Nicholas Moore, a 24-year-old from Springfield, Tennessee, is set to plead guilty to hacking the U.S. Supreme Court’s electronic filing system multiple times. Between August and October 2023, he accessed a protected computer without authorization on 25 different occasions. Details about the specific information he obtained remain unclear.

A hacker named Lovely claims to have accessed a Condé Nast database, leaking over 2.3 million user records and threatening to release an additional 40 million. While Condé Nast has been accused of neglecting security, a counterargument suggests the hacker is a criminal seeking a payoff. This breach adds to a troubling trend of cybersecurity incidents affecting high-profile companies.

Endesa, a major Spanish energy company, reported a data breach where hackers accessed and stole sensitive customer information, including national ID numbers and payment details. The breach affected millions of customers across Europe, prompting concerns over identity theft and security negligence.

The ICE-tracking service StopICE accused a CBP agent of hacking its platform to send alarming text messages to users, falsely claiming their information was compromised. The app's developer, Sherman Austin, denied the allegations and stated that StopICE does not store personal data. The service has faced numerous DDoS attacks and claims to have traced the hacking attempt back to the agent's server.

Protei, a Russian telecom company specializing in surveillance technology, was hacked, resulting in data theft and website defacement. The breach exposed around 182 gigabytes of files, including sensitive emails, and was linked to the company's involvement with deep packet inspection systems used for censorship. The hacker's identity remains unknown.

A hacktivist scraped over 536,000 payment records from a stalkerware provider, revealing customer email addresses and partial payment details. The data includes transactions for apps like uMobix and Xnspy, which are used to spy on individuals illegally. The breach highlights ongoing security failures within the stalkerware industry.

Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.

A hacking group has reportedly stolen over 1 billion records from Salesforce customer databases, raising significant concerns about data security and the potential repercussions for affected companies. The breach underscores the vulnerabilities in cloud services and the ongoing threat posed by cybercriminals.

A 27-year-old former student of Western Sydney University has been arrested for allegedly hacking the university's systems to obtain cheaper parking and access confidential data, affecting hundreds of staff and students. Birdie Kingston faces 20 charges, including unauthorized access and data theft, and is accused of stealing over 100GB of data and manipulating academic records. Despite prior warnings from police, she continued her hacking activities, even threatening to sell stolen student information on the dark web.

Nippon Steel Solutions has reported a data breach caused by the exploitation of a zero-day vulnerability in their network equipment. Cybercriminals threatened to leak stolen data, but subsequently ceased communication, leaving uncertainty about the breach's details and any potential connection to other incidents.

North Korean hacking group Kimsuky has experienced a significant data breach after two ethical hackers, known as 'Saber' and 'cyb0rg,' leaked 8.9GB of the group's data, exposing their tools and stolen information. The hackers criticized Kimsuky for its politically motivated cyber activities and claimed their actions were aimed at revealing the group's unethical practices. This breach may complicate Kimsuky's operations and disrupt their ongoing campaigns, although its long-term impact remains uncertain.

Google confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) but assured that no data was accessed. The group "Scattered Lapsus$ Hunters" claimed access to both LERS and the FBI's eCheck system, raising concerns over potential impersonation and unauthorized data access. Cybersecurity experts believe the group may continue their activities despite claims of going dark.

Radiology Associates of Richmond has reported a data breach affecting over 1.4 million individuals, with hackers accessing their systems for several days in April 2024. The compromised systems contained identifiable protected health and personal information.

Matthew D. Lane, a 19-year-old college student, was sentenced to four years in prison for his role in a cyberattack on PowerSchool that led to a significant data breach affecting millions of students and teachers. He pleaded guilty to multiple charges, including unauthorized access and cyber extortion, and was ordered to pay $14 million in restitution. The attack involved stealing sensitive data and demanding a ransom, with ongoing legal scrutiny surrounding PowerSchool's security practices.

Over 624,000 individuals were notified of a data breach at Healthcare Services Group, where personal information, including Social Security numbers and financial details, was stolen. The breach occurred between September 27 and October 3, 2024, and was identified on October 7, 2024.

Coinbase reported that hackers bribed overseas support agents to steal customer data, leading to potential costs of up to $400 million. The company received a ransom demand of $20 million but has refused to pay, instead offering a reward for information on the attackers. While sensitive customer information was accessed, no passwords or funds were compromised.