SonicWall reported a breach where attackers stole firewall configuration files from its cloud backup service, attributed to an unnamed nation-state actor. While the company claims there was no impact on its products or customer data, it remains unclear how the attackers exploited an API to conduct the breach.

ShinyHunters claimed to have breached cybersecurity firm Resecurity and accessed sensitive data, but Resecurity stated that the hackers interacted with a honeypot designed to log unauthorized activity. The firm provided evidence showing the attack was a controlled trap, asserting no real data was compromised.

Gainsight's CEO downplayed the effects of a recent attack that compromised some Salesforce customer tokens, claiming only a few clients were directly affected. Ongoing investigations by Gainsight and Mandiant are trying to determine the full scope of the breach and its impact on other third-party applications. Discrepancies in reported victim numbers highlight the confusion surrounding the incident.

NordVPN investigated claims of a data breach after a hacker leaked information on a cybercrime forum. The company found no evidence of a breach in its systems and stated that the leaked data came from a third-party testing environment, not its internal infrastructure.

BreachForums, a hacking forum, has experienced a data breach with nearly 324,000 user accounts exposed. The leak includes usernames, registration dates, and some public IP addresses, raising concerns for users and law enforcement. The forum's administrator claims this data is not recent, originating from an earlier backup.

The University of Pennsylvania experienced a cybersecurity breach, resulting in offensive emails sent to students and alumni from official university addresses. The emails falsely claimed that data had been stolen and criticized the university's security and admissions practices. Penn's Incident Response team is investigating the situation.

France's Interior Ministry confirmed a significant cyberattack that compromised its email systems and potentially sensitive internal files. The hacker, known as Indra, claims deeper access to law enforcement databases and has threatened to sell the data unless contacted by the government. A 22-year-old suspect has been arrested, but authorities have not confirmed if he is Indra.

The European Commission is probing a cyberattack that compromised staff personal data, including names and phone numbers. While no mobile devices were hacked, the breach is linked to vulnerabilities in Ivanti Endpoint Manager Mobile software, similar to attacks on other European institutions.

Coinbase faced a significant breach attributed to bribery, highlighting an emerging threat in enterprise security. The incident underscores the vulnerabilities organizations face from insider threats and the increasing sophistication of cybercriminal tactics. As enterprises navigate these challenges, understanding and mitigating bribery-related risks becomes crucial for safeguarding sensitive information.

Russian government hackers are reportedly behind a significant breach of the U.S. federal court filing system, raising concerns over the security of sensitive legal documents. The attack highlights the vulnerabilities in critical infrastructure and the ongoing threat posed by state-sponsored cyber activities. Investigations are underway to assess the extent of the damage and potential implications for national security.

Europcar Mobility Group suffered a breach of its GitLab repositories, resulting in the theft of source code for its mobile applications and personal data of up to 200,000 customers, including names and email addresses. The hacker attempted to extort the company by threatening to release 37GB of data, although more sensitive information like financial details was not compromised. Europcar is currently assessing the damage and notifying affected customers.

Beijing may have compromised U.S. government systems prior to the identification and patching of a critical vulnerability in Cityworks software. The breach highlights ongoing security concerns regarding foreign threats to U.S. cybersecurity. Further investigation is needed to understand the extent and implications of the breach.