Data exfiltration stories - Page 9

Organisations urged to urgently patch Microsoft SharePoint after a critical flaw raises risk of remote code execution when combined with other vulnerabilities.

Cybercriminal groups ShinyHunters and Scattered Spider have escalated phishing attacks on Salesforce and major firms like Google, signalling possible collaboration.

Ransom payments soared to an average of USD $1.13 million in Q2 2025, driven by rising data theft and targeted social engineering attacks, Coveware reports.

Ransomware payouts have surged past USD $1 million in Q2 2025, driven by data exfiltration and social engineering in targeted attacks on mid-sized firms.

Picus Security's Blue Report 2025 reveals enterprise password breaches nearly doubled to 46%, exposing firms to greater cyber threats and ransomware risks.

SquareX launches two open-source toolkits to help security teams simulate and defend against browser-based attacks that evade traditional enterprise defences.

Infoblox's 2025 report reveals a surge in AI-driven DNS threats and widespread malicious adtech affecting global organisations, urging proactive cyber defence.

BeyondTrust launches Phantom Labs, a specialised team to research identity security threats and enhance protection against identity exploitation in hybrid and cloud environments.

Infoblox reports a surge in AI-driven DNS threats and malicious adtech, with 25% of new domains found malicious, urging firms to adopt proactive cyber defences.

Varonis launches a cloud-native, agentless database activity monitoring solution to enhance security and simplify compliance across major database platforms.

Lab 1's analysis of 1,297 breaches reveals HR and financial data exposed in over 80% of cases, raising risks of fraud and regulatory penalties worldwide.

Cyber threats have surged with a 35% rise in infostealer attacks, a 56% increase in Linux server assaults, and more suspicious AWS login attempts reported recently.

Ransomware attacks rose 63% in Q2 2025, with healthcare hit hard, marking a record high for the quarter amid a surge in data theft methods.

Microsoft warns cybercriminal group Octo Tempest has shifted focus to airlines, escalating risks with advanced tactics amid updated Defender protections.

Trustwave reveals a surge in AI-driven and ransomware attacks, with tech firms facing 85% of global ransomware incidents amid rising cyber threats.

Semperis warns a flaw in Microsoft's Entra ID allows attackers to hijack SaaS accounts easily, with many apps still vulnerable over a year later.

Cybercriminals increasingly target tech firms using AI, supply chain attacks, and stolen credentials, with ransomware surging 10% weekly worldwide, says Trustwave.

Over 80,000 Microsoft Entra ID accounts have been targeted in the UNK_SneakyStrike takeover campaign exploiting the TeamFiltration penetration testing tool.

Rapid7's Q1 2025 report reveals stolen credentials without MFA cause 56% of breaches, while manufacturing faces the highest threat from ransomware attacks.

A new Rust-based malware, EDDIESTEALER, uses fake CAPTCHA pages to trick users into running code that steals browser credentials and crypto wallets.