company logo


Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.


By Industry




IT & Telecom


By Role


DevOps Engineer


Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Subscribe to Our Weekly Threat Digest


Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.


Supply Chain Attack



$680K Cryptocurrency Theft Turned Out to be LEDGER Supply Chain Attack

Explore the impact of Ledger's supply chain attack. Swift response, $680K crypto theft, ongoing investigation.

5 min read

Related Articles



Massive data breach at Cencora threatens healthcare supply chain and patient pri...

Cencora, a leading global provider of pharmaceutical solutions, is reeling from a significant data breach that could have far-reaching consequences. The company's SEC filing reveals that threat actors successfully infiltrated IT systems and exfiltrated data – potentially including highly sensitive patient records. ## Cencora Data Breach Details Here's a breakdown of what we know so far: *Discovery:* Cencora became aware of the breach on February 21, 2024. *Scope:* The exact nature and volume of stolen data remain under investigation. *Response:* The company immediately initiated containment measures and engaged law enforcement, cybersecurity experts, and external counsel. *No Link to Optum Attack:* Cencora denies connections to the recent Optum Change Healthcare ransomware attack, despite the similar timing and the healthcare sector focus. ## Why the Cencora Data Breach is a Big Deal in the Pharmaceutical Domain With $262.2 billion in annual revenue and a workforce of 46,000, Cencora is a behemoth in the healthcare industry. Their services are vital for: *Pharmacies:* Distributing essential pharmaceuticals *Doctor's Offices:* Providing treatment solutions *Animal Healthcare:* Delivering veterinary medications and supplies This data breach holds the potential to disrupt an enormous segment of the global healthcare supply chain. ## Unanswered Questions & Potential Fallout The investigation is in its early stages, leaving many critical concerns: *Culprits:* The identity of the attackers remains a mystery as we speak *Patient Impact:* The full extent of compromised patient data still remains unknown, raising serious privacy and identity theft risks. *Financial Toll:* Cencora could face hefty fines, lawsuits, and reputational damage depending on the investigation's outcome. ## Cencora's Troubling History The Lorenz ransomware gang allegedly breached Cencora (then AmerisourceBergen) in 2023. This previous incident casts an even more concerning emphasis on the company's overall cybersecurity posture and underscores the relentless targeting of healthcare organizations becoming more prone to the evolving tactics of cybercriminals.

loading..   28-Feb-2024
loading..   2 min read

Data Breach

LoanDepot hit by a major data breach – nearly 17 million customers had Social Se...

A major ransomware attack has severely compromised the data security of LoanDepot, a leading U.S. mortgage lender. Nearly 17 million customers have had their sensitive personal information stolen, including highly sought-after Social Security numbers. ## What Happened to LoanDepot NOW? In early January 2024, LoanDepot suffered a ransomware attack, leading to the encryption of critical company data. The initial estimate of affected customers was 16.6 million. However, an updated data breach notice reveals this number has increased to nearly 17 million. LoanDepot has not disclosed if they paid the ransom demand. Customers of LoanDepot were left unable to use critical services like making payments and accessing their online accounts. ### Type of Data Stolen The stolen data poses a significant risk to the affected LoanDepot customers. It includes: - Names - Dates of birth - Email addresses - Physical addresses - Phone numbers - Financial account details - Social Security numbers ### Why the Stolen Data is a Major Concern Social Security numbers are particularly sensitive as they can be used in various identity theft schemes. This breach could lead to: - Fraudulent financial transactions in a victim's name - Opening of new credit accounts - Tax-related fraud - Medical identity theft ### LoanDepot's Response The company's response to the breach has raised questions and concerns: The delay in disclosing the full scale of the breach. The a lack of transparency around whether a ransom was A major ransomware attack has severely compromised the data security of LoanDepot, a leading U.S. mortgage lender. Nearly 17 million customers have had their sensitive personal information stolen, including highly sought-after Social Security numbers. ## Timeline of the Breach #### Early January 2024: Hackers launch a [ransomware attack]( against LoanDepot, encrypting and effectively holding the company's data hostage. #### January 4, 2024: LoanDepot publicly discloses the cyberattack and initiates its response, taking critical systems offline in an attempt to limit the damage. #### January 22, 2024: Initial estimates from LoanDepot suggest approximately 16.6 million customers could be impacted by the breach. #### Late February 2024: In an updated data breach notice filed with Maine's attorney general, LoanDepot revises the number of affected individuals to nearly 17 million. ## Details of Compromised Data The attackers successfully exfiltrated a vast amount of sensitive customer information, including: **Full names** **Dates of birth** **Email addresses** **Physical addresses** **Phone numbers** **Financial account numbers** **Social Security numbers** ## Potential Ramifications The theft of Social Security numbers poses the most significant risk. This unique identifier can be misused for various identity theft schemes, including: Opening fraudulent new credit accounts Filing false tax returns Obtaining medical services under the victim's name ## Unanswered Questions Uncertainty surrounds some key aspects of the breach: LoanDepot has declined to confirm whether it paid a ransom to the hackers. Customers experienced substantial disruptions with payment processing and difficulty accessing online accounts in the attack's aftermath. . ### Recent Cyberattacks Targeting Loan and Mortgage Companies It's important to note that LoanDepot is not alone. The loan and mortgage industry is a prime target for hackers. This breach highlights the escalating threat and the need for companies to take cybersecurity much more seriously. ### What Can You Do to Protect Yourself? If you're a LoanDepot customer, taking proactive measures now is vital: **Monitor Financial Accounts:** Closely check your financial accounts for unauthorized transactions. **Credit Freeze:** Consider freezing your credit to restrict new account openings. **Strong Passwords:** Use complex passwords and enable multi-factor authentication (MFA).

loading..   27-Feb-2024
loading..   3 min read



Rhysida gang in November, resulting in the theft and leak of sensitive employee ...

Insomniac Games, a subsidiary of Sony Interactive Entertainment, fell victim to a ransomware attack by the Rhysida gang in November, resulting in the theft and leak of sensitive employee data. This breach raises critical concerns about cybersecurity measures within the gaming industry. #### Background Insomniac Games, renowned for titles like Spider-Man and Spyro the Dragon, faced a daunting challenge when Rhysida demanded a $2 million ransom. Despite Sony's investigation, negotiations failed, leading to the leakage of 1.67 TB of data, including personal information and sensitive contracts. #### Rhysida Gang Rhysida, notorious for attacks on government institutions and healthcare organizations, poses a significant threat with its ransomware-as-a-service (RaaS) model. Its emergence in 2023 marked a wave of cyberattacks, highlighting vulnerabilities across various sectors. #### Industry Impact Insomniac Games joins a growing list of gaming giants targeted by cybercriminals, including Rockstar, Activision Blizzard, and Ubisoft. These incidents underscore the urgent need for robust cybersecurity protocols within the gaming industry to safeguard sensitive data. #### Response and Mitigation In response to the breach, Insomniac Games and Sony have extended ID Watchdog services and provided two additional years of complimentary credit monitoring. This proactive approach aims to mitigate the impact on affected employees and prevent further exploitation of stolen data.

loading..   24-Feb-2024
loading..   2 min read