ChipSoft Ransomware Attack - Dutch Hospital Patient Records Software
On April 7, 2026, ChipSoft — a Dutch healthcare IT company providing Electronic Patient Dossier (EPD/HiX) software to approximately 80% of all Dutch …
Every breach is a lesson. This is the record.
Attackers share tactics. Defenders should too. Browse 405 documented incidents — attack vectors, malware families, CVEs, and what actually happened.
405
Total Incidents
41
With CVE References
126
With Malware Identified
78
Supply Chain Claims
Latest Breaches
The 12 most recently documented cybersecurity incidents
Cisco Source Code Stolen via Trivy Supply Chain Attack (TeamPCP)
In early April 2026, Cisco disclosed that attackers leveraged credentials stolen through the March 2026 Trivy supply chain compromise (attributed to …
Drift Protocol $285M DPRK Social Engineering Exploit
On April 1, 2026, UNC4736 (North Korean state-sponsored TraderTraitor group) executed a 12-minute, 31-transaction drain of $285 million from Drift …
Axios npm Supply Chain Compromise - Sapphire Sleet (DPRK) RAT Delivery
On March 31, 2026, Sapphire Sleet (a North Korean state-sponsored threat actor tracked by Microsoft) published two malicious versions of axios (1.14.1 …
LiteLLM PyPI Supply Chain Attack - Mercor AI Breach (TeamPCP / Lapsus$)
On March 27, 2026, TeamPCP (a threat group also linked to the European Commission cloud breach) compromised PyPI publishing credentials for LiteLLM, a …
TeamPCP Telnyx Python SDK PyPI Supply Chain Compromise
On March 27, 2026 at 03:51 UTC, TeamPCP published two unauthorized malicious versions of the Telnyx Python SDK (4.87.1 and 4.87.2) to PyPI. Both …
Die Linke German Political Party Qilin Ransomware Attack
On March 26, 2026, the Qilin ransomware group (described as Russian-speaking and both financially and politically motivated) attacked Die Linke, a …
TeamPCP Checkmarx KICS GitHub Actions Supply Chain Compromise
On March 21, 2026, as the second step in its cascading supply chain campaign, TeamPCP used PATs stolen during the March 19 Trivy/Aqua Security GitHub …
Los Angeles City Attorney / LAPD Police Records Breach - WorldLeaks (7.7TB)
On March 20, 2026, the WorldLeaks extortion gang breached a third-party digital system used by the Los Angeles City Attorney's Office to transfer …
Bitcoin Depot Crypto ATM Breach - $3.66M BTC Stolen
On March 20, 2026, attackers used compromised credentials to access Bitcoin Depot's digital asset settlement accounts and transfer 50.903 BTC (valued …
European Commission ShinyHunters Cloud Breach via Trivy Supply Chain
On March 19, 2026, ShinyHunters obtained an AWS API key belonging to the European Commission's cloud environment via a prior compromise of the …
TeamPCP Trivy/Aqua Security GitHub Actions Supply Chain Compromise (CVE-2026-33634)
On March 19, 2026, TeamPCP (tracked by Google GTIG as UNC6780) began the first stage of a cascading multi-tool supply chain campaign by exploiting a …
Contribute a Breach
This dataset is open source. Help keep it accurate and up to date by submitting new incidents via GitHub.
1
Pick a category
Each breach lives in one of five folders: ransomware/, data-leak/, supply-chain/, credential-theft/, or other/.
2
Create a YAML file
Name it YYYY-MM_slug.yaml and fill in the required fields below. Use an existing record as a reference.
3
Open a Pull Request
Submit your file on GitHub. A maintainer will review and merge it, and the site rebuilds automatically.
Required fields
source_name: "Acme Corp Data Breach"
source_url: "https://example.com/article"
date_of_breach: "2025-06-01"
date_of_disclosure: "2025-06-15"
category: "data-leak"
initial_attack_vector: "Phishing email leading to credential theft"
cve: [] # list CVE/GHSA IDs if applicable
vendor_product: "Acme CRM"
malware: "" # ransomware or malware family if known
supply_chain_claimed: false
notes: "Narrative description of the incident..."