Date of Incident: August 2025 Overview: The Marquis data breach, reported in December 2025, affected the finance sector, impacting over 400,000 customers across 74 U.S. banks and credit unions. Personal information, including Social Security numbers and financial account details, was exposed. Despite no evidence of data misuse, Marquis paid a ransom to prevent further data… Read More »Marquis Data Breach
Date of Incident: August 2025 Overview: In August 2025, the University of Pennsylvania experienced a data breach targeting its Oracle E-Business Suite, attributed to the Clop ransomware group. Attackers exploited a zero-day vulnerability, compromising personal information of 1,488 individuals, with a potential for more. The breach utilized advanced tactics such as SQL injection and remote… Read More »University of Pennsylvania Oracle E-Business Suite Breach
Date of Incident: June 24, 2025 Overview: The Coupang Data Breach, reported on December 1, 2025, impacting the retail sector, involved unauthorized access to Coupang’s customer database on June 24, 2025. This breach exposed personal information, including full names, phone numbers, email addresses, physical addresses, and order details of 33.7 million customers. Notably, payment information… Read More »Coupang Data Breach
Date of Incident: Ongoing (no specific date provided) Overview: In an ongoing insider threat scheme dubbed “North Korean IT Worker Schemes,” involving unidentified IT workers, unauthorized access using legitimate credentials has led to significant data theft and potential malware deployment within the software sector. The breach, targeting customer data, financial records, and intellectual property, also… Read More »North Korean IT Worker Schemes
1 Introduction Across industries, cybersecurity leaders are confronting a problem that is no longer defined by the strength of their controls, but by the speed at which their environments change. Cloud services now scale in minutes, SaaS ecosystems evolve without central visibility, and DevOps pipelines introduce configuration changes hundreds of times per day. As a… Read More »The Coming Shift in Enterprise Cyber Offense : Why Autonomous Penetration Testing Will Redefine Cyber Strategy