Daily Digest

Major Supply Chain Breaches at Rockstar Games and Dutch Hospitals; Regulators Scrutinize AI Cyber Risks

Major Supply Chain Breaches at Rockstar Games and Dutch Hospitals; Regulators Scrutinize AI Cyber Risks

April 13, 2026
9 articles (6 new, 3 updated)
27 min read

Summary

A wave of significant cyber incidents over the past 24 hours highlights the increasing threat of supply chain attacks and critical vulnerabilities. Gaming giant Rockstar Games confirmed a breach by the ShinyHunters group via a third-party cloud vendor. In Europe, a ransomware attack on healthcare software provider ChipSoft crippled Dutch hospitals, while fitness chain Basic-Fit exposed data for one million members. Meanwhile, US and UK financial regulators are holding urgent talks over the systemic risks posed by a powerful new AI model from Anthropic capable of autonomous vulnerability exploitation. Concurrently, Adobe and Apache have patched actively exploited zero-day and critical vulnerabilities, demanding immediate action from administrators worldwide.

Filter by Category

New Articles (6)

Massive Basic-Fit Data Breach Exposes Personal and Financial Data of 1 Million Members

HIGH

European Fitness Chain Basic-Fit Suffers Major Data Breach Affecting One Million Members

Basic-Fit, Europe's largest fitness chain, has admitted to a massive data breach affecting approximately one million members across several European countries. The compromised data includes sensitive personal information such as full names, addresses, phone numbers, and bank account details. The attack targeted the system used for member visit registration. While the company claims its monitoring tools detected and stopped the intrusion 'within minutes,' the attackers had already exfiltrated a large volume of data. Basic-Fit has notified the Dutch Data Protection Authority and is in the process of informing affected members, who now face a significant risk of targeted phishing campaigns and financial fraud.

April 13, 2026
5 min read
PIIGDPRfinancial fraudphishingNetherlands
Massive Basic-Fit Data Breach Exposes Personal and Financial Data of 1 Million Members
Data Breach
Phishing
Regulatory

Booking.com Warns Customers of Data Breach Exposing Reservation Details and Personal Info

MEDIUM

Booking.com Notifies Customers of Data Breach Affecting Reservation Details

Online travel giant Booking.com has confirmed a data breach, notifying an undisclosed number of customers that their personal and reservation data were accessed by unauthorized parties. The compromised information includes names, contact details, addresses, and specific booking details, including any notes shared with accommodation providers. The company has stated that financial data and customer accounts were not compromised. In response, Booking.com has reset the PINs for all affected reservations. While the company claims the issue is 'fully contained,' this incident exposes customers to a significant risk of highly convincing and targeted phishing attacks, as criminals can use the detailed booking information to craft credible scams.

April 13, 2026
5 min read
phishingtravel industrysupply chainPIIBooking.com
Booking.com Warns Customers of Data Breach Exposing Reservation Details and Personal Info
Data Breach
Phishing
Supply Chain Attack

Ransomware Market Consolidation: Qilin, Akira, and DragonForce Dominate March 2026 Attacks

INFORMATIONAL

Check Point Report: Three Ransomware Gangs Account for 40% of All Attacks in March 2026

The ransomware ecosystem is showing significant consolidation, with a new report from Check Point revealing that just three groups—Qilin, Akira, and DragonForce—were responsible for 40% of all publicly claimed attacks in March 2026. Qilin led the pack, accounting for 20% of incidents, followed by Akira at 12% and DragonForce at 8%. This concentration of power in a few highly active Ransomware-as-a-Service (RaaS) and 'cartel' operations highlights a trend towards more organized and impactful threat groups, even as the total number of active gangs remains high. The report underscores the continued focus on high-value sectors like business services and manufacturing.

April 13, 2026
5 min read
RaaSransomware trendsmarket consolidationthreat reportCheck Point
Ransomware Market Consolidation: Qilin, Akira, and DragonForce Dominate March 2026 Attacks
Ransomware
Threat Intelligence
Threat Actor

Critical 13-Year-Old RCE Flaw in Apache ActiveMQ (CVE-2026-34197) Actively Exploited

CRITICAL

Unauthenticated RCE Possible in Apache ActiveMQ by Chaining New and Old Vulnerabilities

A critical remote code execution (RCE) vulnerability, CVE-2026-34197, has been discovered in Apache ActiveMQ Classic and is under active exploitation. The flaw, which has reportedly existed for 13 years, allows an authenticated attacker to execute arbitrary code by abusing the Jolokia JMX-HTTP bridge. The risk is severely amplified as this flaw can be chained with a separate vulnerability, CVE-2024-32114, which removes authentication requirements from the API endpoint, allowing for unauthenticated RCE. Apache has released patches, and administrators are urged to update immediately to versions 6.2.3 or 5.19.4 to prevent system compromise.

April 13, 2026
5 min read
RCEApacheActiveMQJolokiazero-day +1 more
Critical 13-Year-Old RCE Flaw in Apache ActiveMQ (CVE-2026-34197) Actively Exploited
Vulnerability
Patch Management
Cyberattack

Massive 7.7TB Data Breach Hits LAPD, Exposing Sensitive Officer and Internal Affairs Files

CRITICAL

Los Angeles Police Department Reports Major Data Breach of Storage System

The Los Angeles Police Department (LAPD) has suffered a colossal data breach involving a digital storage system used by the L.A. City Attorney's Office. The breach exposed an enormous 7.7 terabytes of data, encompassing over 337,000 files. The compromised information is highly sensitive, including unredacted personal information of LAPD officers, confidential personnel records, and internal affairs materials. The exposure of this data poses a grave risk to officer safety, the integrity of ongoing investigations, and public trust. The cause of the breach and the responsible threat actor are currently unknown.

April 13, 2026
4 min read
data breachLAPDlaw enforcementPIIinsider threat +1 more
Massive 7.7TB Data Breach Hits LAPD, Exposing Sensitive Officer and Internal Affairs Files
Data Breach
Regulatory
Security Operations

Bitcoin Depot Loses $3.6M in Crypto After Attackers Steal Settlement Account Credentials

HIGH

Cyberattack on Bitcoin Depot Results in Theft of Over 50 BTC Worth $3.6 Million

Bitcoin Depot, a major US operator of cryptocurrency ATMs, has disclosed a cyberattack that resulted in the theft of more than 50 Bitcoin (BTC), valued at over $3.6 million. According to the company, threat actors managed to steal credentials linked to its digital asset settlement accounts. Using these credentials, the attackers transferred the cryptocurrency out of the company's wallets. Bitcoin Depot stated it was able to block the attackers' access, preventing further losses. The incident highlights the persistent and lucrative nature of targeting cryptocurrency firms, where a single credential compromise can lead to immediate and irreversible financial loss.

April 13, 2026
4 min read
cryptocurrencyBitcointheftcredential stuffingfintech
Bitcoin Depot Loses $3.6M in Crypto After Attackers Steal Settlement Account Credentials
Cyberattack
Data Breach
Other

Updated Articles (3)

Qilin Ransomware Attacks German Party Die Linke, Threatens Data Leak

HIGH

Qilin Ransomware Claims Attack on German Political Party "Die Linke," Hinting at Political Motivation

Update:

This update provides additional context on the Qilin ransomware group, noting its identification as the most active ransomware operation in March 2026. It elaborates on specific TTPs, including data exfiltration to cloud storage (T1041) and the use of valid accounts for privilege escalation and lateral movement (T1078). The report further emphasizes the potential for significant political damage and increased risks to personnel due to the threatened data leak, beyond just operational disruption. It also integrates additional D3FEND techniques for detection and mitigation strategies.

April 6, 2026
Updated: April 13, 2026
5 min read
QilinransomwareDie LinkeGermanypolitical party +2 more
Qilin Ransomware Attacks German Party Die Linke, Threatens Data Leak
Ransomware
Threat Actor
Cyberattack

Anthropic's "Claude Mythos" AI Discovers Thousands of Zero-Days, Public Release Withheld Over Security Risks

CRITICAL

Anthropic's 'Claude Mythos' AI Uncovers Thousands of Critical Vulnerabilities, Prompting Unprecedented Defensive Coalition with Big Tech

Update:

Top financial regulators in the UK (Bank of England, FCA, NCSC) and US (Treasury, Federal Reserve) are urgently assessing the systemic cybersecurity risks posed by Anthropic's 'Claude Mythos' AI. High-level meetings with major banks are underway to address potential widespread disruption to global financial IT infrastructure. This development highlights the dual-use nature of the AI, raising alarms about its potential weaponization and the need for new regulatory frameworks and defensive strategies to counter AI-powered cyber threats. The perceived threat has escalated to a point where it is considered a systemic risk to the global financial system.

April 9, 2026
Updated: April 13, 2026
6 min read
AIArtificial IntelligenceZero-DayVulnerability DiscoveryProject Glasswing +2 more
Anthropic's "Claude Mythos" AI Discovers Thousands of Zero-Days, Public Release Withheld Over Security Risks
Threat Intelligence
Vulnerability
Other

CISA Mandates Federal Agencies Patch Actively Exploited Ivanti EPMM Flaw by April 11

CRITICAL

CISA Adds Critical Ivanti EPMM Code Injection Flaw (CVE-2026-1340) to Known Exploited Vulnerabilities Catalog

Update:

CISA, alongside Check Point Research, has re-emphasized the active exploitation of CVE-2026-1340 in Ivanti EPMM, specifically impacting versions 12.5 through 12.7. This critical code injection flaw allows unauthenticated remote code execution. Given Ivanti products' history as targets for sophisticated threat actors, organizations are urged to patch immediately and assume potential compromise. New, detailed cyber observables for detection, including specific process monitoring and network traffic patterns, have been provided to aid in identifying and mitigating post-exploitation activity. The update reinforces the need for thorough compromise hunting.

April 9, 2026
Updated: April 13, 2026
5 min read
CISAKEVIvantiCVE-2026-1340Vulnerability +2 more
CISA Mandates Federal Agencies Patch Actively Exploited Ivanti EPMM Flaw by April 11
Vulnerability
Patch Management
Cyberattack

📢 Share This Publication

Help others stay informed about cybersecurity threats