ICC detects and contains new sophisticated cyber security incident
Late last week, the International Criminal Court (“ICC” or “the Court”) detected a new, sophisticated and targeted cyber security incident, which has now been contained.
This incident, the second of this type against the ICC in recent years, was swiftly discovered, confirmed and contained, through the Court’s alert and response mechanisms. A Court-wide impact analysis is being carried out, and steps are already being taken to mitigate any effects of the incident.
The Court considers it essential to inform the public and its States Parties about such incidents as well as efforts to address them, and calls for continued support in the face of such challenges.
Mother of all breaches reveals 26 billion records: what we know so far
The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26 billion records. The leak, which contains LinkedIn, Twitter, Weibo, Tencent, and other platforms’ user data, is almost certainly the largest ever discovered.
There are data leaks, and then there’s this. A supermassive Mother of all Breaches (MOAB for short) includes records from thousands of meticulously compiled and reindexed leaks, breaches, and privately sold databases. The full and searchable list is included at the end of this article.
Bob Dyachenko, cybersecurity researcher and owner at SecurityDiscovery.com, together with the Cybernews team, has discovered billions upon billions of exposed records on an open instance.
Even though at first the owner of the database was unknown, Leak-Lookup, a data breach search engine, said it was the holder of the leaked dataset. The platform posted a message on X, saying the problem behind the leak was a “firewall misconfiguration,” which was fixed.
Hawaiian Airlines Cybersecurity Crisis and Suffers from Massive IT Outage
Hawaiian Airlines (HA) recently disclosed a significant cybersecurity incident that may have compromised the personal information of its customers and employees.
The breach was detailed in a filing with the Maine Attorney General’s Office. It revealed that an unauthorized third party accessed sensitive data, potentially exposing names, addresses, and other personal details.
This incident has raised concerns about traveler safety and the security of personal information in the airline industry.
Ahold Delhaize Data Breach Exposes Personal Information of 2.2 Million Shoppers
Ahold Delhaize USA Services, LLC, a major grocery retail operator, has confirmed a significant data breach that compromised the personal information of over 2.2 million shoppers across the United States, including nearly 100,000 residents of Maine.
The breach, which was the result of an external hacking incident, has prompted the company to notify affected customers and offer complimentary identity protection services.
The compromised information includes names and other personal identifiers, though the company has not specified whether financial details or Social Security numbers were involved.
The breach affected a total of 2,242,521 shoppers, with 95,463 of those being Maine residents. Due to the scale of the incident in Maine, consumer reporting agencies were also notified following state law.
Scania confirms insurance claim data breach in extortion attempt
Automotive giant Scania confirmed it suffered a cybersecurity incident where threat actors used compromised credentials to breach its Financial Services systems and steal insurance claim documents.
Scania told BleepingComputer that the attackers emailed several Scania employees, threatening to leak the data online unless their demands were met.
Scania is a major Swedish manufacturer of heavy trucks, buses, and industrial and marine engines and is a member of the Volkswagen Group.
The company, which is known for its durable fuel-efficient engines, employs over 59,000 people and has an annual revenue of $20.5 billion, selling over 100,000 vehicles yearly.
Late last week, threat monitoring platform Hackmanac spotted a hacking forum post by a threat actor named ‘hensi,’ who is selling data they claimed to have stolen from ‘insurance.scania.com,’ offering it to a single exclusive buyer.
McLaren Health Care Data Breach Exposes 743,000 People Personal Information
McLaren Health Care, a major healthcare organization based in Grand Blanc, Michigan, has disclosed a significant data breach that compromised the personal information of 743,131 individuals nationwide.
The breach notification, filed with the Office of the Maine Attorney General, reveals that the healthcare provider experienced an external system breach through hacking activities that occurred on July 17, 2024.
The cybersecurity incident remained undetected for nearly three weeks before McLaren Health Care discovered the unauthorized access on August 5, 2024.
Amazon’s Whole Foods Distributor United Natural Foods Hit by a Cyber Attack that Disrupted Operations
Amazon’s Whole Foods distributor, United Natural Foods Inc. (UNFI), suffered a cyber attack that forced the company to shut down some IT systems, disrupting operations, including ordering and distribution.
Rhode Island-based UNFI distributes fresh and frozen food items to over 30,000 locations across the United States and Canada from its 53 major distribution centers. It boasts of being the largest full-service grocery partner, serving numerous high-profile clients, including Amazon’s Whole Foods.
According to its regulatory filing with the U.S. Securities and Exchange Commission (SEC), the food distributor learned of the cyber attack on June 5, 2025, after detecting unauthorized activity on some of its systems.
Denodo Scheduler Vulnerability Let Attackers Execute Remote Code
A significant security vulnerability has been discovered in Denodo Scheduler, a data management software component, that allows attackers to execute remote code on affected systems.
The flaw, identified as CVE-2025-26147, exploits a path traversal vulnerability in the Kerberos authentication configuration feature, potentially compromising the security of enterprise data management infrastructure.
Rhino Security Labs, the security firm that discovered the vulnerability, reported the issue to Denodo on April 9, 2024.
The vendor demonstrated exemplary response time, acknowledging the vulnerability and releasing a security patch on April 23, 2024 just 14 days after initial disclosure.
The vulnerability has been addressed in Denodo 8.0 update 20240307, and organizations using affected versions should immediately apply this security update.
This incident underscores the critical importance of implementing secure coding practices, particularly around file upload functionality and input validation.
The vulnerability’s progression from a simple path traversal flaw to remote code execution capability highlights how seemingly minor security oversights can lead to complete system compromise.
Organizations utilizing Denodo Scheduler should prioritize patch deployment and conduct security assessments of their data management infrastructure to ensure comprehensive protection against similar attack vectors.
Hackers Allegedly Leaked 86 Million AT&T Customer Records with Decrypted SSNs
A massive data breach involving AT&T, with hackers allegedly leaking personal information of 86 million customers. Hackers claimed to have successfully decrypted previously protected Social Security numbers and released the information on cybercrime forums.
The breach, first posted on May 15, 2025, on a well-known Russian cybercrime forum and re-uploaded on June 3, 2025, involved a dataset believed to be from a stolen AT&T database.
However, the current leak is distinct because it includes decrypted SSNs, which were encrypted in the earlier breach. Another related breach occurred in August 2021, claimed by ShinyHunters to affect 70 million AT&T customers, acknowledged by AT&T in April 2024, with data from 2019 or earlier affecting 7.6 million current and 65.4 million former account holders.
Cartier discloses data breach amid fashion brand cyberattacks
Luxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers’ personal information after its systems were compromised.
In notification letters sent today and shared by recipients on social media, Cartier revealed that hackers breached its systems and stole a limited amount of customer information.
“We are writing to inform you that an unauthorized-party gained temporary access to our system and obtained limited client information,” Cartier stated in the data breach notification.
“We contained the issue and have further enhanced the protection of our systems and data.”
According to the company, the compromised information includes names, email addresses, and countries where the customer resides.
Cartier stresses that the breach did not include more sensitive data, such as passwords, credit card numbers, or banking details.
However, the company warns that the stolen data could be used in targeted attacks, asking customers to remain vigilant against unsolicited or suspicious communications.
Punjab National Bank faces INR 3.35 Lakh penalty from BSE for VAPT vulnerabilities
- The penalty was imposed on May 27, 2025, due to non-closure of Vulnerability Assessment and Penetration Testing (VAPT) vulnerabilities for the Financial Year 2024-2025.
- This is pursuant to SEBI Circular SEBI/HO/MIRSD/MIRSD-PoD-1/P/CIR/2023/24 dated 06.02.2023 and Exchange Notice no. 20240916-2 dated 16.09.2024.
- The impact on financial, operation or other activities of the listed entity is only to the extent of the amount of penalty.
- PNB is considering an appeal for a waiver of the penalty to the Exchange within the prescribed timeline.
Discover more from Information Security Blogs
Subscribe to get the latest posts sent to your email.
