Top Security Breaches 2026-01-13
Auto-generated 2026-01-13T09:00:40.126194+00:00 (UTC)
-
University of Hawaii Cancer Center hit by ransomware attack
Source: BleepingComputer | Published: 2026-01-12T18:48:20+00:00 | Score: 18.542
University of Hawaii says a ransomware gang breached its Cancer Center in August 2025, stealing data of study participants, including documents from the 1990s containing Social Security numbers. […]
-
Instagram denies breach amid claims of 17 million account data leak
Source: BleepingComputer | Published: 2026-01-11T19:13:01+00:00 | Score: 17.18
Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online. […]
-
China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines
Source: The Hacker News | Published: 2026-01-09T17:43:00+00:00 | Score: 15.949
Chinese-speaking threat actors are suspected to have leveraged a compromised SonicWall VPN appliance as an initial access vector to deploy a VMware ESXi exploit that may have been developed as far back as February 2024.
Cybersecurity firm Huntress, which observed the activity in December 2025 and stopped it before it could progress to the final stage, said it may have resulted in a ransomware -
Spanish energy giant Endesa discloses data breach affecting customers
Source: BleepingComputer | Published: 2026-01-12T15:57:50+00:00 | Score: 14.511
Spanish energy provider Endesa and its Energía XXI operator are notifying customers that hackers accessed the company’s systems and accessed contract-related information, which includes personal details. […]
-
Prevent cloud data leaks with Microsoft 365 access reviews
Source: BleepingComputer | Published: 2026-01-12T14:45:00+00:00 | Score: 12.897
Microsoft 365 has made file sharing effortless, but that convenience often leaves organizations with little visibility into who can access sensitive data. Tenfold explains how access reviews for shared cloud content can help organizations regain visibility, reduce unnecessary permissions, and prevent data leaks in Microsoft 365. […]
-
Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances
Source: The Hacker News | Published: 2026-01-08T09:53:00+00:00 | Score: 12.851
Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution.
The list of vulnerabilities is as follows –CVE-2025-66209 (CVSS score: 10.0) – A command injection vulnerability in the database backup functionality allows any authenticated
-
Hacker gets seven years for breaching Rotterdam and Antwerp ports
Source: BleepingComputer | Published: 2026-01-12T23:06:47+00:00 | Score: 12.69
The Amsterdam Court of Appeal sentenced a 44-year-old Dutch national to seven years in prison for multiple crimes, including computer hacking and attempted extortion. […]
-
⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More
Source: The Hacker News | Published: 2026-01-12T13:41:00+00:00 | Score: 12.659
This week made one thing clear: small oversights can spiral fast. Tools meant to save time and reduce friction turned into easy entry points once basic safeguards were ignored. Attackers didn’t need novel tricks. They used what was already exposed and moved in without resistance.
Scale amplified the damage. A single weak configuration rippled out to millions. A repeatable flaw worked again and
End of report.
