Incident_Reports

Mon. Feb 23rd, 2026

Incident_Reports

Notepad++ Update Channel Supply-Chain Compromise (June–December 2025): Targeted Traffic Redirection Delivering Chrysalis / Cobalt Strike

1. Executive Summary Notepad++’s update mechanism (WinGUp) was abused in a targeted supply-chain compromise in 2025, where certain users’ update traffic was selectively redirected to attacker-controlled infrastructure and served trojanised…

Incident_Reports

SolarWinds Orion Supply-Chain Compromise (SUNBURST / “Solorigate”)

9 January 2026 Threat Analyst

1. Executive Summary The SolarWinds breach (often tracked as SUNBURST by Mandiant/FireEye and Solorigate by Microsoft) was a landmark software supply-chain compromise in which adversaries trojanised signed SolarWinds Orion software…

Incident_Reports

Jaguar Land Rover (JLR) Cyber Incident

23 December 2025 Threat Analyst

1. Executive Summary In late August 2025, Jaguar Land Rover (JLR) suffered a major cyber incident that triggered a precautionary shutdown of internal IT systems and a prolonged disruption to…

Incident_Reports

Asahi Cyberattack and Data Breach: Ransomware-Driven Disruption and Nearly Two Million Records at Risk

20 December 2025 Threat Analyst

1. Executive Summary In late September 2025, Asahi Group Holdings disclosed a cyberattack that disrupted core business systems in Japan and later confirmed that personal information linked to nearly two…

Incident_Reports

Nominet Confirms Network Intrusion Linked to Ivanti Connect Secure Zero-Day (CVE-2025-0282)

20 October 2025 Threat Analyst

CVE-2025-0283 was disclosed alongside CVE-2025-0282 and described by NVD as a stack-based buffer overflow leading to local privilege escalation. CISA added CVE-2025-0282 to its Known Exploited Vulnerabilities (KEV) catalogue on…

Incident_Reports

Coinbase Insider-Enabled Data Exposure and Extortion Attempt

20 July 2025 Threat Analyst

1. Executive Summary In mid-May 2025, Coinbase disclosed a data security incident in which cyber criminals bribed and recruited overseas customer-support personnel (contractors/employees) to improperly access and exfiltrate customer information…

Incident_Reports

Co-op UK Member Data Theft (6.5m Records) — Third-Party & Retail-Sector Intrusion

20 July 2025 Threat Analyst

1. Executive Summary In spring 2025, Co-op Group suffered a significant cyber incident that ultimately resulted in the copying (exfiltration) of Co-op member personal data. Co-op later confirmed that the…

Incident_Reports

Free (France) Cyber Attack: Customer Data Breach Impacts Millions

23 June 2025 Threat Analyst

1. Executive Summary France-based telecoms provider Free (and sister company Free Mobile, both under Groupe Iliad) confirmed a cyberattack that resulted in unauthorised access to customer personal data. According to…

Incident_Reports

Lazarus Group’s $1.5 Billion Bybit Cryptocurrency Theft (TraderTraitor)

4 April 2025 Threat Analyst

1. Executive Summary On 21 February 2025, cryptocurrency exchange Bybit suffered a theft of approximately $1.5 billion in virtual assets—an incident the US Federal Bureau of Investigation (FBI) publicly attributed…

Incident_Reports

Qilin Ransomware Attack on Lee Enterprises: Operational Disruption at a Major US Newspaper Publisher

28 February 2025 Threat Analyst

1. Executive Summary In February 2025, Lee Enterprises disclosed a material cybersecurity incident that disrupted distribution, billing, collections, and vendor payments across its newspaper portfolio. In a regulatory filing, the…

You missed

Threat_Actor_Profiles

Notepad++ Update Channel Supply-Chain Compromise (June–December 2025): Targeted Traffic Redirection Delivering Chrysalis / Cobalt Strike

SolarWinds Orion Supply-Chain Compromise (SUNBURST / “Solorigate”)

Jaguar Land Rover (JLR) Cyber Incident

Asahi Cyberattack and Data Breach: Ransomware-Driven Disruption and Nearly Two Million Records at Risk

Nominet Confirms Network Intrusion Linked to Ivanti Connect Secure Zero-Day (CVE-2025-0282)

Coinbase Insider-Enabled Data Exposure and Extortion Attempt

Co-op UK Member Data Theft (6.5m Records) — Third-Party & Retail-Sector Intrusion

Free (France) Cyber Attack: Customer Data Breach Impacts Millions

Lazarus Group’s $1.5 Billion Bybit Cryptocurrency Theft (TraderTraitor)

Qilin Ransomware Attack on Lee Enterprises: Operational Disruption at a Major US Newspaper Publisher

You missed

Threat Actor Profile: APT42 (MITRE G1044)

Cyber Threats Facing UK Further and Higher Education

Peaklight malware: Stealthy memory-resident delivery chain abusing LNK, mshta, CDN and WebDAV

Payload Ransomware: Early Profile