Nicholas Moore, a 24-year-old from Springfield, Tennessee, is set to plead guilty to hacking the U.S. Supreme Court’s electronic filing system multiple times. Between August and October 2023, he accessed a protected computer without authorization on 25 different occasions. Details about the specific information he obtained remain unclear.

Muneeb and Sohaib Akhter, two Virginia brothers with prior hacking convictions, were arrested for allegedly erasing nearly 100 US government databases while working as contractors for a firm handling sensitive information. The case raises serious concerns about insider threats and the effectiveness of background checks in securing government systems.

CrowdStrike fired an employee for allegedly leaking information to the Scattered Lapsus$ Hunters hacking group. The hackers claimed to have accessed CrowdStrike through a breach at Gainsight, but CrowdStrike denies any system compromise and has involved law enforcement. The group has a history of using social engineering to infiltrate companies and has previously claimed large-scale data theft.

Two British teens, Thalha Jubair and Owen Flowers, have pleaded not guilty to charges related to a cyberattack on Transport for London in August 2024, which caused significant damage and compromised customer data. They are also linked to other international hacking incidents, including attacks on U.S. healthcare networks.

A hacker named Lovely claims to have accessed a Condé Nast database, leaking over 2.3 million user records and threatening to release an additional 40 million. While Condé Nast has been accused of neglecting security, a counterargument suggests the hacker is a criminal seeking a payoff. This breach adds to a troubling trend of cybersecurity incidents affecting high-profile companies.

The ICE-tracking service StopICE accused a CBP agent of hacking its platform to send alarming text messages to users, falsely claiming their information was compromised. The app's developer, Sherman Austin, denied the allegations and stated that StopICE does not store personal data. The service has faced numerous DDoS attacks and claims to have traced the hacking attempt back to the agent's server.

Endesa, a major Spanish energy company, reported a data breach where hackers accessed and stole sensitive customer information, including national ID numbers and payment details. The breach affected millions of customers across Europe, prompting concerns over identity theft and security negligence.

A hacktivist scraped over 536,000 payment records from a stalkerware provider, revealing customer email addresses and partial payment details. The data includes transactions for apps like uMobix and Xnspy, which are used to spy on individuals illegally. The breach highlights ongoing security failures within the stalkerware industry.

Protei, a Russian telecom company specializing in surveillance technology, was hacked, resulting in data theft and website defacement. The breach exposed around 182 gigabytes of files, including sensitive emails, and was linked to the company's involvement with deep packet inspection systems used for censorship. The hacker's identity remains unknown.

The Scattered Spider ransomware group has decided to cease operations due to intense law enforcement pressure following significant cyberattacks on companies like Jaguar Land Rover and Salesforce. In a farewell message, they apologize to their victims and hint at a possible return with a new venture called "ShinySp1d3r RaaS."

Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.

A hacking group has reportedly stolen over 1 billion records from Salesforce customer databases, raising significant concerns about data security and the potential repercussions for affected companies. The breach underscores the vulnerabilities in cloud services and the ongoing threat posed by cybercriminals.

A 27-year-old former student of Western Sydney University has been arrested for allegedly hacking the university's systems to obtain cheaper parking and access confidential data, affecting hundreds of staff and students. Birdie Kingston faces 20 charges, including unauthorized access and data theft, and is accused of stealing over 100GB of data and manipulating academic records. Despite prior warnings from police, she continued her hacking activities, even threatening to sell stolen student information on the dark web.

A significant data breach at Lotte Card has exposed personal information of over 1 million users, with estimates suggesting the leak could impact several million. The Financial Supervisory Service's investigation revealed the breach was much larger than the initially reported 1.7 GB. Lotte Card is set to apologize and announce response measures on the 18th.

The article discusses the exposure of confidential informants within the Louisiana Sheriff's Office following a significant hack. Sensitive information was leaked, raising concerns about the safety and privacy of those involved in law enforcement operations. The breach highlights vulnerabilities in law enforcement data security and its potential consequences.

Nippon Steel Solutions has reported a data breach caused by the exploitation of a zero-day vulnerability in their network equipment. Cybercriminals threatened to leak stolen data, but subsequently ceased communication, leaving uncertainty about the breach's details and any potential connection to other incidents.

North Korean hacking group Kimsuky has experienced a significant data breach after two ethical hackers, known as 'Saber' and 'cyb0rg,' leaked 8.9GB of the group's data, exposing their tools and stolen information. The hackers criticized Kimsuky for its politically motivated cyber activities and claimed their actions were aimed at revealing the group's unethical practices. This breach may complicate Kimsuky's operations and disrupt their ongoing campaigns, although its long-term impact remains uncertain.

Marks & Spencer has confirmed that personal data of its customers was compromised during a recent hacking incident. The breach has raised concerns about the safety of customer information and the company's security measures.

Google confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) but assured that no data was accessed. The group "Scattered Lapsus$ Hunters" claimed access to both LERS and the FBI's eCheck system, raising concerns over potential impersonation and unauthorized data access. Cybersecurity experts believe the group may continue their activities despite claims of going dark.

The Tea app has suffered a major data breach, exposing over 59 GB of sensitive user data, including selfies and private messages, with a second database revealing 1.1 million messages exchanged between members. Initially intended as a safe platform for women, the leak has led to potential social engineering threats and the creation of a site for rating exposed selfies. Tea is collaborating with cybersecurity experts and law enforcement to address the incident and enhance security measures.

UK retail giant Co-op has confirmed that hackers have stolen all 6.5 million customer records, raising concerns about data security and privacy. The breach has prompted investigations and warnings for customers to monitor their accounts for suspicious activity.

Radiology Associates of Richmond has reported a data breach affecting over 1.4 million individuals, with hackers accessing their systems for several days in April 2024. The compromised systems contained identifiable protected health and personal information.

Matthew D. Lane, a 19-year-old college student, was sentenced to four years in prison for his role in a cyberattack on PowerSchool that led to a significant data breach affecting millions of students and teachers. He pleaded guilty to multiple charges, including unauthorized access and cyber extortion, and was ordered to pay $14 million in restitution. The attack involved stealing sensitive data and demanding a ransom, with ongoing legal scrutiny surrounding PowerSchool's security practices.

Coinbase reported that hackers bribed overseas support agents to steal customer data, leading to potential costs of up to $400 million. The company received a ransom demand of $20 million but has refused to pay, instead offering a reward for information on the attackers. While sensitive customer information was accessed, no passwords or funds were compromised.

Over 624,000 individuals were notified of a data breach at Healthcare Services Group, where personal information, including Social Security numbers and financial details, was stolen. The breach occurred between September 27 and October 3, 2024, and was identified on October 7, 2024.