3-4ed5-b9db-14b5a3908a4b","impact":"medium","pub_date":"2026-05-07","source_url":"https://www.claimsjournal.com/news/national/2026/05/07/337388.htm","summary":"A large cyber insurance provider saw a 45% rise in ransomware attacks last year, but average payments fell by 44%."},{"ai_confidence":0.9,"created_at":"2026-05-08T00:54:47.151038","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"0da2e456-ac22-4a27-86be-e99b4fb85e57","impact":"medium","pub_date":"2026-05-01","source_url":"https://windowsforum.com/threads/cve-2026-26164-microsoft-365-copilot-info-disclosure-and-why-confidence-matters.416847/?utm_source=rss&utm_medium=rss","summary":"Microsoft published CVE-2026-26164, an information disclosure vulnerability in Microsoft 365 Copilot."},{"ai_confidence":0.8,"created_at":"2026-05-08T00:54:47.151030","entity":"N/A","event_type":"data_exposure","id":"3a7f9fe4-f30d-4552-88e3-60e4d3eab3a7","impact":"high","pub_date":"2026-05-01","source_url":"https://www.emazzanti.net/2026-data-breaches-major-cybersecurity-incidents-explained/","summary":"A misconfigured cloud environment led to the exposure of a database containing 149 million records."},{"ai_confidence":0.85,"created_at":"2026-05-08T00:54:47.151022","entity":"Match Group","event_type":"data_breach","id":"b5a4c238-669f-4b96-bb03-200ff2695f00","impact":"high","pub_date":"2026-05-01","source_url":"https://www.emazzanti.net/2026-data-breaches-major-cybersecurity-incidents-explained/","summary":"The ShinyHunters hacking collective claimed responsibility for breaching Match Group, likely via credential compromise."},{"ai_confidence":0.9,"created_at":"2026-05-08T00:54:47.151012","entity":"Linux","event_type":"vulnerability_disclosure","id":"d878dfbc-8121-49d9-be38-f0d21eb81e10","impact":"high","pub_date":"2026-05-01","source_url":"https://www.integrity360.com/cyber-news-roundup-may-1st-2026","summary":"A new Linux kernel zero-day vulnerability (CVE-2026-31431, 'Copy Fail') allows unprivileged local users to gain root access."},{"ai_confidence":0.95,"created_at":"2026-05-08T00:54:47.150964","entity":"ADT","event_type":"data_breach","id":"9d3e45e6-1603-4516-a13a-ec1404a6feb3","impact":"high","pub_date":"2026-05-01","source_url":"https://www.integrity360.com/cyber-news-roundup-may-1st-2026","summary":"Home security giant ADT is under scrutiny after the ShinyHunters group stole personal information of 5.5 million individuals."},{"ai_confidence":0.95,"created_at":"2026-05-07T00:42:12.676876","entity":"CISA, Federal agencies","event_type":"regulatory","id":"bf8d83c9-ad25-4336-b389-a43e78093cd8","impact":"high","pub_date":"2026-04-29","source_url":"https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-windows-flaw-exploited-in-zero-day-attacks/","summary":"CISA ordered federal agencies to patch a Windows zero-day vulnerability actively exploited in attacks."},{"ai_confidence":0.8,"created_at":"2026-05-07T00:42:12.676863","entity":"Google","event_type":"product_strategy","id":"9a0aced4-3a07-447a-b24e-b23093a3daf6","impact":"low","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/","summary":"Google is prioritizing general-purpose Gemini models over cybersecurity-specific AI solutions."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676814","entity":"Anthropic","event_type":"data_breach","id":"28bbd58e-c188-42d4-aff9-8b7ac76e145a","impact":"high","pub_date":"2026-04-23","source_url":"https://www.theverge.com/ai-artificial-intelligence/917644/anthropic-claude-mythos-breach-humiliation","summary":"AI company Anthropic experienced a \"Mythos Breach\" described as humiliating."},{"ai_confidence":0.85,"created_at":"2026-05-07T00:42:12.676805","entity":"UNC6692, Microsoft Teams","event_type":"threat_disclosure","id":"c978c4fc-f8c2-4dfa-9355-046729f0595c","impact":"medium","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html","summary":"Threat actor UNC6692 is impersonating IT helpdesks via Microsoft Teams to deploy SNOW malware."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676798","entity":"UK government","event_type":"announcement","id":"b3b5d649-5c85-4016-a309-bcccb9b885f3","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/uk-warns-of-chinese-hackers-using-botnets-of-hijacked-consumer-devices-to-evade-detection/","summary":"The UK warned of Chinese hackers using proxy networks and hijacked consumer devices to evade detection."},{"ai_confidence":0.95,"created_at":"2026-05-07T00:42:12.676789","entity":"Mongolian Government","event_type":"cyberattack","id":"72f56102-b041-4887-b3ef-42f8c958745f","impact":"high","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.html","summary":"China-linked GopherWhisper infected 12 Mongolian government systems with Go backdoors."},{"ai_confidence":0.95,"created_at":"2026-05-07T00:42:12.676781","entity":"U.S. Agency, Cisco","event_type":"data_breach","id":"d397c6aa-acfd-4e71-af1d-f9e768e238f4","impact":"high","pub_date":"2026-04-23","source_url":"https://therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor","summary":"A U.S. agency was breached through a Cisco vulnerability, with a FIRESTARTER backdoor active until March."},{"ai_confidence":0.95,"created_at":"2026-05-07T00:42:12.676773","entity":"UK government, Alibaba","event_type":"regulatory","id":"3b113be7-4637-4766-b85c-681a919f28e7","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK is investigating a health dataset from a charity, potentially affecting 500,000 people, listed for sale on Alibaba."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676764","entity":"NIST","event_type":"announcement","id":"1226c0c4-f2cc-4c2e-9819-f94f28a38ec0","impact":"low","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST revamped its CVE framework to prioritize high-impact vulnerabilities."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676756","entity":"US Coast Guard","event_type":"regulatory","id":"e0d48bc1-8045-47af-9615-cb6f60fc99cf","impact":"low","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The US Coast Guard introduced new cybersecurity rules, offering insights for CISOs."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676741","entity":"NIST","event_type":"regulatory","id":"bf7a823f-ef81-4b99-901e-8b29909cc36d","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST has reduced its handling of CVEs, potentially impacting cyber teams."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676733","entity":"Anthropic","event_type":"cyber_incident_investigation","id":"d2b1a857-411a-4e12-97f2-760a567fb845","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic is investigating unauthorized access to its powerful new Mythos AI model by a small group of Discord users."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676724","entity":"Linux kernels","event_type":"vulnerability_disclosure","id":"4f7a1ea8-de2f-40db-9812-ce19ead840d2","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/new-linux-copy-fail-flaw-gives-hackers-root-on-major-distros/","summary":"A local privilege escalation vulnerability, 'Copy Fail,' impacts Linux kernels since 2017, allowing unprivileged attackers root access."},{"ai_confidence":0.95,"created_at":"2026-05-07T00:42:12.676709","entity":"Ryan Goldberg, Kevin Martin","event_type":"litigation","id":"fb607630-5bcc-49ea-a8b0-0b13c40330bd","impact":"high","pub_date":"2026-05-01","source_url":"https://www.justice.gov/opa/pr/two-americans-who-attacked-multiple-us-victims-using-alphv-blackcat-ransomware-sentenced","summary":"Ryan Goldberg and Kevin Martin were sentenced to four years in prison for their role in ALPHV BlackCat ransomware attacks."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676701","entity":"ADT","event_type":"data_breach","id":"80e1845c-5217-4734-94d1-3460dd22df3e","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/instructure-confirms-data-breach-shinyhunters-claims-attack/","summary":"ADT confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data for ransom."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676693","entity":"Kingborough Council","event_type":"data_exposure","id":"f7a15653-0996-445a-b6ad-5e10bc30aa59","impact":"medium","pub_date":"2026-05-06","source_url":"https://www.kaseya.com/blog/2026/05/the-week-in-breach-news-may-06-2026/","summary":"Kingborough Council disclosed a misconfiguration temporarily exposed property owners' names and addresses online."},{"ai_confidence":0.85,"created_at":"2026-05-07T00:42:12.676685","entity":"MetInfo CMS","event_type":"vulnerability_exploitation","id":"f97eed53-b3e2-4462-aba2-ebe771d55d47","impact":"high","pub_date":"2026-05-01","source_url":"https://www.thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html","summary":"Threat actors are actively exploiting a code injection flaw, CVE-2026-29014, in the MetInfo CMS."},{"ai_confidence":0.95,"created_at":"2026-05-07T00:42:12.676677","entity":"Palo Alto Networks","event_type":"vulnerability_disclosure","id":"fcf09b98-e588-4d58-a481-81ca7885c602","impact":"high","pub_date":"2026-05-01","source_url":"https://www.thehackernews.com/2026/05/palo-alto-pan-os-flaw-under-active.html","summary":"Palo Alto Networks warned of a critical PAN-OS buffer overflow vulnerability (CVE-2026-0300) actively exploited for RCE."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676668","entity":"Liberty Mutual","event_type":"data_breach","id":"7d949816-e703-43ca-a5f3-69e1fba0d2d2","impact":"high","pub_date":"2026-05-01","source_url":"https://www.databreachtoday.com/","summary":"Everest Group ransomware gang claims to have stolen over 108GB of policyholder data from Liberty Mutual and is leaking it."},{"ai_confidence":0.85,"created_at":"2026-05-07T00:42:12.676658","entity":"MuddyWater","event_type":"cyber_attack_report","id":"210c54ec-3785-4f09-89b2-92fc83f5695e","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.securityweek.com/iranian-apt-intrusion-masquerades-as-chaos-ransomware-attack/","summary":"Rapid7 reported Iranian APT actor MuddyWater conducted an intrusion masquerading as a ransomware attack for espionage."},{"ai_confidence":0.85,"created_at":"2026-05-07T00:42:12.676647","entity":"Cisco","event_type":"vulnerability_patch","id":"897f191b-3e72-43c4-9694-ca2d5b3937ea","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/critical-vm2-sandbox-bug-lets-attackers-execute-code-on-hosts/","summary":"Cisco patched a denial-of-service vulnerability in Crosswork Network Controller and Network Services Orchestrator."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676616","entity":"vm2","event_type":"vulnerability_disclosure","id":"c48be031-4003-4e68-b382-53b40158b433","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/critical-vm2-sandbox-bug-lets-attackers-execute-code-on-hosts/","summary":"A critical vulnerability in the Node.js vm2 library allows attackers to escape the sandbox and execute arbitrary code."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.676004","entity":"Wake County Public School System","event_type":"data_breach_investigation","id":"c582e454-26da-47be-a323-908a33e9277c","impact":"medium","pub_date":"2026-05-01","source_url":"https://www.wral.com/wake-schools-student-staff-information-may-have-been-accessed-in-april-data-breach/21400991/","summary":"Wake County Public School System is investigating a data breach involving Canvas, potentially exposing student and staff data."},{"ai_confidence":0.95,"created_at":"2026-05-07T00:42:12.675995","entity":"Instructure","event_type":"data_breach","id":"2e95fe52-ae57-4fdd-8e43-230d164562eb","impact":"high","pub_date":"2026-05-01","source_url":"https://www.malwarebytes.com/blog/news/2026/05/millions-of-students-personal-data-stolen-in-major-education-breach","summary":"Instructure confirmed a cyber incident and data breach affecting its cloud, with ShinyHunters claiming 275 million records stolen."},{"ai_confidence":0.9,"created_at":"2026-05-07T00:42:12.675979","entity":"Starr Insurance","event_type":"data_breach","id":"c3a53005-0530-4d13-907f-1c6762a661c7","impact":"high","pub_date":"2026-05-01","source_url":"https://www.hipaajournal.com/starr-insurance-discloses-ransomware-attack/","summary":"Starr Insurance disclosed a ransomware attack by Akira group, potentially stealing 15GB of sensitive data."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982851","entity":"Rituals","event_type":"data_breach","id":"682e7401-2592-453d-af11-7f26e2783eb6","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/","summary":"Cosmetics giant Rituals disclosed a data breach affecting its customers."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982842","entity":"ADT","event_type":"data_breach","id":"0e62ff9a-4380-4870-8882-0c207e96c51a","impact":"medium","pub_date":"2026-04-24","source_url":"https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/","summary":"Home security giant ADT confirmed a data breach after ShinyHunters threatened to leak stolen data."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982826","entity":"Instructure","event_type":"cyber_attack","id":"486b128a-3634-49bf-93f9-60f3325d68db","impact":"high","pub_date":"2026-04-29","source_url":"https://www.govtech.com/education/instructure-investigating-cyber-attack-exposure-of-user-data","summary":"Instructure is investigating a cyberattack potentially exposing user data from nearly 9,000 schools and 275 million users."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982258","entity":"Europol","event_type":"announcement","id":"31cec9d4-a574-43d3-aeb7-9b2430c74fcb","impact":"low","pub_date":"2026-04-29","source_url":"https://home-affairs.ec.europa.eu/news/europol-published-report-latest-trends-cybercrime-landscape-2026-04-29_en","summary":"Europol published its IOCTA 2026 report analyzing cybercrime trends, including ransomware and state-sponsored attacks."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982250","entity":"Axios","event_type":"supply_chain_compromise","id":"60204d3d-bdf0-47b8-a95c-2b78ae2bf710","impact":"medium","pub_date":"2026-04-28","source_url":"https://www.ptechpartners.com/2026/04/28/cybersecurity-news-roundup-mid-february-to-mid-april-2026/","summary":"The open-source JavaScript library Axios was compromised with malicious code."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982242","entity":"ManoMano","event_type":"data_breach","id":"a389fdde-5022-4cdf-a412-720ae2363450","impact":"high","pub_date":"2026-04-28","source_url":"https://www.ptechpartners.com/2026/04/28/cybersecurity-news-roundup-mid-february-to-mid-april-2026/","summary":"European DIY store chain ManoMano had data for 38 million customers leaked due to a third-party compromise."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982234","entity":"Odido","event_type":"data_breach","id":"6681211c-2811-4877-a84e-447fbad07bb4","impact":"high","pub_date":"2026-04-28","source_url":"https://www.ptechpartners.com/2026/04/28/cybersecurity-news-roundup-mid-february-to-mid-april-2026/","summary":"Dutch telecom Odido experienced a breach affecting roughly 6 million customers, with ShinyHunters claiming responsibility."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982225","entity":"DigiCert","event_type":"product_launch","id":"f79d50bc-5072-4c81-837f-9b6d140263be","impact":"low","pub_date":"2026-05-05","source_url":"https://www.enterprisetimes.co.uk/2026/05/05/security-and-ai-news-from-the-week-beginning-27-april-2026/","summary":"DigiCert introduced a new AI Trust architecture designed to secure AI systems."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982214","entity":"Roblox","event_type":"data_breach","id":"acc5bdad-760f-4e25-b58d-ebff4d254317","impact":"medium","pub_date":"2026-05-05","source_url":"https://www.enterprisetimes.co.uk/2026/05/05/security-and-ai-news-from-the-week-beginning-27-april-2026/","summary":"Hackers stole hundreds of thousands of Roblox accounts, prompting calls for multi-factor authentication."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982176","entity":"Mandiant","event_type":"announcement","id":"7fccfdab-2bd2-47bd-a912-1bee707d42d8","impact":"low","pub_date":"2026-05-05","source_url":"https://www.enterprisetimes.co.uk/2026/05/05/security-and-ai-news-from-the-week-beginning-27-april-2026/","summary":"Mandiant reported that AI accelerates software vulnerability exploitation within 24 hours of disclosure."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982134","entity":"Ameriprise Financial Inc.","event_type":"data_breach","id":"65efe2cd-1773-41d8-b21e-682fef2b1e3a","impact":"medium","pub_date":"2026-04-28","source_url":"https://insurancenewsnet.com/oarticle/ameriprise-faces-48000-customer-data-breach-impact-response-market-move","summary":"Ameriprise Financial confirmed a data breach on April 28, 2026, exposing personal information of almost 48,000 customers."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.982040","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"112bfe56-a36c-4dc6-8a13-e87614d1bf34","impact":"high","pub_date":"2026-04-29","source_url":"https://www.theregister.com/2026/04/29/microsoft_zero_click_exploit/","summary":"Microsoft and CISA warned of a new zero-click Windows flaw (CVE-2026-32202) being actively exploited."},{"ai_confidence":1.0,"created_at":"2026-05-06T00:25:55.981986","entity":"Medtronic","event_type":"data_breach","id":"9a3de8ef-67dc-4cab-8ddd-96ed7ede63a9","impact":"medium","pub_date":"2026-04-29","source_url":"https://www.cybernewscentre.com/29th-april-2026-cyber-update-medtronic-breach-healthcare-risk/","summary":"Medtronic confirmed an unauthorized party accessed corporate IT systems; ShinyHunters claims 9 million records stolen."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.118665","entity":"Nutanix","event_type":"industry_analysis","id":"8ae61388-df57-4c01-a8b0-e132e164d9c5","impact":"low","pub_date":"2026-04-01","source_url":"https://www.nutanix.com/blog/how-enterprise-security-is-changing-in-the-ai-age","summary":"Nutanix analyzed enterprise security in the AI age, noting an IBM report that one in six 2025 data breaches involved AI."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.118655","entity":"Industrial Cyber","event_type":"industry_report","id":"95c67c2b-9fe7-49cc-96bc-fa2003b1cae2","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.industrialcyber.co/ransomware-reaches-elevated-new-normal-as-attack-volumes-hold-steady-into-2026-reshape-baseline-risk-expectations/","summary":"Industrial Cyber reported Q1 2026 ransomware activity consistent, with manufacturing/construction most impacted, shifting to data theft."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.118643","entity":"F5","event_type":"vulnerability_disclosure","id":"a683480e-7175-45c4-a5c0-4b93ac128ac2","impact":"high","pub_date":"2026-03-01","source_url":"https://www.greenbone.net/en/march-2026-threat-report/","summary":"A reclassified CVE-2025-53521 now indicates a Remote Code Execution impact on F5 BIG-IP, reported in March 2026."},{"ai_confidence":1.0,"created_at":"2026-05-05T00:08:17.118622","entity":"Microsoft, Adobe","event_type":"vulnerability_disclosure","id":"fc64d14d-88bb-4c33-8a60-e90aa3f08904","impact":"high","pub_date":"2026-04-14","source_url":"https://www.zerodayinitiative.com/blog/2026/4/14/the-april-2026-security-update-review","summary":"Microsoft released 163 CVEs and Adobe 61 CVEs, including an actively exploited zero-day, on April 14, 2026."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.118006","entity":"Global law enforcement","event_type":"law_enforcement_action","id":"0b07469f-7c57-41ad-a010-eb7c0f01acb5","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.worldeconomicforum.org/news/cyberattacks-target-us-infrastructure-and-other-cybersecurity-news/","summary":"A global operation disrupted four major botnets in April 2026, combating widespread cybercrime infrastructure."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.117999","entity":"Cambodia","event_type":"regulatory","id":"f2990ecd-2876-4f8e-a9c8-4fbb608ee104","impact":"low","pub_date":"2026-04-01","source_url":"https://www.worldeconomicforum.org/news/cyberattacks-target-us-infrastructure-and-other-cybersecurity-news/","summary":"Cambodia passed a new cybercrime law in April 2026, targeting scam centers and enhancing cybersecurity regulations."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.117992","entity":"FBI","event_type":"law_enforcement_action","id":"1dad42fd-4c8e-4fee-a143-d1347bebe41b","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.brigantiapartners.com/cybersecurity-roundup-april-2026/","summary":"The FBI disrupted a Russian-backed router botnet in April 2026, as part of a global operation against cyber threats."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.117984","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"785456dd-ee20-448c-aee1-bb416890b424","impact":"high","pub_date":"2026-04-09","source_url":"https://www.giaspace.com/blog/april-2026-data-breach-roundup","summary":"Microsoft's April 2026 Patch Tuesday addressed 167 flaws, including two actively exploited zero-day vulnerabilities."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.117977","entity":"Ryan Goldberg, Kevin Martin","event_type":"litigation","id":"a79a79b6-de1f-4292-be78-217d3e9fb045","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.securityweek.com/two-us-security-experts-sentenced-to-prison-for-helping-ransomware-gang/","summary":"US cybersecurity experts Ryan Goldberg and Kevin Martin were sentenced to four years in prison for aiding ransomware attacks."},{"ai_confidence":0.9,"created_at":"2026-05-05T00:08:17.117969","entity":"cPanel","event_type":"vulnerability_exploitation","id":"5acf5e0b-2de4-4f50-9404-142091b8f6ca","impact":"high","pub_date":"2026-04-01","source_url":"https://www.securityweek.com/hackers-target-governments-and-msps-via-critical-cpanel-flaw-cve-2026-41940/","summary":"A critical cPanel vulnerability (CVE-2026-41940) is actively exploited, targeting government, military, and MSPs."},{"ai_confidence":1.0,"created_at":"2026-05-05T00:08:17.117955","entity":"Instructure","event_type":"data_breach","id":"ae859b30-650a-400b-88cc-d688caf739a6","impact":"high","pub_date":"2026-04-30","source_url":"https://www.securityweek.com/edtech-firm-instructure-discloses-data-breach-amid-hacker-leak-threats/","summary":"Instructure disclosed a cyberattack and data breach on April 30, 2026; ShinyHunters claimed 3.65 TB data theft affecting 275M."},{"ai_confidence":0.85,"created_at":"2026-05-03T23:55:02.832530","entity":"Twitch","event_type":"platform_enforcement","id":"c67e35c6-ca08-4ff8-a41b-57d6a8d2b443","impact":"medium","pub_date":"2026-04-27","source_url":"https://cybernews.com/news/counter-strike-twitch-russia-ban/","summary":"Twitch banned several Russian Counter-Strike streamers for promoting a 'Kamikaze Drone' factory during a sponsored event."},{"ai_confidence":0.8,"created_at":"2026-05-03T23:55:02.832521","entity":"Dutch intelligence agency","event_type":"announcement","id":"c4d8758a-83c9-475a-a7db-9b343e1dad3d","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"The Dutch intelligence agency warned that the Netherlands is facing its biggest security threat in decades."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832513","entity":"UK government","event_type":"regulatory_investigation","id":"48b59e82-f0bd-4d72-8e22-a864ee874ff6","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK government is investigating the sale of a large health dataset, including 500,000 people's info, on Alibaba."},{"ai_confidence":0.85,"created_at":"2026-05-03T23:55:02.832504","entity":"NIST","event_type":"announcement","id":"e2a5c2db-95dd-4f35-bbe7-f00be7f62ce1","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST is revamping its CVE framework to prioritize and focus on high-impact vulnerabilities."},{"ai_confidence":0.85,"created_at":"2026-05-03T23:55:02.832482","entity":"US Coast Guard","event_type":"regulatory","id":"c87b4428-8c76-46df-97b0-c4efa240fb7d","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The US Coast Guard introduced new cybersecurity rules, providing important lessons for CISOs."},{"ai_confidence":0.85,"created_at":"2026-05-03T23:55:02.832409","entity":"NIST","event_type":"regulatory_change","id":"816640b2-d9df-436d-9ec9-88fee3966b62","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST's cutbacks on National Vulnerability Database (NVD) handling are impacting cybersecurity teams."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832401","entity":"Dutch horse forum","event_type":"data_breach","id":"27db2af7-08d6-462e-bf7b-1aa9e22d7d62","impact":"high","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/horse-forum-hackers-passwords-attacks/","summary":"A Dutch horse forum was hacked after 25 years of security, leading to the spread of user passwords in other attacks."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832393","entity":"Anthropic","event_type":"security_incident","id":"ea518ead-52dc-4dfb-801a-49ca01a7a8aa","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic is investigating unauthorized access to its new Mythos AI model by a small group of Discord users."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832384","entity":"CISA","event_type":"regulatory","id":"ac804a80-5432-40fd-9edd-1cc0c9fff1ef","impact":"high","pub_date":"2026-04-03","source_url":"https://www.diesec.com/top-5-cybersecurity-news-stories-april-3-2026/","summary":"CISA added CVE-2026-20963 for Microsoft SharePoint to the Known Exploited Vulnerabilities catalog, indicating real-world exploitation."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832375","entity":"Citrix","event_type":"vulnerability_disclosure","id":"b5523793-9ba2-4b3e-ae39-51e3893aca59","impact":"high","pub_date":"2026-04-03","source_url":"https://www.diesec.com/top-5-cybersecurity-news-stories-april-3-2026/","summary":"Attackers are actively exploiting CVE-2026-3055 in Citrix NetScaler ADC/Gateway to read sensitive data from appliance memory."},{"ai_confidence":0.95,"created_at":"2026-05-03T23:55:02.832367","entity":"Google","event_type":"announcement","id":"dc86da81-9405-4a13-97cb-4fadb503998c","impact":"high","pub_date":"2026-04-03","source_url":"https://www.forbes.com/sites/daveywinder/2026/04/03/google-issues-zero-day-attack-alert-for-35-billion-chrome-users/","summary":"Google issued an emergency update for Chrome zero-day vulnerability CVE-2026-5281, actively exploited and affecting billions of users."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832357","entity":"Microsoft","event_type":"announcement","id":"e30d6d2d-f63f-4d79-944b-e9bfafc8d2c5","impact":"high","pub_date":"2026-04-09","source_url":"https://www.cyberscoop.com/microsoft-drops-its-second-largest-monthly-batch-of-defects-on-record/","summary":"Microsoft released its April 2026 security update, addressing 165 vulnerabilities, including an actively exploited SharePoint zero-day."},{"ai_confidence":0.95,"created_at":"2026-05-03T23:55:02.832316","entity":"McGraw Hill","event_type":"data_breach","id":"da0ed853-12e3-4b59-86bb-afeed65048a5","impact":"high","pub_date":"2026-04-01","source_url":"https://www.bleepingcomputer.com/news/security/data-breach-at-edtech-giant-mcgraw-hill-affects-135-million-accounts/","summary":"Edtech giant McGraw Hill confirmed a data breach affecting 13.5 million user accounts after ShinyHunters exploited a Salesforce misconfiguration."},{"ai_confidence":0.85,"created_at":"2026-05-03T23:55:02.832308","entity":"Cybersecurity Industry","event_type":"industry_trend","id":"598f04af-156e-4788-97de-807f2242a5ad","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.industrialcyber.net/ransomware-reaches-elevated-new-normal-as-attack-volumes-hold-steady-into-2026-reshape-baseline-risk-expectations/","summary":"Ransomware attack volumes remained consistent in Q1 2026, with a shift towards data theft and extortion, impacting manufacturing and construction."},{"ai_confidence":0.95,"created_at":"2026-05-03T23:55:02.832299","entity":"Vercel","event_type":"data_breach","id":"2af710b1-12de-40a2-abd7-e5338c5c36e4","impact":"high","pub_date":"2026-04-19","source_url":"https://www.bleepingcomputer.com/news/security/vercel-confirms-breach-as-hackers-claim-to-be-selling-stolen-data/","summary":"Cloud development platform Vercel disclosed a security incident on April 19th, caused by a third-party tool compromise, with hackers selling data."},{"ai_confidence":0.95,"created_at":"2026-05-03T23:55:02.832291","entity":"France Titres","event_type":"data_breach","id":"52ce7210-7b89-4395-beae-1eec12596adb","impact":"high","pub_date":"2026-04-01","source_url":"https://www.bleepingcomputer.com/news/security/french-govt-agency-confirms-breach-as-hacker-offers-to-sell-data/","summary":"France Titres, a French government agency, confirmed a data breach after a hacker claimed the attack and offered to sell citizen data."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832281","entity":"Rituals","event_type":"data_breach","id":"f5da226b-f283-4ba5-a536-fc5d40d1e3cd","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/","summary":"Cosmetics giant Rituals disclosed a data breach where attackers stole personal information of customers from its membership database."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832270","entity":"Coupang","event_type":"data_breach","id":"1f114849-4e7f-43b0-8523-1beee892a1aa","impact":"high","pub_date":"2026-04-01","source_url":"https://www.investing.com/news/stock-market-news/south-korea-says-coupang-data-breach-probe-affects-us-security-talks-3369444","summary":"A massive data breach at Coupang, affecting millions of users, has escalated to strain U.S.\u2013South Korea relations."},{"ai_confidence":0.95,"created_at":"2026-05-03T23:55:02.832255","entity":"ADT","event_type":"data_breach","id":"a8ce7a08-3a96-44c0-bc0f-9df4cc94b2e2","impact":"high","pub_date":"2026-04-01","source_url":"https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/","summary":"Home security giant ADT confirmed a data breach after ShinyHunters threatened to leak stolen customer data."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.832222","entity":"Adobe","event_type":"data_breach","id":"6ad40109-938e-4ff5-9f5b-28759325741f","impact":"high","pub_date":"2026-04-27","source_url":"https://www.enterprisetimes.co.uk/2026/04/27/security-and-ai-news-for-the-two-weeks-beginning-13-april-2026/","summary":"Threat actor 'Mr Racoon' claimed responsibility for a massive data breach at Adobe, exposing 13 million customer support tickets."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.831402","entity":"CISA","event_type":"regulatory","id":"19da4818-c1f6-4920-a330-af6ba9fbc647","impact":"high","pub_date":"2026-04-27","source_url":"https://www.enterprisetimes.co.uk/2026/04/27/security-and-ai-news-for-the-two-weeks-beginning-13-april-2026/","summary":"CISA added multiple critical flaws, including SimpleHelp and Windows RPC vulnerabilities, to its KEV catalog with a May 2026 federal deadline."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.831395","entity":"Vimeo","event_type":"data_breach","id":"026865b7-78bc-423b-8c38-3fb9149bed29","impact":"medium","pub_date":"2026-04-01","source_url":"https://www.securityweek.com/vimeo-confirms-user-and-customer-data-breach/","summary":"Vimeo confirmed a data breach exposing customer email addresses, technical data, and video metadata via a third-party vendor."},{"ai_confidence":0.95,"created_at":"2026-05-03T23:55:02.831387","entity":"Checkmarx","event_type":"data_breach","id":"816199b6-3a54-451f-8989-4f7b6856b56e","impact":"high","pub_date":"2026-04-01","source_url":"https://www.bleepingcomputer.com/news/security/checkmarx-confirms-lapsus$-hackers-leaked-its-stolen-github-data/","summary":"Checkmarx confirmed the LAPSUS$ group leaked data stolen from its private GitHub repository."},{"ai_confidence":0.95,"created_at":"2026-05-03T23:55:02.831379","entity":"Trellix","event_type":"data_breach","id":"f7cb6c6b-d035-4f2c-be87-41549c604c35","impact":"high","pub_date":"2026-05-01","source_url":"https://www.thehacker.news/2026/05/trellix-confirms-source-code-breach-with.html","summary":"Cybersecurity company Trellix confirmed a breach involving unauthorized access to a portion of its source code repository."},{"ai_confidence":0.9,"created_at":"2026-05-03T23:55:02.831364","entity":"CISA","event_type":"regulatory","id":"998b9f01-1e62-4c26-bc97-3649f9c3f98a","impact":"high","pub_date":"2026-05-01","source_url":"https://www.bleepingcomputer.com/news/security/cisa-adds-actively-exploited-linux-root-access-bug-cve-2026-31431-to-kev/","summary":"CISA added actively exploited Linux root access bug CVE-2026-31431 to its Known Exploited Vulnerabilities catalog."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961797","entity":"Rituals","event_type":"data_breach","id":"6db45475-fae8-49cf-af1e-3e8f1fdb5ee9","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/","summary":"Cosmetics giant Rituals disclosed a data breach affecting its customers."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961790","entity":"ADT, ShinyHunters","event_type":"data_breach","id":"8a858afe-f583-4c36-824c-3a81e93b0423","impact":"high","pub_date":"2026-04-24","source_url":"https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/","summary":"Home security giant ADT confirmed a data breach after the ShinyHunters group threatened to leak stolen data."},{"ai_confidence":0.8,"created_at":"2026-05-02T23:42:16.961784","entity":"Google","event_type":"strategy_change","id":"07c1640e-8d6d-48f7-b375-a4e9850e4b7a","impact":"low","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"Google is prioritizing general-purpose Gemini models over cybersecurity-specific AI development."},{"ai_confidence":0.8,"created_at":"2026-05-02T23:42:16.961777","entity":"Zealot (AI system)","event_type":"research_demonstration","id":"b6174d7e-bf22-422c-b257-b861cb086aee","impact":"low","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"'Zealot' demonstrated AI's capabilities in executing full cloud attacks in a staged environment."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961771","entity":"Anthropic","event_type":"data_breach","id":"df94da32-61f7-4ca7-a79b-6e498d464d09","impact":"medium","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"Anthropic experienced a 'Mythos Breach' which was described as humiliating."},{"ai_confidence":0.85,"created_at":"2026-05-02T23:42:16.961764","entity":"Developer (individual)","event_type":"social_engineering","id":"9126a435-c96e-4af1-8069-33c045fbaa74","impact":"low","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"A developer was targeted by a sophisticated job scam that tricked them into running malicious code."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961757","entity":"UNC6692, Microsoft Teams","event_type":"malware_campaign","id":"82b99d6c-9688-4aeb-97b1-ebe2ec2ea0b0","impact":"medium","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"UNC6692 is impersonating IT Helpdesk via Microsoft Teams to deploy SNOW malware."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961750","entity":"UK authorities, Chinese hackers","event_type":"threat_warning","id":"f3fe01cb-af28-4f68-a28a-e87a2da6ec4d","impact":"medium","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"UK authorities warn that Chinese hackers are using proxy networks to evade detection."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961743","entity":"Mongolian Government, GopherWhisper","event_type":"cyber_attack","id":"9c3d7584-08ce-4347-ba62-1b941b51e8d1","impact":"high","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"China-linked GopherWhisper infected 12 Mongolian government systems with Go backdoors."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961736","entity":"CISA, U.S. Agency, Cisco","event_type":"cyber_attack","id":"6a49a409-6a2e-4afe-bd90-a97e793ab38c","impact":"high","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"CISA reported a U.S. agency breach via a Cisco vulnerability, with the FIRESTARTER backdoor active through March."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961730","entity":"UK health charity, Alibaba","event_type":"data_breach","id":"99b14005-4afc-4fae-91db-228bd9b2900d","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"UK is investigating a large health dataset, potentially from 500,000 people, listed for sale on China's Alibaba."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961723","entity":"NIST","event_type":"announcement","id":"1cf2b280-804b-49b9-bb28-2dc49ac33d04","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST is revamping its CVE framework to prioritize high-impact vulnerabilities."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961717","entity":"US Coast Guard","event_type":"regulatory","id":"7352a01c-7b89-4f90-b6c9-960e85826d50","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The US Coast Guard has issued new cybersecurity rules."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961711","entity":"NIST","event_type":"regulatory","id":"88fecd02-0dbd-4efb-becc-27613b2bfd0a","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST's cutback of CVE handling is impacting cyber teams."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961704","entity":"Saudi Aramco","event_type":"data_breach","id":"bd63da34-a429-4b49-bcd5-e1a809700999","impact":"high","pub_date":"2025-07-24","source_url":"https://purplesec.us/breach-report/saudi-aramco-data-breach-explained/","summary":"Saudi Aramco experienced a data breach with a reported $50 million ransom demand."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961698","entity":"Deezer","event_type":"data_breach","id":"6fa769df-8086-496b-9655-e524654decc0","impact":"high","pub_date":"2025-07-24","source_url":"https://purplesec.us/breach-report/deezer-data-leak-228-million-users/","summary":"Data of 228 million Deezer users was stolen in a data breach."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961691","entity":"Cisco, UNC2447, Lapsus$, Yanluowang","event_type":"cyber_attack","id":"6c5514c7-f8e1-4e04-ae73-208e613eb397","impact":"high","pub_date":"2025-07-24","source_url":"https://purplesec.us/breach-report/cisco-cyber-attack/","summary":"Cisco suffered a cyber attack by UNC2447, Lapsus$, and Yanluowang groups."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961685","entity":"Microsoft","event_type":"data_breach","id":"2df68d98-b07b-4992-95cb-d698e619e34e","impact":"high","pub_date":"2025-07-24","source_url":"https://purplesec.us/breach-report/microsoft-data-leak/","summary":"Microsoft experienced a 2.4 TB data leak caused by misconfiguration."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961678","entity":"PromptLock","event_type":"ransomware_attack","id":"042450f1-1df6-4c37-a704-e3b78a684ac2","impact":"medium","pub_date":"2025-10-07","source_url":"https://purplesec.us/breach-report/promptlock-ai-ransomware/","summary":"PromptLock is identified as the first AI-powered ransomware prototype."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961672","entity":"LunaLock","event_type":"ransomware_attack","id":"280c1756-f3b2-48de-8069-c406ee87f347","impact":"medium","pub_date":"2026-01-18","source_url":"https://purplesec.us/breach-report/lunalock-ransomware/","summary":"LunaLock ransomware is identified as a rising AI-driven extortion threat."},{"ai_confidence":0.95,"created_at":"2026-05-02T23:42:16.961665","entity":"Arup","event_type":"financial_fraud","id":"9a5ea7c5-d2b2-47c7-a43e-8f7a6bbb63c6","impact":"high","pub_date":"2026-01-25","source_url":"https://purplesec.us/breach-report/arup-deepfake/","summary":"Arup suffered a $25M loss due to an AI-generated deepfake video."},{"ai_confidence":0.8,"created_at":"2026-05-02T23:42:16.961659","entity":"Anthropic","event_type":"announcement","id":"5ac6cdc1-9e87-4462-89a4-5e13fddf7e68","impact":"low","pub_date":"2026-04-24","source_url":"https://www.infosecurity-magazine.com/news/","summary":"Anthropic launched Claude Security, a new service for AI vulnerability scanning."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961652","entity":"CISA, Cisco, TP-Link","event_type":"vulnerability_exploitation","id":"9500b275-3a1d-4887-8405-a35e6c8a6368","impact":"high","pub_date":"2026-04-24","source_url":"https://www.cybersecuritydive.com/topic/vulnerability/","summary":"CISA confirms exploitation of three more Cisco networking device vulnerabilities; a botnet targets end-of-life TP-Link routers."},{"ai_confidence":0.85,"created_at":"2026-05-02T23:42:16.961646","entity":"US, UK authorities, CISA, Cisco","event_type":"cyber_attack","id":"1a926179-ec2b-4ec4-8611-c661647c4424","impact":"high","pub_date":"2026-04-24","source_url":"https://cyberscoop.com/","summary":"US and UK authorities warn of Firestarter backdoor malware surviving patching; a federal agency was impacted by Cisco device flaws."},{"ai_confidence":0.85,"created_at":"2026-05-02T23:42:16.961639","entity":"PackageKit daemon, WordPress, Breeze Cache plugin","event_type":"vulnerability_disclosure","id":"222b9e73-83d9-4579-83c9-41087a94cfa2","impact":"high","pub_date":"2026-04-24","source_url":"https://www.bleepingcomputer.com/tag/vulnerability/","summary":"New vulnerabilities 'Pack2TheRoot' in PackageKit and a critical flaw in WordPress Breeze Cache plugin are actively exploited."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961633","entity":"Microsoft, Microsoft SharePoint Server, CVE-2026-32201","event_type":"vulnerability_disclosure","id":"6c742f80-f631-481e-96e2-233566d3e825","impact":"high","pub_date":"2026-04-09","source_url":"https://krebsonsecurity.com/","summary":"Microsoft warns of active exploitation targeting CVE-2026-32201 in SharePoint Server, enabling spoofing and phishing attacks."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961626","entity":"Linux, CVE-2026-31431","event_type":"vulnerability_disclosure","id":"b83c5aaa-0896-416b-8410-cbc3dc8f9916","impact":"high","pub_date":"2026-04-24","source_url":"https://thehackernews.com/search/label/Vulnerability","summary":"A new local privilege escalation vulnerability, CVE-2026-31431 'Copy Fail,' allows unprivileged Linux users to gain root access."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961618","entity":"VECT 2.0","event_type":"malware_analysis","id":"a1300111-0a06-4787-8e69-464c87d7d579","impact":"medium","pub_date":"2026-04-24","source_url":"https://thehackernews.com/2026/04/vect-20-ransomware-irreversibly.html","summary":"VECT 2.0 ransomware has a critical flaw that irreversibly destroys files over 131KB, acting as a wiper."},{"ai_confidence":0.9,"created_at":"2026-05-02T23:42:16.961603","entity":"Ryan Goldberg, Kevin Martin","event_type":"litigation","id":"a789bf98-d99a-4f58-940b-18239c937715","impact":"high","pub_date":"2026-04-24","source_url":"https://securityaffairs.com/191591/cyber-crime/two-us-cybersecurity-experts-sentenced-in-ransomware-case-third-awaits-july-ruling.html","summary":"Two US cybersecurity professionals, Ryan Goldberg and Kevin Martin, were sentenced to four years in prison for supporting ransomware attacks."},{"ai_confidence":0.97,"created_at":"2026-05-01T23:27:10.905034","entity":"Rituals","event_type":"data_breach","id":"b39f188a-c436-4f69-b195-6a026c474487","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/","summary":"Cosmetics giant Rituals disclosed a data breach affecting its customers."},{"ai_confidence":0.98,"created_at":"2026-05-01T23:27:10.905026","entity":"ADT","event_type":"data_breach","id":"3a30421b-606c-4b24-b7a9-a7326a5c22e1","impact":"high","pub_date":"2026-04-24","source_url":"https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/","summary":"ADT confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data, demanding a ransom."},{"ai_confidence":0.95,"created_at":"2026-05-01T23:27:10.905018","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"f9272aa9-bc3f-45b1-a019-1620ba5999d0","impact":"high","pub_date":"2026-04-01","source_url":"https://cyberscoop.com/microsoft-patch-tuesday-april-2026/","summary":"Microsoft addressed 165 vulnerabilities, including an actively exploited zero-day in SharePoint, prompting CISA to add it to its catalog."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.905011","entity":"Dutch intelligence agency","event_type":"announcement","id":"d10b7474-5d63-4ae1-b7cc-77fbc03e5d6b","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"The Dutch intelligence agency announced that the Netherlands is facing its biggest security threat in decades."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.905004","entity":"UK health charity, Alibaba","event_type":"regulatory","id":"11aa0f6d-f99a-4069-bf29-299d165540da","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK is investigating how a large health dataset from a charity, affecting 500,000 people, was listed for sale on China's Alibaba."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904996","entity":"US Coast Guard","event_type":"regulatory","id":"bc71ee83-3b78-4be7-bd22-edbd5b21de30","impact":"low","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The US Coast Guard introduced new cybersecurity rules, offering valuable lessons and guidance for Chief Information Security Officers (CISOs)."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904988","entity":"NIST","event_type":"regulatory","id":"a2936ba8-6fa1-426e-9808-7e1e3a4a884c","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST is revamping its CVE framework to focus on high-impact vulnerabilities and cut back on general CVE handling, impacting cyber teams."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904980","entity":"Dutch horse forum","event_type":"data_breach","id":"5083e694-0cbe-45df-91b4-4634c6d253fb","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/horse-forum-hackers-passwords-attacks/","summary":"A Dutch horse forum was hacked after 25 years of security, leading to the spread of user passwords in other attacks."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904972","entity":"Anthropic","event_type":"cybersecurity_incident","id":"c566c39b-2dc0-4ae5-a0ad-481560db1514","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic is investigating unauthorized access to its powerful new Mythos AI model by a small group of Discord users."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904964","entity":"Microsoft, Microsoft SharePoint Server","event_type":"vulnerability_disclosure","id":"42a75862-ffc0-46ca-9074-7dfa3fc032f4","impact":"high","pub_date":"2026-04-01","source_url":"https://securityaffairs.com/190831/security/microsoft-patch-tuesday-for-april-2026-fixed-actively-exploited-sharepoint-zero-day.html","summary":"Microsoft's April 2026 Patch Tuesday fixed 165 vulnerabilities, including a critical and actively exploited SharePoint zero-day (CVE-2026-32201)."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904957","entity":"Microsoft, Microsoft SharePoint Server","event_type":"vulnerability_disclosure","id":"5d0f2778-cced-46b9-b2fc-35619d89047f","impact":"high","pub_date":"2026-04-01","source_url":"https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-april-2026/","summary":"Microsoft released 164 security updates in April 2026, including fixes for an actively exploited zero-day (CVE-2026-32201) in SharePoint Server."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904950","entity":"Frost Bank, Citizens Financial Group, Middlesex County","event_type":"data_breach","id":"80e42119-f378-480e-abf0-4cef82abaa46","impact":"high","pub_date":"2026-04-01","source_url":"https://www.giaspace.com/your-april-2026-data-breach-roundup/","summary":"Frost Bank and Citizens Financial Group data was leaked by Everest ransomware via a third-party, and Middlesex County suffered a cyberattack in April 2026."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904941","entity":"LMDeploy","event_type":"vulnerability_exploitation","id":"d96e5a64-e0ba-48c1-89c6-e8210aa44fa8","impact":"high","pub_date":"2026-04-24","source_url":"https://techmaniacs.com/2026/04/24/ai-security-daily-briefing-april-24-2026/","summary":"A high-severity security flaw in LMDeploy, an open-source LLM toolkit, was actively exploited less than 13 hours after public disclosure."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904932","entity":"Manufacturing industry, Construction sector","event_type":"industry_trend","id":"50ccbcc9-15d4-43f0-a014-336346945ef1","impact":"medium","pub_date":"2026-01-01","source_url":"https://industrialcyber.co/reports/ransomware-reaches-elevated-new-normal-as-attack-volumes-hold-steady-into-2026-reshape-baseline-risk-expectations/","summary":"Ransomware activity remained consistent in Q1 2026, with manufacturing most impacted and construction emerging as a growing hotspot."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904924","entity":"FBI, Android users, iPhone users","event_type":"data_breach","id":"ea908634-e2ab-4718-872a-136c3e2cc2f2","impact":"high","pub_date":"2026-01-01","source_url":"https://www.techrepublic.com/article/news-top-cyberattacks-2026-so-far/","summary":"The FBI was hacked by a China-linked intrusion, and a fileless iPhone exploit (DarkSword) was found, putting millions of devices at risk in 2026."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904914","entity":"EU Commission, Booking.com, McGrawHill, Medtronic","event_type":"cybersecurity_incident","id":"c7fd0e0d-5cb3-4db0-ae53-4057434ec63a","impact":"high","pub_date":"2026-04-01","source_url":"https://www.cm-alliance.com/cybersecurity-blog/major-cyber-attacks-data-breaches-ransomware-attacks-in-april-2026","summary":"In April 2026, major cyberattacks impacted the EU Commission, Booking.com, McGrawHill, and Medtronic, disrupting operations and exposing data."},{"ai_confidence":0.9,"created_at":"2026-05-01T23:27:10.904895","entity":"Match Group, Stryker, Brightspeed, Nike","event_type":"data_breach","id":"a71dc5d0-1888-469f-8523-a644b021928f","impact":"high","pub_date":"2026-01-01","source_url":"https://www.acilearning.com/blog/the-biggest-cybersecurity-breaches-of-2026-so-far-and-the-training-that-could-have-prevented-them/","summary":"Major cybersecurity incidents in 2026 affected Match Group, Stryker, Brightspeed, and Nike due to preventable failures."},{"ai_confidence":0.85,"created_at":"2026-04-30T23:10:37.978135","entity":"Anthropic","event_type":"data_breach","id":"85aa1be2-28ce-4252-9807-762304269328","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.theverge.com/ai-artificial-intelligence/917644/anthropic-claude-mythos-breach-humiliation","summary":"AI company Anthropic experienced a \"humiliating\" Mythos breach, though specific details were not provided."},{"ai_confidence":0.95,"created_at":"2026-04-30T23:10:37.978128","entity":"Mongolian Government Systems","event_type":"cyber_attack","id":"0de4ea5d-255b-45f3-8504-193977a60221","impact":"high","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.html","summary":"China-linked GopherWhisper infected 12 Mongolian government systems with Go backdoors in a targeted cyber attack."},{"ai_confidence":0.95,"created_at":"2026-04-30T23:10:37.978121","entity":"U.S. Agency","event_type":"data_breach","id":"01b69d39-9990-422b-94b1-09ee00fe5e3c","impact":"high","pub_date":"2026-04-23","source_url":"https://therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor","summary":"A U.S. agency was breached via a Cisco vulnerability, with a FIRESTARTER backdoor allowing access until March, as confirmed by CISA."},{"ai_confidence":0.95,"created_at":"2026-04-30T23:10:37.978113","entity":"UK government, unnamed health charity","event_type":"regulatory_investigation","id":"1f80ac6f-f90c-4fba-ad33-ae943f67ac9a","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK government is investigating how a large health dataset, potentially from an unnamed health charity, was listed for sale on Alibaba."},{"ai_confidence":0.9,"created_at":"2026-04-30T23:10:37.978105","entity":"Coast Guard","event_type":"regulatory_announcement","id":"30165b0d-ce5c-45db-a548-da784c0b4dbe","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The Coast Guard introduced new cybersecurity rules, offering important lessons for CISOs."},{"ai_confidence":0.9,"created_at":"2026-04-30T23:10:37.978096","entity":"NIST","event_type":"regulatory_announcement","id":"8e876041-d485-446f-91bd-3df2e826329d","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST announced cutbacks in CVE handling and a revamp of its CVE framework to focus on high-impact vulnerabilities."},{"ai_confidence":0.9,"created_at":"2026-04-30T23:10:37.978078","entity":"Jerry's Store","event_type":"data_breach","id":"4e81763a-222d-4ebb-9d9d-bc0e5fea091c","impact":"high","pub_date":"2026-04-29","source_url":"https://cybernews.com/security/jerrys-store-vibecode-exposes-stolen-credit-cards/","summary":"Jerry's Store, a marketplace for stolen credit cards, exposed an unprotected server, leaking details of 345,000 credit cards."},{"ai_confidence":0.9,"created_at":"2026-04-29T22:55:16.325169","entity":"Dutch intelligence agency","event_type":"announcement","id":"47df9590-ae08-4e76-b446-8a04a7ab3c66","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"Dutch intelligence agency announces the country is facing its biggest security threat in decades."},{"ai_confidence":0.9,"created_at":"2026-04-29T22:55:16.325160","entity":"UK government","event_type":"regulatory","id":"e897384d-fe94-4709-8792-2e6bfe0b3cb7","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"UK government investigates a health charity's large dataset, potentially from 500,000 people, listed for sale on Alibaba."},{"ai_confidence":0.9,"created_at":"2026-04-29T22:55:16.325151","entity":"Dutch horse forum","event_type":"data_breach","id":"e13a54d6-895b-4628-9ef7-5ae22496597d","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/horse-forum-hackers-passwords-attacks/","summary":"A Dutch horse forum suffered a data breach after 25 years, leading to user passwords spreading in other attacks."},{"ai_confidence":0.9,"created_at":"2026-04-29T22:55:16.325141","entity":"Anthropic","event_type":"cybersecurity_incident","id":"e62f437f-9185-4285-8573-b8a8c02c6857","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic is investigating unauthorized access to its powerful new Mythos AI model by a small group of Discord users."},{"ai_confidence":0.9,"created_at":"2026-04-29T22:55:16.325122","entity":"CISA","event_type":"regulatory","id":"f4bdc470-1173-44e3-88a5-812fdd75fcaa","impact":"high","pub_date":"2026-04-29","source_url":"https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-windows-flaw-exploited-in-zero-day-attacks/","summary":"CISA orders federal agencies to patch a Windows zero-day vulnerability actively exploited in attacks."},{"ai_confidence":0.8,"created_at":"2026-04-28T22:40:05.038302","entity":"Developer","event_type":"social_engineering_incident","id":"5f82713f-ff98-4474-9578-5d2f8957af1e","impact":"low","pub_date":"2026-04-23","source_url":"https://www.theregister.com/2026/04/23/job_scam_targeted_developer/","summary":"A developer was targeted by a sophisticated job scam, leading them to execute malicious code."},{"ai_confidence":0.9,"created_at":"2026-04-28T22:40:05.038294","entity":"UNC6692","event_type":"threat_disclosure","id":"2c75d7f1-0a30-4f89-b0ac-6c6e15ca66a5","impact":"medium","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html","summary":"Threat actor UNC6692 is impersonating IT helpdesks via Microsoft Teams to deploy SNOW malware."},{"ai_confidence":0.9,"created_at":"2026-04-28T22:40:05.038287","entity":"UK","event_type":"threat_warning","id":"97ada2e0-eb14-4a60-a1f3-f3b7dfa96b89","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/uk-warns-of-chinese-hackers-using-botnets-of-hijacked-consumer-devices-to-evade-detection/","summary":"The UK warned of Chinese hackers using proxy networks and hijacked consumer devices to evade detection."},{"ai_confidence":0.95,"created_at":"2026-04-28T22:40:05.038277","entity":"Mongolian Government","event_type":"cyberattack","id":"e9974003-5d98-4106-9168-1c3491b92876","impact":"high","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.html","summary":"China-linked GopherWhisper infected 12 Mongolian government systems with Go backdoors."},{"ai_confidence":0.95,"created_at":"2026-04-28T22:40:05.038269","entity":"U.S. Agency (CISA)","event_type":"cyberattack","id":"153d7ec1-6d7e-4220-a3e9-8d829ad6fe19","impact":"high","pub_date":"2026-04-23","source_url":"https://therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor","summary":"CISA reported a breach of a U.S. agency through a Cisco vulnerability, with the FIRESTARTER backdoor allowing access until March."},{"ai_confidence":0.95,"created_at":"2026-04-28T22:40:05.038261","entity":"UK government","event_type":"regulatory_investigation","id":"a53a7831-ad8f-448d-8457-61bcd727d911","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK government is investigating how a large health dataset, potentially from 500,000 people, was listed for sale on Alibaba."},{"ai_confidence":0.85,"created_at":"2026-04-28T22:40:05.038252","entity":"NIST","event_type":"regulatory_change","id":"84b0d06e-9169-4d01-84da-0c5a8b0252fd","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST revamped its CVE framework to prioritize high-impact vulnerabilities, aiming to improve focus on critical threats."},{"ai_confidence":0.85,"created_at":"2026-04-28T22:40:05.038244","entity":"Coast Guard","event_type":"regulatory","id":"f5d895ac-c0b2-4f37-82e1-4b7603af24b9","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The Coast Guard introduced new cybersecurity rules, providing important lessons for CISOs in other sectors."},{"ai_confidence":0.85,"created_at":"2026-04-28T22:40:05.038236","entity":"NIST","event_type":"regulatory_change","id":"aad108b6-9e5b-46e5-91be-d03c15337846","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST's cutback on CVE handling is impacting cyber teams, raising concerns about vulnerability management."},{"ai_confidence":0.85,"created_at":"2026-04-28T22:40:05.038228","entity":"Dutch horse forum","event_type":"data_breach","id":"94b4a515-41ca-448b-97dc-da2d83deeb92","impact":"high","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/horse-forum-hackers-passwords-attacks/","summary":"A Dutch horse forum was hacked after 25 years, leading to password compromise and spread in other attacks."},{"ai_confidence":0.9,"created_at":"2026-04-28T22:40:05.038219","entity":"Anthropic","event_type":"security_incident","id":"bfcdd293-92a4-498b-a1ce-fa33ae703632","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic is investigating unauthorized access to its powerful new Mythos AI model by a small group of Discord users."},{"ai_confidence":0.9,"created_at":"2026-04-28T22:40:05.038210","entity":"Salesforce","event_type":"security_incident","id":"b579c6c4-6eaf-4dfb-8ade-e6d89054ae31","impact":"medium","pub_date":"2025-08-27","source_url":"https://security.salesforce.com/security-advisories","summary":"Salesforce disabled the connection with the Drift app by Salesloft following a security incident not stemming from the core Salesforce platform."},{"ai_confidence":0.9,"created_at":"2026-04-28T22:40:05.038199","entity":"Salesforce","event_type":"security_action","id":"8425980b-2677-40db-9460-eeeaaca858e0","impact":"medium","pub_date":"2025-08-28","source_url":"https://security.salesforce.com/security-advisories","summary":"Salesforce disabled all integrations with Salesloft apps, including Drift, as a precautionary security measure."},{"ai_confidence":0.9,"created_at":"2026-04-28T22:40:05.038189","entity":"Salesforce","event_type":"security_advisory","id":"9c682b76-170d-4e8d-838d-4db5aa7554de","impact":"medium","pub_date":"2025-10-02","source_url":"https://security.salesforce.com/security-advisories","summary":"Salesforce issued an advisory regarding ongoing extortion attempts by threat actors, which they investigated with external experts."},{"ai_confidence":0.95,"created_at":"2026-04-28T22:40:05.038177","entity":"Vercel","event_type":"data_breach","id":"a5e219d8-6e6c-4319-bd53-55eba710b695","impact":"high","pub_date":"2026-04-20","source_url":"https://www.trendmicro.com/en_us/research/26/d/vercel-breach-oauth-supply-chain.html","summary":"Vercel experienced an OAuth supply chain compromise, leading to unauthorized access to its internal systems via a third-party application."},{"ai_confidence":0.9,"created_at":"2026-04-28T22:40:05.038162","entity":"CTM360","event_type":"announcement","id":"e7ceda4d-0492-4f0f-8008-e533ac2080e9","impact":"high","pub_date":"2026-04-27","source_url":"https://thehackernews.com/expert-insights/2026/04/ctm360-exposes-global-govtrap-campaign.html","summary":"CTM360 exposed a global GovTrap campaign involving over 11,000 fake government portals targeting citizens worldwide."},{"ai_confidence":0.8,"created_at":"2026-04-27T22:26:20.197212","entity":"Google","event_type":"product_strategy","id":"37a55f26-a530-440c-ac55-82a35d530658","impact":"low","pub_date":"2026-04-23","source_url":"https://www.infosecurity-magazine.com","summary":"Google announced its preference for general-purpose Gemini models over cybersecurity-specific AI solutions."},{"ai_confidence":0.8,"created_at":"2026-04-27T22:26:20.197205","entity":"Zealot","event_type":"demonstration","id":"b2486637-518a-41d3-a22a-8f7153a8dbc8","impact":"low","pub_date":"2026-04-23","source_url":"https://www.darkreading.com/cyber-risk/zealot-shows-ai-execute-full-cloud-attacks","summary":"'Zealot' demonstrated AI's capability to execute full cloud attacks in a staged environment."},{"ai_confidence":0.9,"created_at":"2026-04-27T22:26:20.197198","entity":"Anthropic","event_type":"data_breach","id":"74c9d7f2-c7ab-4351-a601-a46660c0d865","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.theverge.com/ai-artificial-intelligence/917644/anthropic-claude-mythos-breach-humiliation","summary":"Anthropic experienced a 'humiliating' Mythos breach, implying significant compromise and reputational damage."},{"ai_confidence":0.85,"created_at":"2026-04-27T22:26:20.197191","entity":"Developer","event_type":"scam","id":"6e9a2c28-47f5-4cc4-9337-9172e69bcd90","impact":"low","pub_date":"2026-04-23","source_url":"https://www.theregister.com/2026/04/23/job_scam_targeted_developer/","summary":"A developer was targeted by a sophisticated job scam that tricked them into running malicious code."},{"ai_confidence":0.9,"created_at":"2026-04-27T22:26:20.197182","entity":"UNC6692","event_type":"cyberattack","id":"950493f0-e0cc-4bc6-8f77-8e173deec4f8","impact":"medium","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html","summary":"UNC6692 impersonated IT Helpdesk via Microsoft Teams to deploy SNOW Malware in a targeted attack."},{"ai_confidence":0.9,"created_at":"2026-04-27T22:26:20.197147","entity":"UK","event_type":"announcement","id":"f44f7d2b-d8a5-49e5-814e-c05b392eb66b","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/uk-warns-of-chinese-hackers-using-botnets-of-hijacked-consumer-devices-to-evade-detection/","summary":"The UK warned of Chinese hackers using proxy networks and hijacked consumer devices to evade detection."},{"ai_confidence":0.95,"created_at":"2026-04-27T22:26:20.197138","entity":"Mongolian Government Systems","event_type":"cyberattack","id":"7a9299b8-d5af-4521-81e4-03e01a4bb291","impact":"high","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.html","summary":"China-linked GopherWhisper group infected 12 Mongolian government systems with Go backdoors."},{"ai_confidence":0.95,"created_at":"2026-04-27T22:26:20.197124","entity":"U.S. Agency","event_type":"cyberattack","id":"535e6c03-b3f3-46b8-8531-77d3841bfbab","impact":"high","pub_date":"2026-04-23","source_url":"https://therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor","summary":"CISA reported that a U.S. agency was breached through a Cisco vulnerability, with a FIRESTARTER backdoor allowing access until March."},{"ai_confidence":0.9,"created_at":"2026-04-27T22:26:20.197117","entity":"Dutch intelligence agency","event_type":"announcement","id":"331b8717-f95d-485a-8c95-00413a91855b","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"The Dutch intelligence agency announced that the Netherlands is facing its biggest security threat in decades."},{"ai_confidence":0.95,"created_at":"2026-04-27T22:26:20.197110","entity":"UK government","event_type":"regulatory","id":"fee229be-4f1b-482c-aee5-68d1f7b5bfba","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK government is investigating how a large health dataset, including information from 500,000 people, was listed for sale on China's Alibaba."},{"ai_confidence":0.85,"created_at":"2026-04-27T22:26:20.197101","entity":"Hasbro","event_type":"cyberattack","id":"239c6208-7150-4a88-a610-c63356975e97","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.cybersecuritydive.com/news/hasbro-march-cyberattack-impact-second-quarter-revenue/818438/","summary":"Hasbro experienced a cyberattack in March, which is expected to impact its second-quarter revenue."},{"ai_confidence":0.9,"created_at":"2026-04-27T22:26:20.197076","entity":"Twitch","event_type":"platform_enforcement","id":"398448ce-5036-40f3-bf93-257ec23a7998","impact":"medium","pub_date":"2026-04-27","source_url":"https://cybernews.com/news/counter-strike-twitch-russia-ban/","summary":"Twitch banned several high-profile Russian streamers for promoting Russia's 'Kamikaze Drone' factory during a sponsored Counter-Strike event."},{"ai_confidence":0.9,"created_at":"2026-04-26T22:12:56.984576","entity":"Anthropic","event_type":"data_breach","id":"a1461010-01d0-483c-bfe5-0411e0d78d34","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.theverge.com/ai-artificial-intelligence/917644/anthropic-claude-mythos-breach-humiliation","summary":"Anthropic experienced a 'Mythos Breach' which was described as humiliating."},{"ai_confidence":0.85,"created_at":"2026-04-26T22:12:56.984569","entity":"Organizations using Microsoft Teams","event_type":"cyberattack_tactic_disclosure","id":"84bf50a0-ea6e-4804-8220-c7639f2c5838","impact":"medium","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/unc6692-impersonates-it-helpdesk-via.html","summary":"UNC6692 is impersonating IT Helpdesk via Microsoft Teams to deploy SNOW Malware."},{"ai_confidence":0.9,"created_at":"2026-04-26T22:12:56.984561","entity":"UK government","event_type":"announcement","id":"7edd3d8a-9636-4f64-88c5-8dfa3ce8db9d","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/uk-warns-of-chinese-hackers-using-botnets-of-hijacked-consumer-devices-to-evade-detection/","summary":"The UK warned of Chinese hackers using botnets of hijacked consumer devices and proxy networks to evade detection."},{"ai_confidence":0.95,"created_at":"2026-04-26T22:12:56.984546","entity":"Mongolian Government","event_type":"cyberattack","id":"c2a78081-656c-4478-a837-3d513d4e53b5","impact":"high","pub_date":"2026-04-23","source_url":"https://thehackernews.com/2026/04/china-linked-gopherwhisper-infects-12.html","summary":"China-linked GopherWhisper infected 12 Mongolian government systems with Go backdoors."},{"ai_confidence":0.95,"created_at":"2026-04-26T22:12:56.984538","entity":"CISA","event_type":"cyberattack","id":"fc6d15dc-ff6a-4136-b039-05fb8a39df8e","impact":"high","pub_date":"2026-04-23","source_url":"https://therecord.media/cisa-us-agency-breached-cisco-vulnerability-backdoor","summary":"The U.S. agency CISA was breached through a Cisco vulnerability, with a FIRESTARTER backdoor allowing access until March."},{"ai_confidence":0.9,"created_at":"2026-04-26T22:12:56.984531","entity":"Dutch intelligence agency","event_type":"announcement","id":"90cf8ddf-f0f4-4e47-a8de-971d385336f2","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"The Dutch intelligence agency announced that the Netherlands is facing its biggest security threat in decades."},{"ai_confidence":0.95,"created_at":"2026-04-26T22:12:56.984524","entity":"UK government","event_type":"regulatory_investigation","id":"e76b1253-b5c4-4220-b0ae-9762a656e875","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK government is investigating how a health charity's dataset, including 500,000 people's info, was listed for sale on Alibaba."},{"ai_confidence":0.85,"created_at":"2026-04-26T22:12:56.984517","entity":"Hasbro","event_type":"cyberattack","id":"4e559e7b-7c63-40eb-abf2-6915bc27b438","impact":"medium","pub_date":null,"source_url":"https://www.cybersecuritydive.com/news/hasbro-march-cyberattack-impact-second-quarter-revenue/818438/","summary":"Hasbro's March cyberattack is expected to impact the company's second-quarter revenue."},{"ai_confidence":0.9,"created_at":"2026-04-26T22:12:56.984509","entity":"Rituals","event_type":"data_breach_disclosure","id":"2faf14ee-4840-418f-9f24-5b7021538a9f","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/","summary":"Cosmetics giant Rituals disclosed a data breach affecting its customers."},{"ai_confidence":0.95,"created_at":"2026-04-26T22:12:56.984495","entity":"ADT","event_type":"data_breach","id":"0e18d18a-b065-4697-8a3a-63c0b0d20946","impact":"high","pub_date":"2026-04-24","source_url":"https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/","summary":"Home security giant ADT confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data."},{"ai_confidence":0.85,"created_at":"2026-04-25T21:57:39.923861","entity":"Dutch intelligence agency","event_type":"announcement","id":"896655bf-3ff6-462c-b1f8-858a1c3d574e","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"The Dutch intelligence agency announced that the Netherlands is facing its biggest security threat in decades."},{"ai_confidence":0.95,"created_at":"2026-04-25T21:57:39.923853","entity":"UK health charity","event_type":"data_breach","id":"f593a9d4-3f80-494e-b454-5a951690f8a3","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK is investigating after a large health dataset, potentially from 500,000 people, was listed for sale on Alibaba."},{"ai_confidence":0.95,"created_at":"2026-04-25T21:57:39.923846","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"b46dacf8-69e4-45df-a409-8bac65537a55","impact":"high","pub_date":"2026-04-22","source_url":"https://securityonline.info/dotnet-10-authentication-bypass-cve-2026-40372-remediation/","summary":"Microsoft issued an emergency update for .NET 10 due to a critical data protection flaw (CVE-2026-40372) allowing authentication forgery."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923838","entity":"D-Link","event_type":"vulnerability_disclosure","id":"937788b0-9b90-4642-8d48-382f6e258902","impact":"high","pub_date":"2026-04-22","source_url":"https://securityonline.info/mirai-botnet-dlink-command-injection-cve-2025-29635/","summary":"An actively exploited command injection vulnerability (CVE-2025-29635) affecting D-Link devices has been detected."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923831","entity":"NIST","event_type":"announcement","id":"0f7a6e40-48ca-4035-98d8-4e8b90065b8c","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST is revamping its CVE framework to focus on high-impact vulnerabilities, aiming to improve threat prioritization."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923823","entity":"U.S. Coast Guard","event_type":"regulatory","id":"7ee13d57-6095-4d35-8b8c-41230cc8bc46","impact":"low","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The U.S. Coast Guard introduced new cybersecurity rules, offering important lessons for CISOs in maritime security."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923815","entity":"NIST","event_type":"regulatory","id":"5ced24e9-20e9-4f6c-9f73-29e092ba4ca0","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST has reduced its handling of CVEs, impacting cybersecurity teams due to changes in the NVD program."},{"ai_confidence":0.85,"created_at":"2026-04-25T21:57:39.923808","entity":"The Gentlemen","event_type":"announcement","id":"fe851836-a633-4681-bcec-5d48ffb8144d","impact":"high","pub_date":"2026-04-22","source_url":"https://www.darkreading.com/cyberattacks-data-breaches","summary":"The ransomware gang 'The Gentlemen' rapidly rose to prominence, impressing researchers with its speed and sophistication."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923801","entity":"Hasbro","event_type":"cyberattack","id":"6c65b673-4dd4-41b8-8f55-eb50a8b3ba8c","impact":"medium","pub_date":"2026-03-31","source_url":"https://www.cybersecuritydive.com/news/hasbro-march-cyberattack-impact-second-quarter-revenue/818438/","summary":"Hasbro experienced a cyberattack in March 2026, which is expected to impact its second-quarter revenue."},{"ai_confidence":0.8,"created_at":"2026-04-25T21:57:39.923794","entity":"Anthropic","event_type":"data_breach","id":"25e6a311-836e-43fd-b996-7a8365c75bef","impact":"medium","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"Anthropic experienced a 'Mythos Breach' which was described as humiliating."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923787","entity":"Mongolian Government","event_type":"cyberattack","id":"856bf31b-a443-46e1-8bda-5d185e0fa70f","impact":"high","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"China-linked GopherWhisper infected 12 Mongolian government systems with Go backdoors."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923779","entity":"CISA","event_type":"data_breach","id":"635d915c-6587-4613-b3c6-0cf6abc0f92e","impact":"high","pub_date":"2026-04-23","source_url":"https://thecyberbeat.com/2026/04/23/4-23-2026/","summary":"A U.S. agency (CISA) was breached through a Cisco vulnerability, with a FIRESTARTER backdoor allowing access."},{"ai_confidence":0.85,"created_at":"2026-04-25T21:57:39.923771","entity":"Deluxe Enterprises","event_type":"data_breach","id":"3791b9e9-fb07-42b7-a9c1-37b2264f5b41","impact":"medium","pub_date":"2025-11-24","source_url":"https://www.youtube.com/watch?v=G2p_Ff7pdQg","summary":"Deluxe Enterprises disclosed a data breach affecting its Oracle E-Business Suite."},{"ai_confidence":0.8,"created_at":"2026-04-25T21:57:39.923763","entity":"Cleveland County Oklahoma","event_type":"cyberattack","id":"48f72c3c-3ff1-4dca-a9a6-c65dce3776f4","impact":"medium","pub_date":"2025-11-24","source_url":"https://www.youtube.com/watch?v=G2p_Ff7pdQg","summary":"Cleveland County, Oklahoma, and Attleboro, Massachusetts law enforcement agencies were hit by cyberattacks."},{"ai_confidence":0.85,"created_at":"2026-04-25T21:57:39.923748","entity":"Iberia","event_type":"data_breach","id":"6fc46091-c5c3-4936-82cb-35d412bce5a8","impact":"medium","pub_date":"2025-11-24","source_url":"https://www.youtube.com/watch?v=G2p_Ff7pdQg","summary":"Iberia experienced a customer data leak following a vendor security breach."},{"ai_confidence":0.95,"created_at":"2026-04-25T21:57:39.923067","entity":"Citizens Financial Group","event_type":"data_breach","id":"b2adcda0-4dcb-41c1-ad98-c71f8dbb5787","impact":"high","pub_date":"2026-04-21","source_url":"https://www.investmentnews.com/practice-management/data-breach-citizens-flags-limited-customer-impact-after-vendor-data-incident-amid-ransomware-claims/266250","summary":"Citizens Financial Group is dealing with a data security incident via a third-party, with hackers claiming millions of records."},{"ai_confidence":0.95,"created_at":"2026-04-25T21:57:39.923056","entity":"OneDigital","event_type":"data_breach","id":"7b5d0b29-358b-413e-9074-735116f3b90d","impact":"high","pub_date":"2026-04-17","source_url":"https://www.appliedtech.us/resource-hub/this-week-in-cybersecurity-apr17-2026/","summary":"OneDigital disclosed a data breach affecting 28,414 people at Salesforce, compromising names and SSNs."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923048","entity":"Rockstar Games","event_type":"data_breach","id":"e3691ed5-30c8-4608-818a-48d9f4d2c923","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.appliedtech.us/resource-hub/this-week-in-cybersecurity-apr17-2026/","summary":"ShinyHunters ransomware group targeted Rockstar Games after breaching Anodot, accessing corporate information."},{"ai_confidence":0.8,"created_at":"2026-04-25T21:57:39.923041","entity":"Kyber","event_type":"announcement","id":"f65b7af5-7f00-4f05-b90d-949571273e87","impact":"high","pub_date":"2026-04-24","source_url":"https://diesec.com/2026/04/top-5-cybersecurity-news-stories-april-24-2026/","summary":"A newly reported Kyber ransomware operation has targeted both Windows systems and VMware ESXi environments."},{"ai_confidence":0.85,"created_at":"2026-04-25T21:57:39.923033","entity":"Booking.com","event_type":"data_breach","id":"8d4a7d1f-c400-44ff-af39-42cdd8899f0e","impact":"medium","pub_date":"2026-04-24","source_url":"https://diesec.com/2026/04/top-5-cybersecurity-news-stories-april-24-2026/","summary":"Booking.com confirmed unauthorized third parties accessed some guests' reservation-related information."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923026","entity":"CISA","event_type":"regulatory","id":"414cce78-800f-4718-90f2-1e778771d788","impact":"medium","pub_date":"2026-04-20","source_url":"https://diesec.com/2026/04/top-5-cybersecurity-news-stories-april-24-2026/","summary":"CISA added eight new vulnerabilities, including three affecting Cisco Catalyst SD-WAN Manager, to its Known Exploited Vulnerabilities catalog."},{"ai_confidence":0.9,"created_at":"2026-04-25T21:57:39.923016","entity":"Amtrak","event_type":"data_breach","id":"23f35a5e-4cee-4b02-93e9-083245fdc952","impact":"high","pub_date":"2026-04-20","source_url":"https://www.esecurityplanet.com/weekly-roundup/data-breaches-ai-expansion-and-cloud-security-define-this-weeks-cyber-landscape-in-april-2026/","summary":"Amtrak experienced a data breach compromising at least 2.1 million customer records through a CRM/Salesforce-related attack."},{"ai_confidence":0.95,"created_at":"2026-04-25T21:57:39.923000","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"7abafd46-a795-4516-a1f8-154d01aaf115","impact":"high","pub_date":"2026-04-14","source_url":"https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2026-patch-tuesday-fixes-167-flaws-2-zero-days/","summary":"Microsoft released its April 2026 Patch Tuesday, addressing 167 flaws, including two actively exploited zero-day vulnerabilities in SharePoint Server."},{"ai_confidence":0.95,"created_at":"2026-04-24T21:37:42.617198","entity":"UK government","event_type":"investigation","id":"c1c35931-eb56-46e0-8b26-a42af9a3dad0","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK government is investigating a health charity's dataset, containing 500,000 people's info, listed for sale on Alibaba."},{"ai_confidence":0.85,"created_at":"2026-04-24T21:37:42.617190","entity":"Bulgarian national television","event_type":"cyberattack","id":"7d82f4c9-9c7b-4ea1-a6b6-054c294f1bb0","impact":"medium","pub_date":"2026-04-23","source_url":"https://c.newsnow.com/A/1310868561?-38801:2525672006","summary":"Bulgarian national television was hit by a cyberattack aimed at disrupting its operations."},{"ai_confidence":0.85,"created_at":"2026-04-24T21:37:42.617181","entity":"NIST","event_type":"announcement","id":"d6cc4454-3ea5-439d-a3e8-c82f44b7eca6","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST revamped its CVE framework to prioritize high-impact vulnerabilities, streamlining its focus."},{"ai_confidence":0.9,"created_at":"2026-04-24T21:37:42.617153","entity":"US Coast Guard","event_type":"regulatory","id":"3db08d69-b7b3-48ff-a87a-8a3da5cda574","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The US Coast Guard introduced new cybersecurity rules, offering lessons for CISOs in other sectors."},{"ai_confidence":0.9,"created_at":"2026-04-24T21:37:42.617145","entity":"NIST","event_type":"announcement","id":"2ba409e0-389f-4a21-b6af-9fdf77208f15","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST has cut back on its CVE handling, impacting cyber teams and vulnerability management."},{"ai_confidence":0.9,"created_at":"2026-04-24T21:37:42.617136","entity":"Dutch horse forum","event_type":"data_breach","id":"9ff407f2-4476-44f4-81e9-f271a3db8ff7","impact":"high","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/horse-forum-hackers-passwords-attacks/","summary":"A Dutch horse forum suffered a data breach, leading to the spread of passwords in other attacks."},{"ai_confidence":0.9,"created_at":"2026-04-24T21:37:42.617124","entity":"Anthropic","event_type":"investigation","id":"ea52e1d8-2333-4f29-86b8-5fab935610fd","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic launched an investigation into unauthorized access to its Mythos AI model by a Discord group."},{"ai_confidence":0.8,"created_at":"2026-04-24T21:37:42.617060","entity":"an energy supply company","event_type":"cyberattack","id":"65072853-c145-4527-b2d2-3c85b104bdbc","impact":"medium","pub_date":"2025-01-01","source_url":"https://konbriefing.com/en-topics/cyber-attacks.html","summary":"An energy supply company in Paris, France, suffered a DDoS attack on January 1, 2025."},{"ai_confidence":0.9,"created_at":"2026-04-24T21:37:42.617036","entity":"Internet Archive","event_type":"data_breach","id":"adb831a9-1883-4d84-8d3b-652037464edd","impact":"high","pub_date":"2026-01-07","source_url":"https://www.hornetsecurity.com/en/blog/cybersecurity-incidents/","summary":"Internet Archive experienced a data breach and DDoS attack in October 2024."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415404","entity":"Dutch intelligence agency","event_type":"threat_assessment","id":"534a38e4-2da6-449f-acc4-2f20668f8d50","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/business/media-telecom/dutch-are-facing-biggest-security-threat-decades-intelligence-agency-says-2026-04-23/","summary":"The Dutch intelligence agency stated that the Netherlands is facing its biggest security threat in decades."},{"ai_confidence":0.95,"created_at":"2026-04-23T21:19:05.415394","entity":"UK health charity","event_type":"data_breach","id":"37ab61bc-ec5d-404f-a478-00219b5953a0","impact":"high","pub_date":"2026-04-23","source_url":"https://www.reuters.com/world/uk/uk-investigates-after-big-health-dataset-listed-sale-chinas-alibaba-2026-04-23/","summary":"The UK is investigating a health dataset from a charity, potentially containing 500,000 people's info, listed for sale on Alibaba."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415372","entity":"UK, hostile states","event_type":"report","id":"5d42caac-191b-4f05-adb7-40f5e7452bbd","impact":"high","pub_date":"2026-04-21","source_url":"https://c.newsnow.com/A/1310846093?-38801:2525672006","summary":"A report indicates that most nationally significant cyber attacks on the UK are carried out by hostile states."},{"ai_confidence":0.95,"created_at":"2026-04-23T21:19:05.415364","entity":"Bulgarian national television","event_type":"cyber_attack","id":"d1bc32ce-2bc1-4071-82ca-00d4bd91ac62","impact":"high","pub_date":"2026-04-22","source_url":"https://c.newsnow.com/A/1310868561?-38801:2525672006","summary":"A cyberattack hit Bulgarian national television in an attempt to disrupt its operations."},{"ai_confidence":0.8,"created_at":"2026-04-23T21:19:05.415356","entity":"Registered Investment Advisers (RIAs)","event_type":"threat_alert","id":"a4baeff2-4d01-4181-87b9-32ba75ece345","impact":"medium","pub_date":"2026-04-22","source_url":"https://c.newsnow.com/A/1310933160?-38801:2525672006","summary":"Registered Investment Advisers (RIAs) are targeted by cybercriminals, prompting a call for data protection."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415348","entity":"UK, Russia","event_type":"cyber_attack","id":"139894b0-b1fd-415b-bd7a-ea5b5bd53cf5","impact":"high","pub_date":"2026-04-22","source_url":"https://c.newsnow.com/A/1310928271?-38801:2525672006","summary":"Russian hacking against the UK has reached new levels of hostility."},{"ai_confidence":0.95,"created_at":"2026-04-23T21:19:05.415341","entity":"Microsoft","event_type":"vulnerability_disclosure","id":"c03c6b9b-ffac-4733-8904-dba4b628c72d","impact":"high","pub_date":"2026-04-22","source_url":"https://securityonline.info/dotnet-10-authentication-bypass-cve-2026-40372-remediation/","summary":"Microsoft released an emergency update for .NET 10 to fix a critical data protection flaw (CVE-2026-40372)."},{"ai_confidence":0.95,"created_at":"2026-04-23T21:19:05.415332","entity":"D-Link","event_type":"vulnerability_disclosure","id":"68c6a893-367c-4c4d-ace3-14a7d8825033","impact":"high","pub_date":"2025-12-31","source_url":"https://securityonline.info/mirai-botnet-dlink-command-injection-cve-2025-29635/","summary":"An actively exploited command injection vulnerability (CVE-2025-29635) was detected in D-Link devices."},{"ai_confidence":0.85,"created_at":"2026-04-23T21:19:05.415325","entity":"NIST","event_type":"announcement","id":"099dd1cf-3e57-4f11-aa6d-797a2e6b0b52","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/vulnerabilities-threats/nist-revamps-cve-framework-to-focus-on-high-impact-vulnerabilities","summary":"NIST revamped its CVE framework to focus on high-impact vulnerabilities."},{"ai_confidence":0.85,"created_at":"2026-04-23T21:19:05.415316","entity":"US Coast Guard","event_type":"regulatory","id":"a1530049-5089-4134-816e-aa36188e306b","impact":"medium","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/cybersecurity-operations/coast-guards-cybersecurity-rules-lessons-cisos","summary":"The US Coast Guard introduced new cybersecurity rules, offering lessons for CISOs."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415309","entity":"NIST","event_type":"regulatory","id":"661db9df-9e6c-4f56-85c9-d2cf0be2239a","impact":"high","pub_date":"2026-04-17","source_url":"https://www.darkreading.com/threat-intelligence/nist-cutbacks-nvd-handling-impacts-cyber-teams","summary":"NIST's cutback of CVE handling is impacting cyber teams across the industry."},{"ai_confidence":0.8,"created_at":"2026-04-23T21:19:05.415301","entity":"EU","event_type":"financial","id":"aee5f25b-2fb0-4f74-a1f1-19208317924d","impact":"medium","pub_date":"2026-04-23","source_url":"https://cybernews.com/tech/european-cloud-google/","summary":"EU sovereign cloud funding was allocated to a company utilizing Google technology."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415291","entity":"Dutch horse forum","event_type":"data_breach","id":"1f755609-69f3-4620-bfbc-5827d95995f3","impact":"high","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/horse-forum-hackers-passwords-attacks/","summary":"A Dutch horse forum was hacked, leading to password spread and potential use in other attacks."},{"ai_confidence":0.95,"created_at":"2026-04-23T21:19:05.415281","entity":"Anthropic","event_type":"data_breach","id":"4c050809-93f3-4c26-b26e-30513d2720e2","impact":"high","pub_date":"2026-04-23","source_url":"https://cybernews.com/security/anthropic-mythos-ai-unauthorized-access/","summary":"Anthropic is investigating unauthorized access to its Mythos AI model by a small group of Discord users."},{"ai_confidence":0.7,"created_at":"2026-04-23T21:19:05.415271","entity":"FDA","event_type":"regulatory","id":"53267251-10e7-4160-8a6c-a3d1a311bc22","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.hipaajournal.com/cybersecurity-news/","summary":"FDA issued a recall (details truncated)."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415240","entity":"Grassroots DICOM","event_type":"vulnerability_disclosure","id":"7da03cff-417e-4368-8b07-8b8566207a85","impact":"medium","pub_date":"2026-03-01","source_url":"https://www.hipaajournal.com/grassroots-dicom-vulnerability-march-2026/","summary":"A high-severity vulnerability was identified in Grassroots DICOM."},{"ai_confidence":0.85,"created_at":"2026-04-23T21:19:05.415227","entity":"BakerHostetler","event_type":"report","id":"58f09a8b-060c-423e-8635-5723b75a380e","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.hipaajournal.com/bakerhostetler-report-2026-healthcare/","summary":"BakerHostetler reported healthcare remains the most targeted sector, with extortion-only attacks on the rise."},{"ai_confidence":0.95,"created_at":"2026-04-23T21:19:05.415215","entity":"Citrix","event_type":"vulnerability_disclosure","id":"90c1ed54-8bd3-401a-8a16-5d15216f729c","impact":"high","pub_date":"2026-04-23","source_url":"https://www.hipaajournal.com/urgent-action-required-to-fix-critical-citrix-netscaler-vulnerability/","summary":"Urgent action is required to fix an actively exploited critical vulnerability in Citrix NetScaler."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415207","entity":"Progress Software","event_type":"vulnerability_disclosure","id":"50ce39c6-c03b-4f70-b284-dd3c01ceaea7","impact":"high","pub_date":"2026-04-23","source_url":"https://www.hipaajournal.com/critical-flaws-progress-software-sharefile/","summary":"Critical flaws were identified in Progress Software's ShareFile service."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415199","entity":"FBI","event_type":"report","id":"12d65bea-5b18-4ccb-bf0f-6ad5b0752a58","impact":"high","pub_date":"2025-12-31","source_url":"https://www.hipaajournal.com/fbi-internet-crime-complaint-report-2025/","summary":"A report indicated that losses to cybercrime exceeded $20 billion in 2025."},{"ai_confidence":0.85,"created_at":"2026-04-23T21:19:05.415191","entity":"HSCC","event_type":"announcement","id":"a71e4ac8-3aa5-4146-9b6a-78c7ec214229","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.hipaajournal.com/hscc-issues-guidance-for-healthcare-organizations-on-managing-third-party-ai-risks/","summary":"HSCC issued guidance for healthcare organizations on managing third-party AI risks."},{"ai_confidence":0.8,"created_at":"2026-04-23T21:19:05.415184","entity":"Fortinet","event_type":"announcement","id":"1e994348-e6cc-4d90-83c5-3b2dd2ca88e2","impact":"low","pub_date":"2026-04-21","source_url":"https://www.fortinet.com/resources/cyberglossary/recent-cyber-attacks","summary":"Fortinet announced the 2026 AI Cybersecurity Summit to be held on April 21-22."},{"ai_confidence":0.8,"created_at":"2026-04-23T21:19:05.415176","entity":"CISA","event_type":"announcement","id":"68ef72e3-279c-425f-91ab-c1ad5a5ef4d1","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.cisa.gov/news-events/cybersecurity-advisories","summary":"CISA announced its website will not be actively managed due to a lapse in federal funding."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415168","entity":"The Gentlemen","event_type":"ransomware_activity","id":"5f5dd76a-d0a9-4686-ad2e-0d7ddb97c501","impact":"high","pub_date":"2026-04-22","source_url":"https://www.darkreading.com/threat-intelligence/gentlemen-rapidly-rise-ransomware","summary":"The ransomware gang 'The Gentlemen' rapidly rose to prominence, impressing researchers with its speed and sophistication."},{"ai_confidence":0.95,"created_at":"2026-04-23T21:19:05.415159","entity":"Rituals","event_type":"data_breach","id":"8eb29301-46bf-40f9-b18e-0a7c0796cbff","impact":"high","pub_date":"2026-04-23","source_url":"https://www.securityweek.com/","summary":"Luxury cosmetics giant Rituals disclosed a data breach."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415150","entity":"Rilian","event_type":"financial","id":"78b19b67-bdf2-4693-be88-d91c0bb5de72","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.securityweek.com/rilian-raises-17-5-million-for-ai-native-security-orchestration/","summary":"Rilian raised $17.5 million for AI-native security orchestration to hire new talent and expand operations."},{"ai_confidence":0.85,"created_at":"2026-04-23T21:19:05.415141","entity":"360 Digital Security Group","event_type":"announcement","id":"f2cf2f56-19f9-4acb-9a12-ae0104e7afc3","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.securityweek.com/chinese-cybersecurity-firms-ai-hacking-claims-draw-comparisons-to-claude-mythos/","summary":"Chinese cybersecurity firm 360 Digital Security Group claims to have uncovered 1,000 vulnerabilities using AI."},{"ai_confidence":0.9,"created_at":"2026-04-23T21:19:05.415124","entity":"Cloudsmith","event_type":"financial","id":"61a075d8-c783-4c53-91d9-90819a2a6ff2","impact":"medium","pub_date":"2026-04-23","source_url":"https://www.securityweek.com/cloudsmith-raises-72-million-in-series-c-funding/","summary":"Cloudsmith raised $72 million in Series C funding to accelerate product development and expand go-to-market efforts."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:22:17.162805","entity":"Drift","event_type":"financial","id":"7ef6ccad-d2de-4191-bc14-dc4fe5872f4c","impact":"high","pub_date":"2026-04-01","source_url":"https://thehackernews.com/search/label/data%20breach","summary":"Solana-based DEX Drift confirmed a security incident on April 1, 2026, losing approximately $285 million in a DPRK-linked attack."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:22:17.162798","entity":"Cyble","event_type":"announcement","id":"0a24ba3a-491e-44b0-8049-57fce10e15f4","impact":"medium","pub_date":"2024-04-01","source_url":"https://cyble.com/blog/cyble-weekly-vulnerabilities-report-apr-01/","summary":"Cyble's weekly report tracked 1,452 vulnerabilities, highlighting growing risks in AI and cloud-native environments."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:22:17.162791","entity":"FBI","event_type":"regulatory","id":"8a221ff0-2706-4000-8511-a697eb645e3b","impact":"high","pub_date":"2026-04-02","source_url":"https://www.govinfosecurity.com/breach-roundup-feds-confirm-major-hack-fbi-system-a-31329","summary":"The FBI confirmed a major Chinese-linked intrusion into a system supporting law enforcement monitoring, raising national security concerns."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:22:17.162784","entity":"Microsoft","event_type":"announcement","id":"b8829f46-adb9-4391-ac83-bd8032288102","impact":"medium","pub_date":null,"source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQFKzIS5H1laca3usBPxNNYoqyNBK2u6Okah7K7pZri68RyWHwjisyvExndsiMeDsNlYjuSWmRS6bFvMUuzr_7ilF3sU5YheFSYGdycYC7lDOvIn0BX66pnPqSiTfEWgETqLySmZXQCieCCaOt6FnJhrjJ3PDshPh40sqn14CYBe-8ZCHo_kjbFOvJIkJzgIj7o8xGNimC8sd9SZlFr2T0KRYNlyvF1zO2qyw0=","summary":"Microsoft's Copilot expansion introduces new AI security challenges for CIOs, creating gaps in traditional security models."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:22:17.162777","entity":"Anthropic","event_type":"product","id":"7c04ab31-c7f1-4f60-8d8e-0be8bef40884","impact":"high","pub_date":"2026-03-31","source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQG_2luFllt0iBAYQWageA0OZkPDd2ESh77FimRwvtqqoPjuJxkxm7Det_AhSY9B7dw5oGKavwfJd-dw6lreqzsn3nEBxqRj0eKjPOETGVLan9nC8IFmO83rPZF27mgyjoik9b1Enk8kpCHdMecf8ga2btsQTpFfqfL8JX40_8c5-LgfyObvVzgV7jJ2idIOTD9j9NWaznH496SeX2oA0_gMbII2","summary":"Anthropic accidentally exposed 512,000 lines of Claude Code's source code on March 31, 2026, due to a packaging error."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:22:17.162768","entity":"Cybersecurity industry","event_type":"announcement","id":"fc7c783c-b41e-455b-bfde-087f1a677672","impact":"medium","pub_date":"2026-04-03","source_url":"https://siliconangle.com/2026/04/03/three-insights-ai-attack-thecube-rsac-2026-rsac26/","summary":"RSAC 2026 highlighted how AI attack trends are reshaping cybersecurity, with AI adoption outpacing control capabilities."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:22:17.162760","entity":"Minot's water treatment plant","event_type":"regulatory","id":"6b7cfa37-7830-48e9-a593-2bb7a5609e8a","impact":"high","pub_date":"2026-03-14","source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQGR1HjllWIsyLT-RQpU0xX1WQMNwg29jRMTuazibP8IixWdXUnpBI4xOZ6oi8aqgXMB_jv37aLcLzwyXUEr5dQcr8PcWPXJ_5vXXMNiikKUtQ6asN9hWmnBqYHEzTEteI-DBGTXT_aEqsJXuSaPw7cHV3JZe8PlEa8Z0r7lR4EG878VaqyJVsmU93r-aiHlU3xB7HCpsTayuY6JgXl8-JFa0WeYJ0JKNDIX","summary":"Minot's water treatment plant was hit by a ransomware attack on March 14, 2026, leading to 16 hours of manual operations."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:22:17.162753","entity":"Massachusetts emergency communications system","event_type":"regulatory","id":"4d941a01-a7c6-43ba-a814-78720471fdad","impact":"high","pub_date":"2026-04-03","source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQFmEQmL9Gf8ZeGlRdkeH1MQ8CU4bYIF6PuNEU5p7eI-0I_7Nx2saq5wxJPr5tAIlaESqOY_nu8wO_UGrJSJD4WL0mLKdycSvfj6eZIgBURbpbWk8g=","summary":"A cyberattack disrupted the emergency communications system in Massachusetts, causing critical service disruptions."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:22:17.162745","entity":"Aqua Security","event_type":"product","id":"10522e5d-3c3d-4d45-97bc-866a6b76f40d","impact":"high","pub_date":"2026-03-19","source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQFcOAkOT6CeqDQgmFHr6q0AmsoNq3bzL1dEd8vxTpEWGWf4THUunRS_Hfaxj-pRSao_7Nw5sHsM7GzlcDO4Uxod0yUTwtzjS_oYrZhQtj33AO3xrZ3jfaZPsO-TCV4XY6lGhvdv2ICutG1aRBmR_DEBbjZ9mnsn_GB9_Fl2g6u1d6s=","summary":"Aqua Security's Trivy was targeted in a sophisticated supply chain attack on March 19, 2026, compromising credentials and planting backdoors."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:22:17.162731","entity":"European Commission","event_type":"regulatory","id":"5eff5579-bedc-4150-8d6e-9ded7a9f5c3c","impact":"high","pub_date":"2026-04-04","source_url":"https://www.securityweek.com/category/data-breaches/","summary":"The European Commission confirmed a data breach in its AWS environment, losing over 300GB of data due to a Trivy supply chain attack."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367948","entity":"MLflow","event_type":"product","id":"cb9d1f8f-6169-48cf-98f9-bb2aadc35777","impact":"medium","pub_date":"2026-04-03","source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQFDYK3-yT42x1UNTnz1mguRwYu8PwYFSXtTUJiB3IJtS7jXc4wQCIKZif5smuPOXJIklELVaLe0zWOlHzYtcOorx47udxH3Wcf4zcYaqESp5wxdKVucTvOapmbs2_jDTmcVvEiDdW5gBA4iCOlprckBFamBvnRQvS703eR","summary":"MLflow addressed the critical command injection vulnerability CVE-2025-15379 in version 3.8.2, urging immediate upgrades."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367942","entity":"MLflow","event_type":"announcement","id":"d3c9fc8a-3ea5-4eed-a440-71a4c37cb879","impact":"high","pub_date":"2026-04-03","source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQFDYK3-yT42x1UNTnz1mguRwYu8PwYFSXtTUJiB3IJtS7jXc4wQCIKZif5smuPOXJIklELVaLe0zWOlHzYtcOorx47udxH3Wcf4zcYaqESp5wxdKVucTvOapmbs2_jDTmcVvEiDdW5gBA4iCOlprckBFamBvnRQvS703eR","summary":"SentinelOne reported a critical command injection RCE vulnerability, CVE-2025-15379, in MLflow's model serving container."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367935","entity":"Enterprise Security","event_type":"announcement","id":"7abc3405-9f42-4600-be21-10744d12a268","impact":"high","pub_date":"2026-04-01","source_url":"https://www.iconnectitbs.com/top-cyber-security-vulnerabilities-march-2026-roundup/","summary":"March 2026 saw disclosure of high-impact cybersecurity vulnerabilities allowing RCE, zero-click compromise, or privilege escalation."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367929","entity":"Cisco Systems","event_type":"product","id":"e315fca3-fca9-42b6-a51e-c3f7a4244e51","impact":"medium","pub_date":"2026-04-03","source_url":"https://www.prnewswire.com/news-releases/the-quiet-shift-thats-repricing-the-entire-cybersecurity-stack-302728539.html","summary":"Cisco Systems unveiled new security innovations, including Zero Trust Access extensions and DefenseClaw, for the AI workforce."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:18:35.367922","entity":"Cybersecurity Sector","event_type":"financial","id":"24ff2c43-447f-46e5-84cf-401d19ff2f39","impact":"high","pub_date":"2026-04-03","source_url":"https://www.prnewswire.com/news-releases/the-quiet-shift-thats-repricing-the-entire-cybersecurity-stack-302728539.html","summary":"Global cybersecurity spending is projected to reach $240 billion in 2026 due to the sector's structural re-wiring."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367916","entity":"OpenSSF","event_type":"announcement","id":"6b172c0c-ed46-44a5-a32c-7bddb96398e5","impact":"high","pub_date":"2026-04-03","source_url":"https://openssf.org/blog/2026/04/03/rethinking-post-deployment-vulnerability-detection/","summary":"OpenSSF highlights the critical need to rethink post-deployment vulnerability detection to reduce exposure windows."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:18:35.367910","entity":"Broadcom","event_type":"product","id":"18b6a511-3f08-4e19-a88e-436bf6da79d5","impact":"low","pub_date":"2026-03-28","source_url":"https://www.carahsoft.com/news/broadcom-introduces-symantec-cbx-delivering-enterprise-grade-security-to-under-resourced-soc-teams-2026","summary":"Broadcom introduced Symantec CBX, a new cloud-based platform combining Symantec and Carbon Black technologies for enterprise-grade security."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367903","entity":"TrueConf","event_type":"announcement","id":"b340e37a-e170-4283-a4a9-f61f5a9851c3","impact":"high","pub_date":"2026-03-28","source_url":"https://ransomware.databreachtoday.com/breach-roundup-feds-confirm-major-hack-fbi-system-a-31329","summary":"A TrueConf zero-day (CVE-2026-3502) was used to target Southeast Asian governments."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367897","entity":"Citrix","event_type":"announcement","id":"0edd8ac5-5a39-4899-9469-1ab1bbfb6bbc","impact":"high","pub_date":"2026-03-28","source_url":"https://ransomware.databreachtoday.com/breach-roundup-feds-confirm-major-hack-fbi-system-a-31329","summary":"A critical Citrix NetScaler vulnerability (CVE-2026-3055) is actively being exploited to leak session data."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367890","entity":"Odido","event_type":"announcement","id":"402c658f-f7d4-42ab-aa39-ae16b7de35ca","impact":"high","pub_date":"2026-12-31","source_url":"https://www.brightdefense.com/resources/recent-data-breaches/","summary":"Odido experienced a leak affecting 6.2 million customers in February 2026."},{"ai_confidence":0.8,"created_at":"2026-04-05T03:18:35.367884","entity":"Flickr","event_type":"announcement","id":"1bd629ac-c961-4629-a70d-73d38c7d3297","impact":"low","pub_date":"2026-12-31","source_url":"https://www.brightdefense.com/resources/recent-data-breaches/","summary":"Flickr experienced a third-party email flaw in February 2026."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367877","entity":"Anthropic","event_type":"announcement","id":"a7d26fc3-b012-42eb-a61b-637ad22db2ec","impact":"medium","pub_date":"2026-12-31","source_url":"https://www.brightdefense.com/resources/recent-data-breaches/","summary":"An Anthropic leak on March 31, 2026, exposed 500,000 lines of code."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367870","entity":"European Commission","event_type":"announcement","id":"7df75231-2e4e-43a0-9dbb-b02b522cb98a","impact":"high","pub_date":"2026-12-31","source_url":"https://www.brightdefense.com/resources/recent-data-breaches/","summary":"A European Commission cloud breach on March 24, 2026, exposed data from affected websites."},{"ai_confidence":0.8,"created_at":"2026-04-05T03:18:35.367864","entity":"Coalition for Secure AI","event_type":"announcement","id":"16dbdf31-4881-4c50-abfc-9ac928355301","impact":"medium","pub_date":"2024-03-28","source_url":"https://www.coalitionforsecureai.org/when-the-bots-run-the-incident-response-what-ai-agents-mean-for-enterprise-security/","summary":"Increasing autonomy of AI agents in enterprise operations presents security challenges, requiring new architectures for incident response."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367857","entity":"Google","event_type":"announcement","id":"124d8b4d-bfb9-40b4-8f06-0d66fddc7596","impact":"high","pub_date":"2024-03-28","source_url":"https://www.techerati.com/news-hub/googles-2029-quantum-warning-is-reshaping-enterprise-security-timelines/","summary":"Google warned that quantum computing could break widely used encryption by 2029, reshaping enterprise security timelines."},{"ai_confidence":0.98,"created_at":"2026-04-05T03:18:35.367850","entity":"UnitedHealth Group","event_type":"litigation","id":"e99e8578-faa7-4a9b-bcfd-139acf5fd5dd","impact":"high","pub_date":"2024-03-28","source_url":"https://www.govinfosecurity.com/state-ag-sues-change-healthcare-in-2024-ransomware-attack-a-31326","summary":"Iowa's Attorney General sued UnitedHealth Group over the 2024 ransomware attack on its Change Healthcare unit, affecting 193 million people."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:18:35.367844","entity":"Microsoft","event_type":"announcement","id":"3c9bad2e-6aa9-460f-a4e3-010c6efaa3b9","impact":"medium","pub_date":"2024-03-28","source_url":"https://www.informationweek.com/machine-learning-ai/as-microsoft-expands-copilot-cios-face-a-new-ai-security-gap","summary":"Microsoft's Copilot expansion introduces a new AI security gap for CIOs, bypassing traditional enterprise security models."},{"ai_confidence":0.98,"created_at":"2026-04-05T03:18:35.367837","entity":"Change Healthcare","event_type":"litigation","id":"7d177733-31fa-44c4-9d70-1fbc05aba7ea","impact":"high","pub_date":"2024-03-28","source_url":"https://www.hipaajournal.com/iowa-ag-sues-change-healthcare-2024-ransomware-attack/","summary":"Iowa Attorney General Brenna Bird sued Change Healthcare, UnitedHealth Group, and Optum over the February 2024 ransomware attack."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:18:35.367830","entity":"FBI","event_type":"announcement","id":"3f837a08-7503-462f-874a-a61366096fe6","impact":"high","pub_date":"2024-03-28","source_url":"https://www.securityweek.com/in-other-news-chatgpt-data-leak-android-rootkit-water-facility-hit-by-ransomware/","summary":"The FBI classified a breach of its lawful wiretap infrastructure as a major incident, with state-sponsored Chinese hackers suspected."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367823","entity":"Nissan","event_type":"announcement","id":"d50ad945-1ee3-42a0-9e67-b2e00309e841","impact":"medium","pub_date":"2024-03-28","source_url":"https://www.securityweek.com/in-other-news-chatgpt-data-leak-android-rootkit-water-facility-hit-by-ransomware/","summary":"Nissan confirmed data theft from a third-party vendor, not a direct breach, following threats from the Everest ransomware group."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:18:35.367817","entity":"City of Minot, North Dakota","event_type":"announcement","id":"53b7f90d-b4bd-463f-acbd-cc1ffda67acb","impact":"high","pub_date":"2024-03-28","source_url":"https://www.securityweek.com/in-other-news-chatgpt-data-leak-android-rootkit-water-facility-hit-by-ransomware/","summary":"The city of Minot, North Dakota, confirmed its water treatment plant was hit by a ransomware attack on March 14, forcing manual operations."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367809","entity":"T-Mobile USA","event_type":"announcement","id":"f691c139-066f-464f-90c3-92a8b5045413","impact":"medium","pub_date":"2024-03-28","source_url":"https://www.securityweek.com/t-mobile-sets-the-record-straight-on-latest-data-breach-filing/","summary":"T-Mobile USA clarified an insider data breach with limited impact, involving unauthorized access to customer information including PII."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:18:35.367802","entity":"Hasbro","event_type":"announcement","id":"3db7c26e-ba5c-44ff-93dc-89aa25340dd4","impact":"medium","pub_date":"2026-03-28","source_url":"https://newsroom.hasbro.com/news-releases/news-release-details/cybersecurity-incident-updates","summary":"Hasbro confirmed a security incident on March 28, 2026, impacting certain systems, leading to proactive system shutdowns and minor delays."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367795","entity":"Gritman Medical Center","event_type":"announcement","id":"d43283d7-fbce-489e-91ca-db93c830d91b","impact":"low","pub_date":"2024-03-28","source_url":"https://dysruptionhub.com/gritman-cyber-incident-idaho/","summary":"Gritman Medical Center reopened clinics after a cybersecurity incident disrupted outpatient care, though no patient data was compromised."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:18:35.367789","entity":"European Commission","event_type":"announcement","id":"bfcf761e-585e-4433-88df-f1ba67659366","impact":"high","pub_date":"2024-03-28","source_url":"https://securityaffairs.com/190333/security/european-commission-breach-exposed-data-of-30-eu-entities-cert-eu-says.html","summary":"CERT-EU confirmed a cloud breach at the European Commission, attributed to TeamPCP, exposed data from at least 30 EU entities."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367782","entity":"Patriot Regional Emergency Communications Center","event_type":"announcement","id":"166d85af-391b-43f1-829f-13fe3e86fd5a","impact":"medium","pub_date":"2024-03-28","source_url":"https://therecord.media/massachusetts-emergency-alert-cyberattack","summary":"A cyberattack impacted the Patriot Regional Emergency Communications Center in Massachusetts, disrupting non-emergency and business phone lines."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:18:35.367775","entity":"European Commission","event_type":"announcement","id":"5af65507-0d07-42ea-9eeb-80efe27d3537","impact":"high","pub_date":"2024-03-28","source_url":"https://therecord.media/european-commission-cyberattack-teampcp","summary":"CERT-EU attributed a major data breach at the European Commission to TeamPCP, involving 92 GB of data from its AWS account."},{"ai_confidence":0.95,"created_at":"2026-04-05T03:18:35.367767","entity":"Cisco Systems","event_type":"announcement","id":"69f6adae-37b0-49b9-a6b0-0b5c153f64aa","impact":"high","pub_date":"2024-03-28","source_url":"https://www.cxtoday.com/crm/cisco-salesforce-data-breach-crm-records/","summary":"ShinyHunters claims to have stolen over three million Salesforce records in a Cisco Systems data breach, developing since August 2025."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367759","entity":"Adobe","event_type":"announcement","id":"a4dce126-ed3a-4d99-b5df-88508bf41722","impact":"high","pub_date":"2024-03-28","source_url":"https://vertexaisearch.cloud.google.com/grounding-api-redirect/AUZIYQFD-zBBi0g1qN903gP8T3NjQGzelgFnMK6_VYhyjIWU_4NHpk0eUCKfr_VYEV2b0LDFAeZ9g1UJMgXei35eBXj9Wp8Fpqh_-QFmSeAwQ0JP4N1Sou1LX_yjM0fGQXqNt702CmVqJ1w3Lmjen0rvqZ1pmgj0b0olqbg7mCct_RNEXpskkjIMRj7GXrKWyQ7NUFAlieq9sbqioi","summary":"Adobe faced an alleged data breach via a third-party Indian BPO, potentially exposing 13 million support tickets and 15,000 employee records."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367752","entity":"University of Hawai\u02bbi Cancer Center","event_type":"announcement","id":"8d72fd85-de75-4777-82ef-cf252c48a825","impact":"high","pub_date":"2026-03-31","source_url":"https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-of-march-2026","summary":"University of Hawai\u02bbi Cancer Center suffered a ransomware attack in March 2026, affecting 1.2 million individuals."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:18:35.367745","entity":"Nephrology Associates Medical Group","event_type":"announcement","id":"fb3ada00-2b55-488d-b19f-a204c0f150fc","impact":"medium","pub_date":"2026-03-31","source_url":"https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-of-march-2026","summary":"Nephrology Associates Medical Group experienced unauthorized network access in March 2026."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:18:35.367735","entity":"Valley Radiology Consultants Medical Group","event_type":"announcement","id":"fed75293-96ef-4b45-af95-154e82b90ee7","impact":"medium","pub_date":"2026-03-31","source_url":"https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-of-march-2026","summary":"Valley Radiology Consultants Medical Group experienced unauthorized network access in March 2026."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:18:35.367719","entity":"England Hockey","event_type":"announcement","id":"ac4af030-2919-487d-b8b7-bad758f7fd7f","impact":"low","pub_date":"2026-03-31","source_url":"https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-of-march-2026","summary":"England Hockey reported a data breach incident in March 2026."},{"ai_confidence":0.85,"created_at":"2026-04-05T03:18:35.367712","entity":"AkzoNobel","event_type":"announcement","id":"2262ef87-067c-4286-85e8-9da50343b6e4","impact":"low","pub_date":"2026-03-31","source_url":"https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-of-march-2026","summary":"AkzoNobel reported a data breach incident in March 2026."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367704","entity":"Viking Line","event_type":"announcement","id":"5f9287fa-9efd-457f-a420-ef47b9cbd470","impact":"medium","pub_date":"2026-03-31","source_url":"https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-of-march-2026","summary":"Viking Line experienced a cybersecurity incident in March 2026, exposing customer information."},{"ai_confidence":0.9,"created_at":"2026-04-05T03:18:35.367690","entity":"Marquis","event_type":"announcement","id":"b7c5cb73-1a38-495d-bbb8-19f84f69f2c3","impact":"high","pub_date":"2026-03-31","source_url":"https://www.cm-alliance.com/cybersecurity-blog/biggest-cyber-attacks-data-breaches-ransomware-attacks-of-march-2026","summary":"Fintech firm Marquis suffered a ransomware attack in March 2026, impacting 672,000 individuals."}]