VulnHub

Iranian hackers known as Handala have claimed to have compromised the personal data of FBI Director Kash Patel. The FBI has confirmed that Patel's personal email was targeted, but they stated that no government information was accessed during this breach. This incident raises concerns about the security of personal information for high-ranking officials, especially given the ongoing threat posed by state-sponsored hackers. The fact that a figure like Patel is targeted highlights the potential risks to national security and the importance of robust personal cybersecurity measures for public officials. While the FBI is investigating the incident, the situation serves as a reminder of the vulnerabilities that exist even at the highest levels of government.

The European Commission is looking into a security breach involving its Amazon cloud infrastructure. Unauthorized access was gained by a threat actor, raising concerns about the potential exposure of sensitive data. This incident is particularly significant because it affects a major governmental body within the European Union, which handles important regulatory and policy decisions. The investigation aims to assess the scope of the breach and determine any necessary actions to safeguard data moving forward. This incident serves as a reminder of the vulnerabilities that can exist even within high-profile organizations and the importance of robust security measures in cloud environments.

Hightower Holdings has confirmed a data breach that has affected approximately 130,000 individuals. Hackers managed to steal sensitive information, including names, Social Security numbers, and driver's license numbers. This incident raises significant concerns about the potential for identity theft and fraud among those affected. The company is likely facing scrutiny over its data protection measures and how the breach occurred. As personal data continues to be a target for cybercriminals, it's crucial for companies to strengthen their security protocols to protect their customers' information.

HackerOne, Mazda, Infinite Campus, and the Dutch Ministry have reported data breaches that have compromised sensitive information of employees and partners. The breaches span various sectors and highlight vulnerabilities in data protection practices across organizations. While specific details about how the breaches occurred have not been disclosed, the exposure of personal data raises concerns about potential identity theft and misuse. Organizations affected need to assess their security measures and inform impacted individuals. This incident serves as a reminder of the ongoing risks associated with data security in both private and public sectors.

Mazda Motor Corporation has confirmed a data breach that involved the compromise of 692 records containing information about employees and business partners. This incident occurred in December and raises concerns about the security of sensitive data within the automotive industry. While Mazda has not disclosed specific details about how the breach happened, the exposure of such records can lead to identity theft or unauthorized access to company resources. Companies like Mazda must ensure they have strong security measures in place to protect personal information, as breaches can damage trust and reputation. Customers and partners may want to be vigilant about potential phishing attempts or other fraudulent activities that could arise from this incident.

QualDerm Partners, a U.S.-based healthcare management firm, experienced a significant data breach in December 2025 that impacted over 3.1 million individuals. Hackers gained unauthorized access to the company's internal systems, compromising sensitive personal information, medical records, and health insurance details. This incident raises serious concerns about patient privacy and the security of healthcare data. Those affected may face risks such as identity theft or misuse of their medical information. The breach underscores the ongoing vulnerability of healthcare organizations to cyberattacks, emphasizing the need for stronger security measures to protect patient data.

Infinite Campus, a popular student information system used by K-12 schools, has alerted its customers about a data breach after a group known as ShinyHunters claimed to have stolen sensitive information. The attackers reportedly attempted to extort Infinite Campus, raising concerns about the safety of student data and the potential for further exploitation. Schools relying on this system could be at risk of having personal information of students and staff compromised. As of now, it's unclear what specific data has been accessed and how many users are affected. This incident highlights the ongoing challenges educational institutions face in protecting their systems from cyber threats.

QualDerm has suffered a significant data breach affecting approximately 3.1 million individuals. Hackers accessed the company's internal systems and stole sensitive personal information, including medical and health insurance details. This incident raises serious concerns about patient privacy and the potential for identity theft. Individuals whose data was compromised may be at risk of fraud or other malicious activities. Companies in the healthcare sector must prioritize cybersecurity to protect sensitive information and maintain trust with their patients.

The Dutch Ministry of Finance has confirmed that it experienced a cyberattack that compromised some of its systems. The breach was detected last week, although specific details about the nature of the attack or the data that may have been accessed have not been disclosed. This incident potentially affects the ministry's employees, raising concerns about the security of sensitive information. As government agencies often handle critical data, any breach could have significant implications for public trust and national security. The ministry is likely working to assess the damage and improve its security measures to prevent future incidents.

A significant security vulnerability known as the DarkSword exploit has been leaked, putting an estimated 270 million iPhones at risk. This exploit allows hackers to potentially access sensitive user data, raising serious concerns about privacy and security for iPhone users worldwide. Researchers have indicated that this could lead to unauthorized access to personal information stored on these devices. The scale of the impact is alarming, as many users may not be aware that their data could be compromised. It's crucial for affected users to stay informed and take necessary precautions to protect their information as details about the exploit continue to emerge.

Crunchyroll, a popular anime streaming service, is investigating a significant data breach after hackers announced they had stolen personal information from about 6.8 million users. The breach raises concerns over the security of user data, which may include sensitive details such as email addresses and passwords. As the platform works to assess the extent of the breach, affected users should be cautious and consider changing their passwords and monitoring their accounts for unusual activity. The incident highlights ongoing vulnerabilities in online services and the importance of robust security measures to protect user information. Crunchyroll has not yet confirmed the breach's details or the specific data involved, but they are taking steps to address the situation.