Barts Health NHS Data Breach Tied to Oracle Zero-Day Attack
A major incident unfolded after the Barts Health NHS data breach revealed that attackers exploited an Oracle zero-day flaw to access sensitive information inside one of the UK’s largest healthcare networks. The trust launched an urgent investigation to understand the scope of the compromise. The event highlights growing supply-chain risks as healthcare organizations depend on complex vendor systems for everyday
Freedom Mobile Data Breach Exposes Customer Info
A recent Freedom Mobile data breach has raised concerns across Canada after attackers accessed customer information through a compromised subcontractor account. The telecom provider reported that unknown actors used stolen credentials to enter its customer account management platform. The incident did not disrupt network operations, but it exposed personal information that can support large-scale social engineering attempts. What Freedom Mobile
Dartmouth Data Theft Confirmed in Oracle-Linked Breach
Dartmouth data theft concerns escalated after the college confirmed that attackers stole sensitive employee information through an Oracle system compromise. The incident exposed personal details stored in Oracle’s Human Capital Management environment, which Dartmouth relied on for HR operations. The disclosure adds another victim to a growing list of organizations impacted by the Oracle breach campaign. How Dartmouth Confirmed the
OpenAI Breach: Vendor Hack Exposes API Customer Data
A vendor security failure at Mixpanel exposed API customer metadata and pushed OpenAI to reassess its third-party risk controls. The OpenAI breach originated from unauthorized access within Mixpanel’s systems, where attackers extracted analytics data linked to API accounts. OpenAI confirmed that its own infrastructure remained secure, yet the incident demonstrates how external service providers can still create meaningful exposure for
OnSolve CodeRED Cyberattack Hits Emergency Systems
The OnSolve CodeRED cyberattack disrupted emergency alert services across the United States and exposed sensitive user data. CodeRED supports thousands of municipalities, police departments and public-safety agencies. When attackers breached the system, the incident raised serious concerns about the resilience of national emergency-communication infrastructure. Attack Overview Attackers claimed they infiltrated the CodeRED platform on November 1, 2025. They stated they
Iberia data leak exposes supplier-level security weaknesses
Iberia, one of Europe’s largest airlines and the flag carrier of Spain, is dealing with a security incident involving customer information accessed through a compromised vendor system. The Iberia data leak emerged after the supplier reported a breach that exposed limited passenger details, prompting the airline to launch its internal security protocol. The disclosure also revived interest in a separate
PlushDaemon Supply Chain Attacks Reveal Update Security Flaws
A recent investigation reveals how the PlushDaemon supply chain threat actor compromises trusted software updates through DNS manipulation and a multi-stage malware operation. The group redirects update traffic to malicious servers by exploiting vulnerable routers and injecting hidden implants. Their campaign exposes a critical weakness in modern update paths, where many organisations rely on automated downloads without validating the source.
Logitech Data Breach Exposes Private Information
A recent Logitech data breach has raised serious concerns after the company confirmed an extortion attack linked to the Clop ransomware group. Logitech reported that attackers stole internal data by exploiting a third-party zero-day vulnerability. The incident highlights ongoing risks in enterprise systems and underscores growing pressure on global companies to strengthen supply-chain security. How the Attack Began Logitech disclosed
DoorDash Data Breach Exposes User Contact Information
A new DoorDash data breach surfaced in late October 2025 and raised fresh concerns about security inside major delivery platforms. DoorDash confirmed an unauthorized party accessed user contact information after a social-engineering attack compromised an employee. The incident adds pressure to a company already criticized for past security failures and increases the risk of future targeted fraud. What Happened During
Miljödata Data Breach Exposes 1.5 Million Records in Sweden
A large-scale cyberattack has shaken Sweden after the Miljödata data breach exposed sensitive information belonging to about 1.5 million people. The incident, affecting a major municipal software supplier, has prompted national investigations by IMY and CERT-SE. How the Breach Happened Miljödata, one of Sweden’s most widely used IT suppliers for municipalities, revealed in late August 2025 that its systems had
