Major Supply Chain Breaches at Rockstar Games and Dutch Hospitals; Regulators Scrutinize AI Cyber Risks
Summary
A wave of significant cyber incidents over the past 24 hours highlights the increasing threat of supply chain attacks and critical vulnerabilities. Gaming giant Rockstar Games confirmed a breach by the ShinyHunters group via a third-party cloud vendor. In Europe, a ransomware attack on healthcare software provider ChipSoft crippled Dutch hospitals, while fitness chain Basic-Fit exposed data for one million members. Meanwhile, US and UK financial regulators are holding urgent talks over the systemic risks posed by a powerful new AI model from Anthropic capable of autonomous vulnerability exploitation. Concurrently, Adobe and Apache have patched actively exploited zero-day and critical vulnerabilities, demanding immediate action from administrators worldwide.
Today New Articles
Massive Basic-Fit Data Breach Exposes Personal and Financial Data of 1 Million Members
Basic-Fit, Europe's largest fitness chain, has admitted to a massive data breach affecting approximately one million members across several European countries. The compromised data includes sensitive personal information such as full names, addresses, phone nu...
Booking.com Warns Customers of Data Breach Exposing Reservation Details and Personal Info
Online travel giant Booking.com has confirmed a data breach, notifying an undisclosed number of customers that their personal and reservation data were accessed by unauthorized parties. The compromised information includes names, contact details, addresses, an...
Ransomware Market Consolidation: Qilin, Akira, and DragonForce Dominate March 2026 Attacks
The ransomware ecosystem is showing significant consolidation, with a new report from Check Point revealing that just three groups—Qilin, Akira, and DragonForce—were responsible for 40% of all publicly claimed attacks in March 2026. Qilin led the pack, account...
Critical 13-Year-Old RCE Flaw in Apache ActiveMQ (CVE-2026-34197) Actively Exploited
A critical remote code execution (RCE) vulnerability, CVE-2026-34197, has been discovered in Apache ActiveMQ Classic and is under active exploitation. The flaw, which has reportedly existed for 13 years, allows an authenticated attacker to execute arbitrary co...
Massive 7.7TB Data Breach Hits LAPD, Exposing Sensitive Officer and Internal Affairs Files
The Los Angeles Police Department (LAPD) has suffered a colossal data breach involving a digital storage system used by the L.A. City Attorney's Office. The breach exposed an enormous 7.7 terabytes of data, encompassing over 337,000 files. The compromised info...
Bitcoin Depot Loses $3.6M in Crypto After Attackers Steal Settlement Account Credentials
Bitcoin Depot, a major US operator of cryptocurrency ATMs, has disclosed a cyberattack that resulted in the theft of more than 50 Bitcoin (BTC), valued at over $3.6 million. According to the company, threat actors managed to steal credentials linked to its dig...
Article Updates
Qilin Ransomware Attacks German Party Die Linke, Threatens Data Leak
Update:This update provides additional context on the Qilin ransomware group, noting its identification as the most active ransomware operation in March 2026. It elaborates on specific TTPs, including data exfiltration to cloud storage (T1041) and the use of valid ac...
Update:Top financial regulators in the UK (Bank of England, FCA, NCSC) and US (Treasury, Federal Reserve) are urgently assessing the systemic cybersecurity risks posed by Anthropic's 'Claude Mythos' AI. High-level meetings with major banks are underway to address pot...
CISA Mandates Federal Agencies Patch Actively Exploited Ivanti EPMM Flaw by April 11
Update:CISA, alongside Check Point Research, has re-emphasized the active exploitation of CVE-2026-1340 in Ivanti EPMM, specifically impacting versions 12.5 through 12.7. This critical code injection flaw allows unauthenticated remote code execution. Given Ivanti pro...