Cybersafe Cyber Security News

The Dutch Ministry of Finance has disclosed a data breach affecting some employees after a cyberattack detected on March 19, 2026, following a third-party alert. According to the ministry, attackers gained unauthorized access to internal systems tied to key policy department operations, impacting a portion of staff. An investigation was immediately launched, and access to the affected systems has since been blocked. Authorities stated that services for citizens and businesses—including tax, customs, and benefits—remain fully operational and unaffected by the incident. The ministry has not released technical details about the breach, and no threat group has claimed responsibility so far. The post Dutch Finance Ministry hit by cyberattack first appeared on Cybersafe News.

Medical technology giant Stryker Corporation confirmed on March 11, 2026, that it suffered a major cyberattack that disrupted its global Microsoft environment. The Iran-linked threat group Handala claimed responsibility, describing the incident as a politically motivated, destructive operation. Unlike typical cyberattacks driven by financial gain, this incident shows clear signs of a wiper campaign. Stryker stated there is “no indication of ransomware or malware,” suggesting the attackers aimed to destroy data rather than extort the company. Handala claimed it wiped thousands of servers and endpoint devices, including Windows laptops and smartphones, and also alleged the theft of 50 terabytes of The post Stryker hit by massive Wiper cyberattack first appeared on Cybersafe News.

A threat actor claims to have stolen around 100 GB of sensitive user data from Crunchyroll after breaching systems via a compromised employee at outsourcing partner Telus. The alleged incident, said to have occurred on March 12, 2026, has not been publicly confirmed by Crunchyroll. According to the attacker, the breach began when a Telus employee executed malware on their workstation, giving unauthorized access to Crunchyroll’s internal systems. This foothold reportedly allowed lateral movement into critical infrastructure, including customer support and ticketing platforms. The method mirrors a broader trend seen in recent incidents involving Telus Digital, where attackers targeted business The post Crunchyroll breach exposes 100GB user data first appeared on Cybersafe News.

Aura has confirmed a data breach that exposed nearly 900,000 records containing names and email addresses after an employee was targeted in a voice phishing attack. The company said the incident affected data from a marketing platform linked to a firm it acquired in 2021. Among the exposed records were details of about 20,000 current and 15,000 former customers. The cybercrime group ShinyHunters claimed responsibility, alleging it stole 12GB of data, including personally identifiable information and corporate files, later leaking the data after failed negotiations. Aura stated that compromised information includes names, email addresses, phone numbers, and home addresses, but The post Aura data breach exposes 900K contacts first appeared on Cybersafe News.

The Unique Identification Authority of India has introduced its first structured bug bounty programme to strengthen the security of the Aadhaar ecosystem, which supports digital identity services for over a billion users. This initiative adopts a proactive, crowdsourced approach by collaborating with independent cybersecurity experts to identify and fix vulnerabilities before they can be exploited. For the initial phase, UIDAI has selected 20 experienced ethical hackers to assess critical digital assets. The programme, conducted in partnership with ComOlho IT Private Limited, focuses on key platforms such as the UIDAI website, the myAadhaar portal, and the Secure QR Code application. Researchers The post UIDAI launches Bug Bounty to boost Aadhaar security first appeared on Cybersafe News.

A newly discovered malware strain called Slopoly is being used in ransomware campaigns linked to the financially motivated threat group Hive0163. Security researchers say the backdoor appears to have been developed with the assistance of generative AI tools, highlighting how attackers may be using AI to speed up malware creation. According to IBM X-Force, the malware was deployed during an Interlock ransomware attack in which the attackers remained on a compromised server for more than a week and exfiltrated sensitive data. The intrusion began with a ClickFix social-engineering trick, after which the attackers installed the Slopoly backdoor as a PowerShell The post AI-built Slopoly malware used in ransomware attacks first appeared on Cybersafe News.

Starbucks has disclosed a data breach that exposed sensitive information belonging to hundreds of employees after threat actors gained access to internal accounts. The coffee chain discovered the incident on February 6 following suspicious activity involving its Starbucks Partner Central system, which is used to manage employment details, benefits, and HR records. A joint investigation with external cybersecurity experts later confirmed that attackers had compromised 889 employee accounts. According to the company, the attackers accessed the accounts between January 19 and February 11 after obtaining login credentials through phishing websites that impersonated the Partner Central portal. The exposed data may The post Starbucks data breach exposes data of 889 employees first appeared on Cybersafe News.

Russian-linked hackers are carrying out a global campaign to compromise Signal and WhatsApp accounts belonging to government officials, military personnel, and civil servants, according to a warning from Dutch intelligence agencies. The Netherlands’ intelligence services, MIVD and AIVD, say the operation focuses on individuals involved in government, defense, and national security. Officials confirmed that Dutch government employees have already been targeted, and other individuals of interest to Russia—including journalists—could also be at risk. Attackers are not exploiting vulnerabilities in the messaging apps themselves. Instead, they use social engineering techniques to trick users into revealing verification codes or to link their The post Russian Hackers target Signal and WhatsApp accounts first appeared on Cybersafe News.

Cybersecurity researchers have revealed details of a now-patched high-severity flaw in Google Chrome that could have allowed malicious extensions to escalate privileges and access sensitive local data. The vulnerability, tracked as CVE-2026-0628 (CVSS score: 8.8), stemmed from insufficient policy enforcement in Chrome’s WebView tag. Google fixed the issue in January 2026 with version 143.0.7499.192/.193 for Windows and macOS, and 143.0.7499.192 for Linux. According to the National Vulnerability Database, the flaw enabled attackers to inject scripts or HTML into privileged pages if they convinced users to install a malicious extension. The issue was discovered by Gal Weizman of Palo Alto Networks The post Chrome flaw enabled Gemini Panel Privilege Escalation first appeared on Cybersafe News.

The United Kingdom’s National Cyber Security Centre (NCSC) has cautioned British organisations about a potential rise in Iranian cyberattacks amid escalating tensions in the Middle East. Although the agency said there is currently no major shift in the direct cyber threat to the UK, it stressed that the situation could change rapidly. The advisory is particularly aimed at organisations with operations, assets, or supply chains in the Middle East. Despite reports of a widespread internet blackout within Iran, the NCSC noted that state-sponsored and Iran-linked cyber actors are likely to retain the capability to launch attacks. These groups are believed The post UK warns of Iranian cyber threats first appeared on Cybersafe News.