Cybersecurity researchers have uncovered a coordinated campaign in which threat actors are impersonating trusted enterprises using fraudulent Microsoft OAuth applications to hijack user accounts.

In March 2024, INC Ransomware launched a significant attack on NHS Scotland, stealing 3 terabytes of sensitive data and threatening to publish it unless a ransom—reportedly in excess of $5 million—was paid. Known for its double-extortion tactics, INC not only encrypts victims’ data but also exfiltrates it to pressure payment.

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770/53771 and dubbed ToolShell, has led to the compromise of 396 systems globally. The Dutch cybersecurity firm Eye Security uncovered the widespread exploitation after analyzing over 27,000 SharePoint servers between July 18 and 23.

A recent analysis of 141 million compromised files from 1,257 breach incidents, detailed in Lab 1’s Anatomy of a Data Breach report, underscores the growing threat of data breaches in today’s digital landscape.

On July 16, a significant data breach compromised the personal information of the majority of Allianz Life Insurance Company of North America’s 1.4 million customers, the Minneapolis-based company confirmed.

Microsoft has confirmed that several Chinese state-backed hacking groups—Linen Typhoon, Violet Typhoon, and Storm-2603—are exploiting critical vulnerabilities in on-premises SharePoint servers.

Louis Vuitton has confirmed a data breach affecting its UK customer base, marking the third cybersecurity incident linked to LVMH brands in as many months.