David Jones reports: Researchers from Palo Alto Networks say they are investigating a ransomware attack related to the recently disclosed ToolShell vulnerabilities in Microsoft SharePoint. The hackers left the victim a ransom note on Sunday claiming they had encrypted files using the 4L4MD4R ransomware. The note warned that any attempt to decrypt the files would result in their…
Category: Business Sector
In Singapore, 147,000 customer records exposed in Cycle & Carriage data breach
Malay Mail reports: About 147,000 customer records were compromised in a recent data breach at car distributor Cycle & Carriage in Singapore, the company confirmed today. Responding to media queries, a Cycle & Carriage spokesperson said the firm detected unauthorised access to its customer relationship management system on July 14, where a threat actor downloaded…
Hackers Allegedly Breach Nokia’s Internal Network
Divya reports: A cybercriminal group has allegedly infiltrated Nokia’s internal network through a vulnerable third-party contractor, potentially exposing sensitive information belonging to more than 94,500 employees in what security experts are calling one of the most extensive corporate data breaches affecting the telecommunications giant in recent years. The threat actor, identifying as Tsar0Byte, made claims about the…
Dollar Tree denies ransomware claims, says stolen data is from defunct discount chain
One of the headlines yesterday, reported elsewhere, was that INC Ransom had breached Dollar Tree. Today’s headline is that Dollar Tree has denied it is their breach. Jonathan Greig reports: Discount retail giant Dollar Tree denied that its systems were impacted by ransomware after a cybercriminal operation claimed on Wednesday to have attacked the company….
Progressive Southeastern Insurance Company
Progressive Southeastern Insurance Company’s notice to consumers concerns an impostor whom they unknowingly hired, it seems: What Happened? In March 2025, we received anonymous information that a Progressive employee was working under someone else’s identity. We promptly began an internal investigation. The investigation determined that the employee had used someone else’s identity to obtain employment…
Sex toy maker Lovense caught leaking users’ email addresses and exposing accounts to takeovers (1)
This post has been updated to include a statement from Lovense, which appears in its entirety below the original post. Zack Whittaker reports: A security researcher says sex toy maker Lovense has failed to fully fix two security flaws that expose the private email addresses of its users and allow the takeover of any user’s…