Top Security Breaches 2026-04-14
Auto-generated 2026-04-14T09:00:45.449433+00:00 (UTC)
-
Stolen Rockstar Games analytics data leaked by extortion gang
Source: BleepingComputer | Published: 2026-04-13T20:08:10+00:00 | Score: 17.457
Rockstar Games has suffered a data breach linked to a recent security incident at Anodot, with the ShinyHunters extortion gang now leaking the stolen data on its data leak site. […]
-
New Booking.com data breach forces reservation PIN resets
Source: BleepingComputer | Published: 2026-04-13T17:30:10+00:00 | Score: 17.428
Booking.com has confirmed via a statement to BleepingComputer that it has detected unauthorized access to its systems that has exposed sensitive reservation and user data. […]
-
CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads
Source: The Hacker News | Published: 2026-04-12T05:54:00+00:00 | Score: 17.301
Unknown threat actors compromised CPUID (“cpuid[.]com”), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT.
The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with -
China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware
Source: The Hacker News | Published: 2026-04-07T06:35:00+00:00 | Score: 15.27
A China-based threat actor known for deploying Medusa ransomware has been linked to the weaponization of a combination of zero-day and N-day vulnerabilities to orchestrate “high-velocity” attacks and break into susceptible internet-facing systems.
“The threat actor’s high operational tempo and proficiency in identifying exposed perimeter assets have proven successful, with recent -
Qilin and Warlock Ransomware Use Vulnerable Drivers to Disable 300+ EDR Tools
Source: The Hacker News | Published: 2026-04-06T10:07:00+00:00 | Score: 14.654
Threat actors associated with Qilin and Warlock ransomware operations have been observed using the bring your own vulnerable driver (BYOVD) technique to silence security tools running on compromised hosts, according to findings from Cisco Talos and Trend Micro.
Qilin attacks analyzed by Talos have been found to deploy a malicious DLL named “msimg32.dll,” -
The Hidden Cost of Recurring Credential Incidents
Source: The Hacker News | Published: 2026-04-07T11:30:00+00:00 | Score: 14.431
When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. Avoiding even one major incident is enough to justify most security investments, but that headline figure obscures the more persistent problems caused by recurring credential
-
European Gym giant Basic-Fit data breach affects 1 million members
Source: BleepingComputer | Published: 2026-04-13T21:50:01+00:00 | Score: 14.276
Dutch fitness giant Basic-Fit announced that hackers breached its systems and gained access to information belonging to a million of its customers. […]
-
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
Source: The Hacker News | Published: 2026-04-13T06:50:00+00:00 | Score: 14.013
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised.
“Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a post last week. “We found no
End of report.
