Microsoft Azure Outage Causes Global Chaos; CISA Warns of Actively Exploited WSUS Flaw

Government Services Contractor Conduent Confirms Data Breach Affecting Over 10 Million People

Conduent Business Services, a major contractor for U.S. government agencies, has disclosed a massive data breach impacting over 10 million individuals. The incident, which occurred between October 2024 and January 2025, involved an unauthorized third party gaining access to Conduent's network and exfiltrating files. The compromised data is highly sensitive, including names, Social Security numbers, medical information, and health insurance details. The breach has affected residents across numerous states, including Texas, Washington, and California, and has triggered a legal investigation by the law firm Edelson Lechtzin LLP into the company's data privacy practices.

Data BreachConduentPIIPHIGovernment Contractor +3 more

4 min read

Threat Intelligence

Regulatory

Ad Giant Dentsu's Subsidiary Merkle Hit by Cyberattack, Staff and Client Data Exposed

Dentsu Confirms Cyberattack on US Subsidiary Merkle Resulted in Data Exposure

Global advertising firm Dentsu has confirmed that its US-based customer experience management (CXM) subsidiary, Merkle, was the target of a cyberattack. The company detected 'abnormal activity' on Merkle's network and proactively shut down certain systems to contain the threat. An investigation has confirmed that the incident led to the exposure of both staff and sensitive client data. Merkle, a major player in the CXM industry, handles large volumes of customer data, making it a high-value target for threat actors. The full scope of the breach is still under investigation.

DentsuMerkleCyberattackData BreachCXM +3 more

4 min read

Cyberattack

Threat Intelligence

EY Leaks 4TB+ SQL Database Packed with Corporate Secrets via Cloud Misconfiguration

CRITICAL

EY Exposed 4TB+ Unencrypted SQL Database Backup to Public Internet

Consulting giant EY (Ernst & Young) inadvertently exposed a massive, 4TB+ SQL Server backup file to the public internet due to a cloud storage misconfiguration. The unencrypted `.BAK` file, discovered by researchers at Neo Security, contained a treasure trove of highly sensitive internal data, including API keys, service account passwords, session tokens, and user credentials. The incident highlights the severe risks associated with cloud service misconfigurations, where tools designed for convenience can lead to catastrophic data exposure if not secured properly. Neo Security described the leak as equivalent to finding the 'master blueprint and physical keys to a vault.'

EYErnst & YoungData LeakData BreachCloud Security +3 more

EY Leaks 4TB+ SQL Database Packed with Corporate Secrets via Cloud Misconfiguration

Cloud Security

Vulnerability

IncRansom Claims 20TB Data Heist from Evolve Mortgage Services

IncRansom Ransomware Group Targets Evolve Mortgage Services, Alleges 20TB Data Exfiltration

The 'incransom' ransomware group has claimed responsibility for a significant data breach at Evolve Mortgage Services, listing the company on its dark web leak site on October 30, 2025. The attackers allege they have stolen over 20 terabytes of data, including 2 terabytes of databases containing sensitive PII such as Social Security numbers, client IDs, and full credit histories dating back to 2016. The group is using a pure data-theft extortion model, threatening to leak the data after claiming the company refused to negotiate. This incident highlights the ongoing threat of data extortion attacks against the U.S. financial services sector.

IncRansomRansomwareData BreachEvolve Mortgage ServicesData Extortion +2 more

IncRansom Claims 20TB Data Heist from Evolve Mortgage Services

Ransomware

Threat Actor

New 'logins[.]zip' Infostealer Claims 99% Credential Theft in 12 Seconds Using Zero-Days

'logins[.]zip' MaaS Infostealer Advertised with Chromium Zero-Day Exploits for Ultra-Fast Theft

A new Malware-as-a-Service (MaaS) infostealer named 'logins[.]zip' is being sold on the clear web, boasting incredible speed and efficiency. According to a report from Hudson Rock, its authors claim it can exfiltrate 99% of passwords and cookies from a victim's machine in under 12 seconds. The stealer's key selling point is its alleged use of two Chromium zero-day exploits, which allow it to steal credentials without needing admin rights. The service, sold for $150/month, provides a browser-based builder for creating polymorphic stubs and targets logins, cookies, payment cards, and crypto wallets.

logins.zipInfostealerMaaSChromiumZero-Day +3 more

New 'logins[.]zip' Infostealer Claims 99% Credential Theft in 12 Seconds Using Zero-Days

Malware

Threat Intelligence

Vulnerability

Updated Articles (1)

UK's NCSC Warns 'Nationally Significant' Cyber Attacks Have More Than Doubled

INFORMATIONAL

UK's NCSC Annual Review Shows Nationally Significant Cyber Incidents More Than Doubled to 204

Update:

Following the NCSC's 2025 Annual Review, which highlighted a doubling of 'nationally significant' cyberattacks, the UK government is consulting on new legislation. Key proposals include a targeted ban on ransomware payments for public sector bodies and Critical National Infrastructure operators, aiming to disrupt criminal business models. Additionally, mandatory incident reporting requirements are being considered to enhance national threat intelligence. This policy shift signifies a more aggressive stance against cyber threats, forcing affected organizations to bolster their preventative and recovery capabilities without relying on ransom payments, thereby increasing potential impact if unprepared.

October 15, 2025

Updated: October 30, 2025