Cyber News

Farmers Insurance announced late last week that a data breach exposed the personal details of more than one million people. The company, which provides coverage to about 10 million households nationwide and manages around 19 million policies, offers auto, property, life, business, and other forms of insurance. Farmers operates with a workforce of roughly 48,000 […]

Cookeville Regional Medical Center (CRMC), which serves areas in Tennessee and Kentucky, is still trying to recover from a ransomware attack that occurred on July 13, 2025. The attack was recently claimed by the Rhysida ransomware group. CRMC notified patients about the issue on its website, explaining that it first detected “unusual activity” on July

Palo Alto Networks is set to acquire Israeli identity security firm CyberArk in a deal valued at around $25 billion. Under the agreement, CyberArk shareholders will receive $45 in cash and 2.2005 shares of Palo Alto stock for each share they own. The transaction is expected to close during Palo Alto’s fiscal year 2026. Palo

The Everest ransomware group has allegedly breached Crumbl, the North American gourmet cookie franchise, and posted the company on its dark web leak site Wednesday. Alongside the post, the group shared two sample files that appear to originate from an internal employee database. “The leak of your internal company documents contains a huge variety of

A critical vulnerability in Microsoft SharePoint has been actively exploited in the wild since at least July 7, 2025, according to research by Check Point. The initial wave of attacks targeted a major, unnamed Western government and escalated rapidly around July 18–19, spreading across the government, telecommunications, and software sectors in North America and Western

Cybersecurity researchers have identified two significant security vulnerabilities in the Sudo command-line utility, commonly used in Linux and Unix-like systems. These flaws could allow local attackers to escalate their privileges and gain root access on affected machines. Sudo is a powerful tool that lets low-privileged users execute commands as another user—typically the superuser—enabling administrative actions

The United States Postal Service (USPS) is alerting the public to a new phishing-related scam called “brushing” — and it’s arriving directly in people’s mailboxes. The scam begins when a person receives an unexpected package, often appearing to come from a well-known retailer or online marketplace. These packages may lack a return address and typically

The U.S. Federal Bureau of Investigation (FBI) has reported that the cybercrime group Scattered Spider is expanding its operations to target the airline industry. In response, the agency is working closely with aviation stakeholders and industry partners to counter the threat and support affected organizations. “These attackers use social engineering tactics, often posing as employees

Hawaiian Airlines Confirms Cybersecurity Incident, Flight Operations Unaffected Hawaiian Airlines announced on Thursday that it is responding to a cybersecurity incident that disrupted portions of its IT infrastructure. Despite the event, the airline emphasized that its flight operations remain unaffected. In a notice posted on its website at 10:45 a.m. PST, the Honolulu-based carrier informed

Multiple caches of login credentials have surfaced online, revealing one of the largest data breaches ever recorded—an astonishing 16 billion exposed usernames and passwords. The troves appear to originate from various infostealing malware strains, quietly harvesting credentials from unsuspecting users. This incident highlights a critical issue: collecting sensitive data, even without malicious intent, can be