Adidas (Third-Party Breach)
815K customer records stolen from third-party licensing partner — second breach in a year
2026 Data Breaches Year-to-Date (645 indexed)
GitLab GitLab
GitLab Server-Side Request Forgery (SSRF) Vulnerability — GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks are enabled.
Dell RecoverPoint for Virtual Machines (RP4VMs)
Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability — Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an un
Record Number of Ransomware Victims
Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025
CIBC (Canada)
1.2M customer records compromised via third-party mortgage processing vendor
Canada Goose
581,877 records exposed — Device information, Email addresses, IP addresses, Names and 4 more
Infostealer Targets OpenClaw to Loot
Hudson Rock has warned OpenClaw users that infostealers are targeting their configuration files
Low-Skilled Cybercriminals Use AI to
Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics
NEC Corporation (Japan)
540K defense contractor employee records and project data accessed over multi-year intrusion
Rolls-Royce Holdings
280K employee and defense contract records from engine division exposed in supply chain attack
Google Chromium
Google Chromium CSS Use-After-Free Vulnerability — Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulne
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability — Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet installed and zimlet JSP
Microsoft Windows
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability — Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constr
TeamT5 ThreatSonar Anti-Ransomware
TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability — TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar
Odido Breach Impacts Millions of
Dutch telco Odido has revealed a major data breach impacting over six million customers
Bupa (UK/Global)
780K international health insurance member records exposed via insider data theft
APOIA.se
450,764 records exposed — Email addresses, Names, Physical addresses
Metro Inc. (Canada)
740K customer records from Jean Coutu pharmacy division exposed in ransomware attack
University of Pennsylvania
623,750 records exposed — Charitable donations, Dates of birth, Email addresses, Genders and 7 more
Equinix Data Centers
740K enterprise customer metadata and colocation records exposed in Netscaler vulnerability exploit
Nike Inc.
1.2M SNKRS app user records exposed — sneaker purchase history and payment data stolen
Mayo Clinic
900K patient research records exposed via compromised genomics analysis platform
IRS (Tax Vendor Breach)
1.8M taxpayer records exposed via compromised e-filing software vendor
Province of British Columbia
1.4M citizen records from provincial health and education systems compromised