Find notable cyber news and cases, enriched with sources, timelines, and signals.

Customer hit by ransomware attack

Incident
First reported
Last updated
Happening score
H score 32
1 unique sources, 1 articles

Summary

Hide ▲

A customer environment was intruded by RansomHub affiliates, and the compromise was contained before it became ransomware, preventing business interruption. The attackers progressed from initial access to persistence, privilege escalation, and mass data exfiltration. The incident was stopped within 48 hours, and the customer reported zero business downtime. That matters because the intrusion was already active enough to reach Domain Admin access and steal data.

Related Happenings

StealC and Amadey infostealer infrastructure disruption

Malware Activity
H score69 First: 24.06.2026 18:25 Last: 24.06.2026 18:25 Sources 1

About this happening: **StealC** and **Amadey** malware infrastructure was disrupted in **Operation Endgame**, cutting off the command-and-control services used to manage infected systems. Europol said...

Major U.S. services company hit by ransomware attack linked to DragonForce

Incident
H score38 First: 16.06.2026 13:18 Last: 16.06.2026 13:18 Sources 1

About this happening: A **DragonForce ransomware** incident hit a **major U.S. services firm** in **December 2025**, with attackers maintaining access for **one to two months** and hiding **command-and...

Tchap hit by cyberattack

Incident
H score48 First: 09.06.2026 13:53 Last: 09.06.2026 13:53 Sources 1

About this happening: A **compromised user account** enabled an unauthorized **breach of Tchap**, putting the French government's encrypted messaging platform at risk of **exposing conversations and pe...

Latest development: 12.06.2026 10:09

DINUM said a compromised user account accessed Tchap public chat rooms, exposing data shared by about 73,467 French public-sector agents, including names, email addresses, belonging entity and avatar images, while encrypted private conversations remained protected.

Charter Communications hit by network compromise linked to ShinyHunters

Incident
H score70 First: 26.05.2026 22:46 Last: 26.05.2026 22:46 Sources 1

About this happening: **Charter Communications** confirmed a **data breach** tied to **ShinyHunters** extortion, with the company saying it is **alerting authorities** and that **no sensitive personal...

Latest development: 29.05.2026 11:29

Have I Been Pwned analyzed leaked Charter Communications data and confirmed that the incident affected 4.9 million accounts, with exposed records including names, email addresses, job titles, phone numbers, and physical addresses. The published data also included a subset of about 85,000 records from an internal employee directory.

Microsoft civil action against Fox Tempest infrastructure takedown

Regulatory/Legal Action
H score24 First: 19.05.2026 18:00 Last: 19.05.2026 18:00 Sources 1

About this happening: Microsoft filed a **civil action** against **Fox Tempest** in the **US District Court for the Southern District of New York**, securing a **court order** that enabled a broad disr...

Timeline

  1. 11.11.2025 17:01 2 articles · 8mo ago

    Customer hit by ransomware attack

    Initial Disclosure

    A user launched a **malicious JavaScript payload** posing as a browser update, triggering immediate reconnaissance, credential hunting, and persistence activity inside the environment.

    Show sources